Giters

openwrt / packages

Community maintained packages for OpenWrt. Documentation for submitting pull requests is in CONTRIBUTING.md

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

nft-qos: In static type limit by IP, the `Default Download/Upload Rate` unfunctional.

Mosney opened this issue · comments

commented

Maintainer: @neheb @wulfy23 @champtar @lzto @ldir-EDB0 @rosysong

Environment:

➜   cat /etc/os-release
OPENWRT_ARCH="x86_64"
OPENWRT_RELEASE="OpenWrt 23.05.3 r23809-234f1a2efa"

➜   uname -a         
Linux OpenWrt 5.15.150 #0 SMP Fri Mar 22 22:09:42 2024 x86_64 GNU/Linux

➜   opkg list-installed |grep nft-qos
luci-app-nft-qos - git-23.208.55544-596088f
nft-qos - 1.0.6-4

Description:

luci->service->QoS over Nftables
 ->NFT-QoS Settings
  ->Limit Rate by IP Address
    -> Limit Type: static

In static type limit by IP, the Default Download/Upload Rate unfunctional.

From my understanding, default download/upload rates are the rates for all IPs not specifically listed below. For instance below, 10.0.0.160 has limit "3m/s down, 3m/s up", other IP, like 10.0.0.170, has limit "10m/s down, 1m/s up" according default rate limit setting.

But by my test, this default rate does not take effect for any IP, another way, any IPs not listed below have no rate limit at all.

And nftables has no "10 mbytes/second" or "1 mbytes/second" rule, seems can prove my test result too.

➜   uci show nft-qos
nft-qos.default=default
nft-qos.default.limit_enable='1'
nft-qos.default.limit_mac_enable='0'
nft-qos.default.priority_enable='0'
nft-qos.default.limit_type='static'
nft-qos.default.static_rate_dl='10'
nft-qos.default.static_unit_dl='mbytes'
nft-qos.default.static_rate_ul='1'
nft-qos.default.static_unit_ul='mbytes'
nft-qos.@upload[0]=upload
nft-qos.@upload[0].hostname='jdcu'
nft-qos.@upload[0].rate='3'
nft-qos.@upload[0].unit='mbytes'
nft-qos.@upload[0].ipaddr='10.0.0.160'
nft-qos.@download[0]=download
nft-qos.@download[0].hostname='jdcd'
nft-qos.@download[0].rate='3'
nft-qos.@download[0].unit='mbytes'
nft-qos.@download[0].ipaddr='10.0.0.160'

➜   nft list table inet nft-qos-static
table inet nft-qos-static {
        chain upload {
                type filter hook postrouting priority filter; policy accept;
                ip saddr 10.0.0.160 limit rate over 3 mbytes/second drop
        }

        chain download {
                type filter hook prerouting priority filter; policy accept;
                ip daddr 10.0.0.160 limit rate over 3 mbytes/second drop
        }
}

In conclusion

If it's designed, luci-app-nft-qos should delete those useless setting entries.
If not, nft-qos package should add some nft rules, I think.

Thanks for your time, please tell me if any more info needed.