This week I was playing around with Cake QOS on my RB5009 and I came across a strange bug with simple queues. When I set the bandwidth limit directly on the cake queue and assign it to a simple queue on a wan interface, if I try to access winbox from the wan side through the wan ip all traffic to and from that wan starts being dropped, some times it only stops dropping after I disable the simple queue entirely.
I have a dual wan setup on this 5009 so I suspected some of its configuration could be the culprit, so I grabbed an old hAP ac2 I had around and installed 7.15.2 on it, I started the ac2 with a blank configuration and only configured a bridge, ips and the queues, same result.
This is the configuration which allowed me to reproduce the issue with the hAP ac2 :
# 1970-01-02 00:19:54 by RouterOS 7.15.2
# model = RBD52G-5HacD2HnD
/interface bridge
add name=bridge
/queue type
add cake-bandwidth=100.0Mbps cake-diffserv=besteffort kind=cake name=\
cake-wan-down
add cake-bandwidth=50.0Mbps cake-diffserv=besteffort kind=cake name=\
cake-wan-up
/queue simple
# CAKE type with bandwidth setting detected, configure traffic limits within queue itself
add name=wan-qos queue=cake-wan-down/cake-wan-up target=ether1
/interface bridge port
add bridge=bridge interface=ether2
add bridge=bridge interface=ether3
add bridge=bridge interface=ether4
add bridge=bridge interface=ether5
/ip firewall connection tracking
set udp-timeout=10s
/ip address
add address=192.168.88.1/24 interface=bridge network=192.168.88.0
add address=192.168.100.2/24 interface=ether1 network=192.168.100.0
Is this a known bug? I did a quick search and found nothing on this.
I did try it before posting.. Anyway you choose to ignore the advice (not from me, but from ROS itself) and you are now curious why it’s not working.. I have no idea why not to try it…
Please refrain from posting if you have no idea of what you are talking about. http://forum.mikrotik.com/t/some-quick-comments-on-configuring-cake/152505/1
Here’s a topic of one of the contributors to cake talking in depth about how it works, in many examples the bandwidth limit is set directly on the queue type.
There they talk about how it works and the benefits of configuring it directly on the queue type.
I reported the exact same problem to Mikrotik support same months ago. I followed this post, also recommending to set the limit on the queue-type it self.
This was the answer from support
Hello
Please fix this configuration problem here first:
/queue simple
CAKE type with bandwidth setting detected, configure traffic limits within queue itself
add bucket-size=0.001/0.001 name=CAKE_SHAPE queue=cake-download/cake-upload
target=pppoe-fonira
If you create CAKE type of queue, you can use it freely on queue/interface settings. If you want to use CAKE type queue as Simple or Tree queue, then on queue type definition you do not need to specify cake-bandwidth parameter. This must be specified on the Simple/Tree queue itself as max-limit.
Are you sure it’s the same issue?
On my case the simple queue works perfectly fine until someone tries to access Winbox through the wan interface, then it starts dropping all packets on that interface.
For now I have setted the bandwidth limit on the simple queue instead of the queue type.
I think so. I first tested the simple queue with the bandwidth limit set in the queue type on an RB5009 and it worked perfectly. I never connected to the RB5009 via winbox from WAN but one think i noticed was that /certificate enable-ssl-certificate also bugged the router forwarding traffic towards WAN. If I then restarted the pppoe tunnel or just disabled the simple queue, all started working again.
I also tried the setup on a CCR2116-12g-4s+, ware i was directly connected via winbox from WAN. As soon as I enabled the simple queue i lost connection. The public ip address was unreachable from the internet.
Does anyone here know if CAKE is re-ordering packets, e.g. prioritizing small packets over large ones?
That would improve TCP latency (prioritizing ACK) but maybe in my case (MLPPP) it may cause issues.
Cake does fair queuing using a DRR++ (deficit round robin) derived algorithm. So it attempts to deliver a MTU´s worth of bytes from each flow, in order (DRR), and also puts out flows with an arrival rate less than the total departure rate first.
Do not combine htb (simple queues) + cake bandwidth XXMbps. You cannot have two bandwidth managers inline in this way.
Anyway you choose to ignore the advice (not from me, but from ROS itself) and you are now curious why it’s not working.. I have no idea why not to try it…