From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-1" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 2A9C921F759 for ; Mon, 27 Jul 2015 00:10:23 -0700 (PDT) Received: from u-089-d061.biologie.uni-tuebingen.de ([134.2.89.61]) by mail.gmx.com (mrgmx102) with ESMTPSA (Nemesis) id 0Ldspr-1YbnUO417D-00j4pq; Mon, 27 Jul 2015 09:10:20 +0200 Content-Type: text/plain; charset=windows-1252 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) From: Sebastian Moeller In-Reply-To: <1437913934406.cb259c98@Nodemailer> Date: Mon, 27 Jul 2015 09:10:16 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <5DFF587C-5549-4B14-BF1A-816FA1A705EE@gmx.de> References: <55B4A43B.7050204@gmail.com> <1437913934406.cb259c98@Nodemailer> To: Alec Robertson X-Mailer: Apple Mail (2.1878.6) X-Provags-ID: V03:K0:QpJeA7ifPvQmwfhula+4fKi6DHnshzqr4fXXPmpY1qVzaHmoZsb vTWzpw3v/Dft0TWVDCorhgVGWRrU6dmouk8aC30jPX3Ec/ppJ5K5XmdEC/N4/3M2FXI0M5J wj8ildmsuq5cHy+JxsZ8PvEcDe+DZ3uUyOa77pFkqOe/PcecTwjqanu+uvvJPNOdnQyCNsU Qycfd7p7wNObsLtyAY9BQ== X-UI-Out-Filterresults: notjunk:1;V01:K0:yGriq/7b24g=:BRVyVbiWSmNphtc9iKnKtt gT66bZOdz3AUJcRoNiczhfwHAA5ud0EtUzIvO2v7nRuCeq9/69QtwEoK1YYeWjPsoXRb1rrO1 dS1i0PyZxhO0j2MS8ItmsZyM4Cbl+orP/KviHc7eUiuKtPzEiVfkOe/cJOw7SAlp+pqSHbvnV OjKCPZhdpNTsDY/HFBtWIZhPmSpZB4trZ2gajqKgnOL2JmE76xX+BM5p3pDJSe7eFq9EGUgIu EKTcMALfmxpxFkdbgaJU4e2x/eqsc5aMvyRa5uEMZkwimXHhOz+L9e9k9X/Rwiz/XFUMTCO+V 80o0fsdvtHovvjwIezeQseH6siicPj2C7ottsXPPw+2838d4bvz7rZvXRJ+gDmRigbVR6a+8J 0oO9iF5siobwU8H3czJvvOHhGA5d/Cz9D41jkPXWByGD58iDWHoSfkE1ZeICrQEA01lcQI/Oh BZPtXo+thmWoet1QWRZOEQm6h8QYIzuhFEETCEpIq0l1BRVxeuGXqUcyM8EC1Kye0a2E9ulHi 3KPUzBHNGQWVzU+q1PWg1bUGphJymvSDWnKpA/FI5iCtyI+q091LY3aLKjr4N6GKFy73XEM9Z F+3e7Scx3nhCivysAmbWaP4QlTj2rokPZtovbrRd41StNA/EXmlMIXNkgUFbUjXNKMfDkCeOb OcPLwg9CyVzpSppUP0gdYyDrE1o2zv5WhiqQm4SlNjjKHKx1AlxkSv+CFa+cp3goh3/k= Cc: cake@lists.bufferbloat.net Subject: Re: [Cake] How to test Cake on TP-Link WDR3600 X-BeenThere: cake@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Cake - FQ_codel the next generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2015 07:10:53 -0000 Hi Alec, On Jul 26, 2015, at 14:32 , Alec Robertson = wrote: > Am I right to assume that with Cake more bandwidth should be available = to use, without affecting latency? This depends; compared to not using SQM you will loose some = bandwidth, BUT the latency should stay nicely bound. The main = improvement in a nutshell is that with properly configured SQM (with = cake being the easiest to setup variant with lots of clever tricks under = the hood) your link will still stay reasonably snappy even under = saturating load. In other words the links keeps useable when you = actually use it, most people consider the typically required bandwidth = sacrifice of 10-15% for downstream acceptable=85 By the way, if I could convince you to post the results of the = following commands run on your router via ssh: cat /etc/config/sqm /etc/init.d/sqm stop tc -d qdisc /etc/init.d/sqm start tc -d qdisc I would be delighted ;) Best Regards Sebastian >=20 > -- > Alec Robertson >=20 >=20 > On Sun, Jul 26, 2015 at 10:11 AM, Alan Jenkins = wrote: >=20 >=20 > >> Quick sub-question (off-topic so my apologies), this firmware I=92m = using that I linked to previously, has HTTPS enabled which means every = time I go to Luci I get a security error in Chrome. How do I disable = HTTPS?=20 > > I would say you do not disable it, but rather look why chrome = complains (it might be that chrome dislikes self-signed certificates) = and try to convince chrome to accept the certificate nevertheless. Or = you could try firefox ;)=20 >=20 > Firefox is the definitely the simplest browser for this, it's the only=20= > one I've used. Just click through the instructions. A "permanent=20 > exception" is the default, which should actually help security. Feels=20= > ironic as I remember Firefox moving first on this & hence complaints=20= > about the scary warning messages etc.=20 >=20 > Searching instructions for Chrome on Linux ("ssl exception" OR "self=20= > signed certificate") they use a certutil command. Internet Explorer=20 > will use the Windows cert store, same with Chrome on Windows. (If you=20= > can add to the store using IE, that may be simplest & will cover = both).=20 >=20 > Additional requirement for those methods should be that the cert CN=20 > matches the URL you access. Not sure about Chrome, but for general=20 > paranoia you should check that CN / common name / "issued to" doesn't=20= > say "*" i.e. "everywhere".=20 >=20 > Access the router using `http://hostname` matching the router hostname=20= > (as per /etc/config/system). dnsmasq will let that work. If you've=20 > changed the hostname, re-gen the cert by removing it and restarting.=20= >=20 > rm /etc/uhttpd.crt /etc/uhttpd.key=20 > /etc/init.d/uhttpd restart=20 >=20 > Alan=20 >=20 > _______________________________________________ > Cake mailing list > Cake@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cake