What's new

Potential fix for iOS devices sucking up BW - iptables fix - need testing

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Any update on this from other users? I've started from scratch and am wondering whether I should add

Code:
iptables -I INPUT -p tcp --tcp-option 30 -m state --state NEW -j DROP
iptables -I OUTPUT -p tcp --tcp-option 30 -m state --state NEW -j DROP
iptables -I FORWARD -p tcp --tcp-option 30 -m state --state NEW -j DROP #As suggested additionally by RMerlin

to firewall-start or not?
 
I haven't been able to reproduce the original problem - and the proposed change was to basically block option 30 (MPTCP) negotiation.

Even within the Apple support community, there's no clear consensus as to what might be the actual cause (both the official forums, and in the blog-o-sphere) as to what might be happening - one did point out that it could actually be an out of sync condition between iCloud and the Device, which can cause problems - in normal conditions, the backup/sync is very fast and of short duration...

@RMerlin - I'm thinking we should probably suggest to back out this proposed change, and try to capture some traces if possible, and see what's going on. I don't think this is specific to Asus - we get a lot of reports from Asus users, but that's likely because of the population that congregates here...
 
I haven't been able to reproduce the original problem - and the proposed change was to basically block option 30 (MPTCP) negotiation.

Even within the Apple support community, there's no clear consensus as to what might be the actual cause (both the official forums, and in the blog-o-sphere) as to what might be happening - one did point out that it could actually be an out of sync condition between iCloud and the Device, which can cause problems - in normal conditions, the backup/sync is very fast and of short duration...

@RMerlin - I'm thinking we should probably suggest to back out this proposed change, and try to capture some traces if possible, and see what's going on. I don't think this is specific to Asus - we get a lot of reports from Asus users, but that's likely because of the population that congregates here...
The iptables thing didn't work for me. So I put my bandwidth limits back on for my apple devices and that has things working in the mean time. I didnt see much of a response in this thread so I was assuming that it must have been a more limited problem than I originally thought. I dont really have a good way to gauge that though. The calls that I opened up with Apple Support have only shown me that they really have no interest in what is causing this. I am not surprised.
 
The iptables thing didn't work for me. So I put my bandwidth limits back on for my apple devices and that has things working in the mean time.

Just so I understand it correctly, you manually limit bandwih per device (can that be done with the WebUi? Not sure were to find that option...? Do you maximize bandwith at a certain percentage of max manual/auto bandwith? My max downstream is 150 Mbit/upstream 15Mbit, but it can strongly vary throughout the day, specifically when they have technically issues in surrounding areas, so 'hard' values are somewhat tricky as it might cause the available bandwith still to be used entirely, if the set bandwith is the max available at that specific time. Sorry for the flood of words, but as English is not my native language, I'm just trying to make myself clear. Hopes it makes sense.

The calls that I opened up with Apple Support have only shown me that they really have no interest in what is causing this. I am not surprised.

Nope, no suprise their either. If it doesn't concern a sale to be made, they're not particular helpful, especially when it comes to acknowledging issues widely reported. Maybe it's me, but things seems to have gotten even get worse, now Steve is gone. R.I.P. Mr. One More Thing.
 
Just so I understand it correctly, you manually limit bandwih per device (can that be done with the WebUi? Not sure were to find that option...? Do you maximize bandwith at a certain percentage of max manual/auto bandwith? My max downstream is 150 Mbit/upstream 15Mbit, but it can strongly vary throughout the day, specifically when they have technically issues in surrounding areas, so 'hard' values are somewhat tricky as it might cause the available bandwith still to be used entirely, if the set bandwith is the max available at that specific time. Sorry for the flood of words, but as English is not my native language, I'm just trying to make myself clear. Hopes it makes sense.



Nope, no suprise their either. If it doesn't concern a sale to be made, they're not particular helpful, especially when it comes to acknowledging issues widely reported. Maybe it's me, but things seems to have gotten even get worse, now Steve is gone. R.I.P. Mr. One More Thing.
In the adaptive QOS tab you can turn on QOS and set the type to Bandwidth limiter. Under there you can create a table of devices that you want to be affected. In that table you can chose the download and upload bandwidth limits. I set the download to the full amount from my ISP and I set the upload to 60% of what is available from my ISP.

