Hi. I am trying to save myself from the MikroTik paranoia here. I love MikroTik.
This is an important topic for the hardcore old-school all-knowing network pros. They must help here.
Many efforts have been made to prioritize packets. But what if our ISP has MikroTik as well and prioritizes packets as well? How will this affect our results on our end? My guess is - we will see poor/different results and start to think it does not work.
Why is this? What is the IP theory behind this? What can we do to avoid this? What can we do to detect this? What would be the best practice in this case?
Question for MikroTik support: do you have cases when priority was not working as expected for clients? What were the circumstances around these cases? How did you solve it, what were your conclusions?
Thank to all who help save us all from the paranoia. Thank you.
I have become increasingly unhappy with the conventional QoS provided by Mikrotik. HOWEVER, I implemented the L7 QoS as given in the Wiki last night and the difference has been incredible.
Encourage your ISP to try out using L7 QoS and do so the same. I think you will be pleasantly surprised.
In case of PCQ: problem is PCQ works when bandwidth (max-limit) is lowered less than what our ISP has to offer. They sell me 20Mbit, p2p downloads at 27Mbit, PCQ max-limit works at 19Mbit.
Any comments on the subject?
Would love to try it but Im having a maalox moment here. Whenever I console or terminal into my router and try to copy and paste the commands from the wiki it fails. As an example:
I type
ip firewall layer-7 protocol
ip firewall layer=7 protocol (and I try to paste the commands from the wiki, example:)
ip firewall layer=7 protocoladd comment:“” name:whatever regexp:“wow”
what I actually get is
ip firewall layer=7 protocol add d comment:“” name:whatever regexp:“wow”
invalid entry
It is auto completing. How do I turn this off??? Please
-
Delete any layer 7 rules that are there now.
-
Paste as following: do not type anything in, just paste:
ip firewall layer7-protocol
add comment=“” name=edonkey regexp=“[1].?.?.?.?([\01\02\05\14
\15\16\18\19\1A\1B\1C !234568@ABCFGHIJKLMNOPQRSTUVWX[`\81\82\90\91\93\96
\97\98\99\9A\9B\9C\9E\A0\A1\A2\A3\A4]|Y…?[ -~]|\96…$)”
add comment=“” name=goboogy regexp=“|^get /getfilebyhash\.cgi\?|^
get /queue_register\.cgi\?|^get /getupdowninfo\.cgi\?”
add comment=“” name=soribada regexp=“^GETMP3\r
\nFilename|^\01.?.?.?(Q:\+|Q2:)|^\10[\14-\16]\10[\15-\17].?.?.?.?
$”
add comment=“” name=rdp regexp=rdpdr.cliprdr.rdpsnd
add comment=“” name=gnutella regexp="^(gnd[\01\02]?.?.?\01|gnutella connect
/[012]\.[0-9]\r
\n|get /uri-res/n2r\?urn:sha1:|get /.user-agent: (gtk-gnutella|bearshar
e|mactella|gnucleus|gnotella|limewire|imesh)|get /.content-type: applicat
ion/x-gnutella-packets|giv [0-9]:[0-9a-f]/|queue [0-9a-f] [1-9][0-9]?[
0-9]?\.[1-9][0-9]?[0-9]?\.[1-9][0-9]?[0-9]?\.[1-9][0-9]?[0-9]?:[
1-9][0-9]?[0-9]?[0-9]?|gnutella.content-type: application/x-gnutella|.
…?lime)"
add comment=“” name=cvs regexp=“^BEGIN (AUTH|VERIFICATION|GSSAPI) REQUEST
\n”
add comment=“” name=nbns regexp=“\01\10\01|\)\10\01\01|0\10\01”
add comment=“” name=shoutcast regexp=
"icy [1-5][0-9][0-9] [\t-\r -~](content-type:audio|icy-)"
add comment=“” name=dns regexp="^.?.?.?.?[\01\02].?.?.?.?.?.?[\01-?
