Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
technical:ppsk-sqm [2024/08/08 05:10] – [PPSK with Bandwidth Limits] systemtechnical:ppsk-sqm [2024/08/08 10:11] (current) system
Line 6: Line 6:
 ----- -----
 ====== PPSK with Bandwidth Limits ====== ====== PPSK with Bandwidth Limits ======
-  * All the pages on PPSK up to now did not touch much on one very important topic. +  * On all  previous pages about PPSK, a very important topic has hardly been addressed
-  * Once we give a user access to our network, we need a way to manage the bandwidth he consumes+  * Once we grant a user access to our network, we need a way to manage the bandwidth they consume
-  * Both captive portal and PPPoE server has the ability to do this and it was designed with the functionality in mind. +  * Both the Captive Portal and the PPPoE server are able to do this and have been developed with this functionality in mind. 
-  * Giving someone access to a WiFi network does not automatically enable you to manage that user'bandwidth. +  * Giving someone access to a WiFi network does not automatically allow you to manage their bandwidth. 
-  * Although we offer advanced features to change a user's assigned VLAN based on their usage during a specified timespan, we still need the ability to limit the speed on a VLAN. +  * Although we offer advanced features to change a user's assigned VLAN based on their usage during a certain period of time, we still need the ability to limit the speed of a VLAN. 
-  * This is where Smart Queue Management (SQM) comes in+  * This is where Smart Queue Management (SQM) comes into play
-  * SQM not only allow us to limit the bandwidth on an interface to the value we choose, it also does queue management, leaving the user with a more pleasant online experience. +  * With SQM, we can not only limit the bandwidth on an interface to the value we choose, but also manage the queues so that the user has a more pleasant online experience. 
 + 
 +====== Options for a MDU deployment ====== 
 +  * The philosophy of RADIUSdesk is to offer a non-disruptive solution that can co-operate with other vendors. 
 +  * The following diagram shows a PPSK solution where the customer has chosen to use PFsense for NAT/DHCP and bandwidth limiting: 
 +{{:technical:ppsk:mdu_overview_scaled.png?nolink|}} 
 +  * We also offer the customer the option of using OpenWrt, which implements SQM. 
 +  * This can then be managed via APdesk. 
 +  * As OpenWrt can run on different architectures or even on a virtual machine, it offers us even more possibilities:{{:technical:ppsk:arrow_sqm1.png?nolink|}} 
 +  * Lets take a closer look at SQM on OpenWrt 
 + 
 +====== SQM on OpenWrt ====== 
 +The following sections are a brief summary of information from this wiki page (https://openwrt.org/docs/guide-user/network/traffic-shaping/sqm) and from our own experiments. 
 +===== Required Packages ===== 
 +  * To make SQM available in OpenWrt, you need the package **sqm-scripts**. 
 +  * If you also have Luci on the OpenWrt device, it is recommended to install the additional package **luci-app-sqm**. 
 +  * This will install the Luci SQM package which is well developed and provides you with an intuitive way to apply SQM to selected interfaces via the Luci web interface. 
 +===== Config File ===== 
 +  * Essentially, the SQM application in Luci manipulates the UCI-based configuration file **/etc/config/sqm** and starts and stops the SQM service to apply these settings. 
 +  * Let's take a look at an excerpt from the sqm configuration file: 
 + 
 +<code bash> 
 +config queue 'br_ex_v104' 
 +    option interface 'br-ex_v104' 
 +    option enabled '1' 
 +    option script 'piece_of_cake.qos' 
 +    option linklayer 'none' 
 +    option verbosity '5' 
 +    option upload '4096' 
 +    option download '4096' 
 +    option debug_logging '0' 
 +    option qdisc 'cake' 
 +</code> 
 + 
 +  * Some notes on this snippet: 
 +        * The queue discipline is CAKE. There are also other options like fq_codel that you can use if performance is an issue. 
