Hello everyone. I am hoping that someone can assist me with my queue tree setup. My setup is as follows:
Internet connectivity via ADSL, (6M/.6M), pppoe-client on eth1.
A variety of Routerboard hardware, from RB2011UiAS-2Hnd to RB750 etc. This particular site uses a RB715G-2HnD. RouterOS 6.11
Router is providing NAT Internet access via src-nat rule. (clients use 192.168.0.0/24).
My goal is to limit all inbound and outbound traffic to roughly 80% of my available ADSL speed so as to not bottleneck the link. Also I want to be 100% sure that one particular connection (an OpenVPN connection from 192.168.0.200, port 1194 UDP outbound) is not throttled. I have come up with the following queue tree. Relevant mangle rules etc. Am I way off base? Lastly, is there any way for me to be notified when the queue limit is reached?
/ip firewall address-list
add address=192.168.0.0/24 disabled=no list=LAN
add address=192.168.0.200 disabled=no list=POS
/queue type
add kind=pcq name=download pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=6100k pcq-src-address-mask=32
pcq-src-address6-mask=64 pcq-total-limit=2000
add kind=pcq name=upload pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=src-address pcq-dst-address-mask=32 pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=660k pcq-src-address-mask=32
pcq-src-address6-mask=64 pcq-total-limit=2000
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=4000k max-limit=4000k name=Global_Download_Queue packet-mark=“” parent=global priority=8
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=520k max-limit=520k name=Global_Upload_Queue packet-mark=“” parent=pppoe-out1 priority=8
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=lan-download packet-mark=lan parent=Global_Download_Queue priority=2 queue=download
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=lan-upload packet-mark=lan parent=Global_Upload_Queue priority=2 queue=upload
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=pos-download packet-mark=pos parent=Global_Download_Queue priority=2 queue=download
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=pos-upload packet-mark=pos parent=Global_Upload_Queue priority=2 queue=upload
/ip firewall mangle
add action=mark-connection chain=forward comment=“LAN Traffic” disabled=no new-connection-mark=lan-con passthrough=yes src-address-list=LAN
add action=mark-packet chain=forward connection-mark=lan-con disabled=no new-packet-mark=lan passthrough=yes
add action=mark-connection chain=forward comment=“POS Traffic” disabled=no new-connection-mark=pos-con passthrough=yes src-address-list=POS
add action=mark-packet chain=forward connection-mark=pos-con disabled=no new-packet-mark=pos passthrough=yes
add action=mark-connection chain=forward comment=“POS VPN” disabled=no new-connection-mark=pos-vpn-con passthrough=yes port=1194 protocol=udp src-address-list=POS
add action=mark-packet chain=forward connection-mark=pos-vpn-con disabled=no new-packet-mark=pos-vpn passthrough=yes
add action=mark-connection chain=forward comment=“SSH_220 Inbound” disabled=no in-interface=pppoe-out1 new-connection-mark=ssh-con passthrough=yes port=220 protocol=tcp
add action=mark-packet chain=forward connection-mark=ssh-con disabled=no new-packet-mark=ssh passthrough=yes
add action=mark-connection chain=prerouting comment=Winbox disabled=no new-connection-mark=winbox-con passthrough=yes port=8291 protocol=tcp
add action=mark-packet chain=prerouting connection-mark=winbox-con disabled=no new-packet-mark=winbox passthrough=yes