I have an ISP situation where there is about 1000 users sitting behind Cisco 3550 switches. Each port is 1 user and is configured with an individual VLAN where each VLAN is assigned a small network subnet and corresponding DHCP scope.
The problem is that it seems these 3550’s will not bandwidth limit effectively at the port level. Incoming bandwidth is effectively limited, but outgoing is not. So, I am looking at a MT solution but google and the forums are not turning up any specific information for such a situation.
Ideally I would limit each subnet (and thus corresponding VLAN/Port/Customer) to what the customer is paying for (1Mb up/1Mb down, etc). Is anyone running 1000 different queues with MT? Any experience or suggestions on the performance and reliability?
PCQ might be able to do what I need, but it looks more like it divides a subnet into individual IP bandwidth limits. In this case I need around 1000 subnets with each subnet sharing limited bandwidth.
As an additional note: I don’t need to do any traffic priorities or QoS. Just raw limiting. It might be nice to allow bursting but it is not a requirement.
I believe a Mikrotik router placed between your Cisco switches and your edge router would do what you want. I believe you would need a PCQ Queue for each subnet. You would use Queue Tree for the limiting.
If you want each user in a subnet to have access to the full amount of bandwidth you assign to that subnet, setup 2 PCQ queue types (one for incoming and one for outgoing). Set the rate at 0. Depending on the size of your subnets and the amount of users using the connection at the same time, you may need to increase the PCQ’s default total limit value. Limit 50 and total limit 2000 is only good for 40 concurrent users at a time. I don’t know how big your customer subnets are, but that may not be enough? You would then set Max-Limit in the queue tree to set their maximum bandwidth. With this config each user in a subnet would equally share the bandwidth you allocated by the Max-Limit setting.
You would setup an adderess-list and 2 mangle entrys (one to mark connection and the other to mark pakets) for each subnet. This would take some time, with 1000 of them. I have no idea how well Mikrotik will work with 2000 mangle entry’s and 1000 queue tree entrys. Mine is less then 50 for both, but hopefully someone with experience with higher number will chime in here.
Do you NAT these users or are they public subnets? If you NAT each subnet to a sigle static public IP, you could place the bandwidth shaping router between the NAT router and the edge router. Then your configuration would be much easier. You would setup a single incoming and outgoing PCQ queue tree for each level of service you offer (instead of each user), with PCQ rate set to whatever each subnet should get. You would not use Max-Limit, unless you wanted to limit the different subnets as a group. This would still require 1000 access entrys, but only 2 or more mangle and queue tree entrys, depending on how many different level of service you offered (2 for each). With this setup, each subnet would equally share whatever bandwidth is available up to the rate you set in the PCQ or if you cap them as a group with Max-Limit in the queue tree.
How much bandwidth does these users have access to? That needs taken into consideration. I do believe you will need either a Routerboard 1000 or custom built high-end machine with routeros to handle this.
I’m pretty new to this, so maybe someone with experience will add something useful. Seems the “experienced” ones are pretty tight lipped around here.