1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.


Discussion in 'Tomato Firmware' started by yo_adrian_eh, Mar 31, 2011.

  1. yo_adrian_eh

    yo_adrian_eh Addicted to LI Member

    Have read the Toastman tutorial and tried to follow the guidance but I'm coming up short. I'm using an Asus RT-N16 with Tomato 1.28

    VoIP is my biggest concern, I use it as the primary telephone from both a Linksys SPA 2102 and also from Win 7 laptop & desktop. All devices on my LAN have static IP's but because I'm using SIP from multiple devices I chose to implement QOS by port range only. I'm attaching pics of my setup, the problem I'm having is garbled audio, almost robotic, get's worse as a call progresses. No issues when QOS is off but that kind of defeats the purpose :-( The reason for applying QOS is to ensure VoIP has priority over streaming of Netflix and other services from my media centre (DLink Boxee Box). My ISP package is 5Mbps Down, 800kbs Up, I typically get 3.5Mbps Down and 800kbps Up. Performing tests while I wrote this I got up to 5.25 Down and 2.4Mbps Up so I'm thoroughly confused!

    The bottom line is I must be missing something and it's probably right in front of my nose...


    Attached Files:

  2. Toink

    Toink Network Guru Member

    You can try enabling the Layer 7 'SIP'. Also include ports 10000-30000 Layer 7 'rtp'.

    In my case, I included the MAC address of my SPA3102 in the QOS Classifications.
  3. yo_adrian_eh

    yo_adrian_eh Addicted to LI Member

    Tried it a few minutes ago and made a call over the SPA, unfortunately that didn't make any difference <sigh> The SIP traffic is taking a beating, audio is mecahnical sounding and choppy to the point of not being able to carry a conversation.

    Some additional background. I bought a Linksys E3000 a few weeks back, tried the Linksys firmware, DD-WRT and also tried Tomato, had the same results with each. I bought the Asus router hoping it would apply QOS better with Tomato but I'm essentially getting the same results. I've tried lowering the Inbound/Outbound traffic settings to as low as 60% of actual bandwith but that hasn't helped either. I'm stumpped.

    This all started because I want to use OpenVPN to tunnel out from a U.S. based server to get Hulu and Netflix U.S. content (I'm in Canada). I signed up with StrongVPN, applied the settings to the router and my bandwidth tanked which didn't make any sense to me. I removed the settings and started to look at my bandwidth and applying QOS to ensure my VoIP traffic maintained priority and still allowed streaming to work effectively, I 'm not looking at OpenVPN again until this is stable.

    Over the last 3 weeks I've probably invested 4-5 full days now reading material and applying variations of QOS settings. Staying up til after midnight is getting a little old :-( My wife asked last night "so why does this QOS thing need to be on when it works fine when it's off?" and I really couldn't give her a good answer...

  4. Toastman

    Toastman Super Moderator Staff Member Member

    It's a little hard to see your posted screens. Anyway, the QOS system is just a modified version of the default. It won't do much. And as far as I can see, you haven't set the maximum bandwidth limit setting? The bandwidth settings I see (if I squint) are very very low.
  5. yo_adrian_eh

    yo_adrian_eh Addicted to LI Member

  6. Toastman

    Toastman Super Moderator Staff Member Member

    try 1800 for outbound (you have 180 which is very low) and inbound 4500

    However, the rest of the QOS setup is really not going to do a lot. It really does depend what applications people use on your network, as the rules you have do not control very much. Quite probably your wife is right! Try the full rules from the QOS thread, and then with the correct bandwidth settings at least it should be somewhat better. You can add your phone apps to the second (high) class.
  7. yo_adrian_eh

    yo_adrian_eh Addicted to LI Member

    Followed your advice and dug a little deeper, tried this thread too http://www.linksysinfo.org/forums/showthread.php?p=350167, I'm so close I can taste it! I had some call quality issues that have now gone, static/noise on calls.

    The woman I live with (the one I'm married to?<grin>), was on a call and got dropped at the 5min mark exactly. I slowly backed out the room smiling and told her it was surely the other person's phone service...she tracked me down to tell me "not so fast mister...", several calls back to back got dropped at more or less the same mark. I've turned QOS off again <sigh>

  8. lfjeff

    lfjeff Networkin' Nut Member

    I've been using Tomato for exactly the same kind of scenario you described. I have several VOIP devices and I've also got a Roku box that I use to access Netflix via a VPN. Everything works fine and we can use the VOIP phones with no problems when Netflix is active.

    I considered trying to use port-based priorities, but it's much too complicated and not all traffic is easily classified by ports. The SIP protocol (commonly on ports 5060-5080) is only for call setup, there are no set ports that are always used for the actual voice traffic. So classifying traffic by IP address is much simpler.

    All my important devices have static IPs and I've grouped all my VOIP devices into a subnet that I use in my classification rules (see attachment). The VOIP subnet has the highest priority and the Roku box is a step below it.

    To force the Roku box to route over the VPN and to keep the VOIP phones on the regular network connection (to avoid extra latency caused by the VPN), refer to the script described in this post:

    Please note that my script requires a 2.6 kernel version of Tomato, I could never get it to work with the 2.4 kernel.

    If classification by IP address does not work in your case, you could try creating two "HIGHEST" level classification rules: one for "sip" (for VOIP signaling) and one for "rtp" (for VOIP audio) traffic. I have not tested this, but it may solve your problem.

