To give internet access to the friends of our Bandits who visit us, I have set up a password free WiFi guest network. This network is made available on all our routers, but bandwidth is throttled to 2 Megabit Download, and 1 Megabit upload speed. This should be plenty for most things but still don’t invite them to sit and see youtube videos while here.
Quality of service is used to throttle the bandwidth, it is hard to understand that dropping internet packets on purpose is the purpose of Quality of service. But it can actually result in a better more stable system, since tcp will adapt to the speed available.
To use Quality of Service we need to install a few packages
opkg update opkg install sqm-scripts lucy-app-sqm
Now we need to configure it, which could be done via the WEB-interface, but doing it via the commandline is quite easy too, here is the content of the config file
ssh root@192.168.2.1 cat /etc/config/sqm config queue 'eth1' option qdisc 'fq_codel' option script 'simple.qos' option qdisc_advanced '0' option linklayer 'none' option enabled '1' option interface 'br-guest' option download '2000' option upload '1000' option debug_logging '0' option verbosity '5'
A new interface has to be defined in /etc/config/network, aswell as configuring a new vlan on the switch
config interface 'guest' option ifname 'eth1.4' option type 'bridge' option proto 'static' option netmask '255.255.255.0' option interface 'guest' option ipaddr '10.0.0.1' config switch_vlan option device 'switch0' option vlan '4' option ports '0t 2t 3t 4t 5t' option vid '4'
Configuring a password free access point is done by adding the block below to /etc/config/wireless
config wifi-iface option mode 'ap' option device 'radio0' option network 'guest' option ssid 'FreeWifi' option encryption 'none' option hidden '1' option isolate '1'
And we need to make these additions to /etc/config/firewall
config zone option name 'guest' option input 'REJECT' option output 'ACCEPT' option network 'guest' option forward 'ACCEPT' config forwarding option src 'guest' option dest 'wan'
And one of the routers (192.168.2.4) have to be configured as a dhcp server
ssh root@192.168.2.4 cat /etc/config/dhcp config dnsmasq option disable '1' option domainneeded '1' option boguspriv '1' option filterwin2k '0' option localise_queries '1' option rebind_protection '1' option rebind_localhost '1' option local '/lan/' option domain 'lan' option expandhosts '1' option nonegcache '0' option authoritative '1' option readethers '1' option leasefile '/tmp/dhcp.leases' option resolvfile '/tmp/resolv.conf.auto' option localservice '1' config dhcp 'wan' option interface 'wan' option ignore '1' config odhcpd 'odhcpd' option maindhcp '0' option leasefile '/tmp/hosts/odhcpd' option leasetrigger '/usr/sbin/odhcpd-update' config dhcp 'lan' option interface 'lan' option ignore '1' config dhcp 'guest' option interface 'guest' option start '100' option limt '150' option leasetime '12h' option dhcpv6 'server' option ra 'server' config dhcp 'dk' option interface 'dk' option ignore '1'
That is all for now
You must be logged in to post a comment.