Hello everyone, i really need your help.
maybe someone experience my problem on my network.
everything is working fine except facebook which is very slow
you cant view comments and pictures, Messenger is ok and sometimes with the same problem.
This happen in one of the Mikrotik network connected to my ONU thru wireless PTP. i also dint experience this if i connect directly to ONU wifi.
# mar/21/2020 17:15:39 by RouterOS 6.45.8
#
# model = RB450Gx4
/interface bridge
add fast-forward=no name=LAN-Bridge
add fast-forward=no name=WISP-Bridge
/ip pool
add name=Auth ranges=192.168.2.25-192.168.2.126
add name=unAuth ranges=192.168.3.1-192.168.3.254
add name=dhcp_pool8 ranges=10.0.0.31-10.0.0.254
/ip dhcp-server
add address-pool=unAuth disabled=no interface=WISP-Bridge name=WISP-DHCP
add address-pool=dhcp_pool8 disabled=no interface=LAN-Bridge
/queue type
add kind=pcq name=PCQDownload pcq-classifier=dst-address \
pcq-dst-address6-mask=64 pcq-src-address6-mask=64 pcq-total-limit=7000KiB
add kind=pcq name=PCQUpload pcq-classifier=src-address pcq-dst-address6-mask=\
64 pcq-src-address6-mask=64 pcq-total-limit=7000KiB
add kind=sfq name="Parent Pfifo"
add kind=pcq name=DLPCQDefault pcq-classifier=dst-address \
pcq-dst-address6-mask=64 pcq-src-address6-mask=64
add kind=pcq name=ULPCQDefault pcq-classifier=src-address \
pcq-dst-address6-mask=64 pcq-src-address6-mask=64
/queue simple
add limit-at=30M/70M max-limit=40M/80M name=WIRED priority=1/1 queue=default/default target=10.0.0.0/24
add limit-at=10M/30M max-limit=20M/50M name=WISP priority=1/1 queue=default/default target=192.168.2.0/24
add limit-at=1M/3M max-limit=7M/7M name=01 parent=WIRED queue=default/default target=10.0.0.219/32
add limit-at=1M/3M max-limit=7M/7M name=02 parent=WIRED queue=default/default target=10.0.0.242/32
add limit-at=512k/1M max-limit=4M/4M name=03 parent=WISP queue=default/default target=192.168.2.233/32
add limit-at=1M/3M max-limit=7M/7M name=04 parent=WISP queue=default/default target=192.168.2.247/32
add limit-at=384k/1M max-limit=3512k/3512k name=05 parent=WIRED queue=default/default target=10.0.0.247/32
add limit-at=512k/2M max-limit=6M/6M name=06 parent=WIRED queue=default/default target=10.0.0.210/32
add limit-at=768k/1M max-limit=12M/12M name=07parent=WIRED queue=default/default target=10.0.0.243/32
add limit-at=512k/2M max-limit=6M/6M name=08 parent=WIRED queue=default/default target=10.0.0.205/32
add limit-at=512k/1M max-limit=3512k/3512k name=09 parent=WIRED queue=default/default target=10.0.0.226/32
add limit-at=512k/2M max-limit=6M/6M name=10 parent=WIRED queue=default/default target=10.0.0.215/32
add limit-at=384k/1M max-limit=3512k/3512k name=11 parent=WIRED queue=default/default target=10.0.0.248/32
add limit-at=512k/2M max-limit=6M/6M name=12 parent=WIRED queue=default/default target=10.0.0.231/32
add limit-at=384k/1M max-limit=3512k/3512k name=13 parent=WISP queue=default/default target=192.168.2.229/32
add limit-at=512k/2M max-limit=6M/6M name=14 parent=WIRED queue=default/default target=10.0.0.249/32
add limit-at=384k/1M max-limit=3512k/3512k name=15 parent=WIRED queue=default/default target=10.0.0.251/32
add limit-at=512k/2M max-limit=6M/6M name=16 parent=WISP queue=default/default target=192.168.2.243/32
add limit-at=512k/2M max-limit=6M/6M name=17 parent=WISP queue=default/default target=192.168.2.244/32
add limit-at=512k/2M max-limit=6M/6M name=18 parent=WISP queue=default/default target=192.168.2.245/32
add limit-at=512k/2M max-limit=6M/6M name=19 parent=WIRED queue=default/default target=10.0.0.217/32
add limit-at=512k/2M max-limit=6M/6M name=20 parent=WISP queue=default/default target=192.168.2.232/32
