Skip to main content

SQM for beyond 1 Gbps Lines With OpenWrt

Introduction

If you're here. It's because you want to get SQM for 1400Mbps+ and connections. The reason I'm staying 1400Mbps+ is because that is my current maximum provided by my ISP. This is a write up based on the N100 CPU mini PC I've tested.

If your internet connection is between 300-800 Mbps it is more economical for you to follow the NanoPi guide instead. However if you like having more CPU performance... continue reading!

The N100 CPU does feel like it can handle more than 1400 Mbps. The diagram below demonstrates how you would install any x86 Mini PC as a router in your network stack. Building your home network infrastructure like this, is more reliable and better than consumer routers which try to combine the modem, routing, and wireless all in one.

firefox_tIgLausVr0.png

Pictured Switch - TP-Link 2.5Gbps 8 Port Multi-gigabit switch (Amazon Referral Link) I earn a small commission on these links thank you!

Pictured Access Point - Ubiquiti Unifi 6 Pro (Official Link) Note: If Ubiquiti is out of stock you or if you don't like them, I heard that the TP-Link EAP670 (Amazon Referral Link) from their Omada lines work just as great. I just have never tried it myself as I've been using Ubiquiti APs.

Pictured OpenWrt Device - BeeLink EQ12 Intel N100 Mini-PC (Amazon Referral Link)


What is Bufferbloat and why stop it?

You can skip this section if you already know what this is....

It is lag or ping spikes in video games or zoom calls that is caused when you or someone else uses up all your bandwidth. It could be torrenting, 4k streaming, bulk downloads, or even a speedtest. SQM algorithms (fq_codel or cake) which are available on OpenWrt, can completely mitigate these pings and ensures low latency even under full load. Overall, you do sacrifice a little max speed 5-10% for guaranteed low latencies.

Intel Alder Lake N100 12th Generation Based Mini PCs

Hardware Requirements

The minimum requirement for choosing one of these is as follows

1. Make sure it has at least 2x 2.5Gbps Ethernet ports. Intel Ethernet ports are generally preferred over Realtek ports but Realtek ports will do.

2. You also want to make sure it has a CPU Mark of 5000 or more. And a strong single core performance of 1200+. You can check here: https://www.cpubenchmark.net/cpu_list.php

3. Preferably it would be a low power device that uses < 25 Watts.

Installing OpenWrt

As for installation of software. OpenWrt has an official written guide here: https://openwrt.org/docs/guide-user/installation/openwrt_x86

If you're lost on what to do no worries I can give some pointers. I typically choose the generic-squashfs-combined-efi.img.gz image

I normally would take out the nVME SSD of my miniPC to an external enclosure. Plug it into my primary PC. Then flash the image it to my Router PC's nVME SSD with BalenaEtcher by putting it into an nVME enclosure. Then I would install

4. After OpenWrt is setup and running you just need to enable SQM like so: https://www.stoplagging.com/openwrt-method-fq_codel-cake/

5. As of openwrt 21, in order to utilize all of your routers multicores  you should enable packet steering under network > interfaces > global network options and enable irqbalance to improve performance even further. https://openwrt.org/docs/guide-user/services/irqbalance

What Access Point to Get?

I keep hearing raving reviews about the Ubiquiti APs and use one myself. I have extremely stable WiFi with these and never have to reboot them. Ubiquiti also advertises up to 200 concurrent users as well! If you have a recommendation better than these I'd like to know.

Official Link: https://store.ui.com/collections/unifi-network-access-points/products/unifi-ap-6-lite

If you plan on only having one Ubiquti AP I recommend installing via the phone so you don't have to bother with more complicated things like AP Controllers.

If you're on a budget and can't buy a dedicated AP. You can try turning your old router into an access point by putting it into AP mode instead of routing mode. This is important because you should be letting the OpenWrt device do the routing to prevent bufferbloat not your old router.

Another option you could try that I've heard are good are the TP-Link Omada EAP610s: https://amzn.to/3RWWTY9 I have no real world experience with these as I don't own any. But they are solid products in the /r/homenetworking community.

Facts about WiFi

If you need more coverage you should get more APs not one single AP with a bunch of antennas, because those are marketing gimmicks.

WiFi has limited range due to the physics of their frequency bands.

5Ghz can handle more bandwidth, but will usually be about half the range of 2.4Ghz.

Advanced Cake Configuration

This section is for my own reference and these were recommended by the official docs: https://openwrt.org/docs/guide-user/network/traffic-shaping/sqm-details#sqmqueue_discipline_tab 

Under the Queue Discipline tab of SQM. 
Enable the checkmark for advanced configuration and save& apply. 

This turns on squash_dscp, squash_ingress, ECN on ingress and NOECN on egress. Leave them as defaults as they are good the way they are. (If you have symmetrical fiber then ECN can be enabled on egress.

Next checkmark and enable "Dangerous Configuration" which is below the "Advanced Configuration" section. We are going to disable triple-isolate and enable per host isolation... Here's a short explanation.

To quote the docs, by default, cake will use triple-isolate: “which will first make sure that no internal or internal host will hog too much bandwidth and then will still guarantee for fairness for each host. In that mode, Cake mostly does the right thing. It would ensure that no single stream and no single host could hog all the capacity of the WAN link. However, it can’t prevent a BitTorrent client – with multiple connections – from monopolizing most of the capacity.” You can enable per host isolation, which will identify all source/destination information.

To enable that,
Add the following to the “Advanced option strings” (in the Interfaces → SQM-QoS page; Queue Discipline tab, look for the Dangerous Configuration options):

For queueing disciplines handling incoming packets from the internet (internet-ingress): nat dual-dsthost ingress

For queueing disciplines handling outgoing packets to the internet (internet-egress): nat dual-srchost

For me that means Qdisc options (ingress) I wrote in "nat dual-dsthost ingress" while for
Qdisc options (egress) I wrote in "nat dual-srchost"

Contact

If you need help or consultation please join my rocket.chat server at https://chat.stoplagging.com/invite/zaMu6X you can message me @Starfroz by looking me up under the globe icon after registering and logging in.

image-1609968043493.png