UDP packets can only be dropped and you can not limit the connection
numbers as UDP is connectionless...
Is anyone aware, how to minumize the effects of mulitple UDP packets on an AP and/or network without dropping the entire protocol that is using it?. ie Bit-Torrent (P2P). beyond speed/burst etc..
Does changing the connection UDP timeout from 30 seconds to 5-10 seconds help? or will it hinder other protocols?
I'm trying to figure out an IP specific solution, or one across the entire
IP class, but keep running into a dead end.
-
-
Hugh Hartman
Frequent Visitor
- Posts: 92
- Joined:
- Location: Fort Kent, Maine
What you need a re p2p bandwidth rules. Attached are the ones you need.
Easiest way to use it is copy the below list, paste into text document then save as p2p.rsc or whatever name you like. Must use text app like notepad, not work. Upload via ftp to your mikrotik. type import and the name of the file and that should be it. Dont past in terminal window of mikrotik or it will crash.
Good luck, hope it helped.
# add queue types for p2p limiting
# change below IP to that of the interface that the client is attached to.
# Change the 8192 (bytes) to whatever you want the max limit to be.
/ queue type
add name="p2p-in" kind=pcq bfifo-limit=15000 pfifo-limit=10 red-limit=60 \
red-min-threshold=10 red-max-threshold=50 red-burst=20 sfq-perturb=5 \
sfq-allot=1514 pcq-rate=8192 pcq-limit=50 pcq-classifier=dst-address
add name="p2p-out" kind=pcq bfifo-limit=15000 pfifo-limit=10 red-limit=60 \
red-min-threshold=10 red-max-threshold=50 red-burst=20 sfq-perturb=5 \
sfq-allot=1514 pcq-rate=8192 pcq-limit=50 pcq-classifier=src-address
# add queue tree
/ queue tree
add name="p2p-in" parent=global-in flow=p2p-in limit-at=8192 queue=p2p-in \
priority=8 max-limit=8192 burst-limit=0 burst-threshold=0 burst-time=0 \
disabled=no
add name="p2p-out" parent=global-out flow=p2p-out limit-at=8192 \
queue=p2p-out priority=8 max-limit=8192 burst-limit=0 burst-threshold=0 \
burst-time=0 disabled=no
# add firewall mangle rule to mark p2p traffic
# CHANGE IP RANGE TO MATCH CLIENT RANGE
/ ip firewall mangle
add src-address=192.165.11.0/24 p2p=all-p2p action=passthrough \
mark-flow=p2p-out comment="" disabled=no
add dst-address=192.165.11.0/24 p2p=all-p2p action=passthrough \
mark-flow=p2p-in comment="" disabled=no
Easiest way to use it is copy the below list, paste into text document then save as p2p.rsc or whatever name you like. Must use text app like notepad, not work. Upload via ftp to your mikrotik. type import and the name of the file and that should be it. Dont past in terminal window of mikrotik or it will crash.
Good luck, hope it helped.
# add queue types for p2p limiting
# change below IP to that of the interface that the client is attached to.
# Change the 8192 (bytes) to whatever you want the max limit to be.
/ queue type
add name="p2p-in" kind=pcq bfifo-limit=15000 pfifo-limit=10 red-limit=60 \
red-min-threshold=10 red-max-threshold=50 red-burst=20 sfq-perturb=5 \
sfq-allot=1514 pcq-rate=8192 pcq-limit=50 pcq-classifier=dst-address
add name="p2p-out" kind=pcq bfifo-limit=15000 pfifo-limit=10 red-limit=60 \
red-min-threshold=10 red-max-threshold=50 red-burst=20 sfq-perturb=5 \
sfq-allot=1514 pcq-rate=8192 pcq-limit=50 pcq-classifier=src-address
# add queue tree
/ queue tree
add name="p2p-in" parent=global-in flow=p2p-in limit-at=8192 queue=p2p-in \
priority=8 max-limit=8192 burst-limit=0 burst-threshold=0 burst-time=0 \
disabled=no
add name="p2p-out" parent=global-out flow=p2p-out limit-at=8192 \
queue=p2p-out priority=8 max-limit=8192 burst-limit=0 burst-threshold=0 \
burst-time=0 disabled=no
# add firewall mangle rule to mark p2p traffic
# CHANGE IP RANGE TO MATCH CLIENT RANGE
/ ip firewall mangle
add src-address=192.165.11.0/24 p2p=all-p2p action=passthrough \
mark-flow=p2p-out comment="" disabled=no
add dst-address=192.165.11.0/24 p2p=all-p2p action=passthrough \
mark-flow=p2p-in comment="" disabled=no
-
-
Hugh Hartman
Frequent Visitor
- Posts: 92
- Joined:
- Location: Fort Kent, Maine
I use bandwidth rules for p2p,,full pipe and individual uploads.
As I understand that only addresses the TCP part of P2P ,,(even though it is layer 7 filtering)
not UDP as that can only be dropped,,,so what i was looking for is a way to "count" UDP packets that are P2P and drop after a certain amount--yet not interfere with normal UDP traffic ,,ie DNS.
I'm not sure that what I wish to do- is possible.
As I understand that only addresses the TCP part of P2P ,,(even though it is layer 7 filtering)
not UDP as that can only be dropped,,,so what i was looking for is a way to "count" UDP packets that are P2P and drop after a certain amount--yet not interfere with normal UDP traffic ,,ie DNS.
I'm not sure that what I wish to do- is possible.