][a-z0-9][\01-?a-z][\02-\06][a-z][a-z][fglmoprstuvz]?[aeop]?(um)?[\01
-\10\1C][\01\03\04\FF]"
add comment=“” name=quake-halflife regexp=“^\FF\FF\FF\FFget(info|challenge)”
add comment=“” name=poco regexp=“^\80\94
\n\01…\1F\9E”
add comment=“” name=ciscovpn regexp=“^\01\F4\01\F4”
add comment=“” name=x11 regexp=“[2].?\0B”
add comment=“” name=xboxlive regexp=“^X\80…\F3|^\06XN”
add comment=“” name=applejuice regexp=“^ajprot\r
\n”
add comment=“” name=zmaap regexp=“^\1B\D7;H[\01\02]\01?\01”
add comment=“” name=live365 regexp=membername.session.player
add comment=“” name=rlogin regexp=
“[3][a-z0-9][a-z0-9]+/[1-9][0-9]?[0-9]?[0-9]?00”
add comment=“” name=http regexp="http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9] [\t-
\r -~](connection:|content-type:|content-length:|date:)|post [\t-\r -~]
http/[01]\.[019]"
add comment=“” name=sip regexp=
“^(invite|register|cancel) sip[\t-\r -~]sip/[0-2]\.[0-9]"
add comment=“” name=pop3 regexp=“^(\+ok |-err )”
add comment=“” name=smb regexp=“\FFsmb[r%]”
add comment=“” name=quake1 regexp=“^\80\0C\01quake\03”
add comment=“” name=lpd regexp="^(\01[!-~]+|\02[!-~]+
\n.[\01\02\03][\01-
\n -~]|[\03\04][!-~]+[\t-\r]+[a-z][\t-\r -~]|\05[!-~]+[\t-\r]+([a-z][!-~
][\t-\r]+[1-9][0-9]?[0-9]?|root[\t-\r]+[!-~]+).)
\n$"
add comment=“” name=mute regexp=
"^(Public|AES)Key: [0-9a-f]
\nEnd(Public|AES)Key
\n$”
add comment=“” name=ssh regexp=“^ssh-[12]\.[0-9]”
add comment=“” name=jabber regexp=
“<stream:stream[\t-\r ][ -~][\t-\r ]xmlns=['"]jabber"
add comment=“” name=bittorrent regexp=“^(\13bittorrent protocol|azver\01$|get
/scrape\?info_hash=)|d1:ad2:id20:|\08’7P\)[RP]”
add comment=“” name=ncp regexp="^(dmdt.\01.(""|\11\11|uu)|tncp.33)"
add comment=“” name=tls regexp=
"^(.?.?\16\03.\16\03|.?.?\01\03\01?.\0B)”
add comment=“” name=directconnect regexp=“^(\$mynick |\$lock |\$key )”
add comment=“” name=netbios regexp=“\81.?.?.[A-P][A-P][A-P][A-P][A-P][A-P][A
-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][
A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P]
[A-P][A-P][A-P][A-P]”
add comment=“” name=tftp regexp=“^(\01|\02)[ -~](netascii|octet|mail)"
add comment=“” name=subspace regexp=“^\01…\11\10…\01$”
add comment=“” name=hotline regexp=“^…TRTPHOTL\01\02”
add comment=“” name=doom3 regexp=“^\FF\FFchallenge”
add comment=“” name=ftp regexp=“^220[\t-\r -~]ftp"
add comment=“” name=kugoo regexp=“^1..\8E”
add comment=“” name=tsp regexp=
“[4]\01.?.?.?.?.?.?.?.?.?.?[ -~]+”
add comment=“” name=battlefield1942 regexp=“^\01\11\10\|\F8\02\10@\06”
add comment=“” name=ssdp regexp="^notify[\t-\r ]\[\t-\r ]http/1\.1[\t-\r -~
]ssdp:(alive|byebye)|^m-search[\t-\r ]\[\t-\r ]http/1\.1[\t-\r -~]ssd
p:discover"
add comment=“” name=imap regexp="^(\ ok|a[0-9]+ noop)”
add comment=“” name=ares regexp=“^\03[]Z].?.?\05$”
add comment=“” name=fasttrack regexp="^get (/.download/[ -~]|/.supernode[ -~]
|/.status[ -~]|/.network[ -~]|/.files|/.hash=[0-9a-f]/[ -~]) http/1.1|u
ser-agent: kazaa|x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xfer
uid|tag)|^give [0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]?[0-9]?[0-9]?"
add comment=“” name=qq regexp=“^.?\02.+\03$”
add comment=“” name=100bao regexp=“^\01\01\05
\n”
add comment=“” name=aim regexp=
"^(\[\01\02].\03\0B|\\01.?.?.?.?\01)|flapon|toc_signon.0x"
add comment=“” name=unknown regexp=.
add comment=“” name=msn-filetransfer regexp=
“^(ver [ -~]msnftp\r
\nver msnftp\r
\nusr|method msnmsgr:)"
add comment=“” name=yahoo regexp=
"^(ymsg|ypns|yhoo).?.?.?.?.?.?.?[lwt].\C0\80”
add comment=“” name=validcertssl regexp="^(.?.?\16\03.\16\03|.?.?\01\03
\01?.\0B).(thawte|equifax secure|rsa data security, inc|verisign, inc|g
te cybertrust root|entrust\.net limited)”
add comment=“” name=ntp regexp=“^([\13\1B#\D3\DB\E3]|[\14\1C$]…?.?.?
