I'm having a difficult time figuring out how the QoS matcher settings work.
**BUG** - It seems like even the global QoS setting, while the value is being saved, it is not being properly applied post reboot. As seen in my screenshot I have a global QoS of 5000/5000 after a reboot, but I'm able to pull 30x30 up until i hit the save button on the global QoS area.
I've set a router up as shown in my attached png. I cannot get a more specific Rate-limit to apply for a Destination IP address. I've gotten the source address to work properly, right now my speedtests are coming back as 5x2. I haven't been able to figure out exactly what the magic was but, I think there is some further issues with how this data is saved, as seemingly just saving the rule after the rule doesn't get it applied. I think I had to save the global configuration again, to get all the matcher rules applied again as well.
Then for DST traffic destined for a NAT'd private IP just doesn't seem to hit the matcher.
I'll do some more testing with different types of rules and what not, but if nothing else I think we could use some clarifications on the process of saving / applying QoS features as it hasn't been super intuitive, atleast to me.
9. Saved Global Qos (5x2) ------So it seems part of my initial post was wrong in the specifics, it seems like it might be as simple as the router isn't remembering the value of QoS Enable = {X} after a reboot.
10. Added Dst=192.168.11.3 Rate_Limit=2000; Saved matcher rule (5x2) -----Seeminly Its been proved that rebooting is not necessary for getting matcher rules to apply, so I'm going to forgo that action for now.
----I can't think of any other different ways to match traffic to limit the download speed of a specific host behind the LAN binding's NAT rule. Anyone know if this is possible?
Thanks for sharing your feedback and detailed results.
Following is the explanation for QoS Functionality in cnPilot-R200.
Please use firmware version 4.2-R4 for further testing. The QoS setting for rate limit working for Upstream traffic will be shown further. The “Dst. IP Address” is not for LAN port PC hence your testing results were not appropriate. Following is my test topology which I have used while testing.
Please configure R200 router in NAT mode. First of all let me explain how cnPilot Router’s QoS works. This router’s QoS setting rely on iptables. Now in our configuration traffic from LAN(192.168.11.1) weather input stream or output stream – configured policy below will be applied.
As the QoS setting Menu , I configured a upstream traffic of 10240 kbps (10M) ,Now I am using PC1 to send 20M traffic to PC3.We will now observe that the WAN output stream will limit the upstream
I definitely think I understand what you're saying I'm just going to paraphrase what you said to verify this. So the QoS matcher can only match information in the packet originally destined for the router, and not any of the packet information post NAT. In short DST=192.168.11.2 will never result in a match.
So if I want to manipulate traffic destined for PC1 I can only manipulate traffic destined for LAN with the QoS global setting or try to learn the SRC_IP of the traffic thats destined for PC1.
Is there any hope that the Webui will ever give us access to prerouting / post routing chains of Iptables so I could potentially build a solution using packet marks or something?
I've attached a topology of what I'm trying to accomplish but it definitely sounds like its not possible at the moment.
