QOS

tadpole · Wed Apr 13, 2016 11:21 am

Im trying to put together a basic (and i mean really basic) QOS, I want to try and limit all other traffic and prioritize browsing.

I see that on some examples packets and connections are marked ...my question is why? Is there a time when you mark the connection only and other times just the packets?

 ;;; http traffic connection mark
      chain=prerouting action=mark-connection new-connection-mark=http 
      passthrough=yes protocol=tcp src-address-list=internal-nets 
      dst-port=80,443 log=no log-prefix="" 

 ;;; http traffic connection mark
      chain=prerouting action=mark-connection new-connection-mark=http-download 
      passthrough=yes protocol=tcp src-address-list=internal-nets 
      dst-port=80,443 connection-bytes=5000000-4294967295 log=no log-prefix=""

  ;;; http in packet mark
      chain=prerouting action=mark-packet new-packet-mark=http-in 
      passthrough=no in-interface=ether1 connection-mark=http log=no 
      log-prefix="" 

 ;;; http out packet mark
      chain=prerouting action=mark-packet new-packet-mark=http-out 
      passthrough=no connection-mark=http log=no log-prefix=""

For the marking then

   name="in" parent=global packet-mark="" limit-at=0 queue=default-small 
   priority=8 max-limit=10M burst-limit=0 burst-threshold=0 burst-time=0s 

   name="http-in" parent=in packet-mark=http-in limit-at=3M queue=default 
   priority=4 max-limit=10M burst-limit=0 burst-threshold=0 burst-time=0s 
   
   name="out" parent=global packet-mark="" limit-at=0 queue=default-small 
   priority=8 max-limit=10M burst-limit=0 burst-threshold=0 burst-time=0s
   
   name="http-out" parent=out packet-mark=http-out limit-at=3M queue=default 
   priority=4 max-limit=10M burst-limit=0 burst-threshold=0 burst-time=0s

I believe there are alot of ways to do this and i appreciate any iput or guidance

pe1chl · Wed Apr 13, 2016 11:42 am

Im trying to put together a basic (and i mean really basic) QOS, I want to try and limit all other traffic and prioritize browsing.

That is going to be very difficult. Most "other traffic" is carried as http or https traffic these days.
(of course it depends on what you exactly mean by "other traffic")

I see that on some examples packets and connections are marked ...my question is why? Is there a time when you mark the connection only and other times just the packets?

The advantage of marking a connection is that you need to do it only once, and the mark stays on all traffic belonging
to that connection. When you mark by port number that does not really matter much, but in other cases it can be
more efficient or it can be the only possibility (e.g. when doing L7 data matches).

tadpole · Wed Apr 13, 2016 11:48 am

Hi pe1chl
The main issue i am having is Apple updates destroying bandwidth, so i figured by marking browsing, emails and a few other things give them higher priority then the other traffic (which i hoped would include the Apple update) would get throttled in favour of browsing. I should have given that information initially sorry!

pe1chl · Wed Apr 13, 2016 12:19 pm

I don't know how Apple updates is working, but when it is similar to Microsoft or Linux updates this is not going to work!
(those just fetch their files using https, so they will be matched by your port 443 matching)

tadpole · Wed Apr 13, 2016 12:26 pm

Looks like you are correct with that...darn it...I am going to have to attack this from another angle, maybe IP or Proxy based i think, many thanks for your time!

QOS

QOS

Re: QOS

Re: QOS

Re: QOS

Re: QOS