Hello,
We currently use a couple of CCR routers to handle PPPoE connections from about 200 users. So far we are using simple queues to enforce bandwidth limits as it’s pretty much completely automated (we return Mikrotik-Rate-Limit from radius when users connect), and it ‘just works’. There are a couple of problems with this of course -
- 5 users with a 20Mb limit can all hit 20Mb, using 100Mb of traffic
- We can end up with 100+ queues on each router (may not be much of an issue, I’m not sure)
- There’s no obvious way that I can prioritise traffic, or allow it to bypass the queue.
I’m asking here to see if anyone has experience or recommended configurations for providing this sort of service.
So far I’ve looked into putting users into groups in our management software. I can then assign say 10 users to “group1” and return this using the Mikrotik-Address-List attribute. This allows me to tag all traffic from/to these 10 users, which I can then limit with PCQ queues to provide per user & overall limits as a group. The problem I’m having is I’m not sure of the best way to tag the traffic (connections/packets) and how to configure the queues. It seems that most examples I find are for low limits (<=1Mb) and if I follow those we quickly get the queues filling up and dropping packets even in small tests, it also seems very difficult to get consistent results when testing the throughput from the user’s end. In our live setting a single queue handling 10 users could be hitting 50Mbps.
It would also be nice to prioritise VoIP traffic, or even bypass the queues entirely. The problem here is the most critical traffic, the RTP data, doesn’t seem particularly easy to identify.
Any thoughts, advice or experience on configurations that can be used in this sort of environment where we have PPPoE users who need 10-30Mbps of rate-limiting would be useful.