I have three interfaces:
1. DSL 1000/256
2. LAN - wired lan (192.168.0.0/24)
2. WLAN - wireless lan (192.168.1.0/24)
I want to cut the p2p transfer for both lan na wlan for 256/32 kbp (togehther)
Currenctly I made limit for each connection separatly.
Do you know how to do that without making a bridge ?
The same problem I have with prioritization and guarantee traffic.
I mark the connections/flow on each interface separatly.
Thank you for any suggetions.
Martin
IP Firewall rule Mangle
add rule and select all-p2p in Advanced tab.
Add Flow Mark all-p2p Accept.
Go to queue type and add pcq name it download , give 256000 select dst-address and dst-port
also pcq name it upload, give 32000 select src-address and src-port
Go ti queue tree add queue, name it download Flow all-p2p global-in
also do that for upload global-out
Like this, you have marked all-p2p to go through queue trees which has been limited to 256/32
Cheers...
add rule and select all-p2p in Advanced tab.
Add Flow Mark all-p2p Accept.
Go to queue type and add pcq name it download , give 256000 select dst-address and dst-port
also pcq name it upload, give 32000 select src-address and src-port
Go ti queue tree add queue, name it download Flow all-p2p global-in
also do that for upload global-out
Like this, you have marked all-p2p to go through queue trees which has been limited to 256/32
Cheers...
thx djape.
I made it like that :
ip firewall managle:
p2p=all-p2p action=passthrough mark-connection=p2p_connections
queue type:
4 name="pcq-p2p-download" kind=pcq bfifo-limit=15000 pfifo-limit=50 red-limit=60
red-min-threshold=10 red-max-threshold=50 red-burst=20 sfq-perturb=5 sfq-allot=1514
pcq-rate=256000 pcq-limit=50 pcq-classifier=dst-address,dst-port
5 name="pcq-p2p-upload" kind=pcq bfifo-limit=15000 pfifo-limit=50 red-limit=60
red-min-threshold=10 red-max-threshold=50 red-burst=20 sfq-perturb=5 sfq-allot=1514
pcq-rate=32000 pcq-limit=50 pcq-classifier=src-address,src-port
queue tree :
0 name="p2p_download_limit" parent=global-in flow=p2p_connections limit-at=0
queue=pcq-p2p-download priority=8 max-limit=256000 burst-limit=0
burst-threshold=0 burst-time=0
1 name="p2p_upload_limit" parent=global-out flow=p2p_connections limit-at=0
queue=pcq-p2p-upload priority=8 max-limit=32000 burst-limit=0 burst-threshold=0
burst-time=0
Whats the diffrent between action=passthrough and accept in managle rule?
Examples showed in mikrotik documentation suggess to use passthrough ?
I will try to use gobal-in and global-out option for traffic prioritization (remake the example showed in mt howto).
I made it like that :
ip firewall managle:
p2p=all-p2p action=passthrough mark-connection=p2p_connections
queue type:
4 name="pcq-p2p-download" kind=pcq bfifo-limit=15000 pfifo-limit=50 red-limit=60
red-min-threshold=10 red-max-threshold=50 red-burst=20 sfq-perturb=5 sfq-allot=1514
pcq-rate=256000 pcq-limit=50 pcq-classifier=dst-address,dst-port
5 name="pcq-p2p-upload" kind=pcq bfifo-limit=15000 pfifo-limit=50 red-limit=60
red-min-threshold=10 red-max-threshold=50 red-burst=20 sfq-perturb=5 sfq-allot=1514
pcq-rate=32000 pcq-limit=50 pcq-classifier=src-address,src-port
queue tree :
0 name="p2p_download_limit" parent=global-in flow=p2p_connections limit-at=0
queue=pcq-p2p-download priority=8 max-limit=256000 burst-limit=0
burst-threshold=0 burst-time=0
1 name="p2p_upload_limit" parent=global-out flow=p2p_connections limit-at=0
queue=pcq-p2p-upload priority=8 max-limit=32000 burst-limit=0 burst-threshold=0
burst-time=0
Whats the diffrent between action=passthrough and accept in managle rule?
