hostname based throttling?

stanelie · June 3, 2012, 6:37pm

Hello.

I would like to make a simple queue to throttle the bandwidth and adjusts the priority of a target hostname containing a wildcard.

For example, instead of finding out all of the IP addresses used by Dropbox and creating a separate queue for each, I would like to create one queue that points to *.dropbox.com.

How can I do that on RouterOS?

I’m running the latest 5.17.

Thanks!

Sanity · June 4, 2012, 6:28am

You can not do it because the moment you route, there is no hostname anymore only an IP address. It also only works for large sites - small sites may use the same IP for a lot of hosts at the same time. So, priority by IP based on the assumption the IP only hosts one site (or set of sites from one company) is… not smart. Not for the last 15 years or so since HTTP 1.1 came around.

At the end, I do not think it can properly be done.

stanelie · June 4, 2012, 1:34pm

So,
That’s why I wish for a rule that would look at the hostname used. That way, I wouldn’t block a whole service provider, only a virtual host.

There are many sites I would like to throttle like this : dropbox, sugarsync, windows updates, mac updates, etc… I don’t want to be hunting down dozens of IP addresses and having a lot of collateral damage at the same time.

Maybe it could be done with a L7 regex that could be used to tag a connection to a hostname? Is there such a filter?

Thanks!

stanelie · June 4, 2012, 11:45pm

Ok,

I think I’ve figured it out :

/ip firewall mangle

 add action=mark-connection chain=postrouting comment="Mark Conn for dropbox" content=dropbox.com disabled=no new-connection-mark=dropbox-conn passthrough=yes

add action=mark-packet chain=postrouting comment="Mark Pkts for dropbox-conn" connection-mark=dropbox-conn disabled=no new-packet-mark=lo-prio-traffic-pkts passthrough=no

and

/queue simple add name=wan_conn_limit interface=ether1 max-limit=256k/256k

/queue simple add name=lo-prio-traffic packet-marks=lo-prio-traffic-pkts interface=ether1 parent=wan_conn_limit priority=8

Should do the trick (found the info here : http://aacable.wordpress.com/2012/01/05/qos-with-mikrotik-reference-guide/ ). I just did a test with the first line of code in mangle and the connection gets tagged properly in the connection list.

Hope this helps someone else.