Community discussions

MikroTik App
 
sunnfin
just joined
Topic Author
Posts: 2
Joined: Thu Jan 09, 2014 6:13 pm

Quality of service with Mikrotik RB411Ah (wireless AP)

Thu Jan 09, 2014 7:09 pm

I am using RB411Ah (v5.5) as access point bridge for point to multipoint wireless connections.

interface is
ether1--------------> connected to internet server
wlan1----------------> wireless card connected to Customer Point Equipments
bridge1------------>?


Internet as it is , is working fine.

I tried to put Priority list and queue tree (mangle/queue/ layer 7 protocols) by using a script ( given at end of article) in New Terminal..

The script has added mangle list , queue sub tree. (seems fine at first glance). But I do not see anymovement in queues or ip/firewall/mangle....no input/output byte or packet.

Kindly guide me what went wrong? and what should be done to get it running.


*****script starts****
/ip firewall mangle
add action=mark-connection chain=prerouting comment="CONNECTION-IN" disabled=no dst-address-list=!

MikroTik in-interface=ether1 new-connection-mark=All-Inconn passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=All-Inconn disabled=no new-packet-

mark=All-inpkt passthrough=yes
add action=mark-connection chain=forward comment="CONNECTION-OUT" disabled=no new-connection-

mark=All-Outconn out-interface=wlan1 passthrough=yes
add action=mark-packet chain=forward comment="" connection-mark=All-Outconn disabled=no new-packet-

mark=All-Outpkt passthrough=yes
/queue tree
add name=All-Bandwidth parent=global-out packet-mark=All-Outpkt queue=default priority=1 max-limit=2M



/ip firewall mangle
add action=mark-connection chain=forward comment="client1" disabled=no dst-address=194.199.199.2 new-connection-mark=client1-conn passthrough=yes connection-mark=All-Outconn
add action=mark-packet chain=forward comment="" new-packet-mark=client1-pkt passthrough=yes

connection-mark=client1-conn
add action=mark-connection chain=forward comment="client2" disabled=no dst-address=194.199.199.56 new-connection-mark=client2-conn passthrough=yes connection-mark=All-Outconn
add action=mark-packet chain=forward comment="" new-packet-mark=client2-pkt passthrough=yes

connection-mark=client2-conn
add action=mark-connection chain=forward comment="client3" disabled=no dst-address=194.199.199.150 new-connection-mark=client3-conn passthrough=yes connection-mark=All-Outconn
add action=mark-packet chain=forward comment="" new-packet-mark=client3-pkt passthrough=yes

connection-mark=client3-conn
add action=mark-connection chain=forward comment="client4" disabled=no dst-address=194.199.199.84 new-connection-mark=client4-conn passthrough=yes connection-mark=All-Outconn
add action=mark-packet chain=forward comment="" new-packet-mark=client4-pkt passthrough=yes

connection-mark=client4-conn
add action=mark-connection chain=forward comment="client5" disabled=no dst-address=194.199.199.52 new-connection-mark=client5-conn passthrough=yes connection-mark=All-Outconn
add action=mark-packet chain=forward comment="" new-packet-mark=client5-pkt passthrough=yes

connection-mark=client5-conn
add action=mark-connection chain=forward comment="client6" disabled=no dst-address=194.199.199.55 new-connection-mark=client6-conn passthrough=yes connection-mark=All-Outconn
add action=mark-packet chain=forward comment="" new-packet-mark=client6-pkt passthrough=yes

connection-mark=client6-conn
add action=mark-connection chain=forward comment="client7" disabled=no dst-address=194.199.199.78 new-connection-mark=client7-conn passthrough=yes connection-mark=All-Outconn
add action=mark-packet chain=forward comment="" new-packet-mark=client7-pkt passthrough=yes

connection-mark=client7-conn
add action=mark-connection chain=forward comment="client8" disabled=no dst-address=194.199.199.16 new-connection-mark=client8-conn passthrough=yes connection-mark=All-Outconn
add action=mark-packet chain=forward comment="" new-packet-mark=client8-pkt passthrough=yes

