DrayTek Vigor 165 QoS setup

It looks the DrayTek Vigor 165 xDSL modem/router supports some QoS features, despite the fact the datasheet does not mention them. They are available from the CLI, and partially in the web UI via a bug in the firewall filter setup page.

The CLI gives access to the qos setup, qos class and qos type commands. qos setup is used to enable/disable QoS globally, set the available bandwidth ratio for each of the three available “classes” (a fourth class, “others”, is automatically set with the remaining bandwidth), set the overall bandwith usable by QoS, and a couple of other features.

Once QoS is enabled, and bandwidth assigned to classes, qos class is used to add “rules” to each class to identify which traffic belongs to a given class, and also set the traffic priority – which should prioritize it also. Traffic is assigned using IP addresses and “services” – which are IP protocols and ports sets – i.e. UDP(16000-16255).

Some services are already built in (i.e. SIP, IKE), others can be user defined using qos type.

The Vigor 160 series manual lists other commands which unluckily are not available in the firmware I tested (4.1.1), like qos voip that in other models should enable a specific reserved priority class for VoIP.

Let’s show an example of how to set up QoS for a VoIP ATA attached directly to a port of the Vigor 165. The ATA uses the standard UDP port 5060 for SIP, and UDP ports 16384-16482. The ATA has fixed IP, which is needed to write rules associated to a single device.

First of all, we need to create a “service type” for the used UDP ports, since those are not a standard, and a built-in service does not exist:

qos type -a VoIP_RTP -t 17 -p 16384:16482

This command adds (-a) a type with name “VoIP_RTP” for protocol (-t) UDP (17), and the port range (-p) 16384:16482. This will add an entry in the user defined service types list.  Later they can be used using their list ID.

Now we can add “rules” to a class to match VoIP traffic and thereby assign it to the class, which in turn sets the reserved bandwith, plus a priority. We’ll need two rules, one for the VoIP RTP traffic, and one for the SIP protocol:

qos class -c 1 -n VoIP -a -m 1 -l -u 1 -p 20
qos class -c 1 -a -m 1 -l -s 22 -p 1

The first line adds (-a) a rule to class (-c) 1 naming (-n) it “VoIP”The name is assigned to the whole class, not to the rule, makes it active (-m 1) and assigns to it the local (-l) ATA IP, the VoIP_RTP user defined (-u) service type created before, and the DSCP EF (Expedite Forward) ID (-p). The list of available DSCP IDs can be obtained with  qos class -S. It does also return VLAN priority values that can be used as well.

The second line adds another rule to class 1, for the same IP, this time with built-in service type (-s) 22, which is SIP, and without a specific priority (-p 1). If needed, SIP packets may be prioritized as well. Rules for a given class may be shown using qos class -V <class id>.

Now the whole QoS engine must be configured and started.

qos setup -m 3

enables (-m) the QoS engine in both directions (3). 0 disables it while 1 and 2 enable it only in the IN or OUT directions. When using xDSL, the available bandwidth is automatically  set by the router itself, and can’t be set manually. The maximum bandwidth percentage for each class is set using:

qos setup -r 1:30

which assigns (-r) to class 1 30% of the available bandwidth. This is only enforced only when there is matching traffic for class 1, otherwise can be used by the other classes. The class “Others” gets the remaining bandwidth not assigned to class 1, 2 and 3 automatically.

Two other options of qos setup allows for limiting the bandwith used by UDP traffic (i.e. to avoid a P2P application could starve other connections), and prioritize TCP ACK so connections are not slowed down especially in asymmetric lines like xDSL ones, where available upload bandwidth may not be enough to quickly deliver them otherwise, slowing down or blocking download traffic. qos setup -V can be used to display the actual settings.

How to check if this setup is working from the web UI? There’s a bug in the firewall filter setup page that gives access to the Bandwidth Management page, which is not accessible otherwise. That page is not fully functional, but it does give access to a monitoring page anyway.

  • Click on Firewall in the left menu bar, and then Filter Setup.
  • Open any filter clicking it, and then any rule, even a new one, we’re not going to save any change.
  • Change the Direction by selecting another entry.
  • Below MAC Bind IP, another line Quality Of Service will appear now.
  • Click its link to access the Bandwidth Management >> Quality of Service page.
  • Click on the Status link under General Setup, WAN1. A dynamically updated page will show the bandwidth used by each class.
This page should not exist in the Vigor 165…

The Quality Of Service page will also show the settings made before, but it will throw some errors when attempting to modify them from here. For example the class rules editing page is missing, and trying to access it will return a 404 error. Trying to save changes in this page will show an error complaining the SIP port is not setThere are controls for VoIP settings and class rule management simply hidden in the HTML code.. Other settings may clear your actual QoS settings and/or set invalid values. Don’t make changes here, use the CLI.

Disclaimer: while the QoS CLI commands are documented in the Vigor 160 series manual and apparently work, I do not know if QoS is officially supported by DrayTek on these models, if it works fully and properly, and if it could be removed in future firmware releases. The access to the Quality of Service UI page looks to be the result of a bug (really not the only one in the DrayTek UI…), and could be removed as well in the future. Use at your own risk. ​