How Queues are processed?

Hey,

I am just wanting to know how ROS deals with queues, esp ons that overlap if you know what i mean.


So say you have a simple que limiting all traffic from the iprange 192.168.1.0/24 to 128kbps up& down.

then below you have a que that is giving VoIP traffic full access with a priority of 2.


Now how will voip data from a pc on the 192.168.0.1/24 network be limited?

Will it be limited to 128 or will it have unlimited access?

Also:
What is the default priority of data/traffic that has not been que’ed ?

Thanks.

Mikrotik shows Queues rather oddly IMHO.

It goes against common sense to Queue some traffic to speed it up.

However, what isn’t obvious is that ALL traffic is queued in Queue Prio 8 by default it seems.

So, if you add a stream of traffic to Queue Prio 1-7, then it will have priority over all the rest of the traffic.

I saw a thing that suggested that some stuff is already queued at higher priorities, so it might be that some traffic, such as RIP, OSPF etc has some priority by default.

The Best place to look is on google for Linux Advanced Routing and Traffic Control (LARTC).

It’s heavy reading, but it’s all there. You need to Translate it into Mikrotik-Speak though if you want to use it on MT. (Skip CBQ as HTB supercedes it)

Oh ok,

I see. So its not just a simple little precedure.

Its silly that its defaulted to 8.

Cause then making a queue that makes p2p 8 wont make it any faster than any other traffic. It should be defaulted at 4 ???

cant you make a cue that sets every thing to 4. So like mark ever packet, then the cue picks it up and makes it 4. Then your p2p WILL be slower???

So what does Parent Queue mean? if you have a que under a parent cue, does that mean that both rules will apply to it?

there can be queues within queues within queues … and so on.

E.g.

Let’s say you want to have HTTP, DNS and POP go fast.

Just use the IP-Firewall-Forward tables, and make a Packet Mark (for example).

Create a new simple queue (Queue trees take more planning).

Add a new Queue, give it some guaranteed bandwidth, and select the Packet Mark you set.

All HTTP, DNS and POP will then have priority over all the other stuff - i.e. go faster (if ther’s enough traffic to tell the difference).

To properly understand all this, i agree with fewi - you need training.
It is simply too complex to explain in simple messages like this.

I’m such a genius that i just sniffed the edge of the book and understood it all.
Queue Trees are much more powerful, but much more complex.
I had to actually open the book and lick the 1st page before i got it.

Oh ok,


No i see;

K one question, i was looking at the wiki aand i couldnt quete make it out.


Say i want to que voip, http and p2p on my internet connection:

cant i create a master simple que, where i limit the traffic to my internet speed (upload and downlaod)
and then make the voip,web,p2p ques its “child”

and then the 3 kids will sort them selvs out in terms or priorities?

or is what im talking about PCQ?


I want to control 3 protocols on a “tunnel” .

There are many many ways of doing this.

The simplest thing is make a ‘Parent’ queue, and then, as you guessed, make ‘Child’ queues under it - with each traffic type having a different Priority.

The Whole traffic will be subject to the Parent Queue, and, like you say, the Children wll fight for their share of what the Parent allows.

Traffic through the Child with higher Priority will have more speed (kind of), but a lower priority Child’s traffic could have it all if the other two have no traffic thru them.

QoS is so mind-bogglingly complex, and there are so many possible ‘solutions’ that you really should go on a traffic management course.

At the very least, you would learn what the Options are.

You could also read the LARTC as well, which is what ROS draws on - the underlying Linux queing.

Oh thanks,

Yea i agree, Queues are mind boggaling, you can do it so so many differnt ways and each one is better than the other.

It would be good to hear some oppiniouns and advice on each different setup. Cause the wiki dont really give you that.

Zappa - you got to TRY stuff and LEARN.

Set yourself up behind a mikrotik and apply some queues to yourself.

If you don’t want to spend 2 days or a Week on a course, you got to follow the Super-Nerds like me, and spend months fiddling with yourself.

(more correctly speaking, the queues etc that you have applied to yourself)

I do,

I fiddle loads, All the time, I spend many nights playing with the dam things for hours on end. I just like some forum assitance when i get stuck while playing. I allways play then look on wiki then as on forum.

And i do want to go on course, i just cant.

May you explain to me the difference between

Queue Type: default / default-small


cause it is default-small as default setting but then it dont show statistics or any thing under the que,
but then if i change it to default it does.


Can some ones lease simple point out the difference between the 2 or give me a link explaining it?

Queues are quite complicated.

default and default-small are just names MT give 'em.

