Community discussions

MikroTik App
 
asterisco
newbie
Topic Author
Posts: 47
Joined: Fri Sep 04, 2009 2:16 pm

Please assist on queues configuration for pppoe

Thu Sep 16, 2010 1:53 pm

Hi

I'm setting up an scenario with PPPoE customers which connect to a PPPoE concentrator. I'm going to enforce bandwidth limits on each customer. In the past I had static IP assigned to the customers and the bandwidth was enforced at the CPE side (traffic shapping). Now the traffic shapping is to be done at the pppoe concentrator (mikrotik rb1100) based on radius attribute.

In the past, when the CPE did the traffic shapping and QOS, voip packets were never dropped (they are correctly marked with the DSCP field). Now with PPPoE I need to perform such QoS at the routerboard.

Now routerboard creates a dynamic queue for each pppoe customer with him bandwidth settings based on the radius configuration. I'm stucked because I don't know how enforce QoS for voip (for example) with such pppoe dynamic queues... Is this (using dynamic queues for pppoe customers) the correct way? I saw in the forum that I can create addresses lists and queues by addresses list, etc..

Can anybody assist on this or point to the right way?

Thank you very much,
Antonio
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: Please assist on queues configuration for pppoe

Thu Sep 16, 2010 4:39 pm

Those dynamic queues are simple queues, which means you get bandwidth control only - there's no assigning priority to different types of packets.

The most scalable approach would be to use RADIUS for authentication, and to dynamically assign customers to address lists on login. Search Google for "MUM QoS" and you'll find a presentation that shows both how to strictly rate limit per user, and give priority by protocol - you can adjust that to use the dynamically adjusted address lists for the packet marking.
 
asterisco
newbie
Topic Author
Posts: 47
Joined: Fri Sep 04, 2009 2:16 pm

Re: Please assist on queues configuration for pppoe

Thu Sep 16, 2010 6:26 pm

Thank you very much for your response. It is greatly apreciated!!

I saw that MUM presentation but I don't fully understand how queue tree works. Are they"per user" view and then they are "automagicaly" instantiated by customer? or instead this is an aggregated view of all customers and their traffic?

Thanks,
Antonio
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: Please assist on queues configuration for pppoe

Thu Sep 16, 2010 7:18 pm

The PCQ portion can be per user. PCQ essentially is a queue type that automagically creates internal subqueues with a CIR per subqueue based on some classifier you specify.
The available classifiers include just the destination IP address of an IP header (for traffic to the user that would be one subqueue per user) and the source IP address of an IP header (for traffic from the user that would be one subqueue per user).
 
User avatar
otgooneo
Trainer
Trainer
Posts: 581
Joined: Tue Dec 01, 2009 3:24 am
Location: Mongolia
Contact:

Re: Please assist on queues configuration for pppoe

Sun Oct 10, 2010 12:06 am

Hi fewi,

Can I change my interface name of simple dynamic queue of Hotspot server? Please help me to do it.
   D name="<hotspot-otgoo>" target-addresses=172.16.24.17/32 dst-address=0.0.0.0/0 interface=all parent=none direction=both priority=8 
      queue=default-small/default-small limit-at=128k/128k max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 
      total-queue=default-small 
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: Please assist on queues configuration for pppoe

Sun Oct 10, 2010 12:21 am

No, you cannot. Why do you think you have to? What are you trying to achieve?
 
User avatar
otgooneo
Trainer
Trainer
Posts: 581
Joined: Tue Dec 01, 2009 3:24 am
Location: Mongolia
Contact:

Re: Please assist on queues configuration for pppoe

Mon Oct 11, 2010 4:48 am

I`m using hotspot service with FreeRadius and it creates dynamic simple queue. Now dynamic queues rate traffic to all network. But I want, that clients access to network 172.24.24.0/24 with unlimited speed. The network 172.24.24.0/24 is my game, data and stream servers. Here is my interfaces:
Interface1 = Internet
Interface2 = Servers (data, game and stream)
Interface3 = To clients
Interface4 = Radius server

Therefor I think,
If I change interface of dynamic queue to interface1, it doesn`t rate traffic from interface3 to interface2.

