search

lynxthecat / cake-wg-pbr

Set up CAKE in the context of WireGuard with PBR
5 stars 1 forks source link

[Question] Does Cake in cake-wg-pbr use CAKE-autorate and cake-dual-ifb ? #1

Closed Rexadev closed 1 year ago

Rexadev commented 1 year ago

https://github.com/lynxthecat/cake-dual-ifb https://github.com/lynxthecat/CAKE-autorate

lynxthecat commented 1 year ago

cake-wg-pbr and cake-dual-ifb are alternative solutions for setting up cake. Either are compatible with cake-aurorate, which sets the cake bandwidth for variable rate connections.

What sort of setup do you have?

Rexadev commented 1 year ago

Either are compatible with cake-aurorate

I have to install both cake-wg-pbr and cake-aurorate (or cake-dual-ifb) to use cake-aurorate(or dual-ifb) in cake-wg-pbr. Also Does cake-dual-ifb has cake-autorate if not how can I use both cake-aurorate and cake-dual-ifb

What sort of setup do you have?

Didn't know about these packages. Planning to switch. It solved the doubt I had about SQM working with VPN (https://www.reddit.com/r/openwrt/comments/10ovydt/cakeqos_vpn_on_routerclients_does_it_work/). Currently using QoSify

@lynxthecat

lynxthecat commented 1 year ago

So with a VPN you can use either cake-wg-pbr or cake-dual-ifb (but not both), which sets up cake, and then you use cake-autorate to control the bandwidth of cake with a variable rate connection.

cake-wg-pbr is much simpler to setup than cake-dual-ifb.

Rexadev commented 1 year ago

Just to confirm I understand how this package works

when using Wireguard, PBR, CAKE (QoSify or SQM or something eles). It is by default

Client>Router>PBR>QoS/SQM>WAN ------Split----------->VPN

But when using cake-wg-pbr it is

Client>Router>PBR>QoS/SQM>WAN ------------Split----------------->VPN

That is when using separate packages QoS/SQM harms VPN traffic performance but VPN traffic is unaffected when using cake-wg-pbr. Am I right ? If yes, Why isn't that the default behavior ?

@lynxthecat

lynxthecat commented 1 year ago

Hmm, I can't follow your nomenclature. Basically if you just use default SQM, cake cannot distinguish the encrypted flows as all encrypted flows are bundled into one stream.

cake-wg-pbr operates as follows: for download, cake-wg-pbr combines the non-VPN flows (from wan) with the VPN flows in their unencrypted state (from the VPN interface); and for upload it relies upon skb->hash preservation, thereby to ensure that cake can regulate everything properly notwithstanding the mixture of encrypted and unencrypted flows.

For download, see:

https://github.com/lynxthecat/cake-wg-pbr/blob/2d4555ed1efb77e156b0502f3b939e4926ccc1a6/cake-wg-pbr#L26

For upload, see:

https://github.com/lynxthecat/cake-wg-pbr/blob/2d4555ed1efb77e156b0502f3b939e4926ccc1a6/cake-wg-pbr#L22

See also:

https://lists.bufferbloat.net/pipermail/cake/2020-May/005257.html

https://forum.openwrt.org/t/nftables-and-qos-in-2021/112013/517?u=lynx

Rexadev commented 1 year ago

Reworded the diagram above please answer me @lynxthecat

lynxthecat commented 1 year ago

I still can't follow what you mean or are asking. You could try posting on the OpenWrt forum?