    Attached Files:

  9. Toastman

    Toastman Super Moderator Staff Member Member

    yo-adrian, you may be dropped by the Conntrack timeout setting. Read the forums for advice on setting this for VOIP - there were quite a lot of articles in the last 3 or 4 months, here and on tomatousb.org

    lfjeff - just wanted to comment on the screenshot. Trying to classify P2P by the last rule doesn't work well, and is responsible for a lot of complaints that QOS isn't effective in the presence of P2P. In fact, if you set your default class to "Lowest" then the last two rules aren't even necessary. Anything not covered by your other rules is assumed to be either P2P or something else you don't want prioritized, and it will end up in "Lowest".

    Similarly, there are many other requirements to both prevent things from saturating your link, and to prioritize applications and protocols that are in common use on the internet, used by many web pages and hence browsers, and individual applications such as FTP and HTTP used for file downloads, software updates etc. Just an illustration why the more strict your bandwidth control needs to be the more rules you will end up with. In general, the more bandwidth you have available (lucky Cable users!) the less stringent these rules need to be. Those with a 1Mbps line will have a more difficult job trying to keep things in check.

    VOIP and Games have similar requirements, they both need low latency.

    What you actually need to achieve for VOIP is to keep bandwidth empty for both outgoing and incoming sides of the conversation. The outgoing side is easier, you keep the bandwidth entered in your overall limit rather less than your "real" available bandwidth. As for the incoming side, this is the bigger problem. Any traffic that MIGHT become great enough to saturate that incoming bandwidth pipe will cause a hiccup in your VOIP (and games). You must try to make sure that incoming data doesn't exceed about 70% of your measured incoming bandwidth (use the 24 hour graphs to see what is happening). To do this you need to place strict limits on incoming classes, especially the P2P class. Only set 100% for the VOIP class and maybe also WWW if you want that to remain snappy. Better still - NONE here means NO limit for that class.

    A good way to achieve what you need is to set up a ping session to your local ISP gateway (being the closest to you) and watch what happens to the ping time in the presence of other traffic and when varying your QOS settings.

    *** New Build posted today - allows you to define your own QOS class names ***
  10. yo_adrian_eh

    yo_adrian_eh Addicted to LI Member

    It does sound like we're running pretty much the same setup. My devices have always been assigned static IP's although I'll move the VoIP devices into a specific range to make VLan assignment a little easier. I'm using a Boxee Box but I'm going to assume I can route it like you've done with your Roku, don't see why it wouldn't work.

    Soooooo.....I went looking and found several threads that describe what to do, none identical of course which leaves me scratching my head wondering which to follow:

    I see Toastman just replied so I'll spend some time deep in thought over his notes too. For reference I'm using
    Tomato v1.28.7429 MIPSR2-Toastman-Originalclassnames K26 USB VPN
    Conntrack --> UDP Assured Timeout = 300

    Now I'm an IT Project Mgr by day and a wannabe geek at night, I work with folks that do this stuff with their eyes closed but they normally don't let me touch the Cisco 3500 switches (and with good reason!), I'm just not smart enough for this stuff, guess I'm about to learn some new things...

  11. lfjeff

    lfjeff Networkin' Nut Member

    yo_adrian - Not sure why you would need to mess with VLANs to accomplish what you want. To me, that appears to be an unnecessary complication.

    Also, after looking more closely at the "View Details" link under QOS, it shows that all the devices that are routed through my VPN (like my Roku box) are tagged as "Unclassified". Does this mean that they are running at my default classification of "Lowest"? It must, because I just completed a VOIP call while my wife was watching Netflix.

    All the VOIP device IPs are tagged as "Highest" and the call quality was fine, so it seems to be working as desired. However, unless I am missing something, it appears that QOS classifications do not work with VPN traffic. The rule I created for traffic to/from my Roku box IP address appears to have been ignored.

    If QOS classification is not possible for VPN traffic, that could be related to the problems you're having.

    toastman - You're correct, the last two rules in my config are redundant. They were in the default configuration I copied from a previous router and I never bothered to delete them.
  12. yo_adrian_eh

    yo_adrian_eh Addicted to LI Member

    Bartender, buy that Toastman guy guy a drink would you? Put it on my tab...

    Success! Adjusted the UDP Timeouts (Unreplied 25/Assured 200). The woman I live with (the one I'm married to), remember her? She made a 14min call a few minutes ago, didn't get cut off and so I didn't get into trouble <phew!>

    I'm intrigued by the setup "lfjeff" has suggested and will have to apply my new found confusion. The current scenario is described in this diagram (i'm a visual guy, I like pretty pictures) http://yo-adrian.com/images/yo_adrian_eh_tomato.png
    but I'm still wondering about setting up a VLan for the VoIP devices vs. QOS rules for each device (seems like a lot of rules), I like the idea of grouping them together in the VLan scenario.

    Thank you both for all your help so far!

  13. lfjeff

    lfjeff Networkin' Nut Member

    yo_adrian - You keep mentioning VLANs. Are you confusing VLANs with subnets?

    I created subnet to classify traffic for my VOIP devices, which includes the IP addresses thru The nomenclature is just a simple way to specify the range of IP address for the classification rules, I'm not using VLANs at all.

    VLANs work by tagging Ethernet frames and are unrelated to the IP address (VLANs work at level 2 and IP subnets are layer 3).

    I've worked with Ethernet switches that can prioritize traffic by VLAN, but I'm not aware of any way to make Tomato QOS classify traffic by VLAN (at least I can't find it in my version). You might be able to roll your own using iptables, but I don't see anything in the web interface that will do it. And unless all your VOIP devices have VLAN capability (which I doubt) or are connected to an Ethernet switch that has VLAN capability, using VLANs on Tomato won't make any difference.
  14. jimm1909

    jimm1909 Networkin' Nut Member

    Thats an interesting way to do things. I'll probably give a similar method a try in my situation.



Share This Page