Now I don`t know how to do this and solve my problem.
You do not have the required permissions to view the files attached to this post.
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: Please assist on queues configuration for pppoe

Mon Oct 11, 2010 6:24 am

There are several possible solutions. Here's the one I would prefer:
Queue trees attached to global-in and global-out fife before simple queues do, and the simple queues don't get evaluated for packets that match them. Packets that don't match fall through to the simple queues. That makes it possible to mark packets and pass them through a queue with a very large rate limit, such as 1Gbps and effectively exempt them from being rate limited.

In your scenario you would want to mark all packets that match traffic between the users and the data servers. This has to be done in specific chains so that the packets are marked before global-in and global-out queues fire, refer to the packet flow wiki page for details.
/ip firewall mangle
add chain=prerouting src-address=172.16.0.0/16 dst-address=172.24.24.0/24 action=mark-packet new-packet-mark=exempt-upload
add chain=postrouting src-address=172.24.24.0/24 dst-address=172.16.0.0/24 action=mark-packet new-packet-mark=exempt-download
/queue tree
add parent=global-in limit-at=1000000000 packet-mark=exempt-upload
add parent=global-out limit-at=1000000000 packet-mark=exempt-download
 
 
User avatar
otgooneo
Trainer
Trainer
Posts: 581
Joined: Tue Dec 01, 2009 3:24 am
Location: Mongolia
Contact:

Re: Please assist on queues configuration for pppoe

Mon Oct 11, 2010 2:18 pm

Ohh thank you so much fewi. It works.
But strange, that upload traffic is rated by simple dynamic queue. Do you have any other advice for me about upload flow?
 
User avatar
otgooneo
Trainer
Trainer
Posts: 581
Joined: Tue Dec 01, 2009 3:24 am
Location: Mongolia
Contact:

Re: Please assist on queues configuration for pppoe

Tue Oct 12, 2010 5:26 am

Fewi, also when I start to uploading data, download speed goes down.
Do you have other idea to set src&dst based queue unconcern to dynamic simple queue.
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: Please assist on queues configuration for pppoe

Tue Oct 12, 2010 6:10 am

/ip firewall export
/ip address print detail
/ip route print detail
/queue export
What I posted should work.
 
User avatar
otgooneo
Trainer
Trainer
Posts: 581
Joined: Tue Dec 01, 2009 3:24 am
Location: Mongolia
Contact:

Re: Please assist on queues configuration for pppoe

Tue Oct 12, 2010 11:09 am

Here is the my configuration:
[otgoo@Testing] > ip fire ex
# oct/12/2010 16:00:55 by RouterOS 4.5
# software id = S17R-9NMM
#
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=10s \
    tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s udp-stream-timeout=3m \
    udp-timeout=10s
/ip firewall mangle
add action=mark-packet chain=forward comment="" disabled=no dst-address=172.16.20.0/24 new-packet-mark=FrMOBINET_ISP passthrough=yes src-address=\
    202.131.224.0/19
add action=mark-packet chain=forward comment="" disabled=no dst-address=202.131.224.0/19 new-packet-mark=ToMOBINET_ISP passthrough=yes src-address=\
    172.16.20.0/24
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=ether1

[otgoo@Testing] > ip add pr det
Flags: X - disabled, I - invalid, D - dynamic 
 0   ;;; to Internet - IP
     address=192.168.123.80/24 network=192.168.123.0 broadcast=192.168.123.255 interface=ether1 actual-interface=ether1 

 1   ;;; to Radius - IP:192.168.100.3/24
     address=192.168.100.3/24 network=192.168.100.0 broadcast=192.168.100.255 interface=ether3 actual-interface=ether3 

 2   ;;; Japan Town 
     address=172.16.20.1/23 network=172.16.20.0 broadcast=172.16.21.255 interface=ether2 actual-interface=ether2 

 3   ;;; New 1r khoroolol
     address=172.16.24.1/23 network=172.16.24.0 broadcast=172.16.25.255 interface=ether4 actual-interface=ether4 

[otgoo@Testing] > ip rou pr det
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 0 A S  dst-address=0.0.0.0/0 gateway=192.168.123.250 gateway-status=192.168.123.250 reachable ether1 distance=1 scope=30 target-scope=10 

