Using some of the classic posts on this forum, like pcunite’s QoS post; mducharme’s FastTrack-Friendly Queues post; and others, I finally got my Queue Trees and Mangle rules running. It seems to be working great, so I should just step away from the computer now, but I have some questions.
- Mangle rule counters. I have Mangle rules which, as advised by all, first “Mark Connection,” then “Mark Packet.” But the counters of these two sometimes don’t match. Usually they are close, but sometimes there is a big disparity. For example, I have these Mangle rules, verbatim from pcunite:
;;; HTTP
add action=mark-connection chain=prerouting comment=HTTP connection-mark=no-mark connection-state=new new-connection-mark=HTTP passthrough=yes port=80,443 protocol=tcp
add action=mark-connection chain=prerouting connection-bytes=5000000-0 connection-mark=HTTP connection-rate=2M-100M new-connection-mark=HTTP_BIG passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=HTTP_BIG new-packet-mark=HTTP_BIG passthrough=no
add action=mark-packet chain=prerouting connection-mark=HTTP new-packet-mark=HTTP passthrough=no
The counter for the HTTP “Packet Mark” is much higher than the HTTP “Connection Mark”. Shouldn’t the Packet Marks counter always equal the Connection Marks counter? Am I missing something about the logic of this section?
-
Mangle rule Chains. pcunite seems to use prerouting, and the occasional postrouting (sometimes both). I wanted to mark packets associated with a few devices (Streaming Boxes), so I just used an Interface List in my Mangle rule. By trial and error and watching counters, this seems to only work on the Forward chain. Is there a better way to understand chains, other than trial and error?
-
FastTrack with Queue Trees. I didn’t realize that FastTrack doesn’t actually “speed up” the packet on its journey. It simply makes the router do less work per packet, thereby increasing throughput and reducing CPU use. My CPU use is currently almost always at 0% (hap ac2), so I’m not actually worried about this. I’d like to learn something though.
Apparently, if you give your Queue Trees an INTERFACE parent, rather than global; and then add a Firewall rule before your FastTrack rule to Bypass FastTrack for certain packets; you can retain FastTrack, but still use queues.
But this lets the FastTrack packets bypass your Queue Trees, which have an overall bandwidth cap set. So why would you want to use FastTrack with Queue Trees? Don’t you want your Queue Trees to account for ALL traffic (so that the overall bandwidth cap is respected)?
- DSCP marks. I enjoyed reading smileymattj’s DSCP variation on pcunite’s QoS thread. It seems like DSCP marking could be great, if it were widely (judiciously) used and honored. But unless I generate the DSCP marks myself (on my router, or on my computer), I don’t think there are any DSCP marks flowing in to or out of my network. I guess my ISP must be stripping them, or my services (Zoom, etc.) just don’t use them. Is there any benefit to using DSCP marks in this case?