[Asterisk-Users] Asterisk QOS working perfect using sveasoft 3.11g

lists-jmhunter jacob.hunter at gmail.com
Wed Aug 4 02:26:07 MST 2004 

As seen on my post at:
http://www.sveasoft.com/modules/phpBB2/viewtopic.php?p=28112#28112
This works very well... It does NOT work with stable 4.0!  sveasoft
will be issuing a bug fix for this (4.1) in the near future.

Final Rev of working script w/ asterisk support 

I'm not going to run alchemy on production machines until it is stablish. 

Remember to set your uplink properly and to set your proper wan port.
I use pppoe for mine.

This must be used with pre 3.11 

Here are detailed instructions on how to commit this to nvram:
http://www.sveasoft.com/modules/phpBB2/viewtopic.php?t=2943&start=0

I used that same script but did some final tweaks to make it work
perfect for Asterisk using IAX and SIP!



Code:


IPT=/usr/sbin/iptables 
IP=/usr/sbin/ip 
TC=/usr/sbin/tc 

# Specify ethernet device, Queue length, and MTU size 
# ((qlen * mtu) / rate) / 1024 = time 
DEV=ppp0 
OUT_QLEN=30 
MTU=1492 

# Set to ~80% of tested maximum bandwidth 
UPLINK=495 

# specify class rates - We grant each class at LEAST its "fair share" of 
# bandwidth. this way no class will ever be starved by another class. 
UPLINK_1_R=200 # VOIP only 
UPLINK_2_R=64 # Interactive (low port) traffic and ICMP/ACK 
UPLINK_3_R=16 # Everything else (ssh) 
UPLINK_4_R=16 # P2P 

# Each class is also permitted to consume all of the available bandwidth 
# if no other classes are in use. 
UPLINK_1_C=${UPLINK} 
UPLINK_2_C=${UPLINK} 
UPLINK_3_C=${UPLINK} 
UPLINK_4_C=${UPLINK} 

# remove old qdiscs 
$TC qdisc del dev $DEV root 2> /dev/null > /dev/null 
$TC qdisc del dev $DEV ingress 2> /dev/null > /dev/null 

# reset iptables rules 
$IPT -t mangle -D POSTROUTING -o $DEV -j MYOUT 
$IPT -t mangle -F MYOUT 
$IPT -t mangle -X MYOUT 

# set outgoing queue length 
$IP link set dev $DEV qlen ${OUT_QLEN} 

# lower the MTU to decrease latency 
#$IP link set dev $DEV mtu $MTU 

# Create HTB root qdisc with an htb default of 30 
$TC qdisc add dev $DEV root handle 1: htb default 40 

# create main rate limit class 
$TC class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}kbit 

# create leaf rate limit classes 
$TC class add dev $DEV parent 1:1 classid 1:10 htb rate
${UPLINK_1_R}kbit ceil ${UPLINK_1_C}kbit prio 0
$TC class add dev $DEV parent 1:1 classid 1:20 htb rate
${UPLINK_2_R}kbit ceil ${UPLINK_2_C}kbit prio 1
$TC class add dev $DEV parent 1:1 classid 1:30 htb rate
${UPLINK_3_R}kbit ceil ${UPLINK_3_C}kbit prio 2
$TC class add dev $DEV parent 1:1 classid 1:40 htb rate
${UPLINK_4_R}kbit ceil ${UPLINK_4_C}kbit prio 3

# attach qdisc to leaf classes - here we at SFQ to each priority class. SFQ 
# insures that within each class connections will be treated (almost) fairly. 
$TC qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10 
$TC qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10 
$TC qdisc add dev $DEV parent 1:30 handle 30: sfq perturb 10 
$TC qdisc add dev $DEV parent 1:40 handle 40: sfq perturb 10 

# add MYOUT chain to the mangle table in $IPT - this sets up the table 
# we use to filter and mark packets. 
$IPT -t mangle -N MYOUT 
$IPT -t mangle -I POSTROUTING -o $DEV -j MYOUT 

# add fwmark entries to classify different types of traffic - Set fwmark from 
# 10-40 according to desired class. 10 is highest prio. 

# outgoing VOIP rules - trumps everything else 
$IPT -t mangle -A MYOUT -p udp --sport 5060:5063 -j CLASSIFY --set-class 1:10 
$IPT -t mangle -A MYOUT -p udp --dport 5060:5063 -j CLASSIFY --set-class 1:10 
$IPT -t mangle -A MYOUT -p udp --sport 4569:4569 -j CLASSIFY --set-class 1:10 
$IPT -t mangle -A MYOUT -p udp --dport 4569:4569 -j CLASSIFY --set-class 1:10 
$IPT -t mangle -A MYOUT -p udp --sport 5036:5036 -j CLASSIFY --set-class 1:10 
$IPT -t mangle -A MYOUT -p udp --dport 5036:5036 -j CLASSIFY --set-class 1:10 

# default for outgoing interactive ports rules 
$IPT -t mangle -A MYOUT -p tcp --sport 0:1024 -j CLASSIFY --set-class 1:20 
$IPT -t mangle -A MYOUT -p tcp --dport 0:1024 -j CLASSIFY --set-class 1:20 

# the ack rule -- for ack packets smaller than 64 bytes --it must be
added using
# tc filter instead of iptables for now because the length module appears to be 
# broken and/or missing from the wrt54g iptables 
$TC filter add dev $DEV parent 1:0 prio 1 protocol ip u32 match ip
protocol 6 0xff match u16 0x0000 0xffc0 at 2 match u8 0x10 0xff at 33
flowid 1:10
$TC filter add dev $DEV parent 1:0 prio 1 protocol ip u32 match ip
protocol 6 0xff match u16 0x0000 0xffc0 at 2 match u8 0x60 0xff at 33
flowid 1:10
$TC filter add dev $DEV parent 1:0 prio 1 protocol ip u32 match ip
protocol 6 0xff match u16 0x0000 0xffc0 at 2 match u8 0xb8 0xff at 33
flowid 1:10
# outgoing DNS rule 
$IPT -t mangle -A MYOUT -p udp --dport domain -j CLASSIFY --set-class 1:20 

# cheap outgoing ping rule 
$IPT -t mangle -A MYOUT -p icmp -j CLASSIFY --set-class 1:20 

# outgoing ssh connection rule 
$IPT -t mangle -A MYOUT -p tcp --sport ssh -j CLASSIFY --set-class 1:20 
$IPT -t mangle -A MYOUT -p tcp --dport ssh -j CLASSIFY --set-class 1:20 

# outgoing P2P rules -- these are close to last b/c they use
relatively costly layer 7 matching
$IPT -t mangle -A MYOUT -m layer7 --l7dir /etc/l7-protocols/protocols
--l7proto directconnect -j CLASSIFY --set-class 1:40
$IPT -t mangle -A MYOUT -m layer7 --l7dir /etc/l7-protocols/protocols
--l7proto fasttrack -j CLASSIFY --set-class 1:40

# outgoing default rule - unmarked packets get schleped into lowest prio 
$IPT -t mangle -A MYOUT -m mark --mark 0 -j CLASSIFY --set-class 1:30 

# All done, exit ok 
exit 0 
'

More information about the asterisk-users mailing list