.?.?.?.?.?.?[\C6-\FF])”
add comment=“” name=gnucleuslan regexp=
“gnuclear connect/[\t-\r -~]user-agent: gnucleus [\t-\r -~]lan:"
add comment=“” name=vnc regexp=“^rfb 00[1-9]\.00[0-9]
\n$”
add comment=“” name=bgp regexp=
“^\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF..?\01[\03\04]”
add comment=“” name=tesla regexp=“\03\9A\89"111\.00 Beta |\E2<i\1E\1C\E9”
add comment=“” name=openft regexp=“x-openftalias: [-)(0-9a-z ~.]”
add comment=“” name=h323 regexp=
“^\03..?\08…?.?.?.?.?.?.?.?.?.?.?.?.?.?.?\05”
add comment=“” name=finger regexp=
"[5][a-z0-9\-_]+|login: [\t-\r -~] name: [\t-\r -~] Directory:”
add comment=“” name=ident regexp=“[6][0-9]?[0-9]?[0-9]?[0-9]?[\t-\r],[
\t-\r][1-9][0-9]?[0-9]?[0-9]?[0-9]?(\r
\n|[\r
\n])?$”
add comment=“” name=gkrellm regexp=“^gkrellm [23].[0-9].[0-9]
\n$”
add comment=“” name=hddtemp regexp=
“^\|/dev/[a-z][a-z][a-z]\|[0-9a-z]\|[0-9][0-9]\|[cfk]\|"
add comment=“” name=socks regexp="\05[\01-\08]\05[\01-\08]?.\05[\01-\03][
\01\03].\05[\01-\08]?[\01\03]”
add comment=“” name=biff regexp=“[7][a-z0-9]+@[1-9][0-9]+$”
add comment=“” name=dhcp regexp=“[8][\01- ]\06.c\82sc"
add comment=“” name=smtp regexp="^220[\t-\r -~] (e?smtp|simple mail)”
add comment=“” name=ipp regexp=ipp://
add comment=“” name=msnmessenger regexp=“ver [0-9]+ msnp[1-9][0-9]? [\t-\r -~
]cvr0\r
\n$|usr 1 [!-~]+ [0-9. ]+\r
\n$|ans 1 [!-~]+ [0-9. ]+\r
\n$"
add comment=“” name=irc regexp="^(nick[\t-\r -~]user[\t-\r -~]:|user[\t-\r -
~]:[\02-\r -~]nick[\t-\r -~]\r
\n)”
add comment=“” name=gopher regexp=“[9][1-9,+tgi][\t-\r -~]\t[\t-\r -~]
\t[a-z0-9.]\.[a-z][a-z].?.?\t[1-9]”
add comment=“” name=telnet regexp=“^\FF[\FB-\FE].\FF[\FB-\FE].\FF[\FB-\FE]”
add comment=“” name=snmp regexp=“^\02\01\04.+([\A0-\A3]\02[\01-\04].?.?.?.
?\02\01.?\02\01.?0|\A4\06.+@\04.?.?.?.?\02\01.?\02\01.?C)”
add comment=“” name=nntp regexp=
“^(20[01][\t-\r -~]AUTHINFO USER|20[01][\t-\r -~]news)"
add comment=“” name=aimwebcontent regexp=user-agent:aim/
add comment=“” name=rtsp regexp=“rtsp/1.0 200 ok”
add comment=“” name=skypeout regexp="^(\01.?.?.?.?.?.?.?.?\01|\02.?.
?.?.?.?.?.?.?\02|\03.?.?.?.?.?.?.?.?\03|\04.?.?.?.?.?.
?.?.?\04|\05.?.?.?.?.?.?.?.?\05|\06.?.?.?.?.?.?.?.?\06|
\07.?.?.?.?.?.?.?.?\07|\08.?.?.?.?.?.?.?.?\08|\t.?.?.?.
?.?.?.?.?\t|
\n.?.?.?.?.?.?.?.?
\n|\0B.?.?.?.?.?.?.?.?\0B|\0C.?.?.?.?.?.?.?.?\0C|\r.?.?.
?.?.?.?.?.?\r|\0E.?.?.?.?.?.?.?.?\0E|\0F.?.?.?.?.?.?.
?.?\0F|\10.?.?.?.?.?.?.?.?\10|\11.?.?.?.?.?.?.?.?\11|\12
.?.?.?.?.?.?.?.?\12|\13.?.?.?.?.?.?.?.?\13|\14.?.?.?.?
.?.?.?.?\14|\15.?.?.?.?.?.?.?.?\15|\16.?.?.?.?.?.?.?.?
\16|\17.?.?.?.?.?.?.?.?\17|\18.?.?.?.?.?.?.?.?\18|\19.?.
?.?.?.?.?.?.?\19|\1A.?.?.?.?.?.?.?.?\1A|\1B.?.?.?.?.?.