connection-mark=client8-conn

/queue tree
add name=client1 parent=All-Bandwidth packet-mark=client1-pkt queue=default priority=1 limit-at=768k max-limit=1024k burst-limit=1536k burst-threshold=768k burst-time=2s
add name=client2 parent=All-Bandwidth packet-mark=client2-pkt queue=default priority=1 limit-at=768k max-limit=1024k burst-limit=1280k burst-threshold=768k burst-time=2s
add name=client3 parent=All-Bandwidth packet-mark=client3-pkt queue=default priority=1 limit-at=256k max-limit=384k burst-limit=512k burst-threshold=192k burst-time=2s
add name=client4 parent=All-Bandwidth packet-mark=client4-pkt queue=default priority=1 limit-at=256k max-limit=384k burst-limit=512k burst-threshold=192k burst-time=2s
add name=client5 parent=All-Bandwidth packet-mark=client5-pkt queue=default priority=1 limit-at=768k max-limit=1024k burst-limit=1536k burst-threshold=768k burst-time=2s
add name=client6 parent=All-Bandwidth packet-mark=client6-pkt queue=default priority=1 limit-at=256k max-limit=384k burst-limit=512k burst-threshold=192k burst-time=2s
add name=client7 parent=All-Bandwidth packet-mark=client7-pkt queue=default priority=1 limit-at=384k max-limit=512k burst-limit=768k burst-threshold=400k burst-time=2s
add name=client8 parent=All-Bandwidth packet-mark=client8-pkt queue=default priority=1 limit-at=256k max-limit=384k burst-limit=512k burst-threshold=192k burst-time=2s




/ip firewall layer7-protocol
add comment="" name=download regexp="^.*get.+\\.(exe|rar|iso|zip|7zip|flv|mkv|avi|mp4|3gp|rmvb|mp3|img|dat|mov).*\$"

/ip firewall mangle
add comment=client1-Down chain=forward layer7-protocol=download action=mark-packet new-packet-mark=client1-dpkt passthrough=no connection-mark=client1-conn
add comment=client2-Down chain=forward layer7-protocol=download action=mark-packet new-packet-mark=client2-dpkt passthrough=no connection-mark=client2-conn
add comment=client3-Down chain=forward layer7-protocol=download action=mark-packet new-packet-mark=client3-dpkt passthrough=no connection mark=client2-conn
add comment=client4-Down chain=forward layer7-protocol=download action=mark-packet new-packet-mark=client4-dpkt passthrough=no connection-mark=client2-conn
add comment=client5-Down chain=forward layer7-protocol=download action=mark-packet new-packet-mark=client5-dpkt passthrough=no connection mark=client2-conn
add comment=client6-Down chain=forward layer7-protocol=download action=mark-packet new-packet-mark=client6-dpkt passthrough=no connection-mark=client2-conn
add comment=client7-Down chain=forward layer7-protocol=download action=mark-packet new-packet-mark=client7-dpkt passthrough=no connection-mark=client2-conn
add comment=client8-Down chain=forward layer7-protocol=download action=mark-packet new-packet-mark=client8-dpkt passthrough=no connection-mark=client8-conn

/queue tree
add name=client1-Down parent=client1 packet-mark=client1-dpkt queue=default priority=6 limit-at=512k max-limit=768k burst-limit=1024k burst-threshold=512k burst-time=2s
add name=client2-Down parent=client2 packet-mark=client2-dpkt queue=default priority=6 limit-at=512k max-limit=768k burst-limit=1024k burst-threshold=512k burst-time=2s
add name=client3-Down parent=client3 packet-mark=client3-dpkt queue=default priority=6 limit-at=180k max-limit=180k burst-limit=256k burst-threshold=135k burst-time=2s
add name=client4-Down parent=client4 packet-mark=client4-dpkt queue=default priority=6 limit-at=180k max-limit=180k burst-limit=256k burst-threshold=135k burst-time=2s
add name=client5-Down parent=client5 packet-mark=client5-dpkt queue=default priority=6 limit-at=512k max-limit=768k burst-limit=1024k burst-threshold=512k burst-time=2s
add name=client6-Down parent=client6 packet-mark=client6-dpkt queue=default priority=6 limit-at=180k max-limit=180k burst-limit=256k burst-threshold=135k burst-time=2s
add name=client7-Down parent=client7 packet-mark=client7-dpkt queue=default priority=6 limit-at=360k max-limit=360k burst-limit=512k burst-threshold=270k burst-time=2s
add name=client8-Down parent=client8 packet-mark=client8-dpkt queue=default priority=6 limit-at=360k max-limit=360k burst-limit=512k burst-threshold=270k burst-time=2s

