RB1100AHx2 upload and download limit issue

RouterOS Beginner Basics
1

Hello guys,

I just found the forum and was reading a little about everything, trying to find a solution for my newbiness =P
I just got asked by a Hotel to replace the tech guy that used to work with them, in this hotel they have a Mikrotik RB1100AHx2, i haven’t had any experience with mikrotik before besides “the rumors” of this amazing piece of hardware, and after tinkering with it for a week i have to agree.. it’s awesome! but.. i find myself in a hole from where i can’t get out so far regarding one thing.. limiting the download/upload from an interface, actually.. the limit is set, and it works.. limits the connection to 20Mb but i want to modify it.. and the thing is.. that i can’t find where is the configuration that’s limiting the interface.. (looked for it in the hotspot user profile, simple queues, profile, queue type, pcq..)

I read all i could find about this topic.. but my configuration doesn’t reflect the tutorials.. so i would like to ask for some help.. i’m posting my /export maybe the configuration is there, but i just checked line by line and i can’t seem to be able to find it..

[admin@ROUTER] > /export
# sep/03/2017 17:19:26 by RouterOS 6.38.5
# software id =
#
/interface bridge
add arp=proxy-arp name=BRIDGE_HOTEL
add name=BRIDGE_WIFI
/interface ethernet
set [ find default-name=ether1 ] name=ether1_LAN_HOTEL
set [ find default-name=ether6 ] name=ether6_LAN_WIFI
set [ find default-name=ether11 ] arp=proxy-arp name=ether11_WAN_HOTEL
set [ find default-name=ether12 ] arp=proxy-arp name=ether12_WAN_WIFI
/ip hotspot profile
add hotspot-address=10.50.1.1 name=hsprof1
/ip hotspot user profile
set [ find default=yes ] keepalive-timeout=5m shared-users=1000 status-autorefresh=4m
/ip ipsec proposal
add enc-algorithms=3des name=HOTEL_xxxx pfs-group=none
/ip pool
add name=hs-pool-15 ranges=10.50.0.1-10.50.0.254,10.50.1.2-10.50.3.254
add name=dhcp_pool1 ranges=192.168.200.30-192.168.200.60
add name=DCHP_L2TP ranges=192.168.200.180-192.168.200.190
/ip dhcp-server
add address-pool=hs-pool-15 disabled=no interface=BRIDGE_WIFI lease-time=1h name=dhcp1
add address-pool=dhcp_pool1 disabled=no interface=BRIDGE_HOTEL lease-time=1w name=dhcp2
/ip hotspot
add address-pool=hs-pool-15 disabled=no interface=BRIDGE_WIFI name=hotspot1 profile=hsprof1
/ppp profile
add dns-server=192.168.200.1,8.8.8.8 local-address=192.168.200.150 name=XXX_XXX remote-address=DCHP_L2TP \
    use-encryption=yes
/queue type
set 6 pcq-rate=100M
/interface bridge port
add bridge=BRIDGE_HOTEL interface=ether1_LAN_HOTEL
add bridge=BRIDGE_WIFI interface=ether6_LAN_WIFI
add bridge=BRIDGE_WIFI interface=ether7
add bridge=BRIDGE_WIFI interface=ether8
/interface l2tp-server server
set authentication=mschap1,mschap2 default-profile=XXX_XXX enabled=yes
/interface pptp-server server
set default-profile=XXX_XXX enabled=yes
/ip address
add address=192.168.200.150/24 interface=BRIDGE_HOTEL network=192.168.200.0
add address=10.50.1.1/22 interface=BRIDGE_WIFI network=10.50.0.0
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no interface=ether11_WAN_HOTEL
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no interface=ether12_WAN_WIFI
/ip dhcp-server network
add address=10.50.0.0/22 comment="hotspot network" gateway=10.50.1.1
add address=192.168.200.0/24 gateway=192.168.200.150
/ip dns
set servers=8.8.8.8,8.8.4.4,XXX.XXX.XXX.XXX
/ip firewall filter
# inactive time
add action=drop chain=forward comment="Dengeacion navegacion pc Recepcio horas nocturnas" dst-address=192.168.200.2 \
    time=30m-6h,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward dst-port=7500 in-interface=all-ethernet out-interface=all-ethernet protocol=tcp
add action=drop chain=forward dst-address=192.168.200.0/24 src-address=10.50.0.0/22
add action=accept chain=forward comment="acces bird 7500" dst-port=7500 in-interface=ether11_WAN_HOTEL protocol=tcp
add action=drop chain=forward dst-address=192.168.200.3 dst-port=53 protocol=udp
add action=accept chain=forward
add action=accept chain=forward comment=WINBOX_ACCES dst-port=8291 protocol=tcp
add action=accept chain=forward dst-port=1723 protocol=tcp
add action=accept chain=forward comment="ACCES L2TP" protocol=ipsec-esp
add action=accept chain=forward dst-port=500 protocol=udp
add action=accept chain=forward dst-port=4500 protocol=tcp
add action=accept chain=forward comment="ACCES L2TP" protocol=ipsec-ah
