Hi everyone, need your advice about traffic shaping for Web Proxy client. The situation is follow: there are two ISP, mangle setting for routing Address lists. The group PROXY should get inet access throuth internal WEBProxy on MT. Its working, but i cant restrict download speed for that group. Another groups get direct access with mangle marking and exist in Queue Tree rules.
NAT
chain=srcnat action=masquerade out-interface=ether3
chain=dstnat action=redirect to-ports=8080 protocol=tcp
src-address-list=PROXY in-interface=ether8 dst-port=80
Route
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE ROUTING MARK
0 A S 0.0.0.0/0 Y.Y.Y.41 1 MTS
1 A S 0.0.0.0/0 X.X.X.169 1 GTS
2 A S 0.0.0.0/0 X.X.X.169 1
3 ADC X.X.X.168/29 X.X.X.173 ether3 0
4 ADC Y.Y.Y.40/29 Y.Y.Y.45 ether1 0
5 ADC 192.168.1.0/24 192.168.1.1 ether8 0
6 ADC 192.168.3.0/24 192.168.3.5 ether8
MANGLE
;;; PROXY
chain=prerouting action=mark-routing new-routing-mark=GTS passthrough=no src-address-list=PROXY
Mangle rules used for routing client to GTS ISP (unlim), another ISP (MTS) is limited and using for MAIL Server only
I red article about INTERNAL PROXY but its not working properly on my config…For examle i set limit-at 1Mb ,max-limit 2M for marked packet but get really less than limit-at !!!
http://wiki.mikrotik.com/wiki/Queue_with_Masquerading_and_Internal_Web-Proxy
Please help.