Queue (speed limit) by MAC address

ihtus · March 31, 2015, 1:06am

Hello,
how is it possible to set a speed limit in queue by MAC.

Here is what I tried.
I am getting error: “Error in target - at least one entry expected!”

marked packets “user_mark”

2) adding simple queue

ZeroByte · March 31, 2015, 2:02am

Set target to either be global or else the interface where the users are connected.

Use “mark packet” and not “user mark”

That should fix it for ya.

ihtus · March 31, 2015, 4:55am

I had to create connection mark + packet mark. Created only packet mark.
Here is the complete tutorial for anyone in need:

Create connection mark

create packet mark based on connection mark

create simple queue based on packed mark

justchil · December 18, 2016, 5:01am

Thank you for this. I have a question and didn’t want to create a new thread about it…

I have the ip mangle rules per your instructions.

 3    chain=prerouting action=mark-connection 
      new-connection-mark=ari.ipad_conn_mark passthrough=yes 
      src-mac-address=XX:XX:XX:XX:XX:XX log=no log-prefix="" 

 4    chain=prerouting action=mark-packet new-packet-mark=ari.ipad_pck_mark 
      passthrough=yes connection-mark=ari.ipad_conn_mark log=no log-prefix=""

I have the queue setup. I also have another queue that limits eth3 (same interface this mac address is on.

 0    name="eth3_wlan0_ari.ipad" target=eth3-wlan0 parent=none 
      packet-marks=ari.ipad_pck_mark priority=8/8 
      queue=default-small/default-small limit-at=512k/1M max-limit=1M/2M 
      burst-limit=2M/4M burst-threshold=1M/1500k burst-time=8s/8s 
      bucket-size=0.1/0.1 

 1    name="eth3_wlan0.total" target=eth3-wlan0 parent=none packet-marks="" 
      priority=3/3 queue=default-small/default-small limit-at=1M/2M 
      max-limit=2M/4M burst-limit=4M/8M burst-threshold=1500k/3M 
      burst-time=8s/8s bucket-size=0.1/0.1

The MAC limiting queue must be above the “wlan0.total” queue. If it’s below it doesn’t work. If it’s a child of wlan0.total both queues display the same bandwidth usage.

My goal is to limit the eth3 port to say 10mbit. Then I would like to have child queues with different speed caps that I can prioritize. Could someone please point me in the right direction?

pe1chl · December 18, 2016, 1:09pm

As above, use packet mark, not another mark. You used connection mark.

justchil · December 18, 2016, 10:37pm

Ok. I will read more to understand what you are saying. The way I have this seems like a long/hard way to do it.

I would like for e3-wlan0 to limit bandwith for all the mac addresses below it in rules. I would also like to priority those rules.

/ip firewall mangle> print

3 ;;; e3-wlan0
chain=prerouting action=mark-connection
new-connection-mark=e3-wlan0_conn_mark passthrough=yes
in-interface=e3-wlan0 log=no log-prefix=“”

4 ;;; apple.tv
chain=prerouting action=mark-connection
new-connection-mark=apple.tv_conn_mark passthrough=yes
src-mac-address=2C:XX:XX:XX:42:0D log=no log-prefix=“”

5 ;;; ari.ipad
chain=prerouting action=mark-connection
new-connection-mark=ari.ipad_conn_mark passthrough=yes
src-mac-address=70:XX:XX:XX:XX:57 log=no log-prefix=“”

6 ;;; ari.iphone
chain=prerouting action=mark-connection
new-connection-mark=ari.iphone_conn_mark passthrough=yes
src-mac-address=08:XX:XX:XX:XX:C2 log=no log-prefix=“”

7 ;;; fin.iphone
chain=prerouting action=mark-connection
new-connection-mark=fin.iphone_conn_mark passthrough=yes
src-mac-address=08:XX:XX:XX:XX:3D log=no log-prefix=“”

8 ;;; new.ipad
chain=prerouting action=mark-connection
new-connection-mark=new.ipad_conn_mark passthrough=yes
src-mac-address=A0:XX:XX:XX:XX:CD log=no log-prefix=“”

9 ;;; dell.laptop
chain=prerouting action=mark-connection
new-connection-mark=dell.laptop_conn_mark passthrough=yes
src-mac-address=00:XX:XX:XX:XX:39 log=no log-prefix=“”

10 ;;; eth3-wlan0
chain=prerouting action=mark-packet new-packet-mark=e3-wlan0_pck_mark
passthrough=no connection-mark=e3-wlan0_conn_mark log=no log-prefix=“”

