Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Adaptive QOS and voip not working so well together (and high ping)

Discussion in 'Asuswrt-Merlin' started by psyc0ld, Apr 24, 2016.

  1. defcon

    defcon Occasional Visitor

    Joined:
    Apr 21, 2015
    Messages:
    11
    @RMerlin maybe if we can get a compiled strace/lsof thrown on the router we can do some debugging to see if we can further customize/reverse engineer ASUS's implementation
     
  2. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    22,575
    Location:
    Canada
    You can add these tools through Entware.

    What you are looking for resides in good part in the qosd binary. A strings dump of that exe will give you a list of the tc commands it uses.
     
  3. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    10,791
    Location:
    San Diego, CA
    QoS is very mis-understood - it's probably better to refer this as traffic shaping, and even then, it's about conditional fairness across the different interfaces/clients/applications...
     
  4. Nullity

    Nullity Very Senior Member

    Joined:
    Jul 17, 2014
    Messages:
    1,603
    Location:
    Appalachia
    Using the most common, mostly accurate term is my preference, which is "(Traditional/Adaptive) QoS". Standard AsusWRT users just want gaming & VOIP to perform optimally.
     
  5. lilstone87

    lilstone87 Senior Member

    Joined:
    Dec 13, 2012
    Messages:
    230
    Yes I would agree with the last part you said here. I will say however I haven't found Adaptive QoS performing optimally for me when using a decent amount of upload bandwidth recently. I currently use a AC3100, and it was probably two weeks ago. I had adaptive QoS enabled, and even had gaming system prioritized. Well I was doing some online gaming, and noticed things were feeling, and even appearing to lag. So I looked over things while still gaming, and my network was using 8mbps(1MB's) of upload bandwidth. Which is about 25% of my total upload bandwidth, so no reason I should be feeling things getting so laggy. I even checked ping times, which normally may raise 5ms, if that on average when using that amount of active upload bandwidth.

    So with all that said.. I'm sure I don't fully understand the way Adaptive QoS should work. But I think it should be working better then this, and not allowing gaming to suffer in this manner, when prioritized, and only 25% of my total upstream was being used at the time. Btw this wasn't a single one time deal, I was able to get it to happen a couple times, that day. But also noticed it happen a time, or two before. I just didn't take the time to look into it actively before.
     
  6. Nullity

    Nullity Very Senior Member

    Joined:
    Jul 17, 2014
    Messages:
    1,603
    Location:
    Appalachia
    That was my biggest obstacle when learning about generic QoS and related technologies... I never got the results I (ignorantly) expected.

    I remember disregarding an SNB forum post said you must verify that your QoS configuration performs as expected. Months later I realized he was absolutely correct.
     
  7. kvic

    kvic Very Senior Member

    Joined:
    Aug 11, 2014
    Messages:
    1,402
    Location:
    Hong Kong
    To me: Adaptive QoS = Traditional QoS plus using deep packet inspection to classify network traffic for packet prioritisation.

    People could complain about lack of exposed end-user configurability in the current offering in ASUSWRT. Or lack of flexibility using port/ip/etc in addition to deep packet inspection ATM. The fundamentals are with Adaptive QoS having an edge here.

    As an analogy, when Great Firewall in China used "traditional ways" (port/ip/etc) to block access, people could cross the wall with ease. After GFW deploys deep packet inspect (and an additional temporal dimension..) to identify the "right" traffic to block, its effectiveness improves by many orders of magnitude.
     
  8. kvic

    kvic Very Senior Member

    Joined:
    Aug 11, 2014
    Messages:
    1,402
    Location:
    Hong Kong
    Yet more on Adaptive QoS...

    DSLreport buffer bloat test of my line 100/100:

    [​IMG]

    It doesn't get me A+ but I'm happy with A..

    Settings

    Bandwidth Setting = Manual
    Upload Bandwidth = 95 Mb/s
    Download Bandwidth = 0 Mb/s

    Manual is a must IMO.

    Download bandwidth shall simply set to 0 for home internet by all intent and purpose..

    With a fat upstream pipe or symmetric up/down , upload bandwidth can be set 90% to 95%.

    With a thin upstream pipe (e.g. < 20Mbit/s) or asymmetric up/down (especially those extraordinarily asymmetric like 150/10 down/up), I think people worth experimenting with upload bandwidth set to between 50% and 70%.

    Let us know if people tried and see improvements...
     
  9. charlie2alpha

    charlie2alpha Senior Member

    Joined:
    Nov 15, 2014
    Messages:
    348
    Location:
    Greece
    My opinions are a bit different. DPI is effective, yes, but only as good as the equipment doing it. Our routers have limited processing power ( if they didn't, hardware acceleration wouldn't be a necessity) and therefore the DPI engine is also limited in what it can do.

    Also, taking into account that the majority of connections these days are already using TLS/other encryption that makes it harder for that DPI engine to figure out what the traffic really is.

