Updated Rules In Second Post
Hello
I have recently purchased my first Router Board (a RouterBoard 750) and started learning how to configure it.
One thing I had particular problems with understanding and getting functional was Quality of Service bandwidth restrictions.
I have a home connection and wanted to do some basic QoS to make sure my newsgroup downloads or file uploads did not adversely impact the rest of my internet activity, such as playing games on Xbox Live or browsing the web.
After spending many days reading the MikroTik documentation, the wiki and various posts on here, I had a fair understanding of how QoS works but could not quite get my configuration to behave how I would have liked.
I turned once again to the internet and the excellent collection of people on irc.z.je in the #routerboard channel.
The up shot was a lot of help from people on IRC, notably ne2k, causality, chaos, Nest Wireless and others (Sorry cant remember everyone!) Some kind people even connecting to my setup via winbox to help educate me. I then took this knowledge and combined it with some features of other QoS posts on this forum, most notably this post : http://forum.mikrotik.com/t/working-qos-configuration/29847/1 by negge which is essentially my upload rules.
The result has given me a basic set of mangle and queue tree rules to manage my inbound and outbound traffic and I am amazingly impressed with what this little unit can do.
I wanted to post my configuration here in the hope it can help other people who are looking to setup basic QoS.
I am based in the UK with a ADSL connection.
Where AAISP is my PPPoE connection and ether2-master-local is my LAN connection.
Mangle Rules
1 ;;; Critical traffic download (Xbox Live)
chain=prerouting action=mark-packet new-packet-mark=critical_download passthrough=no
protocol=tcp in-interface=AAISP port=3074
2 chain=prerouting action=mark-packet new-packet-mark=critical_download passthrough=no
protocol=udp in-interface=AAISP port=3074
3 chain=prerouting action=mark-packet new-packet-mark=critical_download passthrough=no
protocol=tcp in-interface=AAISP port=88
4 ;;; High-priority interactive download (SSH,Winbox)
chain=prerouting action=mark-packet new-packet-mark=high_pri_interactive_download
passthrough=no protocol=tcp in-interface=AAISP port=22,2222,2233
5 chain=prerouting action=mark-packet new-packet-mark=high_pri_interactive_download
passthrough=no protocol=tcp in-interface=AAISP port=8291
6 ;;; Low-priority interactive traffic download (HTTP, HTTPS)
chain=prerouting action=mark-packet new-packet-mark=low_pri_interactive_download
passthrough=no protocol=tcp in-interface=AAISP port=80,443
7 ;;; Low-priority non-interactive download
chain=prerouting action=mark-packet new-packet-mark=low_pri_non_interactive_download
passthrough=no protocol=tcp in-interface=AAISP port=563
8 ;;; Link-critical traffic (DHCP)
chain=postrouting action=mark-packet new-packet-mark=link_critical passthrough=no
protocol=udp out-interface=AAISP src-port=68 dst-port=67
9 ;;; ICMP (Testing - Critical Link Traffic Pri)
chain=postrouting action=mark-packet new-packet-mark=link_critical passthrough=no
protocol=icmp out-interface=AAISP
10 ;;; Time-critical traffic (DNS, TCP control packets, certain ACK packets, new connections)
chain=postrouting action=mark-packet new-packet-mark=time_critical passthrough=no
protocol=udp out-interface=AAISP dst-port=53
11 chain=postrouting action=mark-packet new-packet-mark=time_critical passthrough=no
tcp-flags=fin,syn,rst protocol=tcp out-interface=AAISP
12 chain=postrouting action=mark-packet new-packet-mark=time_critical passthrough=no tcp-flags=ac>
protocol=tcp out-interface=AAISP packet-size=40-89
13 chain=postrouting action=mark-packet new-packet-mark=time_critical passthrough=no
connection-state=new protocol=tcp out-interface=AAISP
14 ;;; Critical traffic (Xbox Live, some ACK packets)
chain=postrouting action=mark-packet new-packet-mark=critical passthrough=no tcp-flags=ack
protocol=tcp out-interface=AAISP packet-size=90-159
15 chain=postrouting action=mark-packet new-packet-mark=critical passthrough=no protocol=tcp
out-interface=AAISP port=3074
16 chain=postrouting action=mark-packet new-packet-mark=critical passthrough=no protocol=udp
out-interface=AAISP port=3074
17 chain=postrouting action=mark-packet new-packet-mark=critical passthrough=no protocol=tcp
out-interface=AAISP port=88
18 ;;; High-priority interactive traffic (SSH, WinBox, certain ACK packets)
chain=postrouting action=mark-packet new-packet-mark=high_pri_interactive passthrough=no
protocol=tcp out-interface=AAISP port=22,2222,2233
19 chain=postrouting action=mark-packet new-packet-mark=high_pri_interactive passthrough=no
