I recently upgraded my Linksys E2000 router to Tomato Firmware v1.28.7507 MIPSR2Toastman-RT K26 VLAN-VPN. This includes quite a few default QoS rules.
Today I connected to a customer network using Cisco AnyConnect VPN software, then used Windows Explorer to copy an 40MB file over the VPN. The transfer was extremely slow, averaging under 8 KB/second, which would take over an hour to transfer 40MB.
In Tomato, under QoS > View Details, I saw that there was a lot of data going to UDP port 443. The IP address matched the VPN connection point. The class was Crawl, i.e. the very slowest speed (limited under QoS > Basic Settings to 1% – 5% of outbound bandwidth). Basically, because the traffic was UDP, it was falling through to the very last rule under QoS > Classification:
Looking up the Classification list a bit, I saw that there was a rule designed to identify file transfers on ports 80, 443, or 8080, but it was restricted to TCP only:
I changed that rule to include both TCP and UDP:
After that, the VPN file transfer was correctly classified as FileXfer, which is allowed to use 5% – 70% of the bandwidth:
This allowed the transfer to zip along at almost 100 KB/sec, or 7 minutes to transfer 40MB.
Pingback: Complex QOS rules considered harmful | nelsonslog