Look under Queues->Queue Types to find out what they really are.

i think ‘default’ means pfifo, and ‘default-small’ means sfq by, er, default.

pfifo = first in-first-out, or no real queuing at all (by packet, hence the ‘p’)
As soon as the packets can go out they will go out, in the same order they came in.

sfq = stochastic fair queuing, which is more difficult to understand.
Basically it will try and send packets from each ‘stream’ out in a fair manner, by predicting the future.

You need to google LARTC and read what you find.

Queues are complicated. MT made them easier to get working.

If you really want to understand traffic conditioning etc, you have to read, re-read, and understand the LARTC.

There is no way i can adequately describe fifo, pfifo, sfq, htb, cbq, red
and the rest in a few forum posts.

Queuing is ‘Where It Is At’, and you will reap rewards on this earth and in Heaven by understanding how it’s done.

I was bust playign with ques yesterday and i noticed some thing.

I am trying to mark packets under mangle in firewall.

I am marking them by src IP LISt.
but it only mangle the computer UPLOAD and not the download?

So i tried dst address list and that didnt mark anything?

What am i doing wrong?

Post the configuration you tried. Include all the mangle rules and all address lists, your NAT configuration, and your queues.

Sorry,

I forgot what i type in terminal to get the config for that?

Soz

/ip firewall mangle export
/ip firewall nat export
/ip firewall address-lists export
/queue export

ip firewall mangle
add action=mark-packet chain=prerouting comment=Howard disabled=no
new-packet-mark=Howard passthrough=yes port=80 protocol=tcp
src-address-list=Howard
add action=mark-packet chain=prerouting comment=Hyslop disabled=no
new-packet-mark=Hyslop passthrough=yes port=80 protocol=tcp
src-address-list=Hyslop_Ips
add action=mark-packet chain=prerouting comment=Internet disabled=no
new-packet-mark=Internet passthrough=yes port=80 protocol=tcp



/ip firewall nat
add action=masquerade chain=srcnat comment=“default configuration” disabled=
no

/ip firewall address-list
add address=192.168.1.5 comment=“” disabled=no list=Hyslop_Ips
add address=192.168.1.64 comment=“” disabled=no list=Hyslop_Ips
add address=192.168.1.68 comment=“” disabled=no list=Hyslop_Ips
add address=192.168.1.63 comment=“” disabled=no list=Hyslop_Ips
add address=192.168.1.69 comment=“” disabled=no list=Howard
add address=192.168.1.26 comment=“” disabled=no list=Howard
add address=192.168.1.25 comment=“” disabled=no list=Howard


/ip firewall address-list
add address=192.168.1.5 comment=“” disabled=no list=Hyslop_Ips
add address=192.168.1.64 comment=“” disabled=no list=Hyslop_Ips
add address=192.168.1.68 comment=“” disabled=no list=Hyslop_Ips
add address=192.168.1.63 comment=“” disabled=no list=Hyslop_Ips
add address=192.168.1.69 comment=“” disabled=no list=Howard
add address=192.168.1.26 comment=“” disabled=no list=Howard
add address=192.168.1.25 comment=“” disabled=no list=Howard



Its just that i have connected my friend “Howard” next door to me, to my internet connection and i want to make his internet usage less priority than mine?

So i made all internet 6 and then his 8 and mine (Hyslop) 4

When you are marking based on dst-address-list you can’t do so in prerouting if you’re also performing NAT on the packets that will be marked.

http://wiki.mikrotik.com/wiki/Manual:Packet_Flow

Look at how early prerouting mangle is in the packet flow. The NAT you are performing won’t have been undone yet, so the destination IP address of the packet is still the public IP address that the router translated the packet to when performing the masquerade. Shift the downstream marking to ‘forward’ or ‘postrouting’ and packets will get marked correctly. Upstream you can do in prerouting because you’re marking based on src-address-list, and the source IP address is the real IP address (since the packet is coming directly from the real IP address of the client). Source NAT happens very late in the game so pretty much any chain is fine for upstream.

Oh i see.


So keep what i have for UPLOAD

and then create new ones for dst address with postrouting?


Thanks my man,

I thought it had some thing to do with NAT



and must passthrough be clicked?

Yes.

Alternatively, mark the connection - tracking for that is done before prerouting mangle. You would basically mark the connection immediately and then could mark the packets based on the connection mark both ways in prerouting and decide what is upload and download based on in-interface (download has an in-interface facing the WAN, upload has an in-interface facing the LAN). Based on how your head works that might seem more or less complicated to you. There’s always more than one way to do it.

passthrough means ‘process the rest of the steps or not’

if you tick it, then any rule below the one you’re talking about has a chance to change stuff.

Un-tick it, and the rule you made is the Final Answer.