QoS: prioritizing certain content while slowing other
Posted: Sat Dec 03, 2011 2:25 am
I've been dicking with this all day. I had it working once but I'm doing something wrong now. One of the objectives is to accomplish this. That part is working. Traffic being redirected by the proxy is queued as specified. Direct connections do not get queued.
The next objective is to prioritize skyward while throttling .flv and .mp4 content from youtube. I haven't put a queue in for the youtube mark yet because the L7 filters don't seem to be working. Also, the skyward queue isn't getting hit. I can't tell if the packets are getting mangled properly in the skyward chain or not.
1) Why aren't the mangle rules for .mp4 and .flv marking anything?
2) Why aren't my skyward packets getting queued? The desired affect here would be to type skyward.com into a browser and see it come up at full speed with priority.
The next objective is to prioritize skyward while throttling .flv and .mp4 content from youtube. I haven't put a queue in for the youtube mark yet because the L7 filters don't seem to be working. Also, the skyward queue isn't getting hit. I can't tell if the packets are getting mangled properly in the skyward chain or not.
Code: Select all
# dec/02/2011 18:07:43 by RouterOS 5.9
#
#
/ip firewall mangle
add action=jump chain=prerouting content=youtube.com disabled=no jump-target=\
youtube
add action=jump chain=prerouting content=skyward.com disabled=no jump-target=\
skyward
add action=mark-packet chain=output comment="Proxy \"hits\"" disabled=no \
dscp=4 new-packet-mark=unqueued-download out-interface=LAN passthrough=no
add action=mark-packet chain=prerouting comment="upload traffic" disabled=no \
in-interface=LAN new-packet-mark=upload passthrough=yes src-address=\
172.25.25.0/24
add action=add-dst-to-address-list address-list=Skyward address-list-timeout=\
5m chain=skyward comment=\
"All packets processed in this chain should be added to Skyward list." \
disabled=no dst-port=80 protocol=tcp
add action=mark-connection chain=forward comment=\
"Connection mark for all tracked connections" disabled=no \
new-connection-mark=tracked-conn passthrough=yes src-address=\
172.25.25.0/24
add action=mark-packet chain=forward comment="Direct Download (non-HTTP)" \
connection-mark=tracked-conn disabled=no in-interface=ether1 \
new-packet-mark=unqueued-download passthrough=no
add action=mark-packet chain=output comment="Proxy HTTP traffic (MISS)" \
disabled=no dst-address=172.25.25.0/24 new-packet-mark=queued-download \
out-interface=LAN passthrough=no
add action=add-dst-to-address-list address-list=Youtube address-list-timeout=\
5m chain=youtube comment=\
"All packets processed in this chain should be added to Youtube list." \
disabled=no dst-port=80 protocol=tcp
add action=mark-connection chain=youtube disabled=no dst-address-list=Youtube \
new-connection-mark=youtube_conn passthrough=yes
add action=mark-packet chain=output connection-mark=youtube_conn disabled=no \
layer7-protocol="Extension \".mp4 \"" new-packet-mark=youtube_mp4 \
passthrough=yes
add action=mark-packet chain=skyward connection-mark=skyward_conn disabled=no \
new-packet-mark=skyward_pkt passthrough=yes
add action=mark-packet chain=output connection-mark=youtube_conn disabled=no \
layer7-protocol="Extension \".mp4 \"" new-packet-mark=youtube_flv \
passthrough=yes
add action=mark-connection chain=skyward disabled=no dst-address-list=Skyward \
new-connection-mark=skyward_conn passthrough=yes
Code: Select all
# dec/02/2011 18:08:25 by RouterOS 5.9
#
#
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=downstream packet-mark=unqueued-download parent=LAN \
priority=8
add burst-limit=0 burst-threshold=0 burst-time=0s comment=\
"Applies for HTTP traffic redirected through proxy." disabled=no \
limit-at=5M max-limit=10M name="Queued download" packet-mark=\
queued-download parent=downstream priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=upstream packet-mark=upload parent=ether1 priority=8 \
queue=PCQ
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=skyward packet-mark=skyward_pkt parent=downstream \
priority=1 queue=default
Code: Select all
# dec/02/2011 18:19:05 by RouterOS 5.9
#
#
/ip firewall layer7-protocol
add name="Extension \".mp4 \"" regexp="\\.(mp4)"
add name="Extension \".flv \"" regexp="\\.(flv)"
2) Why aren't my skyward packets getting queued? The desired affect here would be to type skyward.com into a browser and see it come up at full speed with priority.