11 ;;; apple.tv
chain=prerouting action=mark-packet new-packet-mark=apple.tv_pck_mark
passthrough=no connection-mark=apple.tv_conn_mark log=no log-prefix=“”

12 ;;; ari.ipad
chain=prerouting action=mark-packet new-packet-mark=ari.ipad_pck_mark
passthrough=no connection-mark=ari.ipad_conn_mark log=no log-prefix=“”

13 ;;; ari.iphone
chain=prerouting action=mark-packet new-packet-mark=ari.iphone_pck_mark
passthrough=no connection-mark=ari.iphone_conn_mark log=no log-prefix=“”

14 ;;; fin.iphone
chain=prerouting action=mark-packet new-packet-mark=fin.iphone_pck_mark
passthrough=no connection-mark=fin.iphone_conn_mark log=no log-prefix=“”

15 ;;; new.ipad
chain=prerouting action=mark-packet new-packet-mark=new.ipad_pck_mark
passthrough=no connection-mark=new.ipad_conn_mark log=no log-prefix=“”

16 ;;; dell.laptop
chain=prerouting action=mark-packet new-packet-mark=dell.laptop_pck_mark
passthrough=no connection-mark=dell.laptop_conn_mark log=no log-prefix=“”

/queue simple> print
Flags: X - disabled, I - invalid, D - dynamic
0 name=“e3_wlan0” target=e3-wlan0 parent=none packet-marks=e3-wlan0_pck_mark
priority=3/3 queue=ethernet-default/ethernet-default limit-at=1M/2M
max-limit=2M/4M burst-limit=2M/8M burst-threshold=768k/3M
burst-time=8s/8s bucket-size=0.1/0.1

1 name=“e3_wlan0_apple.tv” target=e3-wlan0 parent=none
packet-marks=apple.tv_pck_mark priority=8/8
queue=wireless-default/wireless-default limit-at=512k/2M max-limit=1M/4M
burst-limit=2M/8M burst-threshold=512k/3M burst-time=8s/8s
bucket-size=0.1/0.1

2 name=“e3_wlan0_ari.ipad” target=e3-wlan0 parent=none
packet-marks=ari.ipad_pck_mark priority=8/8
queue=wireless-default/wireless-default limit-at=512k/2M max-limit=1M/3M
burst-limit=2M/5M burst-threshold=512k/2M burst-time=8s/8s
bucket-size=0.1/0.1

3 name=“e3_wlan0_ari.iphone” target=e3-wlan0 parent=none
packet-marks=ari.iphone_pck_mark priority=8/8
queue=wireless-default/wireless-default limit-at=512k/2M max-limit=1M/3M
burst-limit=2M/5M burst-threshold=512k/2M burst-time=8s/8s
bucket-size=0.1/0.1

4 name=“e3_wlan0_fin.iphone” target=e3-wlan0 parent=none
packet-marks=fin.iphone_pck_mark priority=8/8
queue=wireless-default/wireless-default limit-at=512k/2M max-limit=1M/3M
burst-limit=2M/5M burst-threshold=512k/2M burst-time=8s/8s
bucket-size=0.1/0.1

5 name=“e3_wlan0_new.ipad” target=e3-wlan0 parent=none
packet-marks=new.ipad_pck_mark priority=8/8
queue=wireless-default/wireless-default limit-at=512k/2M max-limit=1M/3M
burst-limit=2M/5M burst-threshold=512k/2M burst-time=8s/8s
bucket-size=0.1/0.1

6 name=“e3_wlan0_dell.laptop” target=e3-wlan0 parent=none
packet-marks=dell.laptop_pck_mark priority=8/8
queue=wireless-default/wireless-default limit-at=512k/2M max-limit=1M/3M
burst-limit=2M/5M burst-threshold=512k/2M burst-time=8s/8s
bucket-size=0.1/0.1

justchil · December 18, 2016, 11:12pm

I am trying something similar to this…

# Limit Bandwidth of each IP in an entire subnet:
/queue type
add kind=pcq name=pcq-upload-custom pcq-classifier=src-address pcq-rate=2M
add kind=pcq name=pcq-download-custom pcq-classifier=dst-address pcq-rate=2M
/queue simple
add name=Throttle-Each queue=pcq-upload-custom/pcq-download-custom \
target=192.168.1.0/24

pe1chl · December 19, 2016, 9:21am

Again, don’t mark the connection, mark the packets.
Sure it is sometimes inconvenient that you can only classify on packet marks rather than the more extensive methods available in “tc”, but that is how it is.