QOS - I don't understand how to set it up in Tomato

Discussion in 'Tomato Firmware' started by JensG, Nov 5, 2006.

  1. JensG

    JensG Network Guru Member


    Because of a problem with DD-WRT and a new VOIP provider I'm using, I was recommended to try Tomato in my WRT54GS v1.0.

    But I couldn't figure out how to set up the QOS.
    I enabled it, set to up and down speeds, set up rules for the RTP ports my SIP adapter uses and set these to Highest. It didn't seem to have any effect at all.

    What I want is traffic on ports 16384-16482 and 5060-5072 to have highest priority, and everything else lower priority.

    Is there a tutorial somewhere, so I can see some examples on how to set up a working QOS in Tomato?

    I had to flash a different firmware to router again, because we need a working QOS and WAF gets low when the phone isnt working well, but the plan is to try Tomato again when I know more about how to set up the QOS.
  2. PsychoD

    PsychoD Network Guru Member

    Did you try setting a Rule using your VoIP Adapters MAC Address?

    Maybe you can explain "It didn't seem to have any effect at all." a little further.
  3. JensG

    JensG Network Guru Member

    Thanks for the reply.

    I didn't try to set up a rule for the adapters mac. I expected a rule for the ports involved in RTP would be enough?

    By no effect at all, I mean that there was delay and broken up voice if I downloaded or uploaded something while using the phone, exactly as there is without QOS.
  4. PsychoD

    PsychoD Network Guru Member

    Does it work via MAC Address classification?

    If it happens again, maybe you can have a look at the chart diagram in your tomato GUI. This way you can see if the classification works.

    Good luck!

    PS: If you use Azureus with header encryption, this could be your problem. Header Analysis based QoS filters might then not recognize the Torrent packages correctly...
  5. tievolu

    tievolu Network Guru Member

    You could also try increasing the bandwidth allocation for the higher priority classifications in the Basic Settings page.

    Also, try disabling the "Prioritize ACK" option - in my experience having this setting enabled makes TCP downloads saturate the downstream regardless of the other QOS settings.
  6. enkoopa

    enkoopa LI Guru Member

    I'm also having issues with this.

    The rule for a specific IP address, dst port 1000-32760, doesn't seem to work. I see a ton of packets on port 32030 getting the default classification.

    Anyone else have problems with port ranges?
  7. dvaskelis

    dvaskelis Network Guru Member

  8. jochen

    jochen Network Guru Member

    Don't use specific RTP ports for priorizing voip. RTP can use any port in the range 1024-65536. Use the adapters Mac address instead.
  9. dankim831

    dankim831 Network Guru Member

    is there an exempt category for qos in tomato?
  10. JensG

    JensG Network Guru Member

    I just tried setting up a rule for my adapters MAC, and disabling "Prioritize ACK". That made the QOS work very well in upload direction, meaning that I could upload all I wanted without making interruptions in the VOIP.

    But how to set up something that works in the down direction is still a mystery to me. I don't expect it to be perfect in down direction, I know that can't be done. How should I set the % in down? What about rules? Does rules I set up apply for both up and down?
  11. RobNC

    RobNC Network Guru Member

    QoS in DS direction

    From all the articles I've read (WHEW!), it seems that there is no way to implement QoS in the downstream direction. The proper approach seems to be to apply QoS in the outgoing direction from the router (i.e., LAN ports). That would automatically implement QoS in the downstream direction, especially if the ACKs are being missed (i.e., TCP automatically lowers the rate if ACKs are being not sent - it doesn't know where it is being dropped but the flow is lowered to accomodate the drops). The only thing I'm not sure is in regards to download (ingress) UDP streams (since they don't have ACKs).
  12. GeeTek

    GeeTek Guest

    QOS Works

    My download speeds are controlled as I have them set in the QOS rules. I use MAC control for some things, and port ranges for other things. Download and upload are controlled to the rates that I have programmed in the QOS rules. I have tested it extensively on my own PC to verify operation before putting it in the field. I think the GS radio is hardware identical to the GL version that I have tested with. Which version of firmware are you using ?
  13. RobNC

    RobNC Network Guru Member

    I am using Tomato 0.09.0852 on an old WRT54G v1.0. On the webpage, it says:
    "Outbound Direction"

    Doesn't say anything about inbound direction, even though on the QoS/Basic page, it shows incoming/outgoing rates.