 +        * The upload and download values are in kbps, so this snippet limits the value to 4Mbps (4*1024) 
 +        * The script to set up the SQM (based on the settings in the /etc/config/sqm file) is called **piece_of_cake.qos**. 
 +        * The SQM section is applied to the **br-ex_v104** interface, which is actually a bridge. 
 +    * Let us take a look at the /etc/config/network file to learn more about the br-ex_v104 interface. 
 + 
 +<code> 
 +config device                          
 +    option type 'bridge'           
 +    option name 'br-ex_v104'       
 +    option stp '0'                 
 +    list ports 'eth1.104'          
 +                                       
 +config interface 'ex_v104'             
 +    option device 'br-ex_v104'     
 +    option proto 'static'          
 +    option ipaddr '10.200.105.1'   
 +    option netmask '255.255.255.0' 
 +</code> 
 +  * Although the word //interface// is used intuitively in the /etc/config/sqm section, it can also be applied to a //device// such as a bridge. 
 +  * In our case, the br-ex_104 bridge has one port, eth1.104. This port receives traffic from VLAN 104 on eth1 (e.g. when a user connects to a private PSK and the dynamic VLAN assigned to it is 104) 
 +  * The data traffic that runs via this bridge is therefore throttled and managed with SQM. 
 + 
 +Now that we have covered the configuration of SQM, we can take a look at some practical commands under the heading  
 +===== Troubleshooting ===== 
 +  * To start and stop SQM: 
 +<code> 
 +#You might first need to stop it before starting it: 
 +/etc/init.d/sqm stop 
 +SQM: Stopping SQM on br-ex_v104 
 + 
 +#Start it 
 +/etc/init.d/sqm start 
 +SQM: Starting SQM script: piece_of_cake.qos on br-ex_v104, in: 4096 Kbps, out: 4096 Kbps 
 +SQM: piece_of_cake.qos was started on br-ex_v104 successfully 
 +</code> 
 + 
 +  * SQM creates a matching IFB interface with the convention //ifb4-<interface>//. In this way, you can easily determine whether the start was successful. 
 + 
 +<code bash> 
 +#Real interface 
 +ifconfig br-ex_v104 
 +br-ex_v104 Link encap:Ethernet  HWaddr 08:00:27:EA:B7:D5   
 +    inet addr:10.200.105.1  Bcast:10.200.105.255  Mask:255.255.255.0 
 +    inet6 addr: fe80::a00:27ff:feea:b7d5/64 Scope:Link 
 +    UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 
 +    RX packets:0 errors:0 dropped:0 overruns:0 frame:0 
 +    TX packets:8 errors:0 dropped:0 overruns:0 carrier:0 
 +    collisions:0 txqueuelen:1000  
 +    RX bytes:0 (0.0 B)  TX bytes:1088 (1.0 KiB) 
 +#Matching IFB 
 +ifconfig ifb4br-ex_v104 
 +ifb4br-ex_v104 Link encap:Ethernet  HWaddr AA:93:EE:2A:4D:E6   
 +    inet6 addr: fe80::a893:eeff:fe2a:4de6/64 Scope:Link 
 +    UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1 
 +    RX packets:0 errors:0 dropped:0 overruns:0 frame:0 
 +    TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 
 +    collisions:0 txqueuelen:32  
 +    RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B 
 +</code> 
 +  * To get stats on SQM, you can use the tc command: 
 +<code bash> 
 +tc  -s qdisc show dev br-ex_v104 
 +</code> 
 + 
 +  * This brings us to the end of SQM's section in OpenWrt. 
 +  * In RADIUSdesk we have taken this knowledge and created the SQM Profiles applet, which makes managing SQM in MESHdesk and APdesk a breeze. 
 +  * There is a special page for SQM Profiles that allows you to apply limits in no time at all. 
 + 
 + 
 + 
 + 
 + 
 +   
  • technical/ppsk-sqm.1723086602.txt.gz
  • Last modified: 2024/08/08 05:10
  • by system