/ip firewall layer7-protocol
add comment="" name=streaming regexp="^.*get.+\\.(c.youtube.com|cdn.dailymotion.com|metacafe.com|mccont.com).*\$"

/ip firewall layer7-protocol
add comment="" name=streaming regexp="videoplayback|video"

/ip firewall mangle
add comment=client1-Streams chain=forward layer7-protocol=streaming action=mark-packet new-packet-mark=client1-spkt passthrough=no connection-mark=client1-conn
add comment=client2-Streams chain=forward layer7-protocol=streaming action=mark-packet new-packet-mark=client2-spkt passthrough=no connection-mark=client2-conn
add comment=client3-Streams chain=forward layer7-protocol=streaming action=mark-packet new-packet-mark=client3-spkt passthrough=no connection-mark=client3-conn
add comment=client4-Streams chain=forward layer7-protocol=streaming action=mark-packet new-packet-mark=client4-spkt passthrough=no connection-mark=client4-conn
add comment=client5-Streams chain=forward layer7-protocol=streaming action=mark-packet new-packet-mark=client5-spkt passthrough=no connection-mark=client5-conn
add comment=client6-Streams chain=forward layer7-protocol=streaming action=mark-packet new-packet-mark=client6-spkt passthrough=no connection-mark=client6-conn
add comment=client7-Streams chain=forward layer7-protocol=streaming action=mark-packet new-packet-mark=client7-spkt passthrough=no connection-mark=client7-conn
add comment=client8-Streams chain=forward layer7-protocol=streaming action=mark-packet new-packet-mark=client8-spkt passthrough=no connection-mark=client8-conn

/queue tree
add name=client1-Streams parent=client1 packet-mark=client1-spkt queue=default priority=5 limit-at=512k max-limit=768k burst-limit=1024k burst-threshold=512k burst-time=2s
add name=client2-Streams parent=client2 packet-mark=client2-spkt queue=default priority=5 limit-at=512k max-limit=768k burst-limit=1024k burst-threshold=512k burst-time=2s
add name=client3-Streams parent=client3 packet-mark=client3-spkt queue=default priority=8 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s
add name=client4-Streams parent=client4 packet-mark=client4-spkt queue=default priority=8 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s
add name=client5-Streams parent=client5 packet-mark=client5-spkt queue=default priority=5 limit-at=512k max-limit=768k burst-limit=1024k burst-threshold=512k burst-time=2s
add name=client6-Streams parent=client6 packet-mark=client6-spkt queue=default priority=8 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s
add name=client7-Streams parent=client7 packet-mark=client7-spkt queue=default priority=8 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s
add name=client8-Streams parent=client8 packet-mark=client8-spkt queue=default priority=8 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s


/ip firewall mangle
add action=mark-connection chain=forward new-connection-mark=Game-conn out-interface=wlan1 passthrough=yes protocol=tcp dst-port=5340-5352,6000-6152,10001-10011,14009-14030,18901-18909