    I notice with ViaTalk, sometimes I cannot hear the other person (which implies downstream bottleneck). I wonder if that is because I have 5Mbps/384kbps advertised but actual downstream can be significantly lower at times. Of course, there isn't a way to know this apriori, and since QoS can only be implemented once it comes out of the device (because there is no mechanism to directly tell the cable modem to "lower the rate"). So, what I have seen on some of the other forums is that it is better to simply limit the rate going out of the router since you can't limit the rate coming in, unless you use ethernet pause frames, which pauses ALL streams - not good!).

    The only concern with this would be whether it is possible to set up the rate limit coming from the WAN (eth1) to the bridge (br0) without affecting WLAN<->LAN traffic rates (significantly higher than downstream WAN traffic rates).
  14. GeeTek

    GeeTek Guest

    It sounds like you may be having hardware issues. Be sure to check your download speeds thoroughly before you start. http://www.toast.net has a good download speed tester. Run numerous tests from different servers to see what you actually have. Leave QOS disabled for your initial testing so you know exactly what yu can get from the ISP. Then assign the MAC address of your PC to use QOS category "A". Then try different percentage settings for download on category "A". Leave upload at 100% while you are testing download speeds. Set the master download rate to about 85% of what you can actually download at. If you do not see the speed definitely controlled to very close to the QOS setting, then you need to try a different router. I'm telling you, it works, and works astonishingly well. There are a lot of other folks in here that are using QOS with the same raging success that I have had. Maybe someone else has some more ideas for you.

    Edit - The link you mentioned is for the rule section. The QOS basic section is where you establish the speeds and percentages. After you verify that you have control of the speed with just a single MAC rule, you can refine the rules however you need to for your VOIP traffic using ports or protocols, depending on your setup.
  15. RobNC

    RobNC Network Guru Member

    Network conjestion?

    GeeTek, thanks for your suggestions, it helped to identify the problem with all of these speed tests, etc.

    Sounds like there may just be more of a problem for my ISP (Earthlink via Time-Warner Cable). I did that speedtest (speedguide) before without QoS and it varied between 2.5 and 4.2Mbps, even though it's supposed to be 5Mbps/384kbps. TW came to investigate, and of course when it comes to routers they are "well, unless it's Time-Warner's rounter" yada yada.

    Even did testyourvoip.com tests and I got between MOS 3.2 (crummy cellphone call) to 4.2 (next door call). I may just have to do more extended ping tests to determine packet loss over a 48-96hr period over multiple sites. I did notice that the router wasn't dropping a single packet but the next hop was (for me, - inside Time-Warner's local network).

    Sounds like they are over-subscribed, which means QoS won't work right anyway, especially if they are dropping the packets (not caring about VoIP or HSI).

    I turned off QoS and I got 4700kbps downstream, 385kbps upstream. Turning QoS on I got 1812kbps DS, 245kbps US.

    I have EL through Time-Warner. PoP = Atlanta so chose that at http://speedtest.net.

    5 tests, all at nearly the same time (within 10 minutes) QoS ON: 4700/350 lowest priority: 100% us/ds (max)
    1812/245 2045/248 1969/226 1942/250 2055/250

    QoS OFF:4060/341 4940/365 4940/360 3515/365 4931/365 4944/365 3886/361 4922/364

    QoS ON:5500/400 3965/285 2273/284 2415/285 2436/285

    Noticed tracking services - medium - port 80 - set to medium which was set to 50% max DL (!! THIS was the problem with the speed test !!)
    Set that to 95% in/out max re-test:

    4940/365 4925/364

    So, looks like tweaking is sometimes indeed needed... :)

    Question I don't quite understand yet, is what is the point of the lower bound of egress traffic? Aren't they all borrowing from the root, and the highest priority always gets whatever the max % is, and the rest is given to the lower priorities? Or is that like a guaranteed amount, irregardless of higher priorities taking precedence? I am assuming that this is for HTB qdisc but I haven't done enough digging yet.
  16. RobNC

    RobNC Network Guru Member

    VoIP: Cannot specify DST MAC

    ... but that is only possible for egress traffic. What about ingress? Cannot specify DST MAC. You can for SRC MAC (which implies outgoing traffic).

