I have 2 adsl lines load balanced using pcc and bandwidth managed with simple queues, I wanted to switch to a queue tree so how can I accompolish both ? To use pcc load balancing I need to mark all packets from both dsl lines so I can route them accordingly, but to use queue trees I’d need to mark all upload & download seperately. Since packets can only be marked once, is it possible to get it to work ? I couldn’t find any examples on the wiki.
Here is my mangle table.
/ip firewall mangle
add action=mark-connection chain=input comment="" disabled=no in-interface=\
WAN2 new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=\
WAN1 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN1_conn \
disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN2_conn \
disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=mark-connection chain=prerouting comment="" disabled=no \
dst-address-type=!local in-interface=LAN new-connection-mark=WAN1_conn \
passthrough=yes per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting comment="" disabled=no \
dst-address-type=!local in-interface=LAN new-connection-mark=WAN2_conn \
passthrough=yes per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting comment="" connection-mark=WAN1_conn \
disabled=no in-interface=LAN new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN2_conn \
disabled=no in-interface=LAN new-routing-mark=to_WAN2 passthrough=yes
add action=accept chain=prerouting comment="" disabled=no dst-address=\
192.168.1.0/24 in-interface=LAN
add action=accept chain=prerouting comment="" disabled=no dst-address=\
192.168.2.0/24 in-interface=LAN
Now I need to add a few more marks according to this wiki article for the queue tree to work, so how can I accompolish this without wreaking routing
cbrown
May 14, 2012, 12:11pm
2
you may have fixed this already, but PCC uses Connection and Routing marks, not packet marks.
oh thank you for pointing that out, would it be possible to get a sample script ?
additionally, how do you solve the problem with connection issues as a result of PCC load balancing when multiple connections are made from different IP’s to the same website.
dboillot:
you may have fixed this already, but PCC uses Connection and Routing marks, not packet marks.
Can you put an example plz, i need do a qos over pcc on a same router. Qos need mark connection to and is a problem on same router.
Enviado desde mi GT-I9100 usando Tapatalk 2
mcskiller:
dboillot:
you may have fixed this already, but PCC uses Connection and Routing marks, not packet marks.
Can you put an example plz, i need do a qos over pcc on a same router. Qos need mark connection to and is a problem on same router.
Enviado desde mi GT-I9100 usando Tapatalk 2
sorry for the late reply. here’s the PCC with just 4, pretty sure you can figure out what to do from here. Let me know if you need anything else
My LAN connection is called ether1, with the pppoe connections the default they come up with (pppoe-out1, pppoe-out2, pppoe-out3, pppoe-out4)
/ ip firewall mangle
add chain=input in-interface=pppoe-out1 action=mark-connection new-connection-mark=wan1_conn
add chain=input in-interface=pppoe-out2 action=mark-connection new-connection-mark=wan2_conn
add chain=input in-interface=pppoe-out3 action=mark-connection new-connection-mark=wan3_conn
add chain=input in-interface=pppoe-out4 action=mark-connection new-connection-mark=wan4_conn
add chain=output connection-mark=wan1_conn action=mark-routing new-routing-mark=to_wan1
add chain=output connection-mark=wan2_conn action=mark-routing new-routing-mark=to_wan2
add chain=output connection-mark=wan3_conn action=mark-routing new-routing-mark=to_wan3
add chain=output connection-mark=wan4_conn action=mark-routing new-routing-mark=to_wan4
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/0 \
action=mark-connection new-connection-mark=wan1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/1 \
action=mark-connection new-connection-mark=wan2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/2 \
action=mark-connection new-connection-mark=wan3_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/3 \
action=mark-connection new-connection-mark=wan4_conn passthrough=yes
add chain=prerouting connection-mark=wan1_conn in-interface=ether1 action=mark-routing new-routing-mark=to_wan1
add chain=prerouting connection-mark=wan2_conn in-interface=ether1 action=mark-routing new-routing-mark=to_wan2
add chain=prerouting connection-mark=wan3_conn in-interface=ether1 action=mark-routing new-routing-mark=to_wan3
add chain=prerouting connection-mark=wan4_conn in-interface=ether1 action=mark-routing new-routing-mark=to_wan4
/ ip route
add dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=to_wan1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out2 routing-mark=to_wan2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out3 routing-mark=to_wan3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out4 routing-mark=to_wan4 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out2 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out3 distance=3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out4 distance=3 check-gateway=ping
/ ip firewall nat
add chain=srcnat out-interface=pppoe-out1 action=masquerade
add chain=srcnat out-interface=pppoe-out2 action=masquerade
add chain=srcnat out-interface=pppoe-out3 action=masquerade
add chain=srcnat out-interface=pppoe-out4 action=masquerade
and here’s where I mark PACKETS for the Queues.