    Speaking with practical terms from own tests, it cannot detect encrypted torrent traffic, neither popular VoIP-enabled messaging applications like Skype, Viber, WhatApp messenger, Google Hangouts etc. So what happens is that all of these end up in the "Generic" category which is plain wrong since there will be no prioritization at all for the time sensitive VoIP packets.

    So, by doing just the DSL Reports test, yes, you'll get an A+ if you limit your upstream enough, but the real challenge for any Traffic Shaping system is when there're multiple streams of a different nature, requiring different priorities. And in that, Trendmicro's supplied engine in the ASUS routers just isn't good enough. Not for the applications I use anyway, it just fails miserably. And to be honest, I wouldn't except much from consumer level equipment after all.

    Also my last objection, why would anyone with an upstream no more than 10Mbps would limit it as far as 50%? We're paying for our connections and expect to be able to use the full bandwidth of it. If we're required to limit our bandwidth so much just to have a decent bufferbloat result, then the QoS system used in this case is a complete failure. I have a 5Mbit upload and set the upload at 4.75Mbps and get A+ in bufferbload, A+ in quality. Because I don't use the adaptive system, neither ASUS' normal QoS but my own script.

    No, I do not expect anyone to do this, but for sure the DPI engines have their own issues and limitations, their biggest enemy being encryption which is being enabled for more and more things these days.
     
    Nullity likes this.
  10. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    10,791
    Location:
    San Diego, CA
    http://www.ntop.org/products/deep-packet-inspection/ndpi/
     
  11. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    22,575
    Location:
    Canada
    I suspect that the Trend Micro DPI engine goes beyond inspecting the packet payload, as it can specifically classify "Google SSL traffic". It probably also check at the TCP header, looking up source and destination IP and ports.
     
  12. charlie2alpha

    charlie2alpha Senior Member

    Joined:
    Nov 15, 2014
    Messages:
    348
    Location:
    Greece
    That is probably the case, checking for port 443 is easy after all.
     
  13. charlie2alpha

    charlie2alpha Senior Member

    Joined:
    Nov 15, 2014
    Messages:
    348
    Location:
    Greece
  14. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    22,575
    Location:
    Canada
    ndpi is a modern replacement for the old L7Filter netfilter module that was previously used by Tomato. I know it was added to DD-WRT, I don't know if they actively use it on the webui tho.
     
  15. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    22,575
    Location:
    Canada
    That bit is quite interesting:

    Could be also another method Trend Micro uses to separate Google SSL traffic from the rest (and would be far more accurate than having to constantly update the list of known subnets belonging to Google).
     
  16. charlie2alpha

    charlie2alpha Senior Member

    Joined:
    Nov 15, 2014
    Messages:
    348
    Location:
    Greece
    That helps but I don't know if it can detect the type of traffic effectively. As I pointed out, their engine fails to detect VoIP that doesn't use standard SIP.
     
  17. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    22,575
    Location:
    Canada
    I would expect the VoIP traffic to use a certificate with a different CN than their public website, so that could already help in identifying it. So technically, it would be possible at least.
     
  18. bluepoint

    bluepoint Very Senior Member

    Joined:
    Oct 20, 2012
    Messages:
    546
    [​IMG]

    100/100 Mbps Service actual @102/125 Mbps when speedtested without QOS.

    Settings

    Bandwidth Setting = Manual
    Upload Bandwidth = 120 Mbps
    Download Bandwidth = 100 Mbps
     
    kvic likes this.
  19. Chris Wolf

    Chris Wolf New Around Here

    Joined:
    Mar 17, 2017
    Messages:
    3
    Hi guys - great thread here. I own a VoIP company, we use a non-standard port for SIP messaging . . (7770) . . the standard port is 5060. That being said, Adaptive QoS is picking up SIP messaging and properly categorizing it as "VoIP" ..

    The bad news is that the actually digitized human conversation known as the "RTP stream" is categorized as 'General' and therefore falling under "Default".

    At the moment I have to set "Others" as the highest priority in "customize" in order to get the RTP stream to takes its place at the top.

    If anyone is interested in geeking out on this and figuring out how to get *any* RTP stream categorized as VoIP, let me know . . I have great technical resources yet I just began to use merlin for smaller customer prems, I'm not really a Linux guy but I have people who are.

    thx ;)
     
  20. FreshJR

    FreshJR Occasional Visitor

    Joined:
    Oct 8, 2016
    Messages:
    38
    You resurrected this dinosaur and missed my thread on front page?

    https://www.snbforums.com/threads/s...category-unidentified-traffic-priority.36836/

    We figured out how to redirect default traffic into the others catagory which can then be moved up and down in the UI, since out of the box the default catagory is always LAST and cannot be adjusted.

    Default is different from others. Default is always last. That threw me for a loop aswell.


    A better approch probably would be if you are able to identify the RTP stream using by destination IP or some easy identifier, then you can use traffic control (tc) to supplement ASUS's rules with your own rule, making sure your rule would sort the packet into VOIP, before Asus's rule sorts it into default.
     
    Last edited: Mar 17, 2017
    Chris Wolf likes this.

Share This Page