Select class based on DSCP

jayrock · 5 December 2023 12:53

Hello,

I’m not clear how to a DHCP marked packet can be matched to a class based on its DSCP.
Concretely, I would like to prioritize traffic with DSCP 46, 34, and 18.

If I understand correctly from the wiki and this., the IPFire TOS rule sets the TOS instead of honoring it.

Any guidance is welcome.

[EDIT] I solved the problem at hand as I found the service is using a very limited port range. So I’m matching on port. Still, would be interesting to know if I can leverage DSCP.

I got the information by looking at the registry on a Windows machine under HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\QoS. Here you find the DSCP but also port ranges, if set.

Thanks,
Jay

disturbed_end · 21 January 2024 04:06

Here is how i did it. I added the following to makeqosscripts.pl right before the respective TOS sections for both upload and download:

#Upload:
print <<END

    ### SET DSCP RULES UPLOAD
    ##IPTABLES apply DSCP to QOS upload using M32 Module "Offset" & "Filter(HEX) = "USERValue(hex" "-j Module sending to specific Queue Number"
    ##Format note(variables surrounded by <>):
    #iptables -t mangle -A QOS-OUT -m u32 --u32 "0 & 0x00E00000 = <DSCPHEXOFFSET0>" -j mark --set-xmark <CLASSNUMBERINHEX>/0xff00
    ##
    ##EF5x
	iptables -t mangle -A QOS-OUT -m u32 --u32 "0 & 0x00E00000 = 0x00A00000" -j MARK --set-xmark 0x70/0xff00
    ##AF4x
	iptables -t mangle -A QOS-OUT -m u32 --u32 "0 & 0x00E00000 = 0x00800000" -j MARK --set-xmark 0x71/0xff00
    ##AF3x
	iptables -t mangle -A QOS-OUT -m u32 --u32 "0 & 0x00E00000 = 0x00600000" -j MARK --set-xmark 0x72/0xff00
    ##AF2x
	iptables -t mangle -A QOS-OUT -m u32 --u32 "0 & 0x00E00000 = 0x00400000" -j MARK --set-xmark 0x73/0xff00
    ##AF1x
	iptables -t mangle -A QOS-OUT -m u32 --u32 "0 & 0x00E00000 = 0x00200000" -j MARK --set-xmark 0x74/0xff00
    ##END

END
;

#download:
print <<END

### SET DSCP RULES DOWNLOAD
#IPTABLES apply DSCP to QOS download using M32 Module "Offset" & "Filter(HEX) = "USERValue(hex" "-j Module sending to specific Queue Number"
    ##Format note(variables surrounded by <>):
    #iptables -t mangle -A QOS-INC -m u32 --u32 "0 & 0x00E00000 = <DSCPHEXOFFSET0>" -j mark --set-xmark <CLASSNUMBERINHEX>/0xff00
    ##
##EF5x   
	iptables -t mangle -A QOS-INC -m u32 --u32 "0 & 0x00E00000 = 0x00A00000" -j MARK --set-xmark 0xD4/0xff00
##AF4x   
	iptables -t mangle -A QOS-INC -m u32 --u32 "0 & 0x00E00000 = 0x00800000" -j MARK --set-xmark 0xD5/0xff00
##AF3x   
	iptables -t mangle -A QOS-INC -m u32 --u32 "0 & 0x00E00000 = 0x00600000" -j MARK --set-xmark 0xD6/0xff00
##AF2x   
	iptables -t mangle -A QOS-INC -m u32 --u32 "0 & 0x00E00000 = 0x00400000" -j MARK --set-xmark 0xD7/0xff00
##AF1x   
	iptables -t mangle -A QOS-INC -m u32 --u32 "0 & 0x00E00000 = 0x00200000" -j MARK --set-xmark 0xD8/0xff00
##END

END
;

##my updated classes file (because I also wanted to see these in different class graph:

imq0;203;14;14500;290000;;;0;VPN;
imq0;204;15;14500;290000;;;8;Webtraffic;
imq0;210;16;1;290000;;;0;Default;
imq0;220;17;1;290000;;;1;P2P;
red0;102;12;1200;12000;;;8;VOIP;
red0;103;14;1200;12000;;;2;VPN;
red0;104;15;1200;12000;;;8;Webtraffic;
red0;110;16;1;12000;;;0;Default;
red0;120;17;1;12000;;;1;P2P;
imq0;212;2;1;290000;;;0;AF5x;
imq0;213;3;1;290000;;;0;AF4x;
imq0;214;4;1;290000;;;0;AF3x;
imq0;215;5;1;290000;;;0;AF2x;
imq0;216;6;1;290000;;;0;AF1x;
imq0;219;9;1;290000;;;0;BEx;
red0;112;2;1;12000;;;0;AF5x;
red0;113;3;1;12000;;;0;AF4x;
red0;114;4;1;12000;;;0;AF3x;
red0;115;5;1;12000;;;0;AF2x;
red0;116;6;1;12000;;;0;AF1x;
red0;119;9;1;12000;;;0;BEx;