    I just put a L7 rule for sip. Will try that. Not sure if my 125MHz router is fast enough as I hear L7 rules eat up CPU b/w.
  17. GeeTek

    GeeTek Guest

    Very intersting observation. My inbound testing was using port 80 as the control parameter, or p2p catch all for torrent control. You could assign a static IP to the device and control by destination IP, but there is no ingress traffic destination MAC assignment. Maybe MAC rules control both ways. More testing..........
  18. RobNC

    RobNC Network Guru Member

    indeed... more testing needed

    At work, we have a lot of networking test equipment (Spirent Test Center, Ixia, Smartbits, Adtech) so I could bring it to my lab and actually test it. That is, if I didn't have a zillion other things to do at work.. :)

    I have been told that the Smartbits 6000 has some automated test called SmartFlow that can actually do tests with varying frame sizes, 802.1p (mixed flows), and other things. I could imagine some automated way of doing this via sending commands to the router to set up the appropriate QoS flow rates, etc. I also understand that the test can actually determine the throughput of a CPE device. The only problem here is that we're talking about NAT, so I'm not sure if the SMB6000 can set up the appropriate flows without the CPE having to be in bridged-mode.
  19. JensG

    JensG Network Guru Member

  20. RobNC

    RobNC Network Guru Member

    Time-Warner cable problem - NOT QoS of Tomato

    Seems that there was a problem with my cablemodem connection (outside my home and cabling). Time-Warner guy was "convinced" that the right-angle connector coming out of the cablemodem was "bad" and that my cabling was bad (RG-6 quad shield, I did it myself with all the proper tools). Turns out they had a problem in their network, and the QoS is functioning correctly.

    The symptoms I was having was that the speedtest.net site would give me rates between 1.5Mbps and 4.5Mbps (I have 5Mbps DS, 384kbps US). Just to appease the cable guy (tier 1 support it seems - with none of the RF background that I have), I connected one PC directly up to the cable modem. Surprisingly, it made no difference! (d'oh). So, a week later (I was out of town), the problem has been fixed and I have my normal, fast connection (that I've had for a few years now).

    The real problem I noticed when I was doing hour-long ping tests and consistently got 1-5% packet loss to the next hop from my house (which was something like 10.X.128.1 - a private network address inside Time-Warner's NOC - first hop outside my WAN when doing a traceroute to a public IP).

    Hope that helps someone else in a similar predicament as mine.
  21. tstrike2000

    tstrike2000 Network Guru Member

    In using the various Hyperwrt firmwares, I've only done anything with the outbound QoS, using the VoIP MAC and setting outbound speed to 80-85%. With that the VoIP has worked great, including when BitTorrent is running.

    Out of my own ignorance, I'm just wondering why you have to use a tool or set anything in Tomato to control the download to get VoIP working well?
  22. JensG

    JensG Network Guru Member

    If I had unlimited download bandwidth it vould not be a problem to use SIP VOIP while there is other traffic. But since I don't, there is a lot of broken voice and/or delay if there is other traffic while using the phone.

    With the firewall script I can reserve 100kb to the ATA, and it helps a lot.
  23. tomatoes123!

    tomatoes123! LI Guru Member


    Could you share your secret with using Wrt54g.exe

    I'm using a WRT54GL v1.1, running Tomato 1.04:wink: , QOS enabled, VOIP highest (via MAC address)

    I get pretty good voice quality with Tomato default download/inbound settings; however, to absolute be sure that wife is pleased :rolleyes: with VOIP (I'm thinking of switching from PSTN to VOIP),
    I think I need to reserve about 100k of download/inbound bandwidth for my ATA

    My ATA is connect to the LAN port1
    I'm confused as to which "dev" to generate the script for
    According to http://wiki.openwrt.org/OpenWrtDocs/Configuration, I think it'd be "vlan0"

    How would I go about making sure that 100k is really reserved for the ATA?

  24. JensG

    JensG Network Guru Member

    I will try to explain how I have set it up.

    First of all I have a 1024/256 cable connection, and I have chosen to the Download Speed to 980 and the Upload Speed to 240.

    I want to let my ATA have 200kb/s to make sure I can have two calls at the same time, which leaves 780kb/s to share between our two PC's = 390kb/s for each.
    The ceiling for the ATA I have set to 980, and the PC's to 900. I can't figure out if this matters. When I made it like this, I had a clear idea of why, but can't see it now.
    The PC's have lowest priority, and the ATA highest.
    I use MAC to Identify the units.

    I have made a couple of screenshots.
    The ATA's setup:


    The PC's setup:

    I also have a couple of screenshots of the QOS setup:

    I hope this helps.

    It works very well for me. And the WAF is very fine.
    We switched to VOIP a couple of months ago.
  25. digitalgeek

    digitalgeek Network Guru Member

    I would recommend creating a rule by mac (the mac of your voip device) with highest priority and move it to the top of this list and not worry about the bandwidth or anything like that. with this device highest and at the top, QOS will "choke" everything including port 80(web).

    (Also you should probably cap you uploads to half or less than upstream cap - in the application)
  26. tomatoes123!

    tomatoes123! LI Guru Member

    JensG & digitalgeek,

    thanks much for the detail instructions:biggrin:
    I'll take some time for me to digest

    Thanks again,
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice