General QOS Script
Anyone have a good general QOS with connection tracking I can use as a starting point for a Home/Office firewall?
-
-
facubertran
just joined
- Posts: 19
- Joined:
- Location: Argentina
- Contact:
Re: General QOS Script
I can share what I have armed, but it is pointed to wisp and punctually to my wisp. We could modify this if I want to.
Mangle
/ip firewall mangle
add action=jump chain=forward comment="Storage PRIO-8" jump-target=Storage \
src-address-list=Storage
add action=jump chain=forward dst-address-list=Storage jump-target=Storage
add action=jump chain=forward comment="Microsoft PRIO-8" jump-target=Storage \
src-address-list=Microsoft
add action=jump chain=forward dst-address-list=Microsoft jump-target=Storage
add action=mark-packet chain=forward comment="PRIORIDAD-1 (ICMP-DNS)" \
new-packet-mark=PRIO_1 passthrough=yes protocol=icmp
add action=mark-packet chain=forward comment="DNS 53" new-packet-mark=PRIO_1 \
passthrough=yes port=53 protocol=udp
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes port=1723 protocol=tcp
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes port=1701 protocol=udp
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes protocol=gre
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes src-address=10.199.0.0/24
add action=mark-connection chain=forward dst-address=10.199.0.0/24 \
new-connection-mark=PRIO_1 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_1 new-packet-mark=\
PRIO_1 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_1
add action=mark-connection chain=forward comment="PRIORIDAD-2 (Winbox)" \
new-connection-mark=PRIO_2 passthrough=yes port=8291 protocol=tcp
add action=mark-connection chain=forward new-connection-mark=PRIO_2 \
passthrough=yes port=8291 protocol=tcp
add action=mark-connection chain=forward comment=Clientes_Especiales \
new-connection-mark=PRIO_2 passthrough=yes src-address-list=\
Clientes_Especiales
add action=mark-connection chain=forward dst-address-list=Clientes_Especiales \
new-connection-mark=PRIO_2 passthrough=yes
add action=mark-connection chain=forward comment=XMPP new-connection-mark=\
PRIO_2 passthrough=yes port=5222 protocol=tcp
add action=mark-packet chain=forward connection-mark=PRIO_2 new-packet-mark=\
PRIO_2 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_2
add action=mark-connection chain=forward comment="PRIORIDAD-3 (DC-PRIO_1)" \
dst-address-list=DC-PRIO_1 new-connection-mark=PRIO_3 passthrough=yes
add action=mark-connection chain=forward new-connection-mark=PRIO_3 \
passthrough=yes src-address-list=DC-PRIO_1
add action=mark-packet chain=forward connection-mark=PRIO_3 new-packet-mark=\
PRIO_3 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_3
add action=mark-connection chain=forward comment="PRIORIDAD-4 (DC-PRIO_2)" \
dst-address-list=DC-PRIO_2 new-connection-mark=PRIO_4 passthrough=yes
add action=mark-connection chain=forward new-connection-mark=PRIO_4 \
passthrough=yes src-address-list=DC-PRIO_2
add action=mark-connection chain=forward content=speedtest.net \
new-connection-mark=PRIO_4 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_4 new-packet-mark=\
PRIO_4 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_4
add action=mark-connection chain=forward comment="PRIORIDAD-5 (DC-PRIO_3)" \
new-connection-mark=PRIO_5 passthrough=yes src-address-list=DC-PRIO_3
add action=mark-connection chain=forward dst-address-list=DC-PRIO_3 \
new-connection-mark=PRIO_5 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_5 new-packet-mark=\
PRIO_5 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_5
add action=mark-connection chain=forward comment="PRIORIDAD-6 (HTTPS)" \
new-connection-mark=PRIO_6 passthrough=yes port=443 protocol=tcp
add action=mark-connection chain=forward comment=Quic new-connection-mark=\
PRIO_6 passthrough=yes port=443 protocol=udp
add action=mark-packet chain=forward connection-mark=PRIO_6 new-packet-mark=\
PRIO_6 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_6
add action=mark-connection chain=forward comment="PRIORIDAD-7 (HTTP)" \
new-connection-mark=PRIO_7 passthrough=yes port=80 protocol=tcp
add action=mark-packet chain=forward connection-mark=PRIO_7 new-packet-mark=\
PRIO_7 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_7
add action=return chain=Storage comment=Storage
add action=mark-connection chain=forward comment="PRIORIDAD-8 (LO DEMAS)" \
new-connection-mark=PRIO_8 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_8 new-packet-mark=\
PRIO_8 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_8
add action=accept chain="Termino de procesar" comment="TERMINO DE PROCESAR"
Address_list
/ip firewall address-list
add address=10.0.0.0/8 list=Privadas
add address=172.16.0.0/12 list=Privadas
add address=192.168.0.0/16 list=Privadas
add address=100.64.0.0/10 list=Privadas
add address=10.1.55.223 list=Clientes_Especiales
add address=200.10.199.0/24 comment=ANSES list=DC-PRIO_1
add address=190.228.28.168/29 comment=AFIP list=DC-PRIO_1
add address=190.228.28.200/29 comment=AFIP list=DC-PRIO_1
add address=190.228.35.112/29 comment=AFIP list=DC-PRIO_1
add address=200.1.116.0/24 comment=AFIP list=DC-PRIO_1
add address=209.13.141.0/26 comment=AFIP list=DC-PRIO_1
add address=190.136.32.240/29 comment="Red Link" list=DC-PRIO_1
add address=200.45.17.0/24 comment="Red Link" list=DC-PRIO_1
add address=199.59.148.0/22 comment=Twiter list=DC-PRIO_2
add address=72.21.80.0/20 comment=Speedtest list=DC-PRIO_2
add address=31.13.85.0/24 comment=Facebook list=DC-PRIO_2
add address=173.194.0.0/16 comment=r1---sn-x1x7snle.googlevideo.com list=\
DC-PRIO_2
add address=190.2.61.64/27 comment="Banco Hipotecario" list=DC-PRIO_1
add address=186.153.165.32/29 comment=Interbanking list=DC-PRIO_1
add address=200.5.196.248/29 comment="Banco Hipotecario" list=DC-PRIO_1
add address=200.124.126.0/24 comment="Banco Hipotecario" list=DC-PRIO_1
add address=200.61.184.0/24 comment=Interbanking list=DC-PRIO_1
add address=201.221.120.0/24 comment=Interbanking list=DC-PRIO_1
add address=104.64.0.0/10 comment=Akamaihd list=DC-PRIO_2
add address=69.171.224.0/19 comment=Facebook list=DC-PRIO_2
add address=64.233.160.0/19 comment="Google (webs-youtube-buscador)" list=\
DC-PRIO_2
add address=172.217.0.0/16 comment=GoogleVideo list=DC-PRIO_2
add address=216.58.192.0/19 comment=Youtube list=DC-PRIO_2
add address=190.98.128.0/24 comment=TelefonicaDC list=DC-PRIO_2
add address=192.16.59.1 comment="Twiter (PBS)" list=DC-PRIO_2
add address=23.192.0.0/11 comment=Akamaihd list=DC-PRIO_2
add address=201.212.0.0/17 comment=PrimaSA list=DC-PRIO_3
add address=200.5.235.216 comment="Bacnco Chubut" list=DC-PRIO_1
add address=52.84.0.0/14 comment=AmazonWS list=DC-PRIO_3
add address=52.32.0.0/11 comment=AmazonWS list=DC-PRIO_3
add address=192.16.48.151 comment=Spootify list=DC-PRIO_1
add address=52.88.0.0/13 comment=AmazonWS list=DC-PRIO_3
add address=209.225.49.0/24 comment=MercadoLibre list=DC-PRIO_3
add address=157.52.64.0/18 comment=Fastly list=DC-PRIO_3
add address=104.156.80.0/20 comment=Fastly list=DC-PRIO_3
add address=151.101.0.0/16 comment=Fastly list=DC-PRIO_3
add address=199.27.72.0/21 comment=Fastly list=DC-PRIO_3
add address=64.125.197.168/29 comment=Fastly list=DC-PRIO_3
add address=8.18.217.0/24 comment=Fastly list=DC-PRIO_3
add address=172.111.64.0/18 comment=Fastly list=DC-PRIO_3
add address=31.222.76.0/23 comment="Greysom Limited" list=DC-PRIO_3
add address=52.64.0.0/12 comment=AmazonWS list=DC-PRIO_3
add address=52.0.0.0/11 comment=AmazonWS list=DC-PRIO_3
add address=192.169.5.0/24 comment=Despegar.com list=DC-PRIO_3
add address=190.111.204.30 comment=BancoPatagonia list=DC-PRIO_1
add address=45.55.0.0/16 comment=DigitalOcean list=DC-PRIO_1
add address=200.61.38.128/25 comment=SantanderRio list=DC-PRIO_1
add address=74.125.0.0/16 comment=Google list=DC-PRIO_2
add address=5.39.224.0/21 comment=DStorage list=Storage
add address=31.13.94.0/24 comment=Facebook list=DC-PRIO_2
add address=200.42.0.0/17 comment=PrimaSA list=DC-PRIO_3
add address=13.64.0.0/11 comment=Microsoft list=Microsoft
add address=13.104.0.0/14 comment=Microsoft list=Microsoft
add address=13.96.0.0/13 comment=Microsoft list=Microsoft
add address=198.38.96.0/19 comment=Netflix list=DC-PRIO_1
add address=10.1.55.222 list=Clientes_Especiales
add address=184.50.0.0/15 comment=Akamaihd list=DC-PRIO_2
add address=157.240.0.0/16 comment=Facebook list=DC-PRIO_2
add address=190.98.144.128/25 comment=TelefonicaDC list=DC-PRIO_2
add address=31.13.73.0/24 comment=Instagram list=DC-PRIO_2
add address=104.244.40.0/21 comment=Twiter list=DC-PRIO_2
add address=161.190.0.0/16 comment="Bacnco Galicia" list=DC-PRIO_1
add address=181.10.131.64/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=181.15.93.224/27 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=181.111.178.160/27 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=186.153.11.56/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=190.220.132.192/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=200.45.16.216/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=54.80.0.0/12 comment=AmazonWS list=DC-PRIO_3
add address=54.72.0.0/13 comment=AmazonWS list=DC-PRIO_3
add address=190.225.183.0/24 comment=Personal.com.ar list=DC-PRIO_3
add address=199.27.128.0/21 comment=CloudFare list=DC-PRIO_3
add address=173.245.48.0/20 comment=CloudFare list=DC-PRIO_3
add address=108.162.192.0/18 comment=CloudFare list=DC-PRIO_3
add address=198.41.128.0/17 comment=CloudFare list=DC-PRIO_3
add address=104.16.0.0/12 comment=CloudFare list=DC-PRIO_3
add address=172.64.0.0/13 comment=CloudFare list=DC-PRIO_3
add address=162.158.0.0/15 comment=CloudFare list=DC-PRIO_3
add address=170.210.0.0/16 comment="Red de Interconexion Universitaria" list=\
DC-PRIO_3
add address=138.0.153.204 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=138.0.153.208 comment="Google (Gigared-Cache)" list=DC-PRIO_2
add address=131.100.108.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=170.51.224.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=170.51.244.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=190.221.162.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=201.217.244.0/26 comment=EcomChacoSA list=DC-PRIO_1
add address=201.217.244.128/26 comment=EcomChacoSA list=DC-PRIO_1
add address=201.217.244.192/26 comment=EcomChacoSA list=DC-PRIO_1
add address=200.1.32.0/19 comment=\
"Ministerio de Justicia de la Nacion Argentina" list=DC-PRIO_1
add address=200.41.230.229 comment=SantanderRio list=DC-PRIO_1
add address=190.183.231.14 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=181.15.215.192/26 comment="Youtube (Telecom-Cache)" list=\
DC-PRIO_2
add address=190.183.231.12 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=181.10.28.224/27 comment="Youtube (Telecom-Cache)" list=DC-PRIO_2
add address=138.0.152.8 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=181.15.168.0/27 comment="Youtube (Telecom-Cache)" list=DC-PRIO_2
add address=69.28.128.0/18 comment=LLNW list=DC-PRIO_2
add address=206.223.121.0/24 comment=LLNW list=DC-PRIO_2
add address=68.142.64.0/18 comment=LLNW list=DC-PRIO_2
add address=206.223.120.0/24 comment=LLNW list=DC-PRIO_2
add address=208.111.128.0/18 comment=LLNW list=DC-PRIO_2
add address=69.164.0.0/18 comment=LLNW list=DC-PRIO_2
add address=181.15.96.0/24 comment="Youtube (Telecom-Cache)" list=DC-PRIO_2
add address=181.111.164.224/27 comment="Youtube (Telecom-Cache)" list=\
DC-PRIO_2
add address=181.15.220.192/26 comment="Youtube (Telecom-Cache)" list=\
DC-PRIO_2
add address=200.124.123.0/24 comment=Visa list=DC-PRIO_3
add address=104.237.160.0/19 comment=Youtube list=DC-PRIO_2
add address=208.65.152.0/22 comment=Youtube list=DC-PRIO_2
add address=64.15.112.0/20 comment=Youtube list=DC-PRIO_2
add address=208.117.224.0/19 comment=Youtube list=DC-PRIO_2
add address=54.236.0.0/15 comment=AmazonWS list=DC-PRIO_3
add address=31.216.144.0/21 comment=Mega list=Storage
add address=190.183.231.13 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=190.183.231.15 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=138.0.152.18 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=64.120.128.0/17 comment=Netflix list=DC-PRIO_1
add address=66.197.128.0/17 comment=Netflix list=DC-PRIO_1
add address=192.173.64.0/18 comment=Netflix list=DC-PRIO_1
add address=198.45.48.0/20 comment=Netflix list=DC-PRIO_1
add address=108.175.32.0/20 comment=Netflix list=DC-PRIO_1
add address=23.246.0.0/18 comment=Netflix list=DC-PRIO_1
add address=45.57.0.0/17 comment=Netflix list=DC-PRIO_1
add address=179.0.4.0/22 comment=INSSJP list=DC-PRIO_1
add address=181.10.24.40/29 comment=INSSJP list=DC-PRIO_1
add address=181.10.30.136/29 comment=INSSJP list=DC-PRIO_1
add address=181.10.169.232/29 comment=INSSJP list=DC-PRIO_1
add address=181.10.192.120/29 comment=INSSJP list=DC-PRIO_1
add address=181.110.246.24/29 comment=INSSJP list=DC-PRIO_1
add address=181.111.203.80/29 comment=INSSJP list=DC-PRIO_1
add address=186.153.145.0/27 comment=INSSJP list=DC-PRIO_1
add address=190.30.224.136/29 comment=INSSJP list=DC-PRIO_1
add address=190.30.224.176/29 comment=INSSJP list=DC-PRIO_1
add address=190.30.224.232/29 comment=INSSJP list=DC-PRIO_1
add address=190.228.68.0/28 comment=INSSJP list=DC-PRIO_1
Queues Tree
/queue tree
add limit-at=200M max-limit=226M name=QoS parent=global priority=1 queue=\
wireless-default
add limit-at=8M max-limit=12M name=PRIO_1 packet-mark=PRIO_1 parent=QoS \
priority=1 queue=synchronous-default
add limit-at=3M max-limit=4M name=PRIO_2 packet-mark=PRIO_2 parent=QoS \
priority=2 queue=synchronous-default
add limit-at=15M max-limit=20M name=PRIO_3 packet-mark=PRIO_3 parent=QoS \
priority=3 queue=synchronous-default
add limit-at=115M max-limit=140M name=PRIO_4 packet-mark=PRIO_4 parent=QoS \
priority=4 queue=synchronous-default
add limit-at=3M max-limit=10M name=PRIO_5 packet-mark=PRIO_5 parent=QoS \
priority=5 queue=synchronous-default
add limit-at=25M max-limit=30M name=PRIO_6 packet-mark=PRIO_6 parent=QoS \
priority=6 queue=synchronous-default
add limit-at=25M max-limit=30M name=PRIO_7 packet-mark=PRIO_7 parent=QoS \
priority=7 queue=synchronous-default
add limit-at=6M max-limit=15M name=PRIO_8 packet-mark=PRIO_8 parent=QoS \
queue=synchronous-default
Mangle
/ip firewall mangle
add action=jump chain=forward comment="Storage PRIO-8" jump-target=Storage \
src-address-list=Storage
add action=jump chain=forward dst-address-list=Storage jump-target=Storage
add action=jump chain=forward comment="Microsoft PRIO-8" jump-target=Storage \
src-address-list=Microsoft
add action=jump chain=forward dst-address-list=Microsoft jump-target=Storage
add action=mark-packet chain=forward comment="PRIORIDAD-1 (ICMP-DNS)" \
new-packet-mark=PRIO_1 passthrough=yes protocol=icmp
add action=mark-packet chain=forward comment="DNS 53" new-packet-mark=PRIO_1 \
passthrough=yes port=53 protocol=udp
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes port=1723 protocol=tcp
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes port=1701 protocol=udp
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes protocol=gre
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes src-address=10.199.0.0/24
add action=mark-connection chain=forward dst-address=10.199.0.0/24 \
new-connection-mark=PRIO_1 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_1 new-packet-mark=\
PRIO_1 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_1
add action=mark-connection chain=forward comment="PRIORIDAD-2 (Winbox)" \
new-connection-mark=PRIO_2 passthrough=yes port=8291 protocol=tcp
add action=mark-connection chain=forward new-connection-mark=PRIO_2 \
passthrough=yes port=8291 protocol=tcp
add action=mark-connection chain=forward comment=Clientes_Especiales \
new-connection-mark=PRIO_2 passthrough=yes src-address-list=\
Clientes_Especiales
add action=mark-connection chain=forward dst-address-list=Clientes_Especiales \
new-connection-mark=PRIO_2 passthrough=yes
add action=mark-connection chain=forward comment=XMPP new-connection-mark=\
PRIO_2 passthrough=yes port=5222 protocol=tcp
add action=mark-packet chain=forward connection-mark=PRIO_2 new-packet-mark=\
PRIO_2 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_2
add action=mark-connection chain=forward comment="PRIORIDAD-3 (DC-PRIO_1)" \
dst-address-list=DC-PRIO_1 new-connection-mark=PRIO_3 passthrough=yes
add action=mark-connection chain=forward new-connection-mark=PRIO_3 \
passthrough=yes src-address-list=DC-PRIO_1
add action=mark-packet chain=forward connection-mark=PRIO_3 new-packet-mark=\
PRIO_3 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_3
add action=mark-connection chain=forward comment="PRIORIDAD-4 (DC-PRIO_2)" \
dst-address-list=DC-PRIO_2 new-connection-mark=PRIO_4 passthrough=yes
add action=mark-connection chain=forward new-connection-mark=PRIO_4 \
passthrough=yes src-address-list=DC-PRIO_2
add action=mark-connection chain=forward content=speedtest.net \
new-connection-mark=PRIO_4 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_4 new-packet-mark=\
PRIO_4 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_4
add action=mark-connection chain=forward comment="PRIORIDAD-5 (DC-PRIO_3)" \
new-connection-mark=PRIO_5 passthrough=yes src-address-list=DC-PRIO_3
add action=mark-connection chain=forward dst-address-list=DC-PRIO_3 \
new-connection-mark=PRIO_5 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_5 new-packet-mark=\
PRIO_5 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_5
add action=mark-connection chain=forward comment="PRIORIDAD-6 (HTTPS)" \
new-connection-mark=PRIO_6 passthrough=yes port=443 protocol=tcp
add action=mark-connection chain=forward comment=Quic new-connection-mark=\
PRIO_6 passthrough=yes port=443 protocol=udp
add action=mark-packet chain=forward connection-mark=PRIO_6 new-packet-mark=\
PRIO_6 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_6
add action=mark-connection chain=forward comment="PRIORIDAD-7 (HTTP)" \
new-connection-mark=PRIO_7 passthrough=yes port=80 protocol=tcp
add action=mark-packet chain=forward connection-mark=PRIO_7 new-packet-mark=\
PRIO_7 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_7
add action=return chain=Storage comment=Storage
add action=mark-connection chain=forward comment="PRIORIDAD-8 (LO DEMAS)" \
new-connection-mark=PRIO_8 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_8 new-packet-mark=\
PRIO_8 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_8
add action=accept chain="Termino de procesar" comment="TERMINO DE PROCESAR"
Address_list
/ip firewall address-list
add address=10.0.0.0/8 list=Privadas
add address=172.16.0.0/12 list=Privadas
add address=192.168.0.0/16 list=Privadas
add address=100.64.0.0/10 list=Privadas
add address=10.1.55.223 list=Clientes_Especiales
add address=200.10.199.0/24 comment=ANSES list=DC-PRIO_1
add address=190.228.28.168/29 comment=AFIP list=DC-PRIO_1
add address=190.228.28.200/29 comment=AFIP list=DC-PRIO_1
add address=190.228.35.112/29 comment=AFIP list=DC-PRIO_1
add address=200.1.116.0/24 comment=AFIP list=DC-PRIO_1
add address=209.13.141.0/26 comment=AFIP list=DC-PRIO_1
add address=190.136.32.240/29 comment="Red Link" list=DC-PRIO_1
add address=200.45.17.0/24 comment="Red Link" list=DC-PRIO_1
add address=199.59.148.0/22 comment=Twiter list=DC-PRIO_2
add address=72.21.80.0/20 comment=Speedtest list=DC-PRIO_2
add address=31.13.85.0/24 comment=Facebook list=DC-PRIO_2
add address=173.194.0.0/16 comment=r1---sn-x1x7snle.googlevideo.com list=\
DC-PRIO_2
add address=190.2.61.64/27 comment="Banco Hipotecario" list=DC-PRIO_1
add address=186.153.165.32/29 comment=Interbanking list=DC-PRIO_1
add address=200.5.196.248/29 comment="Banco Hipotecario" list=DC-PRIO_1
add address=200.124.126.0/24 comment="Banco Hipotecario" list=DC-PRIO_1
add address=200.61.184.0/24 comment=Interbanking list=DC-PRIO_1
add address=201.221.120.0/24 comment=Interbanking list=DC-PRIO_1
add address=104.64.0.0/10 comment=Akamaihd list=DC-PRIO_2
add address=69.171.224.0/19 comment=Facebook list=DC-PRIO_2
add address=64.233.160.0/19 comment="Google (webs-youtube-buscador)" list=\
DC-PRIO_2
add address=172.217.0.0/16 comment=GoogleVideo list=DC-PRIO_2
add address=216.58.192.0/19 comment=Youtube list=DC-PRIO_2
add address=190.98.128.0/24 comment=TelefonicaDC list=DC-PRIO_2
add address=192.16.59.1 comment="Twiter (PBS)" list=DC-PRIO_2
add address=23.192.0.0/11 comment=Akamaihd list=DC-PRIO_2
add address=201.212.0.0/17 comment=PrimaSA list=DC-PRIO_3
add address=200.5.235.216 comment="Bacnco Chubut" list=DC-PRIO_1
add address=52.84.0.0/14 comment=AmazonWS list=DC-PRIO_3
add address=52.32.0.0/11 comment=AmazonWS list=DC-PRIO_3
add address=192.16.48.151 comment=Spootify list=DC-PRIO_1
add address=52.88.0.0/13 comment=AmazonWS list=DC-PRIO_3
add address=209.225.49.0/24 comment=MercadoLibre list=DC-PRIO_3
add address=157.52.64.0/18 comment=Fastly list=DC-PRIO_3
add address=104.156.80.0/20 comment=Fastly list=DC-PRIO_3
add address=151.101.0.0/16 comment=Fastly list=DC-PRIO_3
add address=199.27.72.0/21 comment=Fastly list=DC-PRIO_3
add address=64.125.197.168/29 comment=Fastly list=DC-PRIO_3
add address=8.18.217.0/24 comment=Fastly list=DC-PRIO_3
add address=172.111.64.0/18 comment=Fastly list=DC-PRIO_3
add address=31.222.76.0/23 comment="Greysom Limited" list=DC-PRIO_3
add address=52.64.0.0/12 comment=AmazonWS list=DC-PRIO_3
add address=52.0.0.0/11 comment=AmazonWS list=DC-PRIO_3
add address=192.169.5.0/24 comment=Despegar.com list=DC-PRIO_3
add address=190.111.204.30 comment=BancoPatagonia list=DC-PRIO_1
add address=45.55.0.0/16 comment=DigitalOcean list=DC-PRIO_1
add address=200.61.38.128/25 comment=SantanderRio list=DC-PRIO_1
add address=74.125.0.0/16 comment=Google list=DC-PRIO_2
add address=5.39.224.0/21 comment=DStorage list=Storage
add address=31.13.94.0/24 comment=Facebook list=DC-PRIO_2
add address=200.42.0.0/17 comment=PrimaSA list=DC-PRIO_3
add address=13.64.0.0/11 comment=Microsoft list=Microsoft
add address=13.104.0.0/14 comment=Microsoft list=Microsoft
add address=13.96.0.0/13 comment=Microsoft list=Microsoft
add address=198.38.96.0/19 comment=Netflix list=DC-PRIO_1
add address=10.1.55.222 list=Clientes_Especiales
add address=184.50.0.0/15 comment=Akamaihd list=DC-PRIO_2
add address=157.240.0.0/16 comment=Facebook list=DC-PRIO_2
add address=190.98.144.128/25 comment=TelefonicaDC list=DC-PRIO_2
add address=31.13.73.0/24 comment=Instagram list=DC-PRIO_2
add address=104.244.40.0/21 comment=Twiter list=DC-PRIO_2
add address=161.190.0.0/16 comment="Bacnco Galicia" list=DC-PRIO_1
add address=181.10.131.64/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=181.15.93.224/27 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=181.111.178.160/27 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=186.153.11.56/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=190.220.132.192/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=200.45.16.216/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=54.80.0.0/12 comment=AmazonWS list=DC-PRIO_3
add address=54.72.0.0/13 comment=AmazonWS list=DC-PRIO_3
add address=190.225.183.0/24 comment=Personal.com.ar list=DC-PRIO_3
add address=199.27.128.0/21 comment=CloudFare list=DC-PRIO_3
add address=173.245.48.0/20 comment=CloudFare list=DC-PRIO_3
add address=108.162.192.0/18 comment=CloudFare list=DC-PRIO_3
add address=198.41.128.0/17 comment=CloudFare list=DC-PRIO_3
add address=104.16.0.0/12 comment=CloudFare list=DC-PRIO_3
add address=172.64.0.0/13 comment=CloudFare list=DC-PRIO_3
add address=162.158.0.0/15 comment=CloudFare list=DC-PRIO_3
add address=170.210.0.0/16 comment="Red de Interconexion Universitaria" list=\
DC-PRIO_3
add address=138.0.153.204 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=138.0.153.208 comment="Google (Gigared-Cache)" list=DC-PRIO_2
add address=131.100.108.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=170.51.224.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=170.51.244.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=190.221.162.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=201.217.244.0/26 comment=EcomChacoSA list=DC-PRIO_1
add address=201.217.244.128/26 comment=EcomChacoSA list=DC-PRIO_1
add address=201.217.244.192/26 comment=EcomChacoSA list=DC-PRIO_1
add address=200.1.32.0/19 comment=\
"Ministerio de Justicia de la Nacion Argentina" list=DC-PRIO_1
add address=200.41.230.229 comment=SantanderRio list=DC-PRIO_1
add address=190.183.231.14 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=181.15.215.192/26 comment="Youtube (Telecom-Cache)" list=\
DC-PRIO_2
add address=190.183.231.12 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=181.10.28.224/27 comment="Youtube (Telecom-Cache)" list=DC-PRIO_2
add address=138.0.152.8 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=181.15.168.0/27 comment="Youtube (Telecom-Cache)" list=DC-PRIO_2
add address=69.28.128.0/18 comment=LLNW list=DC-PRIO_2
add address=206.223.121.0/24 comment=LLNW list=DC-PRIO_2
add address=68.142.64.0/18 comment=LLNW list=DC-PRIO_2
add address=206.223.120.0/24 comment=LLNW list=DC-PRIO_2
add address=208.111.128.0/18 comment=LLNW list=DC-PRIO_2
add address=69.164.0.0/18 comment=LLNW list=DC-PRIO_2
add address=181.15.96.0/24 comment="Youtube (Telecom-Cache)" list=DC-PRIO_2
add address=181.111.164.224/27 comment="Youtube (Telecom-Cache)" list=\
DC-PRIO_2
add address=181.15.220.192/26 comment="Youtube (Telecom-Cache)" list=\
DC-PRIO_2
add address=200.124.123.0/24 comment=Visa list=DC-PRIO_3
add address=104.237.160.0/19 comment=Youtube list=DC-PRIO_2
add address=208.65.152.0/22 comment=Youtube list=DC-PRIO_2
add address=64.15.112.0/20 comment=Youtube list=DC-PRIO_2
add address=208.117.224.0/19 comment=Youtube list=DC-PRIO_2
add address=54.236.0.0/15 comment=AmazonWS list=DC-PRIO_3
add address=31.216.144.0/21 comment=Mega list=Storage
add address=190.183.231.13 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=190.183.231.15 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=138.0.152.18 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=64.120.128.0/17 comment=Netflix list=DC-PRIO_1
add address=66.197.128.0/17 comment=Netflix list=DC-PRIO_1
add address=192.173.64.0/18 comment=Netflix list=DC-PRIO_1
add address=198.45.48.0/20 comment=Netflix list=DC-PRIO_1
add address=108.175.32.0/20 comment=Netflix list=DC-PRIO_1
add address=23.246.0.0/18 comment=Netflix list=DC-PRIO_1
add address=45.57.0.0/17 comment=Netflix list=DC-PRIO_1
add address=179.0.4.0/22 comment=INSSJP list=DC-PRIO_1
add address=181.10.24.40/29 comment=INSSJP list=DC-PRIO_1
add address=181.10.30.136/29 comment=INSSJP list=DC-PRIO_1
add address=181.10.169.232/29 comment=INSSJP list=DC-PRIO_1
add address=181.10.192.120/29 comment=INSSJP list=DC-PRIO_1
add address=181.110.246.24/29 comment=INSSJP list=DC-PRIO_1
add address=181.111.203.80/29 comment=INSSJP list=DC-PRIO_1
add address=186.153.145.0/27 comment=INSSJP list=DC-PRIO_1
add address=190.30.224.136/29 comment=INSSJP list=DC-PRIO_1
add address=190.30.224.176/29 comment=INSSJP list=DC-PRIO_1
add address=190.30.224.232/29 comment=INSSJP list=DC-PRIO_1
add address=190.228.68.0/28 comment=INSSJP list=DC-PRIO_1
Queues Tree
/queue tree
add limit-at=200M max-limit=226M name=QoS parent=global priority=1 queue=\
wireless-default
add limit-at=8M max-limit=12M name=PRIO_1 packet-mark=PRIO_1 parent=QoS \
priority=1 queue=synchronous-default
add limit-at=3M max-limit=4M name=PRIO_2 packet-mark=PRIO_2 parent=QoS \
priority=2 queue=synchronous-default
add limit-at=15M max-limit=20M name=PRIO_3 packet-mark=PRIO_3 parent=QoS \
priority=3 queue=synchronous-default
add limit-at=115M max-limit=140M name=PRIO_4 packet-mark=PRIO_4 parent=QoS \
priority=4 queue=synchronous-default
add limit-at=3M max-limit=10M name=PRIO_5 packet-mark=PRIO_5 parent=QoS \
priority=5 queue=synchronous-default
add limit-at=25M max-limit=30M name=PRIO_6 packet-mark=PRIO_6 parent=QoS \
priority=6 queue=synchronous-default
add limit-at=25M max-limit=30M name=PRIO_7 packet-mark=PRIO_7 parent=QoS \
priority=7 queue=synchronous-default
add limit-at=6M max-limit=15M name=PRIO_8 packet-mark=PRIO_8 parent=QoS \
queue=synchronous-default
Re: General QOS Script
Hi! i have a question,I can share what I have armed, but it is pointed to wisp and punctually to my wisp. We could modify this if I want to.
Mangle
/ip firewall mangle
add action=jump chain=forward comment="Storage PRIO-8" jump-target=Storage \
src-address-list=Storage
add action=jump chain=forward dst-address-list=Storage jump-target=Storage
add action=jump chain=forward comment="Microsoft PRIO-8" jump-target=Storage \
src-address-list=Microsoft
add action=jump chain=forward dst-address-list=Microsoft jump-target=Storage
add action=mark-packet chain=forward comment="PRIORIDAD-1 (ICMP-DNS)" \
new-packet-mark=PRIO_1 passthrough=yes protocol=icmp
add action=mark-packet chain=forward comment="DNS 53" new-packet-mark=PRIO_1 \
passthrough=yes port=53 protocol=udp
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes port=1723 protocol=tcp
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes port=1701 protocol=udp
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes protocol=gre
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes src-address=10.199.0.0/24
add action=mark-connection chain=forward dst-address=10.199.0.0/24 \
new-connection-mark=PRIO_1 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_1 new-packet-mark=\
PRIO_1 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_1
add action=mark-connection chain=forward comment="PRIORIDAD-2 (Winbox)" \
new-connection-mark=PRIO_2 passthrough=yes port=8291 protocol=tcp
add action=mark-connection chain=forward new-connection-mark=PRIO_2 \
passthrough=yes port=8291 protocol=tcp
add action=mark-connection chain=forward comment=Clientes_Especiales \
new-connection-mark=PRIO_2 passthrough=yes src-address-list=\
Clientes_Especiales
add action=mark-connection chain=forward dst-address-list=Clientes_Especiales \
new-connection-mark=PRIO_2 passthrough=yes
add action=mark-connection chain=forward comment=XMPP new-connection-mark=\
PRIO_2 passthrough=yes port=5222 protocol=tcp
add action=mark-packet chain=forward connection-mark=PRIO_2 new-packet-mark=\
PRIO_2 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_2
add action=mark-connection chain=forward comment="PRIORIDAD-3 (DC-PRIO_1)" \
dst-address-list=DC-PRIO_1 new-connection-mark=PRIO_3 passthrough=yes
add action=mark-connection chain=forward new-connection-mark=PRIO_3 \
passthrough=yes src-address-list=DC-PRIO_1
add action=mark-packet chain=forward connection-mark=PRIO_3 new-packet-mark=\
PRIO_3 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_3
add action=mark-connection chain=forward comment="PRIORIDAD-4 (DC-PRIO_2)" \
dst-address-list=DC-PRIO_2 new-connection-mark=PRIO_4 passthrough=yes
add action=mark-connection chain=forward new-connection-mark=PRIO_4 \
passthrough=yes src-address-list=DC-PRIO_2
add action=mark-connection chain=forward content=speedtest.net \
new-connection-mark=PRIO_4 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_4 new-packet-mark=\
PRIO_4 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_4
add action=mark-connection chain=forward comment="PRIORIDAD-5 (DC-PRIO_3)" \
new-connection-mark=PRIO_5 passthrough=yes src-address-list=DC-PRIO_3
add action=mark-connection chain=forward dst-address-list=DC-PRIO_3 \
new-connection-mark=PRIO_5 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_5 new-packet-mark=\
PRIO_5 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_5
add action=mark-connection chain=forward comment="PRIORIDAD-6 (HTTPS)" \
new-connection-mark=PRIO_6 passthrough=yes port=443 protocol=tcp
add action=mark-connection chain=forward comment=Quic new-connection-mark=\
PRIO_6 passthrough=yes port=443 protocol=udp
add action=mark-packet chain=forward connection-mark=PRIO_6 new-packet-mark=\
PRIO_6 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_6
add action=mark-connection chain=forward comment="PRIORIDAD-7 (HTTP)" \
new-connection-mark=PRIO_7 passthrough=yes port=80 protocol=tcp
add action=mark-packet chain=forward connection-mark=PRIO_7 new-packet-mark=\
PRIO_7 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_7
add action=return chain=Storage comment=Storage
add action=mark-connection chain=forward comment="PRIORIDAD-8 (LO DEMAS)" \
new-connection-mark=PRIO_8 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_8 new-packet-mark=\
PRIO_8 passthrough=yes
add action=jump chain=forward jump-target="Termino de procesar" packet-mark=\
PRIO_8
add action=accept chain="Termino de procesar" comment="TERMINO DE PROCESAR"
Address_list
/ip firewall address-list
add address=10.0.0.0/8 list=Privadas
add address=172.16.0.0/12 list=Privadas
add address=192.168.0.0/16 list=Privadas
add address=100.64.0.0/10 list=Privadas
add address=10.1.55.223 list=Clientes_Especiales
add address=200.10.199.0/24 comment=ANSES list=DC-PRIO_1
add address=190.228.28.168/29 comment=AFIP list=DC-PRIO_1
add address=190.228.28.200/29 comment=AFIP list=DC-PRIO_1
add address=190.228.35.112/29 comment=AFIP list=DC-PRIO_1
add address=200.1.116.0/24 comment=AFIP list=DC-PRIO_1
add address=209.13.141.0/26 comment=AFIP list=DC-PRIO_1
add address=190.136.32.240/29 comment="Red Link" list=DC-PRIO_1
add address=200.45.17.0/24 comment="Red Link" list=DC-PRIO_1
add address=199.59.148.0/22 comment=Twiter list=DC-PRIO_2
add address=72.21.80.0/20 comment=Speedtest list=DC-PRIO_2
add address=31.13.85.0/24 comment=Facebook list=DC-PRIO_2
add address=173.194.0.0/16 comment=r1---sn-x1x7snle.googlevideo.com list=\
DC-PRIO_2
add address=190.2.61.64/27 comment="Banco Hipotecario" list=DC-PRIO_1
add address=186.153.165.32/29 comment=Interbanking list=DC-PRIO_1
add address=200.5.196.248/29 comment="Banco Hipotecario" list=DC-PRIO_1
add address=200.124.126.0/24 comment="Banco Hipotecario" list=DC-PRIO_1
add address=200.61.184.0/24 comment=Interbanking list=DC-PRIO_1
add address=201.221.120.0/24 comment=Interbanking list=DC-PRIO_1
add address=104.64.0.0/10 comment=Akamaihd list=DC-PRIO_2
add address=69.171.224.0/19 comment=Facebook list=DC-PRIO_2
add address=64.233.160.0/19 comment="Google (webs-youtube-buscador)" list=\
DC-PRIO_2
add address=172.217.0.0/16 comment=GoogleVideo list=DC-PRIO_2
add address=216.58.192.0/19 comment=Youtube list=DC-PRIO_2
add address=190.98.128.0/24 comment=TelefonicaDC list=DC-PRIO_2
add address=192.16.59.1 comment="Twiter (PBS)" list=DC-PRIO_2
add address=23.192.0.0/11 comment=Akamaihd list=DC-PRIO_2
add address=201.212.0.0/17 comment=PrimaSA list=DC-PRIO_3
add address=200.5.235.216 comment="Bacnco Chubut" list=DC-PRIO_1
add address=52.84.0.0/14 comment=AmazonWS list=DC-PRIO_3
add address=52.32.0.0/11 comment=AmazonWS list=DC-PRIO_3
add address=192.16.48.151 comment=Spootify list=DC-PRIO_1
add address=52.88.0.0/13 comment=AmazonWS list=DC-PRIO_3
add address=209.225.49.0/24 comment=MercadoLibre list=DC-PRIO_3
add address=157.52.64.0/18 comment=Fastly list=DC-PRIO_3
add address=104.156.80.0/20 comment=Fastly list=DC-PRIO_3
add address=151.101.0.0/16 comment=Fastly list=DC-PRIO_3
add address=199.27.72.0/21 comment=Fastly list=DC-PRIO_3
add address=64.125.197.168/29 comment=Fastly list=DC-PRIO_3
add address=8.18.217.0/24 comment=Fastly list=DC-PRIO_3
add address=172.111.64.0/18 comment=Fastly list=DC-PRIO_3
add address=31.222.76.0/23 comment="Greysom Limited" list=DC-PRIO_3
add address=52.64.0.0/12 comment=AmazonWS list=DC-PRIO_3
add address=52.0.0.0/11 comment=AmazonWS list=DC-PRIO_3
add address=192.169.5.0/24 comment=Despegar.com list=DC-PRIO_3
add address=190.111.204.30 comment=BancoPatagonia list=DC-PRIO_1
add address=45.55.0.0/16 comment=DigitalOcean list=DC-PRIO_1
add address=200.61.38.128/25 comment=SantanderRio list=DC-PRIO_1
add address=74.125.0.0/16 comment=Google list=DC-PRIO_2
add address=5.39.224.0/21 comment=DStorage list=Storage
add address=31.13.94.0/24 comment=Facebook list=DC-PRIO_2
add address=200.42.0.0/17 comment=PrimaSA list=DC-PRIO_3
add address=13.64.0.0/11 comment=Microsoft list=Microsoft
add address=13.104.0.0/14 comment=Microsoft list=Microsoft
add address=13.96.0.0/13 comment=Microsoft list=Microsoft
add address=198.38.96.0/19 comment=Netflix list=DC-PRIO_1
add address=10.1.55.222 list=Clientes_Especiales
add address=184.50.0.0/15 comment=Akamaihd list=DC-PRIO_2
add address=157.240.0.0/16 comment=Facebook list=DC-PRIO_2
add address=190.98.144.128/25 comment=TelefonicaDC list=DC-PRIO_2
add address=31.13.73.0/24 comment=Instagram list=DC-PRIO_2
add address=104.244.40.0/21 comment=Twiter list=DC-PRIO_2
add address=161.190.0.0/16 comment="Bacnco Galicia" list=DC-PRIO_1
add address=181.10.131.64/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=181.15.93.224/27 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=181.111.178.160/27 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=186.153.11.56/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=190.220.132.192/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=200.45.16.216/29 comment="Tarjeta Naranja" list=DC-PRIO_3
add address=54.80.0.0/12 comment=AmazonWS list=DC-PRIO_3
add address=54.72.0.0/13 comment=AmazonWS list=DC-PRIO_3
add address=190.225.183.0/24 comment=Personal.com.ar list=DC-PRIO_3
add address=199.27.128.0/21 comment=CloudFare list=DC-PRIO_3
add address=173.245.48.0/20 comment=CloudFare list=DC-PRIO_3
add address=108.162.192.0/18 comment=CloudFare list=DC-PRIO_3
add address=198.41.128.0/17 comment=CloudFare list=DC-PRIO_3
add address=104.16.0.0/12 comment=CloudFare list=DC-PRIO_3
add address=172.64.0.0/13 comment=CloudFare list=DC-PRIO_3
add address=162.158.0.0/15 comment=CloudFare list=DC-PRIO_3
add address=170.210.0.0/16 comment="Red de Interconexion Universitaria" list=\
DC-PRIO_3
add address=138.0.153.204 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=138.0.153.208 comment="Google (Gigared-Cache)" list=DC-PRIO_2
add address=131.100.108.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=170.51.224.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=170.51.244.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=190.221.162.0/27 comment="Youtube (Claro-Cache)" list=DC-PRIO_2
add address=201.217.244.0/26 comment=EcomChacoSA list=DC-PRIO_1
add address=201.217.244.128/26 comment=EcomChacoSA list=DC-PRIO_1
add address=201.217.244.192/26 comment=EcomChacoSA list=DC-PRIO_1
add address=200.1.32.0/19 comment=\
"Ministerio de Justicia de la Nacion Argentina" list=DC-PRIO_1
add address=200.41.230.229 comment=SantanderRio list=DC-PRIO_1
add address=190.183.231.14 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=181.15.215.192/26 comment="Youtube (Telecom-Cache)" list=\
DC-PRIO_2
add address=190.183.231.12 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=181.10.28.224/27 comment="Youtube (Telecom-Cache)" list=DC-PRIO_2
add address=138.0.152.8 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=181.15.168.0/27 comment="Youtube (Telecom-Cache)" list=DC-PRIO_2
add address=69.28.128.0/18 comment=LLNW list=DC-PRIO_2
add address=206.223.121.0/24 comment=LLNW list=DC-PRIO_2
add address=68.142.64.0/18 comment=LLNW list=DC-PRIO_2
add address=206.223.120.0/24 comment=LLNW list=DC-PRIO_2
add address=208.111.128.0/18 comment=LLNW list=DC-PRIO_2
add address=69.164.0.0/18 comment=LLNW list=DC-PRIO_2
add address=181.15.96.0/24 comment="Youtube (Telecom-Cache)" list=DC-PRIO_2
add address=181.111.164.224/27 comment="Youtube (Telecom-Cache)" list=\
DC-PRIO_2
add address=181.15.220.192/26 comment="Youtube (Telecom-Cache)" list=\
DC-PRIO_2
add address=200.124.123.0/24 comment=Visa list=DC-PRIO_3
add address=104.237.160.0/19 comment=Youtube list=DC-PRIO_2
add address=208.65.152.0/22 comment=Youtube list=DC-PRIO_2
add address=64.15.112.0/20 comment=Youtube list=DC-PRIO_2
add address=208.117.224.0/19 comment=Youtube list=DC-PRIO_2
add address=54.236.0.0/15 comment=AmazonWS list=DC-PRIO_3
add address=31.216.144.0/21 comment=Mega list=Storage
add address=190.183.231.13 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=190.183.231.15 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=138.0.152.18 comment="Youtube (Gigared-Cache)" list=DC-PRIO_2
add address=64.120.128.0/17 comment=Netflix list=DC-PRIO_1
add address=66.197.128.0/17 comment=Netflix list=DC-PRIO_1
add address=192.173.64.0/18 comment=Netflix list=DC-PRIO_1
add address=198.45.48.0/20 comment=Netflix list=DC-PRIO_1
add address=108.175.32.0/20 comment=Netflix list=DC-PRIO_1
add address=23.246.0.0/18 comment=Netflix list=DC-PRIO_1
add address=45.57.0.0/17 comment=Netflix list=DC-PRIO_1
add address=179.0.4.0/22 comment=INSSJP list=DC-PRIO_1
add address=181.10.24.40/29 comment=INSSJP list=DC-PRIO_1
add address=181.10.30.136/29 comment=INSSJP list=DC-PRIO_1
add address=181.10.169.232/29 comment=INSSJP list=DC-PRIO_1
add address=181.10.192.120/29 comment=INSSJP list=DC-PRIO_1
add address=181.110.246.24/29 comment=INSSJP list=DC-PRIO_1
add address=181.111.203.80/29 comment=INSSJP list=DC-PRIO_1
add address=186.153.145.0/27 comment=INSSJP list=DC-PRIO_1
add address=190.30.224.136/29 comment=INSSJP list=DC-PRIO_1
add address=190.30.224.176/29 comment=INSSJP list=DC-PRIO_1
add address=190.30.224.232/29 comment=INSSJP list=DC-PRIO_1
add address=190.228.68.0/28 comment=INSSJP list=DC-PRIO_1
Queues Tree
/queue tree
add limit-at=200M max-limit=226M name=QoS parent=global priority=1 queue=\
wireless-default
add limit-at=8M max-limit=12M name=PRIO_1 packet-mark=PRIO_1 parent=QoS \
priority=1 queue=synchronous-default
add limit-at=3M max-limit=4M name=PRIO_2 packet-mark=PRIO_2 parent=QoS \
priority=2 queue=synchronous-default
add limit-at=15M max-limit=20M name=PRIO_3 packet-mark=PRIO_3 parent=QoS \
priority=3 queue=synchronous-default
add limit-at=115M max-limit=140M name=PRIO_4 packet-mark=PRIO_4 parent=QoS \
priority=4 queue=synchronous-default
add limit-at=3M max-limit=10M name=PRIO_5 packet-mark=PRIO_5 parent=QoS \
priority=5 queue=synchronous-default
add limit-at=25M max-limit=30M name=PRIO_6 packet-mark=PRIO_6 parent=QoS \
priority=6 queue=synchronous-default
add limit-at=25M max-limit=30M name=PRIO_7 packet-mark=PRIO_7 parent=QoS \
priority=7 queue=synchronous-default
add limit-at=6M max-limit=15M name=PRIO_8 packet-mark=PRIO_8 parent=QoS \
queue=synchronous-default
here i have to put my dns?
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes protocol=gre
add action=mark-connection chain=forward new-connection-mark=PRIO_1 \
passthrough=yes src-address=10.199.0.0/24
add action=mark-connection chain=forward dst-address=10.199.0.0/24 \
new-connection-mark=PRIO_1 passthrough=yes
add action=mark-packet chain=forward connection-mark=PRIO_1 new-packet-mark=\
and you are from Argentina?
-
-
facubertran
just joined
- Posts: 19
- Joined:
- Location: Argentina
- Contact:
Re: General QOS Script
Hi, yes from Argentina.
The network 10.199.0.0/24 is from my servers. You do not have to dial the DNS server.
The network 10.199.0.0/24 is from my servers. You do not have to dial the DNS server.
Re: General QOS Script
Im from Argentina too, I do not know if you can speak spanish here. ajjajajaja
In that address I have to put my dns server?
In that address I have to put my dns server?
Hi, yes from Argentina.
The network 10.199.0.0/24 is from my servers. You do not have to dial the DNS server.
-
-
facubertran
just joined
- Posts: 19
- Joined:
- Location: Argentina
- Contact:
Re: General QOS Script
jaja. Espero no se enojen por el español. No es necesario que pongas el server DNS, esa red 10.199 es una red que tiene servidores como The Dude, Aircontrol, priorizo toda la red porque es mi administracion. El marcado de DNS esta en PRIO_1 como udp 53. En Argentina te va a servir bastante depende de donde estes y que proveedor tengas.Im from Argentina too, I do not know if you can speak spanish here. ajjajajaja
In that address I have to put my dns server?
Hi, yes from Argentina.
The network 10.199.0.0/24 is from my servers. You do not have to dial the DNS server.
-
-
facubertran
just joined
- Posts: 19
- Joined:
- Location: Argentina
- Contact:
Re: General QOS Script
I have always objected to using this type of QoS. I do not really consider it QoS. But I was surprised how I helped the network. I did it because I support and they ask me, but as I said, I learned the improvement.What is wrong with n00bs and their obsession with QoS?
I never used it and everything works fine! I use OpenWRT, DD-WRT, RouterOS, even AirOS, with no freakin' QoS. Small and medium networks, slow and fast WANs.
In cases I have no choice but to use the crappy stock firmware - I disable useless stuff, even if it takes soldering pins for console.
There is only 1 right way to configure a gateway, and it does not include any QoS. Hau!
Re: General QOS Script
Of course the type of QoS depicted above (setting priority to some internet services above or below others) is questionable,
but QoS can be very useful to have realtime, normal and background traffic on the same network.
It will not be very succesful on a network with many rogue users on it, but when users are cooperative it can work very well.
This way, it is possible to have voice, surfing and bulk file transfer over the same congested links.
but QoS can be very useful to have realtime, normal and background traffic on the same network.
It will not be very succesful on a network with many rogue users on it, but when users are cooperative it can work very well.
This way, it is possible to have voice, surfing and bulk file transfer over the same congested links.
-
-
IntrusDave
Forum Guru
- Posts: 1286
- Joined:
- Location: Rancho Cucamonga, CA
Re: General QOS Script
You can use this script to setup the basic QoS based on DSCP. It works well and honors the DSCP set by the application you use.
Make sure you set the WAN interface name and the *upload* bandwidth.
Make sure you set the WAN interface name and the *upload* bandwidth.
Code: Select all
#Set interface here
:local outboundInterface "wan0"
#Set bandwidth of the interface (remember, this is for OUTGOING)
:local interfaceBandwidth 6M
#Set where in the chain the packets should be mangled
:local mangleChain postrouting
#Don't mess with these. They set the parameters for what is to follow
:local queueName ("QoS_" . $outboundInterface)
:local qosClasses [:toarray "Network Control,Internetwork Control,Critical,Flash Override,Flash,Immedate,Priority,Routine"]
/ip firewall mangle add action=set-priority chain=postrouting dst-port=1119,3724,6113 new-priority=3 passthrough=yes protocol=tcp
/ip firewall mangle add action=set-priority chain=postrouting dst-port=6052,5062,5060,12000-32000,3478,3479 new-priority=3 passthrough=yes protocol=udp
/ip firewall mangle add action=set-priority chain=postrouting new-priority=from-dscp-high-3-bits passthrough=yes comment="Respect DSCP tagging"
/ip firewall mangle add action=set-priority chain=postrouting new-priority=2 packet-size=0-123 passthrough=yes protocol=tcp tcp-flags=ack comment="Prioritize ACKs"
/ip firewall mangle add action=set-priority chain=postrouting priority=0 dscp=0 new-priority=8 passthrough=yes comment="Set Pri 0 on packets with no tag at all"
:for indexA from 0 to 7 do={
/ip firewall mangle add action=mark-packet chain=$mangleChain comment=("pri_" . $indexA+1) \
disabled=no priority=($indexA+1) new-packet-mark=("priority_" . $indexA+1) passthrough=no
}
/queue tree add max-limit=$interfaceBandwidth name=$queueName parent=$outboundInterface priority=1
:for indexA from=0 to=7 do={
:local subClass ([:pick $qosClasses $indexA] )
/queue tree add \
name=($indexA+1 . ". " . $subClass . " - " . $outboundInterface ) \
parent=$queueName \
priority=($indexA+1) \
queue=ethernet-default \
packet-mark=("priority_" . $indexA+1) \
comment=("Priority " . $indexA+1 . " traffic")
}
-
-
ukzerosniper
Member Candidate
- Posts: 129
- Joined:
Re: General QOS Script
Does this only provide QOS on outbound traffic? What about inbound traffic?
Thanks.
Thanks.
You can use this script to setup the basic QoS based on DSCP. It works well and honors the DSCP set by the application you use.
Make sure you set the WAN interface name and the *upload* bandwidth.
Code: Select all#Set interface here :local outboundInterface "wan0" #Set bandwidth of the interface (remember, this is for OUTGOING) :local interfaceBandwidth 6M #Set where in the chain the packets should be mangled :local mangleChain postrouting #Don't mess with these. They set the parameters for what is to follow :local queueName ("QoS_" . $outboundInterface) :local qosClasses [:toarray "Network Control,Internetwork Control,Critical,Flash Override,Flash,Immedate,Priority,Routine"] /ip firewall mangle add action=set-priority chain=postrouting dst-port=1119,3724,6113 new-priority=3 passthrough=yes protocol=tcp /ip firewall mangle add action=set-priority chain=postrouting dst-port=6052,5062,5060,12000-32000,3478,3479 new-priority=3 passthrough=yes protocol=udp /ip firewall mangle add action=set-priority chain=postrouting new-priority=from-dscp-high-3-bits passthrough=yes comment="Respect DSCP tagging" /ip firewall mangle add action=set-priority chain=postrouting new-priority=2 packet-size=0-123 passthrough=yes protocol=tcp tcp-flags=ack comment="Prioritize ACKs" /ip firewall mangle add action=set-priority chain=postrouting priority=0 dscp=0 new-priority=8 passthrough=yes comment="Set Pri 0 on packets with no tag at all" :for indexA from 0 to 7 do={ /ip firewall mangle add action=mark-packet chain=$mangleChain comment=("pri_" . $indexA+1) \ disabled=no priority=($indexA+1) new-packet-mark=("priority_" . $indexA+1) passthrough=no } /queue tree add max-limit=$interfaceBandwidth name=$queueName parent=$outboundInterface priority=1 :for indexA from=0 to=7 do={ :local subClass ([:pick $qosClasses $indexA] ) /queue tree add \ name=($indexA+1 . ". " . $subClass . " - " . $outboundInterface ) \ parent=$queueName \ priority=($indexA+1) \ queue=ethernet-default \ packet-mark=("priority_" . $indexA+1) \ comment=("Priority " . $indexA+1 . " traffic") }
Re: General QOS Script
It is not really possible to do QoS on inbound traffic. You can limit the rate of some of theDoes this only provide QOS on outbound traffic? What about inbound traffic?
traffic, but you cannot affect the priority.
To do it properly, it has to be done outbound at the other side of the link.
Who is online
Users browsing this forum: Alone65, anastasis, jvanhambelgium, megabytenet, yeahunter, yhfung and 33 guests