Shaping programs with wide port ranges
-
So I have been diligently adding programs to my firewall floating rules to put them neatly into the appropriate queues in the traffic shaper.
Then I tried adding Blizzard's Overwatch. According to this:
https://us.battle.net/support/en/article/300479UDP port range: 12000-64000. Seriously :o? But it turns out that yes, seriously >:(. Primary game data is sent using this range. I added all of the other ports to my firewall rules but the high priority Games queue remained pretty quiet and the low priority Default queue was pushing plenty of data.
How are you supposed to shape something like this? Assigning a range that wide is just obviously silly.
-
I used DSCP to mark all traffic from Overwatch in Windows, then
gpedit.msc
When I didn't use tagging, it only assigned the queue on the LAN side, but not the WAN. Don't forget to enable QoS on your interface in Windows.
-
Many thanks Harvy66! That's a very elegant solution :)
I did a quick test at work and had windows marking packets no problem. But then when implementing it I hit two snags:
-
One of the client machines is Windows 10 Home which does not have group policy editor. But installing it apparently works (https://www.youtube.com/watch?v=oqk3vtTYfzY for other people's reference).
-
Windows will only apply the DSCP marks when connected to a domain >:(
There are solutions on the net to address this, with the most popular one appearing to be:
https://support.microsoft.com/en-gb/help/2733528/policy-based-qos-not-working-in-windows-7-clients
This also is mentioned in a few spots as a solution:
https://technet.microsoft.com/en-us/library/bb964018(v=office.12).aspxNeither worked for:
Windows 7 Pro Laptop (which does work when connected to my work domain)
Windows 10 Home + gpedit installA severfault on the issue has someone with two machines, same settings, different results:
https://serverfault.com/questions/769843/cannot-set-dscp-on-windows-10-pro-via-group-policyAnyone here managed to get around this problem?
-
-
I have Win10 Pro and I never directly configured anything about domains. I do have a homegroup setup and the current network is firewalled as "private".