add action=reject chain=forward comment=DNS_CONSULTA_DENEGACION dst-port=23 protocol=udp reject-with=\
    icmp-network-unreachable
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=reject chain=forward comment="SSH DENEGACION" dst-port=22 in-interface=ether11_WAN_HOTEL protocol=tcp \
    reject-with=icmp-network-unreachable
add action=reject chain=forward comment="SSH DENEGACION" dst-port=22 in-interface=ether12_WAN_WIFI protocol=tcp \
    reject-with=icmp-network-unreachable
/ip firewall mangle
add action=mark-connection chain=prerouting comment=RTP dst-port=10000-20000 new-connection-mark=SIP passthrough=yes \
    protocol=udp
add action=mark-connection chain=postrouting comment=RTP dst-port=10000-20000 new-connection-mark=SIP passthrough=\
    yes protocol=udp
add action=mark-connection chain=prerouting comment=SIP dst-port=5060 new-connection-mark=SIP passthrough=yes \
    protocol=udp
add action=mark-connection chain=postrouting comment=SIP dst-port=5060 new-connection-mark=SIP passthrough=yes \
    protocol=udp
add action=mark-connection chain=prerouting comment=VTUN dst-port=5004 new-connection-mark=SIP passthrough=yes \
    protocol=udp
add action=mark-connection chain=postrouting comment=VTUN dst-port=5004 new-connection-mark=SIP passthrough=yes \
    protocol=udp
add action=mark-connection chain=prerouting comment=DNS dst-port=53 new-connection-mark=DNS passthrough=yes \
    protocol=udp
add action=mark-connection chain=postrouting comment=DNS dst-port=53 new-connection-mark=DNS passthrough=yes \
    protocol=udp
add action=mark-connection chain=prerouting comment=DNS dst-port=53 new-connection-mark=DNS passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=DNS dst-port=53 new-connection-mark=DNS passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=BGP dst-port=179 new-connection-mark=BGP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=BGP dst-port=179 new-connection-mark=BGP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=WINBOX dst-port=8291 new-connection-mark=WINBOX passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=WINBOX dst-port=8291 new-connection-mark=WINBOX passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=SSH dst-port=22 new-connection-mark=SSH passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=SSH dst-port=22 new-connection-mark=SSH passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=ICMP dst-port=1 new-connection-mark=ICMP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=ICMP dst-port=1 new-connection-mark=ICMP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=ICMP dst-port=58 new-connection-mark=ICMP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=ICMP dst-port=58 new-connection-mark=ICMP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=IGMP dst-port=2 new-connection-mark=IGMP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=IGMP dst-port=2 new-connection-mark=IGMP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=SNP dst-port=109 new-connection-mark=SNP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=SNP dst-port=109 new-connection-mark=SNP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=SNMP dst-port=161 new-connection-mark=SNMP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=SNMP dst-port=161 new-connection-mark=SNMP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=SNMP dst-port=161 new-connection-mark=SNMP passthrough=yes \
    protocol=udp
add action=mark-connection chain=postrouting comment=SNMP dst-port=161 new-connection-mark=SNMP passthrough=yes \
    protocol=udp
add action=mark-connection chain=prerouting comment=SNMP dst-port=162 new-connection-mark=SNMP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=SNMP dst-port=162 new-connection-mark=SNMP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=SNMP dst-port=162 new-connection-mark=SNMP passthrough=yes \
    protocol=udp
add action=mark-connection chain=postrouting comment=SNMP dst-port=162 new-connection-mark=SNMP passthrough=yes \
    protocol=udp
add action=mark-connection chain=prerouting comment=TELNET dst-port=23 new-connection-mark=TELNET passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=TELNET dst-port=23 new-connection-mark=TELNET passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=IRC dst-port=6665 new-connection-mark=IRC passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=IRC dst-port=6665 new-connection-mark=IRC passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=IRC dst-port=6666 new-connection-mark=IRC passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=IRC dst-port=6666 new-connection-mark=IRC passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=IRC dst-port=6667 new-connection-mark=IRC passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=IRC dst-port=6667 new-connection-mark=IRC passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=IRC dst-port=6697 new-connection-mark=IRC passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=IRC dst-port=6697 new-connection-mark=IRC passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=GRE new-connection-mark=GRE passthrough=yes protocol=gre
add action=mark-connection chain=postrouting comment=GRE new-connection-mark=GRE passthrough=yes protocol=gre
add action=mark-connection chain=prerouting comment=HTTP dst-port=80 new-connection-mark=HTTP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=HTTP dst-port=80 new-connection-mark=HTTP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=HTTPS dst-port=443 new-connection-mark=HTTP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=HTTPS dst-port=443 new-connection-mark=HTTP passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=PROXY dst-port=3128 new-connection-mark=PROXY passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=PROXY dst-port=3128 new-connection-mark=PROXY passthrough=yes \
    protocol=tcp
add action=mark-packet chain=prerouting comment=SIP connection-mark=SIP new-packet-mark=LEVEL1 passthrough=no
add action=mark-packet chain=postrouting comment=SIP connection-mark=SIP new-packet-mark=LEVEL1 passthrough=no
add action=mark-packet chain=prerouting comment=DNS connection-mark=DNS new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=DNS connection-mark=DNS new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=prerouting comment=BGP connection-mark=BGP new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=BGP connection-mark=BGP new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=prerouting comment=WINBOX connection-mark=WINBOX new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=WINBOX connection-mark=WINBOX new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=prerouting comment=SSH connection-mark=SSH new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=SSH connection-mark=SSH new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=prerouting comment=ICMP connection-mark=ICMP new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=ICMP connection-mark=ICMP new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=prerouting comment=IGMP connection-mark=IGMP new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=IGMP connection-mark=IGMP new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=prerouting comment=SNP connection-mark=SNP new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=SNP connection-mark=SNP new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=prerouting comment=SNMP connection-mark=SNMP new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=SNMP connection-mark=SNMP new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=prerouting comment=TELNET connection-mark=TELNET new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=TELNET connection-mark=TELNET new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=prerouting comment=IRC connection-mark=IRC new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=IRC connection-mark=IRC new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=GRE connection-mark=GRE new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=prerouting comment=GRE connection-mark=GRE new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=prerouting comment=HTTP connection-mark=HTTP new-packet-mark=LEVEL3 passthrough=no
add action=mark-packet chain=postrouting comment=HTTP connection-mark=HTTP new-packet-mark=LEVEL3 passthrough=no
add action=mark-packet chain=prerouting comment=PROXY connection-mark=PROXY new-packet-mark=LEVEL3 passthrough=no
add action=mark-packet chain=postrouting comment=PROXY connection-mark=PROXY new-packet-mark=LEVEL3 passthrough=no
add action=mark-connection chain=prerouting comment=IPSEC dst-port=50 new-connection-mark=IPSEC passthrough=yes \
    protocol=udp
add action=mark-connection chain=postrouting comment=IPSEC dst-port=50 new-connection-mark=IPSEC passthrough=yes \
    protocol=udp
add action=mark-connection chain=prerouting comment=IPSEC dst-port=51 new-connection-mark=IPSEC passthrough=yes \