add limit-at=512k/2M max-limit=6M/6M name=21 parent=WIRED queue=default/default target=10.0.0.238/32
add limit-at=512k/2M max-limit=6M/6M name=22 parent=WIRED queue=default/default target=10.0.0.239/32
add limit-at=512k/2M max-limit=6M/6M name=23 parent=WIRED queue=default/default target=10.0.0.204/32
add limit-at=512k/2M max-limit=6M/6M name=24 parent=WIRED queue=default/default target=10.0.0.232/32
add limit-at=512k/2M max-limit=6M/6M name=25 parent=WIRED queue=default/default target=10.0.0.229/32
add limit-at=512k/2M max-limit=6M/6M name=26 parent=WISP queue=default/default target=192.168.2.231/32
add limit-at=1M/3M max-limit=7M/7M name=27 parent=WISP queue=default/default target=192.168.2.230/32
add limit-at=512k/2M max-limit=6M/6M name=28 parent=WIRED queue=default/default target=10.0.0.211/32
add limit-at=512k/2M max-limit=6M/6M name=29 parent=WIRED queue=default/default target=10.0.0.224/32
add limit-at=512k/2M max-limit=6M/6M name=30 parent=WIRED queue=default/default target=10.0.0.228/32
add limit-at=512k/2M max-limit=6M/6M name=31 parent=WIRED queue=default/default target=10.0.0.225/32
add limit-at=512k/2M max-limit=6M/6M name=32 parent=WIRED queue=default/default target=10.0.0.222/32
add limit-at=512k/2M max-limit=6M/6M name=33 parent=WIRED queue=default/default target=10.0.0.221/32
add limit-at=512k/2M max-limit=6M/6M name=34 parent=WIRED queue=default/default target=10.0.0.218/32
add limit-at=512k/2M max-limit=6M/6M name=35 parent=WISP queue=default/default target=192.168.2.227/32
add limit-at=128k/128k max-limit=2M/2M name=36 parent=WIRED queue=default/default target=10.0.0.216/32
add max-limit=20M/20M name=Hotspot parent=WISP priority=2/2 queue=PCQUP/PCQDL target=192.168.2.0/25
add max-limit=5M/5M name=Un-Authenticated Users queue=PCQUP/PCQDL target=192.168.3.0/24
/system logging action
set 0 memory-lines=65535
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
/dude
set enabled=yes
/interface bridge port
add bridge=WISP-Bridge hw=no interface=ether3
add bridge=LAN-Bridge hw=no interface=ether4
add bridge=LAN-Bridge hw=no interface=ether5
/interface detect-internet
set detect-interface-list=all
/ip address
add address=192.168.2.1/23 interface=WISP-Bridge network=192.168.2.0
add address=10.10.10.10 disabled=yes interface=loopback network=10.10.10.10
add address=10.0.0.20/24 interface=LAN-Bridge network=10.0.0.0
add address=192.168.1.57/24 interface=ether1 network=192.168.1.0
add address=172.16.128.10/24 interface=ether2 network=172.16.128.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-server alert
add disabled=no interface=WISP-Bridge
add disabled=no interface=LAN-Bridge
/ip dhcp-server network
add address=10.0.0.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.0.0.20
add address=192.168.2.0/23 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.2.1
/ip dns
set allow-remote-requests=yes cache-max-ttl=1h servers=94.237.XX.XX,139.99.XX.XX
/ip firewall address-list
add address=10.0.0.0/24 comment="LAN SUBNET" list=LANSHOP
add address=192.168.1.0/24 list=LANSHOP
add address=10.10.10.10 list=LANSHOP
add address=192.168.2.0/23 comment="WISP Subnet" list=LANSHOP
add address=10.0.0.0/24 comment=PLDT1-Routing list=PLDT1-Clients
add address=192.168.2.0/23 comment=PLDT2-Routing list=PLDT2-Clients
/ip firewall filter
add action=drop chain=input connection-state=invalid
add action=accept chain=input comment=winbox dst-port=8291 protocol=tcp
/ip firewall mangle
add action=mark-routing chain=prerouting comment=ISP1-RM new-routing-mark=ISP1-RM passthrough=no src-address-list=ISP1-Clients
add action=mark-routing chain=prerouting comment=ISP2-RM new-routing-mark=ISP2-RM passthrough=no src-address-list=ISP2-Clients
