1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Router totally clogged with QOS/large download active

Discussion in 'Tomato Firmware' started by Powerkraut, Jun 1, 2013.

  1. Powerkraut

    Powerkraut Reformed Router Member

    I am using Shibby's v1.28.0000 MIPSR2-109 K26 USB AIO-64K (Asus RT-N66U) on a 100/10 Mbit line.

    With QOS enabled (and only a few rules added myself), I cannot connect to the Tomato admin pages, as soon as I have a Usenet DL running.

    NNTP is in a QOS rule and it is throttled, but it doesn't matter, if I limit it to 80, 50 or even 30%. I still can't connect while downloading.

    I can also not connect via SSH to check which process is hogging the router, as long as the download is active. As soon as it is finished, all access is possible again.

    It seems that the router is quite busy with this QOS rule and I wonder if this is normal.

    Any help/suggestion about finding out the source of the clog would be great.

  2. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    I'm assuming your max bandwidth limit is set well below (at least 15% below) your measure bandwidth. Lowering the limit a bit further can improve responsiveness from the router.

    Your CPU will be at nearly maximum load at 100mbps. The simpler the QoS and the fewer other services running, the more responsive your router will be. Are you running any other services? (e.g. transmission, VPN, etc...)

    Would you be able to post screenshots of your QoS setup?
  3. Powerkraut

    Powerkraut Reformed Router Member

    Thanks for getting back to me!

    My measured bandwidth is 95000/9200 and my QoS limits are 75000/7000, so I assume this is fine.
    I just found out by performing some tests, that QoS is acting weird altogether:

    • it DOES limit the bandwidth of my usenet rule accordingly
    • however, I cannot surf the web anymore as soon as the download starts. So it's not just the router pages, it seems that everything is clogged here.
    I am happy to provide my QoS settings.

    EDIT: I am also running PPTP Server, but nobody is connected at this time.

    Attached Files:

  4. Malitiacurt

    Malitiacurt Networkin' Nut Member

    HTTPS at 75Mbps DL is probably adding quite a bit of processing power to the router.

    Try downloading from usenet without encryption and see what happens.
  5. phuque99

    phuque99 LI Guru Member

    HTTPS *will not* add processing power. HTTPS encryption and decryption is performed on browser, not router. You have huge number of rules for a generous 100Mbps connection. You should remove all layer 7 rules. Try to get by with only that bit torrent rule and see what happens. Then add specific service port rules to prioritize only when you face problems.
  6. Powerkraut

    Powerkraut Reformed Router Member

    Those were the default rules set up after a c
    Those were the default rules after a clean (NVRAM flushed) install, so I thought they would be ok.
    I will remove some and see if this de-clogs my ASUS.

  7. pharma

    pharma Network Guru Member

    Similar happened to me few years ago when my nephew & niece started getting involved in download and online gaming, along with other relatives using the web for reading. My rules are setup alittle different than the forum norm, but the result was immediate and quite exceptional for my particular situation. I have attached what they look like.


    One suggestion is try changing your default class to "Crawl" or "P2P" instead of "WWW".

    Hope this helps.

  8. Porter

    Porter LI Guru Member


    I agree with you, changing the defaul class to Crawl is a good idea. What isn't such a good idea is to limit Crawl in such a way that almost no traffic can pass through. You never know which traffic exists on your network which doesn't get matched by the rules. Therefore I usually suggest a sane amount of bandwidth: maybe a maximum of 50 - 70% in each direction.

    What I don't agree with are your Basic Settings, Pharma. The left column in each direction means the guranteed bandwidth. If the sum of all left values in one direction exceeds 100% you are guaranteeing more than you have. In that aspect your settings are completely wrong. What probably makes you think QoS still works is the sheer amount of bandwidth you are dealing with.
    Marcel Tunks likes this.
  9. pharma

    pharma Network Guru Member

    Porter ...

    As mentioned above, I know my setting are not the norm :) but basically were derived from tweaking when bandwidth issues were encountered. Years ago I followed the QOS guide and most categories were similar to what the guide details, but found when I had bandwidth "hogs" (multiple torrents, downloading, gaming, etc..) things like web browsing suffered (no matter how you shifted the column values). I found setting the left column (minimum guaranteed Bandwidth) to a very high value (in this case 100%) for categories I wanted high priority to avoid possible slowdowns worked quite well and gives immediate bandwidth response/access when some "negative" categories were in-play.

    QoS is in fact working since altering the left & right columns for the desired categories in this case has a noticeable effect on the internet connection regarding that particular category (usually negative categories). Don't let the "sheer" amount of bandwidth fool you ... without QoS you will still notice slowdowns when heavy torrents, downloading, or online gaming is involved when using multiple PC's.

    That's why I preach for people to really try to come to "grips" with the problem and QoS when the issue is happening. Initially stick to the QoS guide because it should help in most cases, but if you do not get the desired result then "start to play with different settings".

    In this instance Powerkraut should only have to change his default class to "Crawl" or "P2P" to resolve inability to access Web pages.

