Block/limit youtube

Dear all,

I am using mikotik RB2011UiAS router, configured as load balancing with 3 Wan connection using PCC method. I need to limit Youtube bandwidth for Lan user and also for wireless user including mobile phone app. The CPU usage is also increasing day by day. Total users are approximately 100 in my network. Please share the procedure to implement this, also kindly share how to block youtube and facebook or other sites for some users but allowing some local IP address that are connected to my network. I need solution that will also help me to reduce the CPU usage.

Looking forward for quick response.

Thank you in advance.

Youtube and many other sites now use HTTPS. There are not any good solution anymore to block/limit HTTPS.

What’s new in 6.41rc61 (2017-Dec-06 08:15):

*) firewall - added “tls-host” firewall matcher;

So it’s almost there

You have any information on how this works?

I am waiting to solve this problem cause I need to manage my bandwidth. Let everyone post his/her possible recommendation here to resolve it.

Well, something like this, I believe:

/ip firewall filter
add chain=forward dst-port=443 protocol=tcp tls-host=youtube.com action=reject
add chain=forward dst-port=443 protocol=tcp tls-host=*.youtube.com action=reject

Hi

i have tested rules with tls-host and is not matching any traffic.

Anyone knows what tls-host feature really is?

Thanks

hi,
dont working for me too - 6.41rc66

chupaka can you help, please.

Google (Youtube) uses QUIC protocol not TCP.
“tls-host” is only to tcp applicable

Is true if you use Chrome (or Opera 16), if not, use TLS.

M.

you are right but currently, tls-host is not matching any TLS connection.

TLS Host does not work in RouterOS 6.41.
Use last RouterOS 6.42rc15 (Release candidate).

I can confirm, working in rc15

You are right. The Feb2018 Newsletter however mentioned that this feature is available from ROS v6.41 but that may not be totally correct. The option was available but it was not functional.