I have a D-Link DGL-4300 "GamerLounge" router. This page is about the custom rules I've set up to prioritize outbound traffic using the router's GameFuel feature.
But first, let's have a look at my hosts. You will need to know this to make sense of the rules I've set up.
eyehome (.7) is my El Gato EyeHome media player. This machine can surf the Web, but I never use it for that, so I haven't established any rules for it. The EyeHome gets media content from my Mac and plays that, and since that's all on the LAN, the rules wouldn't apply anyway.
roku (.5) is my Roku SoundBridge music player. This machine can connect to the Internet for updates and sometimes does, and it can listen to streaming radio, but it never sends much data out over the Internet. You'l notice I have a rule that assigns all its outbound traffic (which amounts to HTTP stream requests, DNS lookups, and ACKs) to priority 100. This is the highest priority used for anything but the Vonage adapter (and equal to the priority used for DNS lookups and outbound ICMP from any host). Basically, I want to make sure the ACKs for HTTP streams can get out even if I'm uploading something, so I prioritize them above most of my usual traffic.
ata (.4) is the Vonage analog telephone adapter (ATA). All outbound traffic from it gets assigned a priority of 50, which is the highest priority I use for anything. (I chose 50 so if I ever need to give something an even higher priority in the future, I can use a lower number, but I don't see that happening.)
ore (.6) is my Win2K box, which serves as my mail/web server. I do not use it as my main machine -- that honor goes to the Mac (named "ingot", see below). All outbound traffic from ore goes at priority 200. However, note that the router evaluates these rules in the order they are listed on the page and stops when it finds the first matching rule. That means that the rules that assign higher priorities to DNS and ICMP do apply to traffic coming from this machine.
ingot (.3) is my Mac (so named because it is an aluminum G5 that weighs sixty pounds) -- the machine I am typing on most of the time when I'm home. My goal with ingot is to prioritize outbound traffic on low-numbered ports above the Web server (but below the ATA), as these are short transmissions like DNS lookups and HTTP requests (and of course ACKs for things I'm downloading) where low latency is important. Accordingly these are given a priority of 150.
Connections to AOL and to AIM (iChat) are also given a priority of 150 -- but only when connecting to the hosts I know AOL uses for these services. Messages sent on the AIM/AOL port to the AIM or AOL host are things I've typed and the occasional status message; these are short transmissions that should have low latency. However, if I'm sending a file to another AIM user, it won't match these rules and will be assigned a priority of 255, the lowest priority -- the same as most other outbound traffic generated by the machine. (This includes, say, BitTorrent traffic, Soulseek, Gnutella -- all use high-numbered ports and are automatically given the lowest priority. I never want anyone unable to get to my Web site [priority 200] because I'm seeding a torrent or something.)
Additionally, you'll find a rule that prioritizes outbound traffic on an inbound ssh connection. This is because I sometimes log into the machine from the office and tunnel to various services on my Mac and my PC, and I want that traffic to have a decent amount of priority, so if I'm ever Slashdotted I can RDC to the PC and throttle the bandwidth a bit, or whatever. Also, I tunnel my home iTunes library over that and listen to it at work, and I don't want heavy hits on my Web site to interrupt my listening pleasure.
Many of the rules I've written for the router are there to deal with the fact that I want some traffic from the Mac to be higher priority than the mail/Web server, but other traffic from the Mac I want to be lower priority than the mail/Web server.
So now let's look at the rules one by one. Keep in mind that these rules apply only to outbound traffic. There is no QoS for inbound traffic on this router. It is easy to forget this, as it kind of looks like the router is letting you assign rules to particular ports on either LAN or Internet machines, but what this means that you can prioritize outbound traffic on connections that were made from outside the network to those ports (e.g. outbound traffic being sent by servers in response to a request) separately from traffic on connections that originated in your network.
To further elaborate, it's very important to understand the difference between the source IP/port (on the LAN) and destination IP/port (on the Internet). Remember that when making a connection to port 80 on an Internet Web server, your computer can use basically any port it feels like using, it doesn't always use port 80 (in fact a well-behaved machine never does, as that is a privileged port). And the other way around, of course; machines that connect to your network on port 80 are connecting from some other port on their end. So if you want to write a rule for HTTP, be sure you know where to put the 80: in the source port if you're want to affect the response from a Web server on your network, in the destination port if you want to affect HTTP requests being sent out to the Internet.
A quirk: these rules are executed from top to bottom, but when you define them new ones are added at the top, so you'll normally want to start with the most general rules and define more specific ones as you go up, or at least make sure that the rules you define later don't completely override earlier-defined rules and make them entirely pointless.
Also note that lower priority numbers equate to higher actual priority (0=highest priority, 255=lowest). If a given connection doesn't match a rule, the priority of the connection defaults to 255, the lowest possible.
Okay, enough preamble, here are the rules I use.
