I am new guy to Mikrotik 's devices, I did search for monitoring traffic bandwidth locally (ip addresses in my country) and international traffic but no luck. Let me explain it in detail. assuming an outbound interface of router (connect to ISP) which being monitored, the statistics shows 100Mbps (total bandwidth at sometime). I want to know in 100Mbps how many bandwidth ip addresses in my country taken (users connect to country’s ip) and the others(users connect to foreign country’s ip), it can be 20Mbps for local and 80Mbps for others or something like that). Could you guys show or guide me how to do that? and whether I can monitor these types of traffic by third party software like zabbix, prtg, dude … etc.
Thank you for reply. I live in Viet Nam and i think get a list of ip address in a country is easy. but I stuck in finding out which method can be used in this case. Could you tell me more in detail.
If you mark the traffic from and to your countries IPs using mangle and run it through a queue tree you should see the traffic. then you could mark traffic not going to your countries IPs and queue it to a different queue and you would see that traffic as well. It would be additional overhead for your router to process.
Or, without marking, you could create a few FW filter rules, similar to these the ones below. Before implementing those you need to create address list named “national_address_list” with all IP subnets used within your country. If you decide to name address list differently, change the name in FW rules as well.
/ip firewall filter
add action=passthrough chain=forward out-interface=<WAN interface goes here> dst-address-list=national_address_list \
comment="from LAN towards in-country destinations"
add action=passthrough chain=forward out-interface=<WAN interface goes here> dst-address-list=!national_address_list \
comment="from LAN towards international destinations"
add action=passthrough chain=forward in-interface=<WAN interface goes here> src-address-list=national_address_list \
comment="from in-country destinations towards LAN"
add action=passthrough chain=forward in-interface=<WAN interface goes here> src-address-list=!national_address_list \
comment="from international destinations towards LAN"
… and remember to place these rules on top of FW filters. Any traffic handled by rules higher on list than these will not get counted.
The four rules above will count traffic passing your router. If you want to count traffic originating from router itself, then you’ll need to add additional filters, but those should be referring chain=input (for inbound traffic) and chain=output (for outbound traffic).