I’ve read the article from http://wiki.mikrotik.com/wiki/PCQ_Examples, and turns out that is just the thing I need for my network. Thank you for all who posted the link.
One question though. In that example, EVERY client is limited to 32k up / 64k down, right? Well, I want to allow one or two of the computers in the network (consultant stations) to have no bandwidth limit. Every clients in my network has static IP, so DHCP is off.
Is that feasible? If so, how do I go about doing it? I’ve been trying to read quite a number of posts on bandwidth limiting, but the more I read, the more confused I get. heh. So it would be great if someone could just kindly let me know what to type.
Add a mangle for the couple of IP addresses, Action = Accept, Passthrough = NO
The rule will allow the packets, and it will stop passing from the rest of the mangle rules, therefore, will be excluded from the other rules that marks the packets for PCQ.
Then I added 2 queue types and 2 queue trees lines, like so:
/queue type add name="PCQ_download" kind=pcq pcq-rate=128000 pcq-classifier=dst-address
/queue type add name="PCQ_upload" kind=pcq pcq-rate=128000 pcq-classifier=src-address
/queue tree add parent=global-in queue=PCQ_download packet-mark=all
/queue tree add parent=global-out queue=PCQ_upload packet-mark=all
Am I right so far?
Let’s say the consultants’ stations’ IP are 192.168.1.100 and 192.168.1.200. How would the new mangle rule be? And do I put it -before- or -after- the first mangle?
The above will do what you want, provided 192.168.1.0/24 is in use, ONLY by your consultants. The rule needs to be before any other mangle rules you have.
So to sum things up, here’s what I think I should do:
/ip firewall mangle add chain=prerouting src-address = 192.168.1.100 action=accept passthrough=no
/ip firewall mangle add chain=prerouting dst-address = 192.168.1.100 action=accept passthrough=no
/ip firewall mangle add chain=prerouting src-address = 192.168.1.200 action=accept passthrough=no
/ip firewall mangle add chain=prerouting dst-address = 192.168.1.200 action=accept passthrough=no
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=all passthrough=no
Then I add these:
/queue type add name=“PCQ_download” kind=pcq pcq-rate=128000 pcq-classifier=dst-address
/queue type add name=“PCQ_upload” kind=pcq pcq-rate=128000 pcq-classifier=src-address
/queue tree add parent=global-in queue=PCQ_download packet-mark=all
/queue tree add parent=global-out queue=PCQ_upload packet-mark=all
How’s that? Do correct me if I’m wrong. And are those the only ones I need to add?
Do I need the fifth line in the mangle section (the ‘all’ one)? I’m assuming I do. I mean, that one is after the lines for the consultant, no?
Everything else stays the same.
And surprise, surprise… IT WORKS!!! Yay!
Only thing I’m concerned about is, well, I did use chain=forward on all 5.
I’m just worried something might be wrong.
Everything seems to be working normally though…
I saw occasional bandwidth usage that jumps above 128k. The highest I’ve seen so far is 250k-ish. Did I do something wrong? I don’t have burst on, so this shouldn’t happen, right?