That keeps the upstream bandwidth from being completely flooded by one device for example a phone backing up or syncing pictures to the cloud. You can do a speedtest while you monitor the bandwidth used on the previous screen to make sure your change has taken affect. I have found that it works very well in avoiding the problem and it doesn't affect any device that I don't include in that table.
 
In the adaptive QOS tab you can turn on QOS and set the type to Bandwidth limiter. Under there you can create a table of devices that you want to be affected. In that table you can chose the download and upload bandwidth limits. I set the download to the full amount from my ISP and I set the upload to 60% of what is available from my ISP.

That keeps the upstream bandwidth from being completely flooded by one device for example a phone backing up or syncing pictures to the cloud. You can do a speedtest while you monitor the bandwidth used on the previous screen to make sure your change has taken affect. I have found that it works very well in avoiding the problem and it doesn't affect any device that I don't include in that table.
I might not have been clear on that. Let's say you have 10Mb/s down and 1Mb/s up. So in the table I set the download for 10Mb/s and the upload for .6 Mb/s for each of those devices.
 
Thanks @jph1589 , found it and followed your instructions to set it up. If I understood correctly, you take the max downstream available and use it and the table, and on limit the upstream bandwidth, correct?

Will see how it turns out. I left 'Queue Discipline' at 'sfq', the first option (not a clue what the differences are) and left 'WAN Packet Overhead' at '0 - None'. Should I change either of these settings?
 
Thanks @jph1589 , found it and followed your instructions to set it up. If I understood correctly, you take the max downstream available and use it and the table, and on limit the upstream bandwidth, correct?

Will see how it turns out. I left 'Queue Discipline' at 'sfq', the first option (not a clue what the differences are) and left 'WAN Packet Overhead' at '0 - None'. Should I change either of these settings?
That is all correct.
 
What is this attempting to fix? I've been using an iPad and iPhone with a AC88U and haven't seen a "data hogging" issue. I'm not even sure what that actually means.
 
What is this attempting to fix? I've been using an iPad and iPhone with a AC88U and haven't seen a "data hogging" issue. I'm not even sure what that actually means.
Do you back them up to the iCloud? or Sync them to iCloud?
 
It's not specific to iOS either, I see the same thing with MacBooks doing cloud syncing.
 
Do you back them up to the iCloud? or Sync them to iCloud?

Yes.

I don't see excessive usage as far as I can tell based on the traffic monitor, though the monitor is buggy and frequently reports the wrong data (lately it's showing the same amount of data uploaded as downloaded which is wrong).
 
Well....you are a lucky one then. A lot of people experience issues with the upstream bandwidth being completely saturated when the devices are syncing or backing up photos especially. When that happens it causes the link to effectively go down because no other upstream traffic can get out. So limiting the upstream bandwidth for those specific devices has helped in some cases.
 
Well....you are a lucky one then. A lot of people experience issues with the upstream bandwidth being completely saturated when the devices are syncing or backing up photos especially. When that happens it causes the link to effectively go down because no other upstream traffic can get out. So limiting the upstream bandwidth for those specific devices has helped in some cases.

Dunno. I have a 10 Mbps upstream pipe which isn't actually that high.

iCloud backups happen sometime overnight. iCloud syncing can occur at any time, but the amount of traffic from that is quite low as the amount of data synced at a time is small.

I do have wifi assist disabled on my iPad Air 2, but it's on on my iPhone 7.

It doesn't seem like this is a common problem as doing a google search for iOS mtcp excessive bandwidth only returns hits about using excessive mobile data with wifi assist on. I can't find anything about excessive wifi usage.
 
Dunno. I have a 10 Mbps upstream pipe which isn't actually that high.

iCloud backups happen sometime overnight. iCloud syncing can occur at any time, but the amount of traffic from that is quite low as the amount of data synced at a time is small.

I do have wifi assist disabled on my iPad Air 2, but it's on on my iPhone 7.

