Hi there.
I have some small network with 50 PCs in it. I have Internet with 10mbts and Intranet with 100mbts.
I have made Simple Queues on each pc wich limit Upload and Download with 512 kbit/sec.
How can i remove limitations on my Intranet (100mbts) and leave it only for Internet?
I have certain IP Range of my Intranet and i want to give my LAN all 100mbts to that IP Range without limitation from Queues.
Thanks for help.
Use address list, mangle, and queue.
Mark you local network and give priority and limit-at.
M.
Can u discribe it step-to-step, or give me link plz where i can read about it. Thanks.
- ROS manual: http://www.mikrotik.com/testdocs/ros/2.9/
http://www.mikrotik.com/testdocs/ros/2.9/ip/flow.php about packet flow in router
http://www.mikrotik.com/testdocs/ros/2.9/ip/mangle.php how to mangle packets
http://www.mikrotik.com/testdocs/ros/2.9/ip/address_list.php address lists
http://www.mikrotik.com/testdocs/ros/2.9/root/queue.php simple queues and queue trees - Wiki: http://wiki.mikrotik.com
http://wiki.mikrotik.com/wiki/Bandwidth_Managment_and_Queues some nice examples
I have the Same Prob i have an Intra Site and i want to give user full speed for it
i have configured these rules but didn’t have luck plz help me to correct
ip firewall address-list> print
Flags: X - disabled, D - dynamic
# LIST ADDRESS
0 intra 200.100.200.0
ip firewall mangle> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting connection-mark=intra-co src-address-list=intra dst-address-list=intra action=passthrough
1 chain=prerouting packet-mark=Intra-pac connection-mark=intra-co action=passthrough
queue simple> print
Flags: X - disabled, I - invalid, D - dynamic
0 name="Intra" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=Intra-pac priority=8
queue=default/default limit-at=0/0 max-limit=0/0 total-queue=default
Where you lost subnet mask for 200.100.200.0 ?
Also if you have any other rules after packet-mark you should use action accept.
Thanks yancho.
it still doesn’t work i added the subnetmask and also in action accept cuz i have other rule dont why the mangle rule doesn’t count !!
Can you give some more details about your network configuration is it nated or routed. If it’s natted - then you should also add local address to address list.
i dont what u mean by nated or routed ! and what is Local Address!
but i route my traffic to the Gateway
ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf
DST-ADDRESS PREFSRC G GATEWAY DISTANCE INTERFACE
5 A S 0.0.0.0/0 r 85.112.71.193 Cable
and i masquerade my src addr
ip firewall mangle> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting connection-mark=intra-co src-address-list=intra dst-address-list=intra action=passthrough
1 chain=prerouting packet-mark=Intra-pac connection-mark=intra-co action=passthrough
>
There are absolutely no sense to those rules.
If you want to mark packets, then you must use action mark, not passthrough
```text
/ip firewall mangle
add chain=prerouting src-address-list=intra dst-address-list=intra action=mark-connection new-connection-mark
="intra-co" passthrough=yes ;
add chain=prerouting connection-mark="intra-co" action=mark-packet new-packet-mark
="intra-pac" passthrough=no ;
Read manual carefully on how to mark packets:
http://www.mikrotik.com/testdocs/ros/2.9/ip/mangle.php
Thanks mrz .
yes u’re 100% right !
now the prob is the upload for Inta Connection is’t limited but the download is Limites!!
One way to limit upload is by marking packets in postrouting.
mrz thanks for ur info !
i want the Intra Upload and Intra Download to be unlimitted ! what Chain should i use
I used Prerouting as Prerouting Contain All but the Download Still Limited !!!