i have simple queues for every ip of my /24 subnet (192.168.1.2 .. 192.168.1.254)
each ip is set to 256 kbit up/ 1 mbit down, all of them have priority 8
what i would like to accomplish is the following:
Destination: IP1, IP2,IP3,etc.. has unlimited bandwidth for ALl users. and should be satisfied first.
Destination: protocol tcp/ port 22 is unlimited bandwidth for ALL users. and should be satisfied first.
What i have done is created a rule that mark packets with the above conditions…
then added a queue with unlimited bandwidth, and relevant packet mark + assigned its priority to “1”
yet i don’t see any improvement, speed is still the same for those destinations.
Since you are applying the same limits on all IPs I would suggest to use pcq first. Then move all of it on queue tree.
To do that mark packets for all IPs and mark packets for desired traffic (don’t mix them). On the queue tree, create a parent queue with max-limit the bandwidth available to you and attach it to your LAN interface.
Then create to child queues attached at this parent queues with marks from above. Both these queues should use pcq as queue type. You should create pcq first at queue types (/queue type)
Specify limit-at and max-limit for both of them, and set priority.
First, the router will satisfy the limit-at of these queues, no matter what. Once limit-at is specified, it will then start satisfying the priorities.
Caci99 , thank you for your prompt response and excuse my late reply.
I did a bit of research about PCQ and how it works, apparently your suggested solution is the “best practice” way of doing things and it saves CPU cycles which is even better.
I have a couple of questions about using PCQ as you suggested if you don’t mind;
I have two ISPs. ISP1: 4 mbps down/2 mbps up. ISP2: 2mbps shared.
traffic with destination “work-related” goes to ISP1 and destination 0.0.0.0/0 goes to isp2.
with that in mind, how can i choose my parent bandwidth limit?
If i understood PCQ correctly, with the suggest 10M parent and 512 per child. it means up to 20 users they will have 512. when users are more than 20, this formula gets implemented: 10M/Number of users. equally. is that correct?
Let’s say i want to set things up where if i only have 1 users, he will get the full bandwidth, 2 users, bandwidth/2, etc… is this where i use “rate” ? or i understood that wrong?
the 512 limit is shared between up and down correct? what if i want to specify the upload and downloads for users? i have to create two new queue types one for upload and another for download? if that’s the case, most explanations point tht i should use the public interface. but in this case i have two.. how can i do that?
i hope you don’t mind, i took a part of your suggested solution and combined it with the outcome of my research today and came across the below config.
Background info:
I have two ISPs:
ISP1: 4mbps down/2 mbps up
ISP2: 2mbps shared
interfaces are named: ISP1,ISP2,LAN
Work-related address list is a sample, it will have much more destination IPs
Work-related is routed through ISP2
0.0.0.0/0 is routed through isp1
As 4 mbps is the highest download between both ISPs, i have used it as “max-limit” on LAN interface
As 2 mbps is the highest upload between both ISPs (not sure how to work with ISP2 as it’s shared), i have set “max-limit” to 2 mbps for both ISPs
assumed and expected behavior
If there’s one user, he will use all available bandwidth
If there’s N users, they will use available_bandiwdth/N ( i do not know how will this work , since i have two uneven ISPs )
For every user, work-related destination-list should be satisfied first, before regular traffic.
upload bandwidth will be calculated evenly for each ISPs as i created two trees respectively
Please correct me if i’m wrong with my above assumption and/or below config
config:
/ ip firewall address-list add list=work-related address=130.239.18.137/24
/ip firewall mangle add chain=forward src-address=192.168.0.0/24 action=mark-connection new-connection-mark=users-con
/ip firewall mangle add connection-mark=users-con action=mark-packet new-packet-mark=users chain=forward
/ip firewall mangle add chain=forward dst-address-list=work-related action=mark-conncetion new-connection-mark=priority1
/ip firewall mangle add chain=forward connection-mark=priority1 action=mark-packet new-packet-mark=priority1 passthrough=no
/queue type add name=pcq-download kind=pcq pcq-classifier=dst-address
/queue type add name=pcq-upload kind=pcq pcq-classifier=src-address
/queue tree add name=Download parent=LAN max-limit=40000000
/queue tree add name=Upload-isp1 parent=ISP1 max-limit=2000000
/queue tree add name=Upload-isp2 parent=ISP2 max-limit=2000000
/queue tree add parent=Download queue=pcq-download packet-mark=users priority=8
/queue tree add parent=Upload-isp1 queue=pcq-upload packet-mark=users priority=8
/queue tree add parent=Upload-isp2 queue=pcq-upload packet-mark=users priority=8
/queue tree add parent=Download queue=pcq-download packet-mark=priority1 priority=1
/queue tree add parent=Upload-isp1 queue=pcq-upload packet-mark=priority1 priority=1
/queue tree add parent=Upload-isp2 queue=pcq-upload packet-mark=priority1 priority=1
You have comprehended it right with small exceptions. Well done for trying it out yourself, is the best way to learn it
To answer some of your questions:
The 512kbps I putted in limit-at in example, means that the queue first will satisfy that value, and only after that it will consider the priority of the child queues. This is important to grasp (not difficult). The limit-at is what is called CIR and max-limit is what is called MIR. The total of limit-at of child should never exceed the max of their parent queue. In order for priority to work, you should define limit-at as low as you judge it convenient so that priority kicks in earlier.
That is correct, pcq will distribute evenly the bandwidth defined by the queue, unless rate is defined
If you set up rate in pcq, it will deliver the bandwidth specified in rate even if there will be more bandwidth available. If the sum of all users will be greater than the max of the queue, it will start again distributing it evenly (below the rate). Say you have 1MB in total, and four users with rate=512k. It can not give them 512k, instead will distribute 256k
In your config, you can not assign 4Mbps on download, since your ISP2 is giving you only 2Mbps. This will mess up things. You have to define two separate download parents for each ISP using packet marks. Even more, it is better to set a max below the total given by ISP, for example ISP1=4Mbps, max=3800k. You might be losing something in bandwidth but it results in better QOS experience.
One more thing, for two different parent queues, like yours upload parents in the config, the priority between them will not work. If uploadISP1 has priority=1 and uploadISP2 has priority=8, this does not mean that the first will get priority. For priority to work, will always need a parent queue which controls them, otherwise the queues will be treated equally.