ATA (50): All traffic from the Vonage ATA gets the highest priority. Period. I know how much bandwidth the ATA uses (about 90K at highest quality), and it'll never fill my outbound pipe (768K), so I know I'll always be able to get some other traffic out. This just makes sure the VOIP packets go first if two arrive at the same time, thereby ensuring the best possible real-time performance. (Also notice I put this rule first, so it is checked first and immediately takes effect for VOIP traffic. The DGL-4300 seems like a fast router so this may not have any practical effect, but it can't hurt!)
Roku (100): This rule assigns a priority of 100 to any outbound traffic originating from the Roku SoundBridge. This is normally just HTTP requests, DNS lookups, and TCP ACKs for a stream it's receiving. This keeps Internet radio coming in smoothly but it doesn't take a lot of bandwidth, so again I'm free to give it high priority since it won't affect how much bandwidth I have for other things.
SSH In (150): This rule assigns a priority of 150 to any outbound traffic on an inbound ssh connection (i.e. to my Mac from my office). See the discussion of the host "ingot" above. In theory this traffic can be "outbid" by the Roku and the Vonage ATA, but in reality I'd never be using this at the same time as either of these devices, and in any case there's still plenty of bandwidth left over for my ssh connection even if the other devices were using some.
AOL and AOL 2 (both 150): These two rules give traffic from the Mac to known AOL hosts a priority of 150. This way I can still get on AOL even if someone's hammering my Web server. (Yeah, I have AOL. Yeah, I know a true geek would never admit to that. Save it. Maybe someone in your family uses AOL; aren't you glad I showed you how to set it up?)
DNS (100): All outbound DNS requests (port 53) get a nice high priority. Can't do much with the Internet connection without DNS!
ICMP (100): All outbound ICMP traffic gets high priority. This is going to be pings and traceroutes, basically. Gotta make sure they can get out no matter what I'm otherwise spewing out to the world. (Note that this does NOT prioritize responses to pings and traceroutes from the Internet. Those will never reach any of my machines, as they are blocked at the router. At least I'm pretty sure that's the case.)
AIM (150): This is like the AOL rules above, except for AIM/iChat. As before, it applies only to the Mac. I should probably mention that the Windows version of AOL and/or non-iChat clients may connect to different servers than the Mac versions. If you want to do something similar for your network, you should fire up the clients and check to see where your AOL and chat software actually connect using the Active Sessions page (under Status). You could write similar rules for Yahoo! chat, MSN chat, ICQ, etc. I don't use those apps much so I didn't bother.
Ore (200): This assigns all traffic from my PC, the Web/mail server, a priority of 200. This is lower priority than the "important" stuff on my Mac but higher priority than the "unimportant" stuff on my Mac.
Ingot TCP (150): This prioritizes traffic being sent to low-numbered ports on Internet hosts: HTTP and Usenet requests, ssh, and so on. It's higher than the mail/Web server's requests but lower than DNS or ICMP -- and equal to my inbound SSH connection. Basically this keeps applications like Thoth (Usenet reader) and my Web browser responsive even if my Web server is being Slashdotted or something.
At this point the only outbound traffic that hasn't been assigned a priority is traffic being sent to high port numbers (excluding AOL/AIM connections being made to known AOL/AIM servers) from my Mac, ingot. By default this gets the lowest priority, 255. This way peer-to-peer traffic, for instance, will never overwhelm my ability to serve Web pages or move mail.
I never play online games, and I have lousy latency on my Comcast Internet connection so I'd be forever lagged if I tried, so you'll notice that any rules dealing with games are conspicuously absent from the list above. If you are a gamer and want to use the router to make sure that you don't get lagged, you may be better off just using the automatic mode on the GameFuel page. Alternatively, you could find the port numbers used by the games you play and add rules that assign a reasonably high priority (say 150, in the scheme I'm using, or maybe even 100) to those ports.
Here's another way to look at the way I've set up my router, this time looking at what things are assigned each priority.
Hope this proves useful! Leave comments here.
Update: Version 1.5 and later of the DL-4300 firmware has a validation script in it that prevents "overlapping" rules from being entered (i.e. you can't have two rules that might apply to the same connection). It doesn't allow a ruleset like the one I describe to be entered anymore. Fortunately, this script is only in the browser; the router itself doesn't actually care. So all we need to do is change the JavaScript in the browser to skip the validation step. Create a bookmark in your browser with this as the URL:
javascript:function pageVerify() { return 1; }
Name it "Disable GameFuel Validation" or somesuch. Hit that bookmark immediately after loading the Advanced/Gamefuel page. It'll disable the validation and let you add whatever rules you want. You'll have to access the bookmark to run the script each time you go to the Gamefuel page, of course.
The adventurous might try finding the pageVerify function in the Advanced_Traffic_Shaping.html file in the firmware file and modifying it there. It begins "if (!data.qos_enabled) {" and you could probably just change it so it says "if (1) {" and pad the rest of the line out with spaces. I've not actually tried this; the firmware might be encrypted, compressed, checksummed, or signed, and this technique might not be feasible.