Greetings, can somebody help me?
i have mikrotik RB951G-2HnD , ROS4 6.42.6
I am trying to limit interface local bandwidth without result.
I read all 3 pages in every google possible result,tryed the first things and nothing helped.
I was trying per IP queuing nothing and marking packets and connection, and traffic empty…
Queues only show when going to internet, as like the local traffic not even going through router.
I was trying to catch the traffic with the firewall rule to understand the src and dest, but was unable to do that.
I need to limit bandwidth between two local IPs on same subnet. Is it even possible?
Didn’t tryed the scripting(hard) way as i think it is possible through regular GUI, am i right?
Basic reason why it doesn’t work for you is that traffic within same subnet is switched and not routed. In your particular case it’s handled by switch chip of RB951G as indicated by the ‘H’ flag on your first screenshot (it means HW-offloaded).
You might get things working, but you have to make sure all traffic between those two IP devices does flow through router’s upper layers and if you fail to do it properly performance of whole network may suffer. The easiest way of doing it would be to move one of those two hosts to another IP subnet (preferably the device with less communication with the rest of LAN devices), in this case all traffic to/from that device will flow through router’s upper layers.
Thank you very much for your time and fast reply!
Good idea with subnet, Will try that, i mark as answered as i feel that will work
Thank you very much,take care!
So i have done that a little bit different, i didnt want to change the whole interface subnet, so i created additional address with a seperate pool to 192.168.7.0.
The cpu is 100% and the traffic is 90MBit from previous 900MBit.
The question is, is it possible to put some firewall rule,masquarade,etc to make it fast as before?
I understand it is because of the rule procesing right? Or the additional step that is neccasary to comunicate? Or because i didn’t seperate the whole interface to subnet?
192.168.6.0 is my LAN
192.168.7.0 i made for this one IP that DHCP is giving by MAC
It might be possible (I wouldn’t hope for miracle though, RB951G is no beast) … but you have to post full config of your router (as displayed by executing /export hide-sensitive in a terminal window) because possible improvements very much depend on the rest of configuration.
Just in case i miss some sensitive stuff, will send you PM.
I am thinking to buy hAP ac2, but i have 2mikrotiks where 1 is spare and both are the RB951G
So what i have done as i have spare mikrotik lying around, so i put my PC with the server that i wanted to limit to one router and all other network to another router.
I made seperate subnet for the second router and now its 5x faster than routing on 1 router, but 4times slower than regular switch chip transfer.
Neverless this is fine. Now i need to figure out how to make everybody see each other as all comunication work but from R1 clients see onlye R2 router IP, everything else timeout.
So need to figure it out somehow :)))