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat out-interface=ether2
add action=dst-nat chain=dstnat comment="Pi Hole" dst-port=53 \
protocol=udp to-addresses=94.237.XX.XX to-ports=53
add action=dst-nat chain=dstnat comment="Pi Hole" dst-port=53 \
protocol=tcp to-addresses=94.237.XX.XX to-ports=53
add action=dst-nat chain=dstnat comment="Pi Hole Public SG" dst-port=53 \
protocol=udp to-addresses=139.99.XX.XX to-ports=53
add action=dst-nat chain=dstnat comment="Pi Hole Public SG" dst-port=53 \
protocol=tcp to-addresses=139.99.XX.XX to-ports=53
add action=dst-nat chain=dstnat comment="Google DNS" disabled=yes dst-port=53 \
protocol=udp to-addresses=8.8.4.4 to-ports=53
add action=dst-nat chain=dstnat disabled=yes dst-port=53 protocol=tcp \
to-addresses=8.8.4.4 to-ports=53
add action=dst-nat chain=dstnat disabled=yes dst-port=53 protocol=tcp \
to-addresses=8.8.8.8 to-ports=53
add action=dst-nat chain=dstnat disabled=yes dst-port=53 protocol=udp \
to-addresses=8.8.8.8 to-ports=53
add action=dst-nat chain=dstnat comment="DYN DNS" disabled=yes dst-port=53 \
protocol=udp to-addresses=216.146.35.35 to-ports=53
add action=dst-nat chain=dstnat disabled=yes dst-port=53 protocol=tcp \
to-addresses=216.146.35.35 to-ports=53
add action=dst-nat chain=dstnat comment="DYN DNS" disabled=yes dst-port=53 \
protocol=udp to-addresses=216.146.36.36 to-ports=53
add action=dst-nat chain=dstnat disabled=yes dst-port=53 protocol=tcp \
to-addresses=216.146.36.36 to-ports=53
add action=dst-nat chain=dstnat disabled=yes dst-port=53 protocol=udp \
src-address-list=DNS-Addlist-PornBlock to-addresses=159.89.211.121 \
to-ports=53
add action=redirect chain=dstnat disabled=yes dst-port=53 protocol=tcp \
to-ports=53
add action=redirect chain=dstnat disabled=yes dst-port=53 protocol=udp \
to-ports=53
/ip firewall service-port
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
/ip route
add check-gateway=ping comment=ISP1-Main distance=1 gateway=192.168.1.1 \
routing-mark=ISP1-RM
add comment=ISP1-Failover distance=2 gateway=172.16.128.1 routing-mark=\
ISP1-RM
add check-gateway=ping comment=ISP2-Main distance=1 gateway=172.16.128.1 \
routing-mark=ISP2-RM
add comment=ISP2-Failover distance=2 gateway=192.168.1.1 routing-mark=ISP2-RM
add comment="SME connection" distance=1 gateway=192.168.1.1
add comment="HOME connection" distance=2 gateway=172.16.128.1
/ip route rule
add dst-address=10.0.0.0/24 table=main
add dst-address=192.168.2.0/23 table=main
add dst-address=192.168.1.0/24 table=main
add dst-address=172.16.128.0/24 table=main
add action=lookup-only-in-table routing-mark=ISP1-RM table=ISP1-RM
add action=lookup-only-in-table routing-mark=ISP2-RM table=ISP2-RM
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www port=8080
set ssh disabled=yes
set www-ssl disabled=no
set api-ssl disabled=yes
/system clock
set time-zone-autodetect=no time-zone-name=Asia/Manila
/system identity
set name=MT
/system logging
add action=emailalert topics=system,info,account
add action=emailalert topics=script,info
add action=emailalert topics=e-mail,error
add action=emailalert prefix="ether4 link up (speed 1G, full duplex)" topics=\
interface,info
/system ntp client
set enabled=yes primary-ntp=121.58.XX.XX secondary-ntp=202.92.XX.XX
/system package update
set channel=long-term
/system scheduler
add interval=1d name=reboot5am on-event="/system reboot" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=jan/01/2009 start-time=05:00:00
/tool graphing
set store-every=24hours
/tool graphing interface
add
/tool graphing queue
add
/tool graphing resource
add
/tool romon
set enabled=yes