Community discussions

MikroTik App
  4. RouterOS
  5. General

Simple Queue Graphing of outgoing Proxy traffic

Post Reply
 
rileonar
newbie
Topic Author
Posts: 26
Joined: Wed Oct 12, 2005 11:22 am

Simple Queue Graphing of outgoing Proxy traffic

Fri Apr 18, 2008 1:37 pm

Hi,

I had 2 issues, cross-related:

1) Keep a graph of bandwidth used by web-proxy service
2) Limit that bandwidth to a maximum amount

First I setup the issue 1):

Mangle the packets involved in the traffic (download and upload):

/ ip firewall mangle add chain=output action=mark-packet new-packet-mark=Proxy-to-Ext \
passthrough=yes out-interface=External src-address=<public-address> dst-port=80 \
protocol=tcp comment="" disabled=no
/ ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=Ext-to-Proxy \
passthrough=yes in-interface=External dst-address=<public-address> src-port=80 \
protocol=tcp comment="" disabled=no

Display them via simple queues:

/ queue simple add name="Proxy Upload" dst-address=0.0.0.0/0 interface=all parent=none \
packet-marks=Proxy-to-Ext direction=both priority=8 \
queue=default-small/default-small limit-at=0/0 max-limit=0/0 \
total-queue=default-small disabled=no
/ queue simple add name="Proxy Download" dst-address=0.0.0.0/0 interface=all parent=none \
packet-marks=Ext-to-Proxy direction=both priority=8 \
queue=default-small/default-small limit-at=0/0 max-limit=0/0 \
total-queue=default-small disabled=no

NOTE: that works good, but obiouvsly without any bandwidth limitation. Then I tried to address issue 2), via Queue Tree:

/ queue tree add name="Proxy-to-Ext" parent=Out-Ext packet-mark=Proxy-to-Ext limit-at=0 \
queue=default priority=8 max-limit=3000000 burst-limit=4000000 \
burst-threshold=2000000 burst-time=5s disabled=no
/ queue tree add name="Ext-to-Proxy" parent=global-in packet-mark=Ext-to-Proxy limit-at=0 \
queue=default priority=8 max-limit=3000000 burst-limit=4000000 \
burst-threshold=2000000 burst-time=5s disabled=no

Here is the problem. The bandwidth limitation works great, but as I added those rules the "Proxy Download" simple queue (and this one only!) suddently stop working: 0 bytes captured and of course the graph is flat from that point on.

The strange thing is that the broken simple queue still seems to get the traffic: the "Total Statistics" section in winbox ("Proxy Download" total-rate value) dynamically show exactly the same values captured by mangle rule, it but doesn't use that to build the graph.

So it seems that if I arrange to solve issue 2), half and only half of 1) is broken.
Does anybody know how to get both together?

Many thanks in advance for any hint.

Riccardo
Top
Post Reply
  4. RouterOS
  5. General