1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problems with L7 filters?

Discussion in 'Tomato Firmware' started by LadFromWales85, Nov 11, 2006.

  1. LadFromWales85

    LadFromWales85 Network Guru Member

    I've just enabled QoS on my GSv1.0 running Tomato, as I wanted to keep P2P/NNTP usage from intefering with online gaming...I only have a few rules so far, in the following order:-
    TCP/UDP Port 53, Highest, DNS
    From xbox MAC address, TCP/UDP any port, Highest, XBOX Live!
    TCP, Port 80/443, High, Web
    TCP/UDP, All IPP2P Filters, Lowest, All IPP2P
    TCP/UDP l7:nntp, Lowest, NNTP

    With just these rules, I am finding that NNTP is being dumped into the Low queue, which is the default queue for unmatched packets, even though there is an l7 rule to place NNTP packets into Lowest.

    I also found that enabling the skype and skypetoskype filters caused random packets to be placed into Higher.

    Are L7 filters bugged with Tomato, or is it my configuration?

  2. maxzerker

    maxzerker LI Guru Member

    not all included L7 work, it's rather old or not compatable with tomato
    in my case, I just write my own L7 Pattern and put it in :p


    If you've not enough knowleadge about Regex/L7 stuff then try port-based rule instead.
  3. digitalgeek

    digitalgeek Network Guru Member


    I use the samples that are in by default... this is sufficient and quite effective for my needs

    Attached Files:

  4. LadFromWales85

    LadFromWales85 Network Guru Member

    I guess I'll have to learn then!
    Thanks for the help :)

    EDIT: Lets have a look at your QoS>Basic Settings page too :D
  5. dvaskelis

    dvaskelis Network Guru Member

    Skype and QoS

    The Skype filters match quite of bit of non-Skype traffic, to my knowledge there are no great Skype L7 filters.

    It's not a Tomato problem, it's that Skype is a proprietary protocol and tough to match 100% until someone publishes specifications. There are commercial products that match/block Skype well, but to my knowledge they have not published exactly how they do it.

    When I use an L7 filter, I check it out a bit first on the L7-filter Supported Protocols page to see how well it's reported to work and how it works. From the Skype to phone pattern, you'll see that filter is documented as matching "about %4 of random streams and 13% of printable random streams" and that the Skype to Skype pattern "matches at least some of the general chatter that occurs when the user isn't doing anything as well as actual calls."

    If you want to prioritize Skype over other traffic for QoS in a highly reliable way, forward your Skype port to your Skype machine, and set a rule for traffic from that machine's IP address matching TCP/UDP packets with that source port to "Highest" priority. The port-forward is optional, but will give you the greatest call quality since your side will have the ability to bypass other supernodes to make calls. The downside of port-forwarding your Skype port is that your machine could become a supernode, which may take some bandwidth. You did read your Skype user agreement when you installed it right? ;)
  6. dvaskelis

    dvaskelis Network Guru Member

    l7-filter NNTP

    According to the NNTP pattern, it depends on your news server:

    There's also a commented out alternative pattern at the bottom that says:

    So, you can (1) try the second pattern and see if it works better with your news server (2) change the simpler pattern and make it match how your news server works or (3) if your NNTP is port 119, just use a port-based rule instead. #3 sounds like the simplest and easiest way to go.
  7. CookeAlpine

    CookeAlpine LI Guru Member

    I have incorporated both Skype L7 filters in my QoS. It seems that the Skype to Skype filter works better according to the site you linked. I have the SkypetoSkype classified under my ClassB with only 2kb bandwidth allowed. Im trying to make it unpractical to use SkypetoSkype on my network.

    I have SkypeOut classified under my medium with much more bandwidth allowed. When i am on parts of my network that arent controlled by my Tomato router all it will pick up from my Skype WiFi phone are the SkypeOut packets and at least classify them as Medium.

    I have the MAC of the WiFi phone classified for all protocols as Highest so when Im on my "main" network the phone gets highest priority.

    This all seems to work pretty well when I watch my pie charts as Im testing it. I do notice times when there is ClassB and Medium data getting classified and there is no Skype users online but it doesnt seem to be much. Im really only worried about the Class B classifying non-skype data as it throttles it almost completely.

Share This Page