FlexQoS FlexQoS 1.3.2 - Flexible QoS Enhancement Script for Adaptive QoS

[raion969]

what is the gear accelerator feature?

 

[Kingp1n]

 

[sentinelvdx]

Which is current status for Dual WAN support?
Didn't try it again because it was breaking QoS completely.

 

[dave14305]

Which is current status for Dual WAN support?
Didn't try it again because it was breaking QoS completely.

It might/could/should work. At least it used to for one user with a failover setup.

 

[gamell]

Hi all, first time poster with what's probably a silly question. First of all, thanks to dave14305 for this amazing script!

Now to my question: I recently setup FlexQoS 1.3 in my RT-AC88U running RT-AC88U_386.4_0 asuswrt-merlin and, while the WAN traffic seems to work great according to the rules I defined, I noticed that QoS is applying the rules to local traffic to my NAS when I access it through the public domain name, say gamell.mynas.com, instead of through the local IP, say, 192.168.1.2. Is it be because the DNS servers resolve the domain to my external IP instead of the internal one and therefore is counted as WAN traffic?

I know I can create a new IP table to re-categorize the traffic from/to that NAS, but that doesn't cut it, because even if I do that, category would still be capped at the max WAN UL/DL speeds (20mbps/400mbps) instead of the actual LAN UL/DL speeds (10Gbps/10Gbps).

Is there any way to completely bypass QoS for that domain name? Maybe hardcoding a DNS record somewhere in the router (also using Diversion to get rid of ads) so the gamell.mynas.com always resolves directly to the local IP internally?

Thank you!

 

[dave14305]

Is it be because the DNS servers resolve the domain to my external IP instead of the internal one and therefore is counted as WAN traffic?

I think so. It reaches the router because the IP is not local, gets hairpinned back to the LAN interface, where download limits are applied.

Is there any way to completely bypass QoS for that domain name? Maybe hardcoding a DNS record somewhere in the router (also using Diversion to get rid of ads) so the gamell.mynas.com always resolves directly to the local IP internally?

Many options to add a hosts.add file, or dnsmasq.conf.add with an address= or host-record= entry. I personally like the host-record entry because you can specify a TTL without impacting Diversion.
/jffs/configs/dnsmasq.conf.add:

host-record=gemell.mynas.com,192.168.1.2,3600

Then restart dnsmasq with service restart_dnsmasq

 

[gamell]

host-record=gemell.mynas.com,192.168.1.2,3600

It worked like a charm, thank you so much!

 

[BoostOver]

Please someone explain this option to me in a simple way?
“Router/VPN Client Outbound Traffic Class”

 

[dave14305]

Please someone explain this option to me in a simple way?
“Router/VPN Client Outbound Traffic Class”

When the router sends its own traffic to the internet, it does not get classified by the Trend Micro engine. Traffic from the LAN to the Internet gets classified normally. So the router traffic can be manually classified by an iptables rule and this option determines what priority is given by that rule. This would be router traffic such as dnsmasq DNS forwarding, amtm update checks, Entware updates, router speedtest uploads, and router VPN client upload traffic.

 

[maghuro]

Suggestion - Can we identify by name the vpn server users in the tracked connections?
For example, right now I have a VPN user (login I created is Foo) with vpn server IP 10.6.1.2, and another login (Bar) with it 10.6.1.3 and on the tracked connections table it shows the IP. Maybe it's possible to relate the IP to the user connected to the vpn server and display the username instead...

 

[dave14305]

Hello, old friend.

 

[Kingp1n]

Hello, old friend.

View attachment 38683

I like that quote!!! @dave14305 I'm curious to know if you been cooking something in regards to Flex??? Guess only time will telll haha

 

[dave14305]

I like that quote!!! @dave14305 I'm curious to know if you been cooking something in regards to Flex??? Guess only time will telll haha

Nothing cooking yet. Just reacquainting myself with my old setup, and keeping it simple for a while.

 

[sentinelvdx]

@dave14305 I have an IPTV service which is being classified as Web Surfing and all their servers end xxx.xxx.xxx.xxx".fibertel.com.ar" and ".telecom.net.ar"
Is it possible to make a wildcard to capture all that traffic and mark it as streaming?

 

[dave14305]

@dave14305 I have an IPTV service which is being classified as Web Surfing and all their servers end xxx.xxx.xxx.xxx".fibertel.com.ar" and ".telecom.net.ar"
Is it possible to make a wildcard to capture all that traffic and mark it as streaming?

