Dear sir,
i need to limit the bandwidth at one of the physical interface not at ip address, e.g i have interface ether1 and i want to limit the interface that only 256/256 access. this interface is connected to the wan cisco switch and it shows in graph more than 512kbps download, i want to limit at 256 up and 256 down.
Thanks
Use a simple queue, select your ether1 as the interface and set the max-limits.
eg.
/queue simple
name="Limit ether1" dst-address=0.0.0.0/0 interface=ether1 parent=none
direction=both priority=8 queue=default-small/default-small
limit-at=256k/256k max-limit=256k/256k burst-limit=0/0
burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
What if i want to limit or shape the bandwidth of the other interfaces of a routerboard 750hxe
When i try to mark packets and connections, it tells me that then master interface should be selected.
And if i make a simple rule, and assign a limit to a slave interface, it takes that limit for all of them.
Is there a way of queueing traffic on an interface level this way ?
My setup is constituted by a router that gives me ip and dns on the wan port, (1), then a firewall for my wired network, then 3 access points connected each to the rest of the interfaces.
I wat to give the wired network full priority over the rest.
Can anyone give me a hand ?
You can’t do anything with slave interfaces - they’re pretty much the same as if you had only one interface, the master interface, and then connected it to an external dumb switch.
The only exception to this is if you do anything with VLANs in the switch menu, but as far as queues, IP addresses, firewall rules, etc - you can only interact with the master interface.
If you want to do something more involved than that, then your only option is to disable hardware switching (set master port = none) and then bridge them using a CPU-based bridge. Then you have the option of enabling the “use IP firewall” option for the bridge, and you can then use the mangle table per physical interface, even when bridging them. This takes a toll on the CPU though, so performance is going to be much worse in this configuration.
It sounds like you have two competing goals - you want to have several interfaces all be in the same broadcast domain, but wish to use IP-layer rules to limit the bandwidth per interface. The best solution for performance would be to break your interfaces into separate IP networks so that you don’t need to use IP-layer rules on bridged connections.