Macgaiver says this:
Let me explain how to realize QoS in 2 steps
1) traffic prioritization - mangle traffic by type (first 200k, last 200k, p2p, icmp etc) in prerouting and prioritize it in global-in (using only queue tree) - WITHOUT ANY LIMITATION - only priorities - this way all packets will be arranged in to your determined sequence!
2) traffic shaping - RE-MANGLE traffic by users in mangle chain forward, and place limitation on the interface queues (using PCQ for example) - this way you will be dropping last traffic from the sequence you made earlier
Thats all folks!!! It took me one Mikrotik Advanced QoS training + 2 weeks to handle
I am working on step 1, the traffic prioritisation.
I have the mangle rules working well, identifying traffic by port and protocol, using conn.mark and packet mark. The counters increment correctly.
I also used the wiki http://wiki.mikrotik.com/wiki/TransparentTrafficShaper to help me get these right.
An example of a couple of these mangle rules (not all as its a long list):
Code: Select all
0 ;;; DNS TRAFFIC
chain=prerouting action=mark-connection new-connection-mark=dns_conn passthrough=yes dst-port=53 protocol=tcp
1 chain=prerouting action=mark-connection new-connection-mark=dns_conn passthrough=yes dst-port=53 protocol=udp
2 chain=prerouting action=mark-packet new-packet-mark=dns passthrough=no connection-mark=dns_conn
3 ;;; SSH TRAFFIC
chain=prerouting action=mark-connection new-connection-mark=ssh_conn passthrough=yes dst-port=22 protocol=tcp
4 chain=prerouting action=mark-connection new-connection-mark=ssh_conn passthrough=yes dst-port=22 protocol=udp
5 chain=prerouting action=mark-packet new-packet-mark=ssh passthrough=no connection-mark=ssh_conn
I am having problems with the queue tree however. This is the code for my queue tree:
Code: Select all
[admin@Core Router] /queue tree> print detail
Flags: X - disabled, I - invalid
0 name="HTTP" parent=global-in packet-mark=http limit-at=0 queue=default priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
1 name="SSH" parent=global-in packet-mark=ssh limit-at=0 queue=default priority=2 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
2 name="DNS" parent=global-in packet-mark=dns limit-at=0 queue=default priority=2 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
3 name="SIP" parent=global-in packet-mark=sip limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
4 name="RTP" parent=global-in packet-mark=rtp limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
5 name="SMTP" parent=global-in packet-mark=smtp limit-at=0 queue=default priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
6 name="OTHER TRAFFIC" parent=global-in packet-mark=other limit-at=0 queue=default priority=4 max-limit=0 burst-limit=0 burst-threshold=0
[admin@Core Router] /queue tree>
My Main aim here is to ensure that my SIP phone calls and remote winbox sessions do not get broken by other traffic and surfing.
But it doesnt seem to work properly, my sip calls still get broken up when other traffic passes.
Do I need to make queues for upload and download? or should I duplicate the mangle rules with one set for the WAN interface and the other for the LOCAL interface?
Can anyone spot a mistake?