?.?.?\1B|\1C.?.?.?.?.?.?.?.?\1C|\1D.?.?.?.?.?.?.?.?\1D|
\1E.?.?.?.?.?.?.?.?\1E|\1F.?.?.?.?.?.?.?.?\1F| .?.?.?.
?.?.?.?.? |!.?.?.?.?.?.?.?.?!|".?.?.?.?.?.?.?.?"|#.
?.?.?.?.?.?.?.?#|\$.?.?.?.?.?.?.?.?\$|%.?.?.?.?.?
.?.?.?%|&.?.?.?.?.?.?.?.?&|‘.?.?.?.?.?.?.?.?’|\(.?.?
.?.?.?.?.?.?\(|\).?.?.?.?.?.?.?.?\)|\.?.?.?.?.?.?
.?.?\|\+.?.?.?.?.?.?.?.?\+|,.?.?.?.?.?.?.?.?,|-.?.
?.?.?.?.?.?.?-|\..?.?.?.?.?.?.?.?\.|/.?.?.?.?.?.?.
?.?/|0.?.?.?.?.?.?.?.?0|1.?.?.?.?.?.?.?.?1|2.?.?.?.?
.?.?.?.?2|3.?.?.?.?.?.?.?.?3|4.?.?.?.?.?.?.?.?4|5.?.
?.?.?.?.?.?.?5|6.?.?.?.?.?.?.?.?6|7.?.?.?.?.?.?.?.?
7|8.?.?.?.?.?.?.?.?8|9.?.?.?.?.?.?.?.?9|:.?.?.?.?.?.
?.?.?:|;.?.?.?.?.?.?.?.?;|<.?.?.?.?.?.?.?.?<|=.?.?.?
.?.?.?.?.?=|>.?.?.?.?.?.?.?.?>|\?.?.?.?.?.?.?.?.?\
?|@.?.?.?.?.?.?.?.?@|A.?.?.?.?.?.?.?.?A|B.?.?.?.?.?.
?.?.?B|C.?.?.?.?.?.?.?.?C|D.?.?.?.?.?.?.?.?D|E.?.?.?
.?.?.?.?.?E|F.?.?.?.?.?.?.?.?F|G.?.?.?.?.?.?.?.?G|H.
?.?.?.?.?.?.?.?H|I.?.?.?.?.?.?.?.?I|J.?.?.?.?.?.?.?
.?J|K.?.?.?.?.?.?.?.?K|L.?.?.?.?.?.?.?.?L|M.?.?.?.?.
?.?.?.?M|N.?.?.?.?.?.?.?.?N|O.?.?.?.?.?.?.?.?O|P.?.?
.?.?.?.?.?.?P|Q.?.?.?.?.?.?.?.?Q|R.?.?.?.?.?.?.?.?R|
S.?.?.?.?.?.?.?.?S|T.?.?.?.?.?.?.?.?T|U.?.?.?.?.?.?.
?.?U|V.?.?.?.?.?.?.?.?V|W.?.?.?.?.?.?.?.?W|X.?.?.?.?
.?.?.?.?X|Y.?.?.?.?.?.?.?.?Y|Z.?.?.?.?.?.?.?.?Z|\[.?
.?.?.?.?.?.?.?\[|\].?.?.?.?.?.?.?.?\]|\].?.?.?.?.?
.?.?.?\]|\^.?.?.?.?.?.?.?.?\^|.?.?.?.?.?.?.?.?|`.
?.?.?.?.?.?.?.?`|a.?.?.?.?.?.?.?.?a|b.?.?.?.?.?.?.?
.?b|c.?.?.?.?.?.?.?.?c|d.?.?.?.?.?.?.?.?d|e.?.?.?.?.
?.?.?.?e|f.?.?.?.?.?.?.?.?f|g.?.?.?.?.?.?.?.?g|h.?.?
.?.?.?.?.?.?h|i.?.?.?.?.?.?.?.?i|j.?.?.?.?.?.?.?.?j|
k.?.?.?.?.?.?.?.?k|l.?.?.?.?.?.?.?.?l|m.?.?.?.?.?.?.
?.?m|n.?.?.?.?.?.?.?.?n|o.?.?.?.?.?.?.?.?o|p.?.?.?.?
.?.?.?.?p|q.?.?.?.?.?.?.?.?q|r.?.?.?.?.?.?.?.?r|s.?.
?.?.?.?.?.?.?s|t.?.?.?.?.?.?.?.?t|u.?.?.?.?.?.?.?.?
u|v.?.?.?.?.?.?.?.?v|w.?.?.?.?.?.?.?.?w|x.?.?.?.?.?.
?.?.?x|y.?.?.?.?.?.?.?.?y|z.?.?.?.?.?.?.?.?z|\{.?.?.
?.?.?.?.?.?\{|\|.?.?.?.?.?.?.?.?\||\}.?.?.?.?.?.?.
?.?\}|~.?.?.?.?.?.?.?.?~|\7F.?.?.?.?.?.?.?.?\7F|\80.?.
?.?.?.?.?.?.?\80|\81.?.?.?.?.?.?.?.?\81|\82.?.?.?.?.?.
?.?.?\82|\83.?.?.?.?.?.?.?.?\83|\84.?.?.?.?.?.?.?.?\84|
\85.?.?.?.?.?.?.?.?\85|\86.?.?.?.?.?.?.?.?\86|\87.?.?.?
.?.?.?.?.?\87|\88.?.?.?.?.?.?.?.?\88|\89.?.?.?.?.?.?.?
.?\89|\8A.?.?.?.?.?.?.?.?\8A|\8B.?.?.?.?.?.?.?.?\8B|\8C.
?.?.?.?.?.?.?.?\8C|\8D.?.?.?.?.?.?.?.?\8D|\8E.?.?.?.?.
?.?.?.?\8E|\8F.?.?.?.?.?.?.?.?\8F|\90.?.?.?.?.?.?.?.?
\90|\91.?.?.?.?.?.?.?.?\91|\92.?.?.?.?.?.?.?.?\92|\93.?.
?.?.?.?.?.?.?\93|\94.?.?.?.?.?.?.?.?\94|\95.?.?.?.?.?.
?.?.?\95|\96.?.?.?.?.?.?.?.?\96|\97.?.?.?.?.?.?.?.?\97|
\98.?.?.?.?.?.?.?.?\98|\99.?.?.?.?.?.?.?.?\99|\9A.?.?.?
.?.?.?.?.?\9A|\9B.?.?.?.?.?.?.?.?\9B|\9C.?.?.?.?.?.?.?
.?\9C|\9D.?.?.?.?.?.?.?.?\9D|\9E.?.?.?.?.?.?.?.?\9E|\9F.
?.?.?.?.?.?.?.?\9F|\A0.?.?.?.?.?.?.?.?\A0|\A1.?.?.?.?.
?.?.?.?\A1|\A2.?.?.?.?.?.?.?.?\A2|\A3.?.?.?.?.?.?.?.?
\A3|\A4.?.?.?.?.?.?.?.?\A4|\A5.?.?.?.?.?.?.?.?\A5|\A6.?.
?.?.?.?.?.?.?\A6|\A7.?.?.?.?.?.?.?.?\A7|\A8.?.?.?.?.?.
?.?.?\A8|\A9.?.?.?.?.?.?.?.?\A9|\AA.?.?.?.?.?.?.?.?\AA|
\AB.?.?.?.?.?.?.?.?\AB|\AC.?.?.?.?.?.?.?.?\AC|\AD.?.?.?
.?.?.?.?.?\AD|\AE.?.?.?.?.?.?.?.?\AE|\AF.?.?.?.?.?.?.?
.?\AF|\B0.?.?.?.?.?.?.?.?\B0|\B1.?.?.?.?.?.?.?.?\B1|\B2.
?.?.?.?.?.?.?.?\B2|\B3.?.?.?.?.?.?.?.?\B3|\B4.?.?.?.?.
?.?.?.?\B4|\B5.?.?.?.?.?.?.?.?\B5|\B6.?.?.?.?.?.?.?.?
\B6|\B7.?.?.?.?.?.?.?.?\B7|\B8.?.?.?.?.?.?.?.?\B8|\B9.?.
?.?.?.?.?.?.?\B9|\BA.?.?.?.?.?.?.?.?\BA|\BB.?.?.?.?.?.
?.?.?\BB|\BC.?.?.?.?.?.?.?.?\BC|\BD.?.?.?.?.?.?.?.?\BD|
\BE.?.?.?.?.?.?.?.?\BE|\BF.?.?.?.?.?.?.?.?\BF|\C0.?.?.?
.?.?.?.?.?\C0|\C1.?.?.?.?.?.?.?.?\C1|\C2.?.?.?.?.?.?.?
.?\C2|\C3.?.?.?.?.?.?.?.?\C3|\C4.?.?.?.?.?.?.?.?\C4|\C5.
?.?.?.?.?.?.?.?\C5|\C6.?.?.?.?.?.?.?.?\C6|\C7.?.?.?.?.
?.?.?.?\C7|\C8.?.?.?.?.?.?.?.?\C8|\C9.?.?.?.?.?.?.?.?
\C9|\CA.?.?.?.?.?.?.?.?\CA|\CB.?.?.?.?.?.?.?.?\CB|\CC.?.
?.?.?.?.?.?.?\CC|\CD.?.?.?.?.?.?.?.?\CD|\CE.?.?.?.?.?.
