On first try with each Asterisk SIP call, they can't hear me but I can hear them, but on second call everything is fine

Double check your QoS policy making sure you have prioritized SIP traffic on the WAN side.
http://www.dd-wrt.com/phpBB2/viewtopic.php?p=14124

Ok. QoS is enabled. (The reason I thought QoS didn't work well on this router before is that I put the downlink speed in the uplink box and vice versa, making everything slow to a crawl).

Please forgive the lag in communication as I test it for a few days.

QoS is functioning nicely, but I'm afraid the problem still persists on about half the calls. And it happens when there is hardly any traffic on the LAN (to and from WAN).

Double check the iptables  rules on the wrt and see if you can move up the SIP processing higher in the filter rules.
Do you have asterisk connected directly to the wrt device or is it plugged into the network switch ? Does the network switch have QoS capabilities or can you move the asterisk to the router?
i.e. if all data is coming through on one hose, it is harder to prioritize one type of traffic versus another.

I just now moved SIP and RTP to the top of the list in the Services Priority section of the GUI. I'm assuming it's better to do it from command line. What are the commands?

At any rate I'll test it now.

Asterisk is in a Virtual Machine on a host that is connected directly to the wrt router. Moving it to the router is more than I can get into right now. Right now it's neatly packaged in a distro called Trixbox along with Freepbx and a lot of other tools.

What I could possibly do is get the  other NIC working onthe host and give the VM it's own NIC connected directly to the wrt router.

one way is to use
iptables -L --line-numbers
This will list your iptables rules and chains.


then insert the rule above at a specified number
iptables -I <INPUT|OUTPUT|FORWARD|..> rule_number rule

I'm not sure whether there is a way to move rules within iptalbes i.e. shifting a rule from position 10 to position 5.
You could bridge the second host NIC to the VM's NIC

When I use iptables -L --line-numbers the only rules I see listed for SIP are the ports I forwarded. I do not see any QoS info. Do you mean to move those forwarded ports rules higher? Out put attached iptables-rules

According to the the output from cat /proc/net/ip_conntrack QoS was not enabled on my SIP and RTP connections, nor could I get it to enable even though I entered it into the gui several times. Finally, I I set the mac address to premium QoS, and it now shows premium on my connections. I will test it on calls.

So far it has been the same problem. The VM is now bridged to the second NIC. I will test it.

How to keep the host(Ubuntu) traffic off the second NIC? I see that iptables is already there in Ubuntu--should I use that?

If you do not define an IP on the second NIC within Ubuntu it will not have a record of it nor an entry in the routing table.
route print or netstat -rn.

Are the iptables rules block access to the second NIC?

Well, that part worked like a charm! I just disconnected eth3 in network manager and all host traffic stopped on that interface, while the Trixbox traffic remained. Now to test it with calls again...

Well, it has been four days without a mal-connected call. I guess we can call this question closed. Thank you very much!