It doesn't seem like this is a common problem as doing a google search for iOS mtcp excessive bandwidth only returns hits about using excessive mobile data with wifi assist on. I can't find anything about excessive wifi usage.

I had these stored in my bookmarks from when I first started researching this problem.

http://www.cio.com/article/3034515/consumer-electronics/photos-apple-s-bandwidth-hog-from-hell.html
http://tidbits.com/article/15679
https://mayallit.wordpress.com/2015...ibrary-upload-using-network-link-conditioner/
http://www.billion.uk.com/forum/viewtopic.php?t=4016
 

Seems like all of those are referencing standard QoS issues with a touch of buffer-bloat thrown in. Any program that uploads a lot of data a full stream will cause the same problem. That's what QoS solves.

This can be tested at http://www.dslreports.com/speedtest which does a combined speed saturation test and ping measurement.
 
Seems like all of those are referencing standard QoS issues with a touch of buffer-bloat thrown in. Any program that uploads a lot of data a full stream will cause the same problem. That's what QoS solves.

This can be tested at http://www.dslreports.com/speedtest which does a combined speed saturation test and ping measurement.
Been down all those roads before and not really willing to revisit them. I know what the issue is for my devices and I have a fix that works for me.
 
Not sure whether it's worth noting, as it doesn't look too serious, but maybe something would be of interest to @RMerlin (assuming it's not proprietary code by Asus, but since I changed my QoS settings to Bandwith Limited for iOS devices, Queue discipline set to sfq and WAN Packet Overhead to '0 - None', I'm periodically seeing QoS-related errors in syslog. With my previous settings (Adaptive mode, Customized Mode), I never had any issues.

Code:
Jun 08 16:52:52 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 08 19:27:54 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 08 23:38:49 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 08 23:59:53 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 09 00:07:24 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 09 00:07:28 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 00:07:28 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 01:25:04 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 01:25:04 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 01:25:06 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 01:25:06 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:02 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 09 08:10:03 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:04 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:04 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:07 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:07 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:28 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 09 08:10:29 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:30 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:30 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:34 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:34 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 19:16:34 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 19:16:34 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked

Apparently a second process is trying to lock the same lockfile, but I can't explain why it shows the errors during the night until 8:10 AM (CEST) and just started an hour ago again, without any errors in the meantime. Anything to worry about or to look into?
 
Not sure whether it's worth noting, as it doesn't look too serious, but maybe something would be of interest to @RMerlin (assuming it's not proprietary code by Asus, but since I changed my QoS settings to Bandwith Limited for iOS devices, Queue discipline set to sfq and WAN Packet Overhead to '0 - None', I'm periodically seeing QoS-related errors in syslog. With my previous settings (Adaptive mode, Customized Mode), I never had any issues.

Code:
Jun 08 16:52:52 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 08 19:27:54 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 08 23:38:49 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 08 23:59:53 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 09 00:07:24 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 09 00:07:28 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 00:07:28 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 01:25:04 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 01:25:04 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 01:25:06 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 01:25:06 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:02 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 09 08:10:03 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:04 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:04 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:07 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:07 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:28 dMP17 rc_service: httpd 1401:notify_rc restart_qos;restart_firewall
Jun 09 08:10:29 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:30 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:30 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:34 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 08:10:34 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 19:16:34 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked
Jun 09 19:16:34 dMP17 syslog: Error locking /var/lock/qos_ipt.lock: 0 Already locked

Apparently a second process is trying to lock the same lockfile, but I can't explain why it shows the errors during the night until 8:10 AM (CEST) and just started an hour ago again, without any errors in the meantime. Anything to worry about or to look into?
I have never seen those on mine. Also, I have used this setting on 380.65 and 380.66
 
Last edited:
Strange, as I use exactly the same settings you posted earlier. What's even more strange, I disabled the bandwith limiter, switched back to Adaptive QoS, bandwith to automatic, priority to customized, and even after that I'm still seeing the same errors, even though I've never seen them prior to yesterday. The only I can try now is to disable QoS for now, and turn it back on. Can't reboot the router untill tomorrow if nescessairy, as the baby monitor needs wifi and the alarm which sounds when the connection gets lost might wake up my son...
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top