Community discussions

MikroTik App
  4. RouterOS
  5. General

Queue Tree for an idiot

Post Reply
 
travisres
just joined
Topic Author
Posts: 17
Joined: Wed May 29, 2013 11:53 pm

Queue Tree for an idiot

Sun Feb 23, 2014 5:14 am

I'm sure I'm just getting lost in the language, but I can't quite wrap my head around Queue tree.
I just want to be sure that I'm not catching local network traffic in my queue.

I followed the setup as explained in http://forum.mikrotik.com/viewtopic.php ... 63#p371361
and I plan on expanding my mangle rules to fit my environment.

My question at the moment is how to I ensure that I'm only limiting traffic entering and exiting via my WAN interface. Looking at my queues and interface, I have a Queue that is set to limit at 4M. It is showing that it is queueing / dropping packings but my WAN is only showing 2M outbound which makes me think that I'm queueing local data.

Master Upload Queues parent is My Wan Interface
Master Download Q is my local Data Bridge

Queue Tree
What is a bit odd is that a /queue tree print does not show the first rule that appears in Winbox which should read
Code: Select all
0   name="LEVEL_A_DOWN" parent=BR_VOIP packet-mark="" limit-at=0 
     queue=default priority=8 max-limit=4M burst-limit=0 burst-threshold=0 
     burst-time=0s
The actual /queue tree print
Code: Select all
 
Flags: X - disabled, I - invalid 
 0   name="LEVEL_A_UP" parent=ether1-WAN packet-mark="" limit-at=0 
     queue=default priority=8 max-limit=700k burst-limit=0 burst-threshold=0 
     burst-time=0s 

 1   name="LEVEL_B_UP" parent=ether1-WAN packet-mark="" limit-at=0 
     queue=default priority=8 max-limit=400k burst-limit=0 burst-threshold=0 
     burst-time=0s 

 2   name="LEVEL_B_DOWN" parent=BR_DATA packet-mark="" limit-at=0 queue=defaul>
     priority=8 max-limit=2M burst-limit=0 burst-threshold=0 burst-time=0s 

 3   name="LEVEL_C_UP" parent=ether1-WAN packet-mark="" limit-at=0 
     queue=pcq-upload-default priority=8 max-limit=400k burst-limit=0 
     burst-threshold=0 burst-time=0s 

 4  name="LEVEL_C_DOWN" parent=BR_DATA packet-mark="" limit-at=0 
     queue=pcq-download-default priority=8 max-limit=4M burst-limit=0 
     burst-threshold=0 burst-time=0s
Then a bunch of child queues with packet marks with the above as parents

Mangle:
/ip firewall mangle print
Code: Select all
32   ;;; DNS
     chain=prerouting action=mark-connection new-connection-mark=DNS passthrough=yes connection-state=new protocol=udp port=53 

33   chain=prerouting action=mark-packet new-packet-mark=DNS passthrough=no connection-mark=DNS 

34   chain=postrouting action=mark-connection new-connection-mark=DNS passthrough=yes connection-state=new protocol=udp port=53 

35   chain=postrouting action=mark-packet new-packet-mark=DNS passthrough=no connection-mark=DNS 

36   ;;; VOIP
     chain=prerouting action=mark-connection new-connection-mark=VOIP passthrough=yes protocol=udp port=5060,5061,10000-20000 

37   chain=prerouting action=mark-packet new-packet-mark=VOIP passthrough=no connection-mark=VOIP 

38   ;;; VOIP (4)
     chain=prerouting action=mark-connection new-connection-mark=VOIP passthrough=yes dscp=46 

39   chain=prerouting action=mark-packet new-packet-mark=VOIP passthrough=no connection-mark=VOIP 

40   chain=prerouting action=mark-connection new-connection-mark=VOIP passthrough=yes src-address-list=VoIP Addresses 

41   chain=prerouting action=mark-packet new-packet-mark=VOIP passthrough=no connection-mark=VOIP 

42   chain=prerouting action=mark-connection new-connection-mark=VOIP passthrough=yes dst-address-list=VoIP Addresses 

43   chain=prerouting action=mark-packet new-packet-mark=VOIP passthrough=no connection-mark=VOIP 

44   chain=prerouting action=mark-connection new-connection-mark=VOIP passthrough=yes dst-address-list=VoIP Addresses 

45   chain=prerouting action=mark-packet new-packet-mark=VOIP passthrough=no connection-mark=VOIP 

46   ;;; UDP
     chain=prerouting action=mark-connection new-connection-mark=UDP passthrough=yes connection-state=new protocol=udp 

47   chain=prerouting action=mark-packet new-packet-mark=UDP passthrough=no connection-mark=UDP 

48   ;;; ICMP
     chain=prerouting action=mark-connection new-connection-mark=ICMP passthrough=yes connection-state=new protocol=icmp 

49   chain=prerouting action=mark-packet new-packet-mark=ICMP passthrough=no connection-mark=ICMP 

50   chain=postrouting action=mark-connection new-connection-mark=ICMP passthrough=yes connection-state=new protocol=icmp 

51   chain=postrouting action=mark-packet new-packet-mark=ICMP passthrough=no connection-mark=ICMP 

52   ;;; ACK
     chain=postrouting action=mark-packet new-packet-mark=ACK passthrough=no tcp-flags=ack protocol=tcp packet-size=0-123 

53   chain=prerouting action=mark-packet new-packet-mark=ACK passthrough=no tcp-flags=ack protocol=tcp packet-size=0-123 

54   ;;; HTTP
     chain=prerouting action=mark-connection new-connection-mark=HTTP passthrough=yes connection-state=new protocol=tcp port=80,443 
     connection-mark=!HTTP_BIG 

55   chain=prerouting action=mark-connection new-connection-mark=HTTP_BIG passthrough=yes protocol=tcp connection-mark=HTTP 
     connection-bytes=500000-0 connection-rate=200k-100M 

56   chain=prerouting action=mark-packet new-packet-mark=HTTP_BIG passthrough=no connection-mark=HTTP_BIG 

57   chain=prerouting action=mark-packet new-packet-mark=HTTP passthrough=no connection-mark=HTTP 

58   ;;; OTHER
     chain=prerouting action=mark-connection new-connection-mark=OTHER passthrough=yes connection-mark=no-mark 

59   chain=prerouting action=mark-packet new-packet-mark=OTHER passthrough=no connection-mark=OTHER
Top
Post Reply
  4. RouterOS
  5. General