?.?.?\CE|\CF.?.?.?.?.?.?.?.?\CF|\D0.?.?.?.?.?.?.?.?\D0|
\D1.?.?.?.?.?.?.?.?\D1|\D2.?.?.?.?.?.?.?.?\D2|\D3.?.?.?
.?.?.?.?.?\D3|\D4.?.?.?.?.?.?.?.?\D4|\D5.?.?.?.?.?.?.?
.?\D5|\D6.?.?.?.?.?.?.?.?\D6|\D7.?.?.?.?.?.?.?.?\D7|\D8.
?.?.?.?.?.?.?.?\D8|\D9.?.?.?.?.?.?.?.?\D9|\DA.?.?.?.?.
?.?.?.?\DA|\DB.?.?.?.?.?.?.?.?\DB|\DC.?.?.?.?.?.?.?.?
\DC|\DD.?.?.?.?.?.?.?.?\DD|\DE.?.?.?.?.?.?.?.?\DE|\DF.?.
?.?.?.?.?.?.?\DF|\E0.?.?.?.?.?.?.?.?\E0|\E1.?.?.?.?.?.
?.?.?\E1|\E2.?.?.?.?.?.?.?.?\E2|\E3.?.?.?.?.?.?.?.?\E3|
\E4.?.?.?.?.?.?.?.?\E4|\E5.?.?.?.?.?.?.?.?\E5|\E6.?.?.?
.?.?.?.?.?\E6|\E7.?.?.?.?.?.?.?.?\E7|\E8.?.?.?.?.?.?.?
.?\E8|\E9.?.?.?.?.?.?.?.?\E9|\EA.?.?.?.?.?.?.?.?\EA|\EB.
?.?.?.?.?.?.?.?\EB|\EC.?.?.?.?.?.?.?.?\EC|\ED.?.?.?.?.
?.?.?.?\ED|\EE.?.?.?.?.?.?.?.?\EE|\EF.?.?.?.?.?.?.?.?
\EF|\F0.?.?.?.?.?.?.?.?\F0|\F1.?.?.?.?.?.?.?.?\F1|\F2.?.
?.?.?.?.?.?.?\F2|\F3.?.?.?.?.?.?.?.?\F3|\F4.?.?.?.?.?.
?.?.?\F4|\F5.?.?.?.?.?.?.?.?\F5|\F6.?.?.?.?.?.?.?.?\F6|
\F7.?.?.?.?.?.?.?.?\F7|\F8.?.?.?.?.?.?.?.?\F8|\F9.?.?.?
.?.?.?.?.?\F9|\FA.?.?.?.?.?.?.?.?\FA|\FB.?.?.?.?.?.?.?
.?\FB|\FC.?.?.?.?.?.?.?.?\FC|\FD.?.?.?.?.?.?.?.?\FD|\FE.
?.?.?.?.?.?.?.?\FE|\FF.?.?.?.?.?.?.?.?\FF)”
add comment=“” name=skypetoskype regexp=“^..\02…”
add comment=“” name=counterstrike-source regexp=
“^\FF\FF\FF\FF.cstrikeCounter-Strike"
add comment=“” name=halflife2-deathmatch regexp=
"^\FF\FF\FF\FF.hl2mpDeathmatch"
add comment=“” name=freenet regexp=“^\01[\08\t][\03\04]”
add comment=“” name=battlefield2 regexp=“^(\11 \01…?\11|\FE\FD.?.?.?.?.
?.?(\14\01\06|\FF\FF\FF))|[]\01].?battlefield2”
add comment=“” name=napster regexp=“^(.[\02\06][!-~]+ [!-~]+ [0-9][0-9]?[0-9]
?[0-9]?[0-9]? "[\t-\r -~]+" ([0-9]|10)|1(send|get)[!-~]+ "[\t-\r -~]
+")”
add comment=“” name=soulseek regexp=
“^(\05..?|.\01.[ -~]+\01F..?.?.?.?.?.?.?)$”
add comment=“” name=xunlei regexp=“[10]…?.?.?(reg|get|query)”
add comment=“” name=ssl regexp=
"^(.?.?\16\03.\16\03|.?.?\01\03\01?.\0B)”
add comment=“” name=citrix regexp=“2&\85\92X”
add comment=“” name=whois regexp=“[11]+\r
\n$”
add comment=“” name=dayofdefeat-source regexp=
“^\FF\FF\FF\FF.dodDay of Defeat"
add comment=“” name=teamspeak regexp=“^\F4\BE\03.teamspeak"
add comment=“” name=worldofwarcraft regexp=“^\06\EC\01”
add comment=“” name=ventrilo regexp=“^..?v\$\CF”
add comment=“” name=http-rtsp regexp="^(get[\t-\r -~] Accept: application/x-r
tsp-tunnelled|http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9] [\t-\r -~]a=contro
l:rtsp://)"
add comment=“” name=thecircle regexp=
“^t\03ni.?[\01-\06]?t[\01-\05]s[
\n\0B](glob|who are you$|query data)”
add comment=“” name=uucp regexp=“^\10here=”
add comment=“” name=pcanywhere regexp=“^(nq|st)$”
add comment=“” name=subversion regexp=“^\( success \( 1 2 \(”
add comment=“” name=imesh regexp="^(post[\t-\r -~]…
…|4\80?\r?\FC\FF\04|get[\t-
\r -~]Host: imsh\.download-prod\.musicnet\.com|\02(\01|\02)\83.?.?.