  10. Porter

    Porter LI Guru Member


    What you are basically doing by giving almost every class 100% is to disable QoS. When each class gets guaranteed 100% they are all the same. You have one thing on your side and that's the one that probably still works: the p2p traffic you know how to classify and the unknown traffic that ends up in Crawl might make a difference. Apart from that, QoS ist not working.

    What I want to do here now is to prevent people to use your "recipe" for QoS. I see you are happy with it, so that's fine with me. But in the name of all the other people who answer people's questions around here concerning QoS I'd like to ask you kindly not to promote your recipe. Thank you.
  11. pharma

    pharma Network Guru Member


    Guess you won't know till your try, but I can say QoS is working as I intended. I'm here to encourage people to use "different" recipes if the one they are currently using causes issues. It's called "thinking outside the box", something I very much doubt your are capable of.

    Other than that I could really care less what you think!;)
  12. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    Having the sum of the minimum values greater than 100% will be fine as long as the used bandwidth stays below the maximum total bandwidth allowed in the QoS system. You may indeed get better initial bandwidth rather than waiting for a link to ramp up. The downside is that you are likely to experience episodes of dramatically increased latency when two or more categories of traffic try to fill your bandwidth simultaneously. It's not just theory - several people in the forum have run into this problem. If you're not convinced, test with pings while one type of traffic maxes out your connection, add another type of traffic alotted 100%, then watch your pings rise.
  13. pharma

    pharma Network Guru Member

    Quite possible, and I'm sure my settings will change if additional categories of traffic are utilized that increase latency. The only two categories of traffic in my case that have any "sustained" chance of filling my bandwidth (saturation) are the two categories I placed limits. The other categories individually never "ramp" up enough sustained bandwidth (like P2P) to create a situation where latency (or saturation) is an issue.
  14. PGalati

    PGalati Network Guru Member

    Why do the default minimums of both Shibby and Toastman not equal 100 percent even after you lower the overall QOS value less 10-30 percent of overall speed? I believe Shibby's defaults equals 61% in the downloads.
  15. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    The sum of the minimum values should not be more than 100% of your worst-case measured throughput to your ISP. It doesn't have to be 100%. The defaults are percentages rather than absolute values because everyone has different available throughput to their ISP.

    The minimum value for each type of traffic should be the minimum that is required for basic function. It's the guaranteed bandwidth allotted to that class. If the minimum is too high, it could increase latency or steal throughput from other important types of traffic.

    Example, for the sake of simplicity:
    Netflix needs 500 kbit/sec for the lowest quality video, but will take up to 12,000 kbit/sec if you let it. If you have Netflix as its own class, then the minimum allotted to that class should be at least 500 kbit/sec. If you set the minimum at 12,000, then it would take the full 12 megabits, an "elephant flow" that would increase latency for your other apps if you don't have bandwidth to spare. This would be a big problem if you had service from the ISP that is 12 megabits or less, and less of a problem if you had greater bandwidth from the ISP. That's the essence of the discussion above.

    Porter, Toastman and company are the experts here. To paraphrase: the default settings in the more recent versions of Tomato are fine for most end-users. The minimum should be the minimum necessary for that class to function, and the minimums should not sum to over 100%.
    mvsgeek likes this.
  16. mvsgeek

    mvsgeek Addicted to LI Member

    Despite diligent research, I still haven't found a way to assign Netflix to its own class. Suggestions welcome.
    Troubleshooting recent complaints from several users of my little network pointed to a single user who was watching Netflix all day on an Apple-TV, which QoS was classifying as WWW (0-512Kb http), thereby grabbing 90% of the available bandwidth, to the detriment of all other WWW connections. Evidently Netflix on PS3 buffers the datastream differently from Apple TV, because it gets classified as the lower priority filexfer (512Kb+) class.

    As Marcel Tunks points out, Netflix appears to grab what's available - I read recently that this triggers on-demand automatic upgrade of the datastream to HD whenever possible, even if not originally specified as such.

    My temporary resolution was to write a MAC address specific rule to consign the offending Apple TV to the filexfer class. Ugly but apparently effective, judging by the subsequent lack of complaints.

    My list of QoS experts now reads (in no particular order) - Porter, Toastman, Marcel Tunks.
  17. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    Sadly I haven't found a way to give Netflix it's own class - I was just trying to make the min/max issue as clear as possible. Fortunately my devices classify Netflix properly, but your solution is a good one.
  18. Porter

    Porter LI Guru Member


    Are you using the "httpvideo" L7-filter? Judging by the traffic captures I have found online this filter should catch Netflix' traffic. Keep in mind that this filter has to placed before anything http-port-related.
  19. mvsgeek

    mvsgeek Addicted to LI Member

    I had all the L7 rules disabled, based on what I've read. I've now followed your advice, also disabled my ugly MAC-based rule. Current limit for the "media" class is a stingy 20%. I'll have the user in question fire up Netflix on his Apple-TV and see what happens. Thanks for your suggestion!
  20. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    Oops, I assumed he had tried that...

Share This Page