Http browsing over download Prioritization

PeteCruise · May 11, 2011, 3:09pm

Hi

We have a network with multiple (200ish+) clients. The setup is as follows. we have 5x 4mb lines ( highest speed we can get). The firewall pc binds them so we have load balancing. The problem is the clients connect to our high sites some download and some don’t just browse and youtube mostly. Every client has 5 IP adresses ie 192.168.20.232/29

What ive done is setup the firewall on the AP RB433 to mark the packets and limit the downloaders depending on the file size they are downloading, meaning the queue tree gives full speed till it sees the file is bigger than 1mb, then starts to slow it, then if its bigger than 6mb it slows more ect.

So the issue is because we have such low speed in our country we want to make it so that the users browsing get the priority and the ones downloading lower. but if nobody is browsing that the downloaders get the bandwidth. or any setup close to that. We want the remote, ssl, and http browsing and youtube to get the packets 1st.

Thanks in advance

BinaryCrash · May 13, 2011, 8:42pm

i am very new to mikrotik, but since nobody answered yet i will try to help.

i would mark connections checking the header content of http requests/responses.
text/html, swf, flv, etc… for browsing.

And using queues child rules with priority.

ditonet · May 13, 2011, 9:29pm

IMHO is better to mark HTTP traffic depending on bytes counter.
Connection below 0.5 MB is treated as browsing, over 0.5 MB as download.

/ip firewall mangle
add action=mark-connection chain=prerouting comment="HTTP,HTTPS browsing" connection-bytes=0-500000 disabled=no new-connection-mark=cm_http_dl_browsing passthrough=yes protocol=tcp src-port=80,443,8080
add action=mark-packet chain=prerouting comment=HTTP_DL_browsing connection-mark=cm_http_dl_browsing disabled=no new-packet-mark=pm_http_dl_browsing passthrough=no
add action=mark-connection chain=prerouting comment="HTTP,HTTPS Download" connection-bytes=500000-0 disabled=no new-connection-mark=cm_http_dl passthrough=yes protocol=tcp src-port=80,443,8080
add action=mark-packet chain=prerouting comment=HTTP_Download connection-mark=cm_http_dl disabled=no new-packet-mark=pm_http_dl passthrough=no

HTH,

PeteCruise · May 14, 2011, 7:38am

Thanks will give it a try this week, see if things work better.