Weird

RouterOS General
1

I have bridged network allowing LAN to use public IP addresses. PCQ seems to be malfunctioning when mt connected directly to cisco router.

mt → cisco → internet
with PCQ 768k/256k limit enabled, our clients are getting very low speed at 120kbps/245kbps, then I filtered all p2p protocol, speed back to normal.

I tried following setup
mt → netenforcer (QoS disabled) → cisco → internet
now our client are getting 740kbps/245Kbps without filtering p2p protocol and seems to be normal.

mt is handling 2 subnets of public ip addresses.

here’s my mangle configuration
0 src-address=64.238.139.0/24 action=accept mark-flow=all-tenants

1 src-address=208.176.148.0/24 action=accept mark-flow=all-tenants

2 dst-address=208.176.148.0/24 action=accept mark-flow=all-tenants

3 dst-address=64.238.139.0/24 action=accept mark-flow=all-tenants

here’s queue type

6 name=“tenants-speed-out” kind=pcq bfifo-limit=15000 pfifo-limit=10
red-limit=60 red-min-threshold=10 red-max-threshold=50 red-burst=20
sfq-perturb=5 sfq-allot=1514 pcq-rate=262144 pcq-limit=50
pcq-classifier=src-address

7 name=“tenants-speed-in” kind=pcq bfifo-limit=15000 pfifo-limit=10
red-limit=60 red-min-threshold=10 red-max-threshold=50 red-burst=20
sfq-perturb=5 sfq-allot=1514 pcq-rate=786432 pcq-limit=50
pcq-classifier=dst-address

here’s queue tree:

0 name=“queue1” parent=WAN flow=all-tenants limit-at=0
queue=tenants-speed-out priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0

1 name=“queue2” parent=LAN1 flow=all-tenants limit-at=0
queue=tenants-speed-in priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0

2 name=“queue3” parent=LAN2-1 flow=all-tenants limit-at=0
queue=tenants-speed-in priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0

3 name=“queue4” parent=LAN3-2 flow=all-tenants limit-at=0
queue=tenants-speed-in priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0

4 name=“queue5” parent=LAN4 flow=all-tenants limit-at=0
queue=tenants-speed-in priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0

interfaces WAN,LAN1,LAN2,LAN3,LAN4, are bridged into interface “bridge1”

How do I get it to work properly?

2

When using PCQ, it means that each tenant gets this limit for PCQ – perhaps that is too fast. Try something like 64Kb/s. If you want to put all P2P into one firewall, then you need mark the packets and make a ‘tree’ queue rule for the flow mark – both ways.

John