protocol=tcp out-interface=AAISP port=8291
20 chain=postrouting action=mark-packet new-packet-mark=high_pri_interactive passthrough=no
tcp-flags=ack protocol=tcp out-interface=AAISP packet-size=160-249
21 ;;; Low-priority interactive traffic (HTTP, HTTPS)
chain=postrouting action=mark-packet new-packet-mark=low_pri_interactive passthrough=no
protocol=tcp out-interface=AAISP port=80,443
22 chain=postrouting action=mark-packet new-packet-mark=low_pri_interactive passthrough=no
tcp-flags=ack protocol=tcp out-interface=AAISP packet-size=250-359
23 ;;; High-priority non-interactive traffic (FTP)
chain=postrouting action=mark-packet new-packet-mark=high_pri_non_interactive passthrough=no
protocol=tcp out-interface=AAISP connection-type=ftp
24 chain=postrouting action=mark-packet new-packet-mark=high_pri_non_interactive passthrough=no
tcp-flags=ack protocol=tcp out-interface=AAISP packet-size=360-489
25 ;;; Low-priority non-interactive traffic (POP, SMTP)
chain=postrouting action=mark-packet new-packet-mark=low_pri_non_interactive passthrough=no
protocol=tcp out-interface=AAISP port=25,110
26 chain=postrouting action=mark-packet new-packet-mark=low_pri_non_interactive passthrough=no
tcp-flags=ack protocol=tcp out-interface=AAISP packet-size=490-639
Queue Trees
0 ;;; OQ_Master
name="Outgoing queue" parent=AAISP limit-at=0 priority=8 max-limit=650k burst-limit=0
burst-threshold=0 burst-time=0s
1 name="Low-pri non-interactive" parent=Outgoing queue packet-mark=low_pri_non_interactive
limit-at=0 queue=default priority=7 max-limit=650k burst-limit=0 burst-threshold=0
burst-time=0s
2 name="Link-critical" parent=Outgoing queue packet-mark=link_critical limit-at=0 queue=default
priority=1 max-limit=650k burst-limit=0 burst-threshold=0 burst-time=0s
3 name="Time-critical" parent=Outgoing queue packet-mark=time_critical limit-at=0 queue=default
priority=2 max-limit=650k burst-limit=0 burst-threshold=0 burst-time=0s
4 name="Critical" parent=Outgoing queue packet-mark=critical limit-at=0 queue=default priority=3
max-limit=650k burst-limit=0 burst-threshold=0 burst-time=0s
5 name="High-pri interactive" parent=Outgoing queue packet-mark=high_pri_interactive limit-at=0
queue=default priority=4 max-limit=650k burst-limit=0 burst-threshold=0 burst-time=0s
6 name="Low-pri interactive" parent=Outgoing queue packet-mark=low_pri_interactive limit-at=0
queue=default priority=5 max-limit=650k burst-limit=0 burst-threshold=0 burst-time=0s
7 name="High-pri non-interactive" parent=Outgoing queue packet-mark=high_pri_non_interactive
limit-at=0 queue=default priority=6 max-limit=650k burst-limit=0 burst-threshold=0
burst-time=0s
8 name="Low-pri non-marked" parent=Outgoing queue packet-mark=no-mark limit-at=0 queue=default
priority=8 max-limit=650k burst-limit=0 burst-threshold=0 burst-time=0s
9 ;;; IQ_Master
name="Incoming queue" parent=ether2-master-local limit-at=0 priority=8 max-limit=7M
burst-limit=0 burst-threshold=0 burst-time=0s
10 name="Low-pri interactive download" parent=Incoming queue
packet-mark=low_pri_interactive_download limit-at=0 queue=default priority=5 max-limit=7M
burst-limit=0 burst-threshold=0 burst-time=0s
11 name="Low-pri non-interactive download" parent=Incoming queue
packet-mark=low_pri_non_interactive_download limit-at=0 queue=default priority=8 max-limit=7M
burst-limit=0 burst-threshold=0 burst-time=0s
12 name="Low-pri non-marked download" parent=Incoming queue packet-mark=no-mark limit-at=0
queue=default priority=7 max-limit=7M burst-limit=0 burst-threshold=0 burst-time=0s
13 name="Critical download" parent=Incoming queue packet-mark=critical_download limit-at=0
queue=default priority=3 max-limit=7M burst-limit=0 burst-threshold=0 burst-time=0s
14 name="High-pri interactive download" parent=Incoming queue
packet-mark=high_pri_interactive_download limit-at=0 queue=default priority=4 max-limit=7M
burst-limit=0 burst-threshold=0 burst-time=0s
I also setup some basic scripts to disable and enable these rules, the reason behind this is I don’t require QoS between 2am and 6am and this is when my automated downloads occur so I may as well let it saturate the connection at this time.
The two simple scrips are as follows. They work on the fact that the parent queue trees have specific comments against them that the script matches.
Enable Script
/queue tree set [find comment="IQ_Master"] disabled=no
/queue tree set [find comment="OQ_Master"] disabled=no
Disable Script
/queue tree set [find comment="IQ_Master"] disabled=yes
/queue tree set [find comment="OQ_Master"] disabled=yes
I hope this is useful for people or if people just wish to comment on how I have done my rules, I am a beginner after all!
Thanks
Blake