Hi all, my current setup is as such, load balancing three ISP connections, I have simple queues for all three connections configured so that http and port numbers up to 1024 take priority, anything else is lower priority, this seems to work quite well.
I used to have connection limiting where if an IP address hits 75 connections any subsequent connection for that IP is dropped. I’m not a fan of dropping connections as users start complaining, so what I would like to do is configure a mangle rule that says if connections reach 75 for particular IP then restrict that IP’s bandwidth to something like 1mb…
Is this doable? How would I go about this, I’m not using usermanager so the limit would need to be per IP.
I’m no routeros expert by any stretch of the imagination, and my current setup I achieved by using the wiki’s and peoples help on this forum so any help would be much appreciated!
Bump, please help, any info would be great!
You will not get much help on questions where you can find answers on wiki, google, youtube,…
also look user topics: http://wiki.mikrotik.com/wiki/Bandwidth_Managment_and_Queues
br
cm
thanks, but I have searched and like I said I have found and implemented loads of queue and load balancing rules, also connection limiting, but my particular question I cannot find a definitive answer hence my visit to the forum to seek out the help of someone who knows and someone who is kind enough to lend a hand, you just posted a link that has all the wiki’s for all traffic shaping/limiting/queuing and I may read the lot and still not find my answer…like I said I’m no expert so a lot of what is written doesn’t all make perfect sense to me.
Anyone out there feel like lending a hand here…please?
add chain=prerouting action=mark-packet new-packet-mark=>100 passthrough=yes connection-limit=100,32 protocol=tcp
add name=“queue1” target-addresses=192.168.1.1/32 interface=all parent=none
packet-marks=>100 direction=both priority=8
queue=default-small/default-small limit-at=0/0 max-limit=1M/256k
burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s
total-queue=default-small
I suggest you stick it in the customer cpe.. If you don’t and you stick it in the Ap then you will need to change the ,32 to ,24.
100 relates to whatever you want to make the max connections.
tcp ( you may want to also make one for udp)..
Ip address is the address of the client Lan,..
You may want some more expert help from others regarding the use of “prerouting” or “forward” (that whole thing still confuses me now!)
good luck
Simon
I HAVE NOT TRIED IT, I JUST GUESSED AT IT.
Thanks mate, I had tried a few times using the winbox interface and just couldn’t get it right, once I’ve run your command and I can see the rules in winbox I will tweak to suit and then create one for UDP as well.
Thanks a mil!
no problem
The first rule I pinched from the forum years back, I use it daily in my gateway machine (but with a ,24 address to limit ALL customers)
Earlier in the year I added the same rule to include UDP.. ( not that well documented)
The second rule is what I use for clients who abuse my rules.. I simply ask my clients not to p2p in the daytime.. That has worked well for me for years.. But then I do have reasonable relationships with them.
But for those who don’t I use the same rule that I sent to you, but instead I mark p2p packets in mangle, then I use that rule in the queues (reference to p2p marks)
Then I use a script and scheduler to enable the queue rule at 07.00am and disable the rule at midnight.