Examples showed in mikrotik documentation suggess to use passthrough ?
I will try to use gobal-in and global-out option for traffic prioritization (remake the example showed in mt howto).
Guarantee and prioritize traffic conf:
ip firewall mangle
HTTP mark on wlan and lan interfaces:
in-interface=wlan1 dst-address=:80 protocol=tcp action=passthrough
mark-connection=http-connections
in-interface=lan dst-address=:80 protocol=tcp action=passthrough
mark-connection=http-connections
HTTP Flow:
protocol=tcp connection=http-connections action=passthrough mark-flow=http
POP3 mark on wlan and lan interfaces:
in-interface=wlan1 dst-address=:110 protocol=tcp action=passthrough
mark-connection=pop3-connections
in-interface=lan dst-address=:110 protocol=tcp action=passthrough
mark-connection=pop3-connections
POP3 Flow:
protocol=tcp connection=pop3-connections action=passthrough mark-flow=pop3
I created two queues:
2 name="http-queue" parent=global-in flow=http limit-at=614400 queue=default priority=7 max-limit=1024000 burst-limit=0 burst-threshold=0 burst-time=0
3 name="pop3-queue" parent=global-in flow=pop3 limit-at=307200 queue=default priority=7 max-limit=1024000 burst-limit=0 burst-threshold=0 burst-time=0
Problem:
I want to quarantee traffic for both my subnets/interfaces (together).
The global-in parent isnt work properly.
I dont know what to do
Do you have some solution / suggestions ?
Martin
ip firewall mangle
HTTP mark on wlan and lan interfaces:
in-interface=wlan1 dst-address=:80 protocol=tcp action=passthrough
mark-connection=http-connections
in-interface=lan dst-address=:80 protocol=tcp action=passthrough
mark-connection=http-connections
HTTP Flow:
protocol=tcp connection=http-connections action=passthrough mark-flow=http
POP3 mark on wlan and lan interfaces:
in-interface=wlan1 dst-address=:110 protocol=tcp action=passthrough
mark-connection=pop3-connections
in-interface=lan dst-address=:110 protocol=tcp action=passthrough
mark-connection=pop3-connections
POP3 Flow:
protocol=tcp connection=pop3-connections action=passthrough mark-flow=pop3
I created two queues:
2 name="http-queue" parent=global-in flow=http limit-at=614400 queue=default priority=7 max-limit=1024000 burst-limit=0 burst-threshold=0 burst-time=0
3 name="pop3-queue" parent=global-in flow=pop3 limit-at=307200 queue=default priority=7 max-limit=1024000 burst-limit=0 burst-threshold=0 burst-time=0
Problem:
I want to quarantee traffic for both my subnets/interfaces (together).
The global-in parent isnt work properly.
I dont know what to do
Do you have some solution / suggestions ?
Martin
Q : "Whats the diffrent between action=passthrough and accept in managle rule?"
A: Well, when you do Accept, if rule is matched it will start working, if you do Passthrough it will go to next rule you have added in mangle.
Try with Accept and I am pretty sure that each rule with match pcq...
Note that when you do global-in and global-out in queue tree ( for mangle rules you have added) simple queue will not work!!!
Cheers...
P.S. I am not 100% sure that I am advising you well. Currently I am very busy, so no time to try it myself...
A: Well, when you do Accept, if rule is matched it will start working, if you do Passthrough it will go to next rule you have added in mangle.
Try with Accept and I am pretty sure that each rule with match pcq...
Note that when you do global-in and global-out in queue tree ( for mangle rules you have added) simple queue will not work!!!
Cheers...
P.S. I am not 100% sure that I am advising you well. Currently I am very busy, so no time to try it myself...