Work around ISP QoS limitations

ISPs which enforce QoS limitations suddenly, without alerting the customer, are abusing their force. QoS limitation is not a bad thing, from the ISP’s point of view, but changing the customer deal without notifying him seems to me to be unfair.

This is a recipe for a QoS workaround.

Ingredients:

  • One fast Internet connection which is not used to its full capacity
  • Defined target service provider. I use Giganews as an NNTP, which is the fastest method of obtaining content today. You should have the service list of IPs. Luckily, Giganews use only two IP addresses
  • One “evil” ISP which enforces QoS for external targets
  • One server in the ISP’s hosting farm, which has no speed or transfer limitations, and is probably not bound by the ISP’s QoS
  • For a better looking dish – some graphing solution, such as Cacti or MRTG

Directions:

  • Setup OpenVPN Server on the hosted server
  • Setup OpenVPN Client on your NNTP/Other service client (your desktop, your Linux router, etc) – This can also be a Windows machine, but configuration varies a bit.
  • Define, in your OpenVPN client.conf line(s) which look like this:

route <SERVICE_IP>

route <SERVICE_IP2>

  • If this is a router machine, activate NAT on it. Of course – remember to set this rule to work after reboot too!

iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE

  • For your good feeling, try to pickup data from before and after, and compare.
  • Start the OpenVPN Service on the server, on the client, and restart your NNTP/Other service downloads.
  • Serve with a smile :-)

The result dish is both tasty and good looking! see below:

QoS_override.png

A word of warning – OpenVPN is a VPN tool. As such, it uses encryption and varios methods which are very secure. This means that for high througput, such as mine (about 10Mb/s) you will see the impact on the router/workstation’s CPU. Under virtualization, I get about 2% additional system CPU utilization from a 2x3GHz Xeon CPU. For older router devices this could result in an overworked router. I am so glad I got rid of my old P2 350MHz router in favor of the virtualized one.

Tags: , , , , , , , , ,

3 Responses to “Work around ISP QoS limitations”

  1. alteisen Says:

    Hey, nice article about QoS.
    I got a problem which my isp limiting the QoS for only 512kbps without data plan.
    With your above workaround can i do the same thing with mobile broadband?

  2. ez-aton Says:

    No. Probably not. Their limitation is global – any outbound or inbound traffic, I assume. You cannot work around it.
    The solution suggested solves a specific home-user -> targets outside country where he is being throttled with other users under strict QoS. In this case, using an external server, local to that country, but without throttling outside, gives you a very nice bandwidth (but not that good latency, BTW).
    I assume that the only method you can have is if your broadband provider will allow you access to another broadband device in that same network, and you can run a server/proxy/whatever on it. Then you can route yourself through it. Usually – this is not the case…
    Sorry to disappoint you.
    Ez

  3. alteisen Says:

    Can we do something with the APN?. we have 2 APNs, one with much higher QOS.
    I cant use the other APN though, the connection only runs on certain ipc.
    Any suggestions?

Leave a Reply