add action=mark-packet chain=forward comment="User Basic Download" disabled=\
no dst-address-list=Basic new-packet-mark=Basic passthrough=no
add action=mark-packet chain=forward comment="User Home Download" disabled=no \
dst-address-list=Home new-packet-mark=Home passthrough=no
add action=mark-packet chain=forward comment="User Premium Download" \
disabled=no dst-address-list=Premium new-packet-mark=Premium passthrough=\
no
add action=mark-packet chain=forward comment="User Business Download" \
disabled=no dst-address-list=Business new-packet-mark=Business \
passthrough=no
add action=mark-packet chain=forward comment="User Basic Upload" disabled=no \
new-packet-mark=128u passthrough=no src-address-list=Basic
add action=mark-packet chain=forward comment="User Home Upload" disabled=no \
new-packet-mark=256u passthrough=no src-address-list=Home
add action=mark-packet chain=forward comment="User Premium Upload" disabled=\
no new-packet-mark=384u passthrough=no src-address-list=Premium
add action=mark-packet chain=forward comment="User Business Upload" disabled=\
no new-packet-mark=384u passthrough=no src-address-list=Business
add action=mark-packet chain=forward comment="Office PC Download" disabled=no \
dst-address-list=Office new-packet-mark=Office passthrough=no
add action=mark-packet chain=forward comment="Office PC Upload" disabled=no \
new-packet-mark=OfficeU passthrough=no src-address-list=Office
add action=mark-packet chain=forward comment="Office Laptop PC Download" \
disabled=no new-packet-mark=no-mark passthrough=no src-address-list=\
laptops
add action=mark-packet chain=forward comment="Office Laptop PC Upload" \
disabled=no new-packet-mark=no-mark passthrough=no src-address-list=\
laptops
add action=mark-packet chain=forward comment="SpeedTest PC Download" \
disabled=no dst-address-list=SpeedTest new-packet-mark=no-mark \
passthrough=no
add action=mark-packet chain=forward comment="SpeedTest PC Upload" disabled=\
no new-packet-mark=no-mark passthrough=no src-address-list=SpeedTest
add action=mark-packet chain=forward comment="Unknown User Download" \
disabled=no dst-address-list=Unknown new-packet-mark=UnknownD \
passthrough=no
add action=mark-packet chain=forward comment="Unknown User Upload" disabled=\
no new-packet-mark=UnknownU passthrough=no src-address-list=Unknown
add action=add-src-to-address-list address-list=Unknown address-list-timeout=\
30m30s chain=forward disabled=no src-address-list=Clients
and here’s where I setup the Queue trees. We use PCQ
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=22M name="3 User Premium" packet-mark=Premium parent=\
Download-All priority=3 queue="PCQ_3 Premium"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=User256u packet-mark=256u parent=Upload-All priority=5 \
queue="PCQ_U 256"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=User128u packet-mark=128u parent=Upload-All priority=6 \
queue="PCQ_U 128"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=8M name="1 User Basic" packet-mark=Basic parent=Download-All \
priority=5 queue="PCQ_1 Basic"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=20M name="2 User Home" packet-mark=Home parent=Download-All \
priority=4 queue="PCQ_2 Home"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=25M name="4 User Business" packet-mark=Business parent=\
Download-All priority=2 queue="PCQ_4 Business"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=User384u packet-mark=384u parent=Upload-All priority=3 \
queue="PCQ_U 384"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=512k name="UserUnknown U" packet-mark=UnknownU parent=\
Upload-All priority=8 queue="PCQ_U Unknown"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
max-limit=0 name="6 Office" packet-mark=Office parent=Download-All \
priority=8 queue="PCQ_6 Office"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=512k name="5 User UnKnown U" packet-mark=UnknownD parent=\
Download-All priority=8 queue="PCQ_5 Unknown"
dboillot:
mcskiller:
dboillot:
you may have fixed this already, but PCC uses Connection and Routing marks, not packet marks.
