Good morning,
i have a RB1100 with router os 5.24

I have a big problem.

When navigate with webproxy enable the traffic is slow

My configuration is:

Filter Nat WebProxy Tanks

is it single Wan Link ?
PCC or ECMP ???
Then what's your Mangle ?
Pls show your complete Configuration with Web-proxy..


Best regards

Then what's your Mangle ?

My mange in empty

is it single Wan Link ?

Is single wan link


Any load balancing

Tanks

you should need 1 mangle rule in starting ..

/ip firewall mangle
add action=mark-packet chain=output comment="Cache Hits" disabled=no dscp=4 new-packet-mark=cache-hits passthrough=no

/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=8.8.8.8, 8.8.4.4

/ip proxy
enabled: yes
src-address: 0.0.0.0
port: 8080
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-administrator: Dotnet
max-cache-size: unlimited
cache-on-disk: yes
max-client-connections: 1000
max-server-connections: 1000
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-drive: primary-slave


Best regards

I have insert the roule, but the problem is equal

Tanks

pls show your full configuration.
May be something wrong in your setup ....

Best regards

Attach the configuration.

thx for your configuration.
But some change in your /ip firewall Filter or Nat

i am sharing my configuration for your reference:
With PCC or ECMP Load Balancing Method :
++++
PCC
++++
/ ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
add address=192.168.2.1/24 network=192.168.2.0 broadcast=192.168.2.255 interface=wan1
add address=192.168.4.1/24 network=192.168.4.0 broadcast=192.168.4.255 interface=wan2

/ip route
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_wan1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 routing-mark=to_wan2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 distance=2 check-gateway=ping

/ip firewall nat
add action=redirect chain=dstnat disabled=no dst-port=80 in-interface=Local protocol=tcp to-ports=3128
add action=masquerade chain=srcnat disabled=no out-interface=wan1
add action=masquerade chain=srcnat disabled=no out-interface=wan2

/ip firewall mangle
add action=mark-packet chain=output comment="Cache Hits/Dotnet" out-interface=Local disabled=no dscp=4 new-packet-mark=cache-hits passthrough=no

add action=mark-connection chain=input disabled=no in-interface=wan1 new-connection-mark= wan1_conn passthrough=yes
add action=mark-connection chain=input disabled=no in-interface= wan2 new-connection-mark= wan2_conn passthrough=yes

add action=mark-connection chain=output disabled=no dst-port=80 new-connection-mark=wan1_conn passthrough=yes per-connection-classifier=both-addresses:2/0 protocol=tcp
add action=mark-connection chain=output disabled=no dst-port=80 new-connection-mark=wan2_conn passthrough=yes per-connection-classifier=both-addresses:2/1 protocol=tcp

add action=mark-connection chain=prerouting disabled=no dst-address-type=!local dst-port=!80 in-interface=Local new-connection-mark= wan1_conn passthrough=yes per-connection-classifier=both-addresses:2/0 protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local dst-port=!80 in-interface=Local new-connection-mark=wan2_conn passthrough=yes per-connection-classifier=both-addresses:2/1 protocol=tcp

add action=mark-routing chain=prerouting connection-mark=wan1_conn disabled=no in-interface=Local new-routing-mark=to_wan1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=wan2_conn disabled=no in-interface=Local new-routing-mark=to_wan2 passthrough=yes

add action=mark-routing chain=output connection-mark=wan1_conn disabled=no new-routing-mark=to_wan1 passthrough=yes
add action=mark-routing chain=output connection-mark=wan2_conn disabled=no new-routing-mark=to_wan2 passthrough=yes

/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=8.8.8.8, 8.8.4.4

/ip proxy
enabled: yes
src-address: 0.0.0.0
port: 3128
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-administrator: Dotnet
max-cache-size: unlimited
cache-on-disk: yes
max-client-connections: 1000
max-server-connections: 1000
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-drive: primary-slave
..........................................................................
++++++
ECMP
++++++

/ ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=LOCAL
add address=192.168.2.1/24 network=192.168.4.0 broadcast=192.168.4.255 interface=WAN1
add address=192.168.4.1/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2

/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN1
add dst-address=0.0.0.0/0 gateway=192.168.4.1 routing-mark=to_WAN2
add dst-address=0.0.0.0/0 gateway=192.168.2.1,192.168.4.1 check-gateway=ping

/ ip firewall nat
add action=redirect chain=dstnat disabled=no dst-port=80 in-interface=Local protocol=tcp to-ports=3128
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade

/ ip firewall mangle
add action=mark-packet chain=output comment="Cache Hits/Dotnet" out-interface=Local disabled=no dscp=4 new-packet-mark=cache-hits passthrough=no
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2

/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=8.8.8.8, 8.8.4.4

/ip proxy
enabled: yes
src-address: 0.0.0.0
port: 3128
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-administrator: Dotnet
max-cache-size: unlimited
cache-on-disk: yes
max-client-connections: 1000
max-server-connections: 1000
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-drive: primary-slave


Best regards

Sorry
io do not use load balancing.

Tanks

Hello dotnet

can u help me on that please?

http://forum.mikrotik.com/viewtopic.php?f=2&t=72850

how much traffic is passing through the router, Also the cache drive is a micro sd card, I am not sure this suitable

@karina

how much Traffic is passing ???
its depend on your Router (Firewall filter & configuration)
Actually micro sd card is not suitable for heavy data transfer.


best regards

I have found that the web proxy will max out an RB1100 at about 30MB of redirected traffic and thats with no caching only directing to a parent proxy

@karina

We made a RB1100 with full BGP feed on it. Routing traffic from clients to up to 10 000 random Internet IPs

a) Connection tracking disabled - 1200-1300Mbps
b) Connection tracking enabled, but no firewall rules - 680-750Mbps
c) Connection tracking enabled, all traffic passes trough 100 firewall rules - 300-330Mbps

So RB1100 is OK for full BGP feed and 1Gbps throughput, as long as you use it just for this task.
In case you want to do some firewall and queueing just take another RB1100 for this.

This report is published by Normis
http://forum.mikrotik.com/viewtopic.php?f=2&t=49180


best regards