comment="Online Game Portal"
add action=mark-connection chain=forward new-connection-mark=Game-conn out-interface=wlan1 passthrough=yes protocol=tcp dst port=39190,27780,29000,22100,10009,4300,15001,15002,7341,7451
add action=mark-connection chain=forward new-connection-mark=Game-conn out-interface=wlan1 passthrough=yes protocol=tcp dst-port=40000,9300,9400,9700,7342,8005-8010,37466,36567,8822
add action=mark-connection chain=forward new-connection-mark=Game-conn out-interface=wlan1 passthrough=yes protocol=tcp dst-port=47611,16666,20000,5105,29000,18901-18909,9015
add action=mark-connection chain=forward new-connection-mark=Game-conn out-interface=wlan1 passthrough=no protocol=udp dst-port=27005,27015
add action=mark-connection chain=forward new-connection-mark=Game-conn out-interface=wlan1 passthrough=no protocol=udp dst-port=27005-27020,13055,7800-7900,12060-12070
add action=mark-connection chain=forward new-connection-mark=Game-conn out-interface=wlan1 passthrough=no protocol=udp dst-port=8005-8010,9068,1293,1479,9401,9600,30000
add action=mark-connection chain=forward new-connection-mark=Game-conn out-interface=wlan1 passthrough=no protocol=udp dst-port=14009-14030,42051-42052,40000-40050,13000-13080



/ip firewall mangle
add action=mark-packet chain=forward new-packet-mark=client1-gpkt passthrough=no src-address=194.199.199.2 connection-mark=Game-conn comment=client1-Game
add action=mark-packet chain=forward new-packet-mark=client2-gpkt passthrough=no src-address=194.199.199.56 connection-mark=Game-conn comment=client2-Game
add action=mark-packet chain=forward new-packet-mark=client3-gpkt passthrough=no src-address=194.199.199.150 connection-mark=Game-conn comment=client3-Game
add action=mark-packet chain=forward new-packet-mark=client4-gpkt passthrough=no src-address=194.199.199.84 connection-mark=Game-conn comment=client4-Game
add action=mark-packet chain=forward new-packet-mark=client5-gpkt passthrough=no src-address=194.199.199.52 connection-mark=Game-conn comment=client5-Game
add action=mark-packet chain=forward new-packet-mark=client6-gpkt passthrough=no src-address=194.199.199.55 connection-mark=Game-conn comment=client6-Game
add action=mark-packet chain=forward new-packet-mark=client7-gpkt passthrough=no src-address=194.199.199.78 connection-mark=Game-conn comment=client7-Game
add action=mark-packet chain=forward new-packet-mark=client8-gpkt passthrough=no src-address=194.199.199.16 connection-mark=Game-conn comment=client8-Game

/queue tree
add name=client1-Game parent=client1 packet-mark=client1-gpkt queue=default priority=1 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s
add name=client2-Game parent=client2 packet-mark=client2-gpkt queue=default priority=1 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s
add name=client3-Game parent=client3 packet-mark=client3-gpkt queue=default priority=1 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s
add name=client4-Game parent=client4 packet-mark=client4-gpkt queue=default priority=1 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s
add name=client5-Game parent=client5 packet-mark=client5-gpkt queue=default priority=1 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s
add name=client6-Game parent=client6 packet-mark=client6-gpkt queue=default priority=1 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s
add name=client7-Game parent=client7 packet-mark=client7-gpkt queue=default priority=1 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s
add name=client8-Game parent=client8 packet-mark=client8-gpkt queue=default priority=1 limit-at=220k max-limit=220k burst-limit=256k burst-threshold=165k burst-time=2s




/ip firewall mangle
add action=mark-connection chain=forward comment="client1-BROWSING-CONN" connection-bytes=0-1000000 dst-port=80,443 passthrough=no protocol=tcp new-connection-mark=client1-bconn connection-mark=client1

