1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

RT N66U - Packet shaping and priorities don't work for the guest network?

Discussion in 'ASUS Wireless' started by yada, Jan 16, 2015.

  1. yada

    yada New Around Here

    Joined:
    Jan 16, 2015
    Messages:
    4
    Hi there,

    I've got the RT N66U as the central router. Connecting to this are two access points. One AP is me the other is someone else. The someone else connects to a guest network on the router. In the QoS rules i've got their IP set to the lowest priority. In the user-defined priorities i've set the lowest priorities to have 0-10% of the bandwidth for both upload and download.

    I'm sure it's not working as even when turning everything off and/or monitoring the network usage of the other machines there can still be maximum bandwidth being used as reported by traffic monitor. I can't tell exactly that's it's the guest network as the traffic monitor doesn't show IP addresses, but in the system log it's their IP address that's filling the log leading me to assume that it's the guest network that's using the bandwidth.

    So in short, do the priorities and QoS rules affect the guest networks? If i've set this up wrong could someone point me in the correct direction please? Cheers.
     
    Last edited: Jan 16, 2015
  2. sinshiva

    sinshiva Very Senior Member

    Joined:
    Nov 8, 2013
    Messages:
    1,067
    Location:
    FL
    QoS is applied at the outgoing/wan interface, so it should be working just fine for guest networks.

    iptables -t mangle -L -nv to verify for yourself
     
  3. yada

    yada New Around Here

    Joined:
    Jan 16, 2015
    Messages:
    4
    Thanks for reply. Could you tell me where to put that command? I tried in terminal but wasn't known.
     
  4. sinshiva

    sinshiva Very Senior Member

    Joined:
    Nov 8, 2013
    Messages:
    1,067
    Location:
    FL
    er, did you telnet/ssh into the router?
     
  5. yada

    yada New Around Here

    Joined:
    Jan 16, 2015
    Messages:
    4
    I put the IP address into the URL bar and typed in username and password. I dont know what type of connection that is, HTTP? I'm not savvy with networking, this is like the first one i've ever done i think.
     
  6. enr00ted

    enr00ted Regular Contributor

    Joined:
    Apr 18, 2013
    Messages:
    101
    Location:
    Born in Romania, living in Spain
    Enable telnet on router !

    [​IMG]

    Assuming you use windows, open CMD (or command prompt). Enter telnet and the ip adress of the router. It will ask for user and password, the ones you have set for your router.

    [​IMG]

    Then you are good to go and try the input that has been suggested.
     
    Last edited: Jan 21, 2015
  7. cHarley

    cHarley New Around Here

    Joined:
    Jan 11, 2015
    Messages:
    9
    FYI - Another option

    As I was never happy with the results using QoS to control my guest network, I went with firewall rules below to regulate maximum guest (vlan) speeds.

    Note: running dd-wrt
    My guest is on a vlan at 192.168.2.x
    In the rules below, the guest subnet is limited to 10Mb down and 1.5 Mb up.

    #Limit Guest Network Downstream Bandwidth
    TCA="tc class add dev br1"
    TFA="tc filter add dev br1"
    TQA="tc qdisc add dev br1"
    SFQ="sfq perturb 10"
    tc qdisc del dev br1 root
    tc qdisc add dev br1 root handle 1: htb
    tc class add dev br1 parent 1: classid 1:1 htb rate 10000kbit
    $TQA parent 1:1 handle 10: $SFQ
    $TFA parent 1:0 prio 2 protocol ip handle 10 fw flowid 1:1
    iptables -t mangle -A POSTROUTING -d 192.168.2.0/24 -j MARK --set-mark 10

    #Limit Guest Network Upstream Bandwidth
    TCAU="tc class add dev imq0"
    TFAU="tc filter add dev imq0"
    TQAU="tc qdisc add dev imq0"
    insmod imq
    insmod ipt_IMQ
    ip link set imq0 up
    tc qdisc del dev imq0 root
    tc qdisc add dev imq0 root handle 1: htb
    tc class add dev imq0 parent 1: classid 1:1 htb rate 1500kbit
    $TQAU parent 1:1 handle 10: $SFQ
    $TFAU parent 1:0 prio 2 protocol ip handle 10 fw flowid 1:1
    iptables -t mangle -A PREROUTING -s 192.168.2.0/24 -j MARK --set-mark 10
    iptables -t mangle -A PREROUTING -j IMQ --todev 0
     
    Adam Siemiginowski and Nullity like this.
  8. yada

    yada New Around Here

    Joined:
    Jan 16, 2015
    Messages:
    4
    Hadn't checked back in a couple of days but thanks for responses. The QoS options i've chosen appear to do nothing. I'm going to give cHarley's settings a go. Cheers all.
     
  9. Adam Siemiginowski

    Adam Siemiginowski Occasional Visitor

    Joined:
    Sep 3, 2017
    Messages:
    29
    Does this work for the Guest Networks running on wl0.1, wl1.1, and wl1.2? I don't understand the interfaces used here: br1 and imqo.

    Also - what is the simplest way to implement this script?

    I'm able to do 'tc' commands via Telnet and see them appear via 'tc qdiscs' - but would prefer a more visual approach to upload a custom script file like this - and not kill a router being used in my business. :)