?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?
.?\02(\01|\02)\83)"
add comment=“” name=cimd regexp="\02[0-4][0-9]:[0-9]+.\03$”
add comment=“” name=mohaa regexp=“^\FF\FF\FF\FFgetstatus
\n”
add comment=“” name=stun regexp=“[12]…?$”
add comment=“” name=tor regexp=TOR1.
add comment=”" name=radmin regexp=“^\01\01(\08\08|\1B\1B)$”
add comment=“” name=unset regexp=.
add comment=“” name=chikka regexp=“^CTPv1.[123] Kamusta.\r
\n$"
add comment=“” name=replaytv-ivs regexp="^(get /ivs-IVSGetFileChunk|http/(0\.
9|1\.0|1\.1) [1-5][0-9][0-9] [\t-\r -~]#####REPLAY_CHUNK_START#####)”
add comment=“” name=armagetron regexp=YCLC_E|CYEL
Latest test show that PCQ misbehaving could be due to not enough processor power, and the need to install RouterOS on a better machine. Queue management on upstream routers could be not so important after all. Will test more soon.
ctrl+v
What I’m talking about have been discussed by other members as well:
from Is (( PRIORITY )) Really working ??? topic:
This way we waste bandwidth. Download will achieve only 59% of total link speed. We need to show our customers advantage in speeds and quality, not disabilities.
1 
What queue type are you talking about? HTB or PCQ? No text clearly explains when one can be used and when other should not be used. 2 Does queue trees need to have queue-type=default for HTB and queue-type=pcq-up/pcq-down for PCQ? 3 Can I use PCQ and set priority=?? kinda giving priority for some packets over others, while equalising bandiwdth (keeping PCQ functionality). Hoping to minimize delay for prioritized packets (with priority=1). ? 4 Can I build a Queue Tree with leafs and parents having different queue-type?
5 If this policeman is our bandwidth manager in our MT, when he drops packets, tcp flow should adjust in 2-3 seconds due to TCP window adjusting?
6 Maybe QoS should work nevertheless but keeping some spare bandwidth could save us those 2-3 seconds? Allowing for the car to enter the road first, and the policeman dropping another car after he sees there will be no space on the road ahead?
This is the question of this topic. 7 How does provider queue processing (a.k.a. QoS, shaping, policing, etc) affect the work of our QoS in our MT?
Exactly. 8 What about those cases when ISPs give us let’s say 100Mbps town speed tops, 20Mbps country speed tops, 10Mbps Europe speed, 1Mbps world speed in one cable? How will MT PCQ handle this type of service? It looks like we will be forced to set max-limit 1Mbps for speed to be fair, loosing the rest of the bandwidth. Another type of service is when our ISP gives us for example 10Mbps but between 16:30-22:00 limits us to let’s say 5Mbps. How to s setup PCQ then? 9 If we do not set max-speed at tall, what will happen to PCQ?
I hope everyone understands what is talked about here and if anyone has anything at all useful to share here - please tell us. Thank you.
@MikroTik staff: This is a challenge for MT as well so I anticipate your answers to these questions above. And am thankful as well.
Here are some answers hopefully helpful to all:
They do, with MikroTik or not, properly or not, efficiently or not. It all comes down to some basic IP principles and the TCP Window. All routers queue packets in the same way. There is no MikroTik rival. There is nothing that can truly beat MikroTik. The basics are the same. If I make my config really good, + Layer 7, my router will beat all.
IP Theory behind this is TCP Window and that other protocols do not have such function so I just won’t drop them at all for now. I can lower my max-limit to avoid problems. A little waste but there is no other way around this due to IP design and all networks design.
1,2,3 & 4: PCQ is HTB but PCQ is active in the childs while priority and max-limit work in the HTB tree. Queue type is only active in a child queue in a tree. If it is PCQ - all traffic that passes that child queue will be managed according to PCQ rules set there. Above it in the HTB tree may be rules of priority and limit-at and max-limit that will handle the rest of the management. Is this true? My test could be wrong… I need someone to confirm this. more tests done - this is correct Queue type could also be active in a parent in a Queue but as far as PCQ functionality - it’s in the child.