Can you put an example plz, i need do a qos over pcc on a same router. Qos need mark connection to and is a problem on same router.
Enviado desde mi GT-I9100 usando Tapatalk 2
sorry for the late reply. here’s the PCC with just 4, pretty sure you can figure out what to do from here. Let me know if you need anything else
My LAN connection is called ether1, with the pppoe connections the default they come up with (pppoe-out1, pppoe-out2, pppoe-out3, pppoe-out4)
/ ip firewall mangle
add chain=input in-interface=pppoe-out1 action=mark-connection new-connection-mark=wan1_conn
add chain=input in-interface=pppoe-out2 action=mark-connection new-connection-mark=wan2_conn
add chain=input in-interface=pppoe-out3 action=mark-connection new-connection-mark=wan3_conn
add chain=input in-interface=pppoe-out4 action=mark-connection new-connection-mark=wan4_conn
add chain=output connection-mark=wan1_conn action=mark-routing new-routing-mark=to_wan1
add chain=output connection-mark=wan2_conn action=mark-routing new-routing-mark=to_wan2
add chain=output connection-mark=wan3_conn action=mark-routing new-routing-mark=to_wan3
add chain=output connection-mark=wan4_conn action=mark-routing new-routing-mark=to_wan4
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/0 \
action=mark-connection new-connection-mark=wan1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/1 \
action=mark-connection new-connection-mark=wan2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/2 \
action=mark-connection new-connection-mark=wan3_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/3 \
action=mark-connection new-connection-mark=wan4_conn passthrough=yes
add chain=prerouting connection-mark=wan1_conn in-interface=ether1 action=mark-routing new-routing-mark=to_wan1
add chain=prerouting connection-mark=wan2_conn in-interface=ether1 action=mark-routing new-routing-mark=to_wan2
add chain=prerouting connection-mark=wan3_conn in-interface=ether1 action=mark-routing new-routing-mark=to_wan3
add chain=prerouting connection-mark=wan4_conn in-interface=ether1 action=mark-routing new-routing-mark=to_wan4
/ ip route
add dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=to_wan1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out2 routing-mark=to_wan2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out3 routing-mark=to_wan3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out4 routing-mark=to_wan4 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out2 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out3 distance=3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out4 distance=3 check-gateway=ping
/ ip firewall nat
add chain=srcnat out-interface=pppoe-out1 action=masquerade
add chain=srcnat out-interface=pppoe-out2 action=masquerade
add chain=srcnat out-interface=pppoe-out3 action=masquerade
add chain=srcnat out-interface=pppoe-out4 action=masquerade
and here’s where I mark PACKETS for the Queues.