-conn
add action=mark-packet chain=forward comment="" new-packet-mark=client1-bpkt packet-mark=!client1-spkt,client1-dpkt,client1-gpkt passthrough=no connection-mark=client1-conn
add action=mark-connection chain=forward comment="client2-BROWSING-CONN" connection-bytes=0-1000000 dst-port=80,443 passthrough=no protocol=tcp new-connection-mark=client2-bconn connection-mark=client2 -conn
add action=mark-packet chain=forward comment="" new-packet-mark=client2-bpkt packet-mark=!client2-spkt,client2-dpkt,client2-gpkt passthrough=no connection-mark=client2-conn
add action=mark-connection chain=forward comment="client3-BROWSING-CONN" connection-bytes=0-1000000 dst-port=80,443 passthrough=no protocol=tcp new-connection-mark=client3-bconn connection-mark=client3-conn
add action=mark-packet chain=forward comment="" new-packet-mark=client3-bpkt packet-mark=!client3-spkt,client3-dpkt,client3-gpkt passthrough=no connection-mark=client3-conn
add action=mark-connection chain=forward comment="client4-BROWSING-CONN" connection-bytes=0-1000000 dst-port=80,443 passthrough=no protocol=tcp new-connection-mark=client4-bconn connection-mark=client4 -conn
add action=mark-packet chain=forward comment="" new-packet-mark=client4-bpkt packet-mark=!client4-spkt,client4-dpkt,client4-gpkt passthrough=no connection-mark=client4-conn
add action=mark-connection chain=forward comment="client5-BROWSING-CONN" connection-bytes=0-1000000 dst-port=80,443 passthrough=no protocol=tcp new-connection-mark=client5-bconn connection-mark=client5 -conn
add action=mark-packet chain=forward comment="" new-packet-mark=client5-bpkt packet-mark=!client5-spkt,client5-dpkt,client5-gpkt passthrough=no connection-mark=client5-conn
add action=mark-connection chain=forward comment="client6-BROWSING-CONN" connection-bytes=0-1000000 dst-port=80,443 passthrough=no protocol=tcp new-connection-mark=client6-bconn connection-mark=client6-conn
add action=mark-packet chain=forward comment="" new-packet-mark=client6-bpkt packet-mark=!client6-spkt,client6-dpkt,client6-gpkt passthrough=no connection-mark=client6-conn
add action=mark-connection chain=forward comment="client7-BROWSING-CONN" connection-bytes=0-1000000 dst-port=80,443 passthrough=no protocol=tcp new-connection-mark=client7-bconn connection-mark=client7-conn
add action=mark-packet chain=forward comment="" new-packet-mark=client7-bpkt packet-mark=!client7-spkt,client7-dpkt,client7-gpkt passthrough=no connection-mark=client7-conn
add action=mark-connection chain=forward comment="client8-BROWSING-CONN" connection-bytes=0-1000000 dst-port=80,443 passthrough=no protocol=tcp new-connection-mark=client1-bconn connection-mark=client8-conn
add action=mark-packet chain=forward comment="" new-packet-mark=client1-bpkt packet-mark=!client8-spkt,client8-dpkt,client8-gpkt passthrough=no connection-mark=client1-conn

/queue tree
add name="client1-Browsing" parent=client1 packet-mark=client1-bpkt queue=default priority=2 limit-at=512k max-limit=512k burst-limit=1024k burst-threshold=384k burst-time=2s
add name="client2-Browsing" parent=client2 packet-mark=client2-bpkt queue=default priority=2 limit-at=512k max-limit=512k burst-limit=1024k burst-threshold=384k burst-time=2s
add name="client3-Browsing" parent=client3 packet-mark=client3-bpkt queue=default priority=2 limit-at=256k max-limit=256k burst-limit=720k burst-threshold=192k burst-time=2s
add name="client4-Browsing" parent=client4 packet-mark=client4-bpkt queue=default priority=2 limit-at=256k max-limit=256k burst-limit=720k burst-threshold=192k burst-time=2s
add name="client5-Browsing" parent=client5 packet-mark=client5-bpkt queue=default priority=2 limit-at=512k max-limit=512k burst-limit=1024k burst-threshold=384k burst-time=2s
add name="client6-Browsing" parent=client6 packet-mark=client6-bpkt queue=default priority=2 limit-at=256k max-limit=256k burst-limit=720k burst-threshold=192k burst-time=2s
add name="client7-Browsing" parent=client7 packet-mark=client7-bpkt queue=default priority=2 limit-at=256k max-limit=256k burst-limit=720k burst-threshold=192k burst-time=2s
add name="client8-Browsing" parent=client8 packet-mark=client8-bpkt queue=default priority=2 limit-at=256k max-limit=256k burst-limit=720k burst-threshold=192k burst-time=2s

****script ends******

Who is online

Users browsing this forum: Google [Bot], public4mac and 17 guests