    protocol=udp
add action=mark-connection chain=postrouting comment=IPSEC dst-port=51 new-connection-mark=IPSEC passthrough=yes \
    protocol=udp
add action=mark-connection chain=prerouting comment=IPSEC dst-port=500 new-connection-mark=IPSEC passthrough=yes \
    protocol=udp
add action=mark-connection chain=postrouting comment=IPSEC dst-port=500 new-connection-mark=IPSEC passthrough=yes \
    protocol=udp
add action=mark-connection chain=prerouting comment=IPSEC dst-port=500 new-connection-mark=IPSEC passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=IPSEC dst-port=500 new-connection-mark=IPSEC passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting comment=IPSEC dst-port=4500 new-connection-mark=IPSEC passthrough=yes \
    protocol=udp
add action=mark-connection chain=postrouting comment=IPSEC dst-port=4500 new-connection-mark=IPSEC passthrough=yes \
    protocol=udp
add action=mark-connection chain=prerouting comment=IPSEC dst-port=4500 new-connection-mark=IPSEC passthrough=yes \
    protocol=tcp
add action=mark-connection chain=postrouting comment=IPSEC dst-port=4500 new-connection-mark=IPSEC passthrough=yes \
    protocol=tcp
add action=mark-packet chain=prerouting comment=IPSEC connection-mark=IPSEC new-packet-mark=LEVEL2 passthrough=no
add action=mark-packet chain=postrouting comment=IPSEC connection-mark=IPSEC new-packet-mark=LEVEL2 passthrough=no
/ip firewall nat
add action=dst-nat chain=dstnat comment="ACCES REMOT CENTRALITA" dst-port=4443 in-interface=ether11_WAN_HOTEL \
    protocol=tcp to-addresses=192.168.200.246 to-ports=443
add action=dst-nat chain=dstnat comment="ACCES REMOT CENTRALITA" dst-port=4443 in-interface=ether12_WAN_WIFI \
    protocol=tcp to-addresses=192.168.200.246 to-ports=443
add action=redirect chain=dstnat comment="PROXY TRANSPARENTE" disabled=yes dst-port=80 log=yes protocol=tcp \
    to-ports=8080
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="MASQUERADE XXX_XXX" out-interface=ether11_WAN_HOTEL src-address=\
    192.168.200.0/24
add action=masquerade chain=srcnat comment=MASQUERADE_WIFI out-interface=ether12_WAN_WIFI
add action=masquerade chain=srcnat comment="masquerade hotspot network" src-address=10.50.0.0/22
add action=dst-nat chain=dstnat comment="PORT ACCES 7500  TCP FDS" dst-port=7500 in-interface=ether11_WAN_HOTEL \
    protocol=tcp to-addresses=192.168.116.10 to-ports=7500
add action=dst-nat chain=dstnat comment="PORT ACCES 7500  UDP FDS" dst-port=7500 protocol=udp to-addresses=\
    192.168.116.10 to-ports=7500
/ip hotspot user
add name=admin password="XXXX"
add name=HOTEL password=XXXX
/ip ipsec policy
add comment=VPN_HOTEL-XXXXX dst-address=XXX.XXX.XXX.XXX proposal=HOTEL_XXXXX sa-dst-address=XXX.XXX.XXX.XXX \
    sa-src-address=XXX.XXX.XXX.XXX src-address=192.168.200.0/24 tunnel=yes
/ip proxy
set cache-on-disk=yes
/ip proxy access
add action=deny comment="deny facebook pc recepcion" disabled=yes dst-host="" path=*facebook* src-address=\
    192.168.200.2
add action=deny comment="deny pelis pc recepcion" disabled=yes dst-host="" path=*peli* src-address=192.168.200.2
add action=deny comment="deny sexo pc recepcion" disabled=yes dst-host="" path=*sex* src-address=192.168.200.2
add action=deny comment="denegar navegacion web tpv rest" dst-port=443 src-address=192.168.200.4
add action=deny comment="denegar navegacion web tpv bar" dst-port=80 src-address=192.168.200.3
add action=deny comment="denegar navegacion web rest" dst-port=80 src-address=192.168.200.4
add action=deny comment="denegar navegacion web tpv bar" dst-port=443 src-address=192.168.200.3
add action=deny comment="deny acces twitter" disabled=yes path=*twit* src-address=192.168.200.2
add action=deny comment="deny acces programa" disabled=yes path=*progr* src-address=192.168.200.2


[admin@ROUTER] >

Thanks in advance!

2

i think that u need is in Queue, than in simple queues click + sign and than choose target and bottom you have max limit. There you can do it, if this is what you want

3

I don’t see any limits in your config. Is your ISP actually faster than that?

4

Yes, that’s the weird thing, through the LAN Bridge i get 300Mb but through the WiFi Bridge i get 20Mb.. (checked this with speedtest) i think i will just reset the configuration to default and start from scratch.. i really can’t see any other option so far.. Thanks for your replies guys!

5

Check the Queues, both the Simple Queues and Queue Tree, it’s probably set there.