5: yes, even less than 3 seconds in fast networks.
6: No. But gustkiller’ suggestion is correct. Why? IP and network design. In particular? Don’t know right now.
7: With correct settings in our router it really does not matter what they are doing unless they are limiting bandwidth per-service. Most don’t unless they are misunderstanding QoS or WISPs trying to clear some air-time.
9: HTB will NOT work without max-limit.
8: Set max-limit to 99-98M and compensate per-user service experience and quality with better QoS management in the router. Get address lists from ISP…
If some of this info is incorrect I BARE NO RESPONSIBILITY for anyone’s loss. And please post!! Let us know if so.
Thank all.
Someone asked me to stop pasting links to wiki manual, so I won’t.
Simple… RTFM. Better half of your concerns will be gone.
I am RT FFFF M since 200 FFFF 4 . F. 
Paste links. Say it with your words. Help here. Not just RT FFFFFFFFFFFFFFFF M. F. 
better - paste quotes and say it with ur words.
P.S. My dear friend. MikroTik manual and related resources on this website have never been designed to be easily understood for a person who knows what’s he’s doing BUT does not have CCNA yet. Or should I say CCNP. I understood it all last few days and have been tryin HARD to understand QoS and Bandwidth Management since 2004. This is because last few days I found New information, posted by Macgaiver on the forum, as well as by Normis and Janis. As well as NEW posts in the WiKi unavailable before as well as a post or two by Chupaka, all this + two-three PDFs from the MUMs and I finally got it But all this is new information.
Total lines of text that made me understand all is so little that one’s conclusion is: no matter how much one RTFMs the MikroTik resources, one can not understand it, unless being told exactly those words. Most of them are posted in the Is (( PRIORITY )) really working topic.
Here’s a question: How to properly adjust pcq-lmit and pcq-total-limit according to one’s situation? And what results to expect?
Mikrotik was not designed for nor does it cater to the Novice. I don’t have any certifications yet four hours after reading the manual, four years ago, I had working QoS and have never looked back.
It’s pretty pitiful when a user can’t even figure out how to copy and paste rules in to their router without help.
This is my position: If you can’t figure it out, stop bitching and pay a consultant to do it. Inability on your part is not a Mikrotik problem, it is a not a software problem, it is not a “Bug” it is operator error.
I agree Mikrotik isn’t designed for novices, they sure could improve their documentation, and provide more real world examples. Better explanation of features and setting. Some documentation using Winbox for the examples, in addition to command line would help the un-experienced users, I think.
I’m an experienced Cisco admin, but even I struggle sometimes understanding the features and how certain Mikrotik specific things work. Keep in mind, there’s nothing like Mikrotik, so having previous networking experience simply gives you a head start on understanding what needs to happen. Making it happen can be the hard part.
Poor documentation and support has been Mikrotiks biggest short coming, IMO…
the quickiest method is to look at ‘dropped packets’ statistics of queue, I think =)
what about dynamic hotspot users ? they will have dynamic simple Q’s .. but all equalizing and prioritizing traffic should be in Q tree ..
which one will kill the other ? simple Q or Q tree ???
or they will work together which i dont think so ..
They will work together. Example can be seen here: http://mum.mikrotik.com/presentations/EG07/sunday.pdf Pages 24 & 25.
more:
http://wiki.mikrotik.com/wiki/Queue#Queue_Tree
Queue tree creates a unidirectional queue in one of the HTBs. It is also the only way to add a queue on a separate interface. This way it is possible to ease mangle configuration - you don’t need separate marks for download and upload - only upload will get to Public interface and only download will get to Private interface.
Also it is possible to have double queuing (example: prioritization of traffic in global-in or global-out, limitation per client on the outgoing interface). If you have simple queues and queue tree in the same HTB - simple queues will get traffic first.
Queue tree is not ordered - all traffic passes it together (unlike simple queue).
BUT , from http://forum.mikrotik.com/t/queue-tree-qos-and-simple-queues-for-pppoe-not-working/17675/1
Try it, if all works fine - leave it that way. Sergej probably meant that it’s not Best Practice to do it (in his opinion. probably may have later complications and more CPU and mem usage of router, etc, etc) but if it works - nothing can stop you from using it. May become your Best Practice he he.
but it shouldnt be like that , there must be a known info , which one will execute first , or one of them will be ignored ..
Upper ones will get traffic first, lower ones will not catch that traffic. This is why your ICMP rule stays ontop of Simple Queues. I currently use only Queue Tree - I’ve got complete control over what I need there.
If you have queues in Queue Simple - they will catch traffic first and it won’t get to Queue Tree. Test and see for yourself.