add action=mark-packet chain=forward comment="User Basic Download" disabled=\
no dst-address-list=Basic new-packet-mark=Basic passthrough=no
add action=mark-packet chain=forward comment="User Home Download" disabled=no \
dst-address-list=Home new-packet-mark=Home passthrough=no
add action=mark-packet chain=forward comment="User Premium Download" \
disabled=no dst-address-list=Premium new-packet-mark=Premium passthrough=\
no
add action=mark-packet chain=forward comment="User Business Download" \
disabled=no dst-address-list=Business new-packet-mark=Business \
passthrough=no
add action=mark-packet chain=forward comment="User Basic Upload" disabled=no \
new-packet-mark=128u passthrough=no src-address-list=Basic
add action=mark-packet chain=forward comment="User Home Upload" disabled=no \
new-packet-mark=256u passthrough=no src-address-list=Home
add action=mark-packet chain=forward comment="User Premium Upload" disabled=\
no new-packet-mark=384u passthrough=no src-address-list=Premium
add action=mark-packet chain=forward comment="User Business Upload" disabled=\
no new-packet-mark=384u passthrough=no src-address-list=Business
add action=mark-packet chain=forward comment="Office PC Download" disabled=no \
dst-address-list=Office new-packet-mark=Office passthrough=no
add action=mark-packet chain=forward comment="Office PC Upload" disabled=no \
new-packet-mark=OfficeU passthrough=no src-address-list=Office
add action=mark-packet chain=forward comment="Office Laptop PC Download" \
disabled=no new-packet-mark=no-mark passthrough=no src-address-list=\
laptops
add action=mark-packet chain=forward comment="Office Laptop PC Upload" \
disabled=no new-packet-mark=no-mark passthrough=no src-address-list=\
laptops
add action=mark-packet chain=forward comment="SpeedTest PC Download" \
disabled=no dst-address-list=SpeedTest new-packet-mark=no-mark \
passthrough=no
add action=mark-packet chain=forward comment="SpeedTest PC Upload" disabled=\
no new-packet-mark=no-mark passthrough=no src-address-list=SpeedTest
add action=mark-packet chain=forward comment="Unknown User Download" \
disabled=no dst-address-list=Unknown new-packet-mark=UnknownD \
passthrough=no
add action=mark-packet chain=forward comment="Unknown User Upload" disabled=\
no new-packet-mark=UnknownU passthrough=no src-address-list=Unknown
add action=add-src-to-address-list address-list=Unknown address-list-timeout=\
30m30s chain=forward disabled=no src-address-list=Clients
and here’s where I setup the Queue trees. We use PCQ
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=22M name="3 User Premium" packet-mark=Premium parent=\
Download-All priority=3 queue="PCQ_3 Premium"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=User256u packet-mark=256u parent=Upload-All priority=5 \
queue="PCQ_U 256"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=User128u packet-mark=128u parent=Upload-All priority=6 \
queue="PCQ_U 128"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=8M name="1 User Basic" packet-mark=Basic parent=Download-All \
priority=5 queue="PCQ_1 Basic"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=20M name="2 User Home" packet-mark=Home parent=Download-All \
priority=4 queue="PCQ_2 Home"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=25M name="4 User Business" packet-mark=Business parent=\
Download-All priority=2 queue="PCQ_4 Business"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=User384u packet-mark=384u parent=Upload-All priority=3 \
queue="PCQ_U 384"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=512k name="UserUnknown U" packet-mark=UnknownU parent=\
Upload-All priority=8 queue="PCQ_U Unknown"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
max-limit=0 name="6 Office" packet-mark=Office parent=Download-All \
priority=8 queue="PCQ_6 Office"
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=512k name="5 User UnKnown U" packet-mark=UnknownD parent=\
Download-All priority=8 queue="PCQ_5 Unknown"
Ty so much .
Enviado desde mi GT-I9100 usando Tapatalk 2
aparently that got left out when I copied and pasted.
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=50M name=Download-All parent=ClientFacingPort priority=8
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=5M name=Upload-All parent=global-out priority=8
you will need to change the ClientFacingPort to match what port is facing your clients. also adjust your limits accordingly
I almost forgot, you’ll have to go in and setup your PCQ settings under Queue Type, just make sure you have the same names used in both the Queue Tree as in the Queue Type.
troy
September 12, 2012, 3:04pm
9
I struggled with this as well and came up with a very similar solution. I added some mangle rules to bypass the PCC to mark connections/routes for clients that had a static 1:1 NAT.
Next up, how would we integrate QOS into this? I’d like to prioritize ssh/telnet, gaming, web, mail, and other sets. I have seen a number of QOS configurations to do this, but none that integrated with PCQ & PCC.
troy:
I struggled with this as well and came up with a very similar solution. I added some mangle rules to bypass the PCC to mark connections/routes for clients that had a static 1:1 NAT.
Next up, how would we integrate QOS into this? I’d like to prioritize ssh/telnet, gaming, web, mail, and other sets. I have seen a number of QOS configurations to do this, but none that integrated with PCQ & PCC.
and yes, adding mangle rules to bypass the PCC seems about the easiest way I know to bypass them
Troy, take a look at this, http://mum.mikrotik.com/presentations/CZ09/QoS_Megis.pdf page 5 and 6.