It's certainly possible to do so outside of FlexQoS. It won't look right in FlexQoS when looking at Tracked Connections, however.

1. Create an ipset.
2. Configure dnsmasq to populate the ipset.
3. Add an iptables rule to mark anything matching the ipset as streaming.

Add the following commands to /jffs/scripts/firewall-start (replace eth0 with your WAN interface if not eth0):

if ! ipset -L -n Streaming >/dev/null 2>&1; then ipset -q create Streaming hash:ip timeout 86400; fi
iptables -t mangle -A POSTROUTING -o br0 -m set --match-set Streaming src -j MARK --set-xmark 0x8004ffff/0xc03fffff
iptables -t mangle -A POSTROUTING -o eth0 -m set --match-set Streaming dst -j MARK --set-xmark 0x4004ffff/0xc03fffff

Add the following config to /jffs/configs/dnsmasq.conf.add:

max-cache-ttl=86400
ipset=/fibertel.com.ar/telecom.net.ar/Streaming

To give it a whirl, run:

service "restart_dnsmasq;restart_qos;restart_firewall"

You will hopefully see the IPTV traffic show up as Streaming in the graphs, but they will still appear as Web Surfing in the Tracked Connections list.

If the IPTV service uses IPv6, there are additional changes needed to create the IPv6 version of these commands.

 

[sentinelvdx]

It's certainly possible to do so outside of FlexQoS. It won't look right in FlexQoS when looking at Tracked Connections, however.

1. Create an ipset.
2. Configure dnsmasq to populate the ipset.
3. Add an iptables rule to mark anything matching the ipset as streaming.

Add the following commands to /jffs/scripts/firewall-start (replace eth0 with your WAN interface if not eth0):

if ! ipset -L -n Streaming >/dev/null 2>&1; then ipset -q create Streaming hash:ip timeout 86400; fi
iptables -t mangle -A POSTROUTING -o br0 -m set --match-set Streaming src -j MARK --set-xmark 0x8004ffff/0xc03fffff
iptables -t mangle -A POSTROUTING -o eth0 -m set --match-set Streaming dst -j MARK --set-xmark 0x4004ffff/0xc03fffff

Add the following config to /jffs/configs/dnsmasq.conf.add:

max-cache-ttl=86400
ipset=/fibertel.com.ar/telecom.net.ar/Streaming

To give it a whirl, run:

service "restart_dnsmasq;restart_qos;restart_firewall"

You will hopefully see the IPTV traffic show up as Streaming in the graphs, but they will still appear as Web Surfing in the Tracked Connections list.

If the IPTV service uses IPv6, there are additional changes needed to create the IPv6 version of these commands.

Thanks!!! I'll do it later

IPTV service uses IPv4 so no problem

 

[heille1221]

Recently upgraded my connection from 150/120 to 420/380. On old plan with flexqos, im getting my full speed both dl and ul using spdmerlin. After plan upgrade, im only getting aroung 320 dl with flexqos enabled on spdmerlin. But using speedtest on pc with lan, im getting 420. Turning off flexqos, id also get 420 on spdmerlin. Already tried reinstalling fw, reset, etc but still the same. Is this expected or maybe my router (ax88u) is bugging out. Ty.

 

[L&LD]

Welcome to the forums @heille1221.

This is expected.

Any reason why you need to use FlexQoS anymore?

 

[heille1221]

Welcome to the forums @heille1221.

This is expected.

Any reason why you need to use FlexQoS anymore?

Thanks. Well i have been using qos before (from freshjr to flexqos) on my ac87u since i was on less than 100mbps. Since then it has been part of my router setup so kinda hard for me to stop using it. Lol. Anyway, i just enabled it and just stopped using autobw.

 

[reefer123]

any pointers how to tweak flexqos settings for best "fortnite-ping" ? - the game is on pc connected with wire

the internet:
"cable" 150/15 , modem: technicolor tc4400 , router: rt-ax56u (with radio off) , ap: rt-ac3100 (for wifi only)
from my limited observation :
1. using tp-link er605 as router (instead rt-ax56u) gives me better ping then
2. using rt-ax56u with cake - and cake is giving me better ping then
3. using rt-ax56u with "flexqos"
4. i am going to try the rt-ax56u with qos off - wonder how it will go

now the rt-ax56u is on latest Merlin and "flexqos" was set as gaming with out any tweaking
all setup was on manual anywhere from 110/11 to 130/13 (the speed test shows very close to 150/15)

or maybe there is a "gaming/settings" thread already somewhere - if yes pls let me know