 1 ADC  dst-address=172.16.20.0/23 pref-src=172.16.20.1 gateway=ether2 gateway-status=ether2 reachable distance=0 scope=10 

 2 ADC  dst-address=172.16.24.0/23 pref-src=172.16.24.1 gateway=ether4 gateway-status=ether4 unreachable distance=0 scope=200 

 3 ADC  dst-address=192.168.100.0/24 pref-src=192.168.100.3 gateway=ether3 gateway-status=ether3 unreachable distance=0 scope=200 

 4 ADC  dst-address=192.168.123.0/24 pref-src=192.168.123.80 gateway=ether1 gateway-status=ether1 reachable distance=0 scope=10 

[otgoo@Testing] > que ex
# oct/12/2010 16:07:32 by RouterOS 4.5
# software id = S17R-9NMM
#
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5
add kind=pcq name=Test-Gueue pcq-classifier=src-address,dst-address pcq-limit=50 pcq-rate=1024000 pcq-total-limit=2000
set default-small kind=pcq name=default-small pcq-classifier="" pcq-limit=50 pcq-rate=0 pcq-total-limit=2000
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=MN-Upload packet-mark=ToMOBINET_ISP parent=global-in priority=1 \
    queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=MN-Download packet-mark=FrMOBINET_ISP parent=global-out priority=1 \
    queue=default
/queue interface
set ether1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
set ether4 queue=ethernet-default
set pppoe-in1 queue=default

[otgoo@Testing] > que sim prin det
Flags: X - disabled, I - invalid, D - dynamic 
 0  D name="<hotspot-otgoo>" target-addresses=172.16.20.11/32 dst-address=0.0.0.0/0 interface=all parent=none direction=both priority=8 
      queue=default-small/default-small limit-at=256k/256k max-limit=256k/256k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 
      total-queue=default-small 

 1  D name="<hotspot-booloo>" target-addresses=172.16.20.18/32 dst-address=0.0.0.0/0 interface=all parent=none direction=both priority=8 
      queue=default-small/default-small limit-at=256k/256k max-limit=256k/256k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 
      total-queue=default-small 

 2  D name="hs-<MobiNet JapanTown>" dst-address=0.0.0.0/0 interface=ether2 parent=none direction=both priority=8 queue=hotspot-default/hotspot-default 
      limit-at=0/0 max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 

 3  D name="hs-<1r horoolol>" dst-address=0.0.0.0/0 interface=ether4 parent=none direction=both priority=8 queue=hotspot-default/hotspot-default limit-at=0/0 
      max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
Please check my configuration and tell me how to correct it. Thanks
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: Please assist on queues configuration for pppoe

Tue Oct 12, 2010 3:13 pm

The IP addressing in that export is different from your topology drawing, so make sure it's appropriate for the prerouting and postrouting chains in those mangle rules. Refer to the packet flow diagram to ensure you're aware of where you are in NAT and whether IPs have been translated or not. It looks OK, but I cannot be sure. More importantly, queues don't take if you leave all their settings at default, which you seem to have done - set max-limit to 1000000000 on those queue trees like I initially posted. That export shows it at 0.

Then test again.
 
User avatar
otgooneo
Trainer
Trainer
Posts: 581
Joined: Tue Dec 01, 2009 3:24 am
Location: Mongolia
Contact:

Re: Please assist on queues configuration for pppoe

Wed Oct 13, 2010 6:17 am

Thanks Fewi,
I changed max-limit to 0, after it wasn`t work when max-limit=4096K and forgot to return max-limit.

I`ll try again and I`ll post here, once I can solve my problem. Thanks again Fewi :-)
 
User avatar
otgooneo
Trainer
Trainer
Posts: 581
Joined: Tue Dec 01, 2009 3:24 am
Location: Mongolia
Contact:

Re: Please assist on queues configuration for pppoe

Sat Nov 06, 2010 1:32 pm

I have solved my problem. Your post was right. I removed all configuration and reconfigured again careful step by step. Now it`s working very very nice. Thank you very much fewi...

Who is online

Users browsing this forum: Amazon [Bot], Bing [Bot], neskiask and 92 guests