Working QoS configuration

negge · August 2, 2011, 12:43pm

Nowadays I just use the “default” type for all queues, however I experimented with bigger queue sizes before that’s why the configs show a custom queue type. I’ve tried sizes ranging from a couple hundred packets to 10 000 without much change in behavior (except that the queue size goes up of course), but some protocols might start behaving weirdly if you make the queue size too big.

kameelperdza · August 5, 2011, 6:04am

so non_critical_queue value should be more or less the value of default queue?

negge · August 5, 2011, 6:45am

Yes.

kameelperdza · August 11, 2011, 7:50pm

I have noticed that if i make bridge1 the parent in queue tree then the queues does not work.

Devices on bridge1 is ether1 ,ether3, eoip-tunnel1 ,eoip-tunnel2 ,eoip-tunnel3 (Bridge1 ip address=192.168.0.0/24)
Devices on bridge2 is ether2 and ether4 (Bridge2 ip address=172.16.0.0/24)

I did some test and if i add eoip-tunnel3 as parent in queue tree then it works 100%.
Does this mean i should create mangle rules and queue trees for each device on my router?

EDIT:

PS:I managed to get it working by putting bridge ports in “out-bridge-port” instead of “out-interface”.

shadowskippie · September 8, 2011, 11:57am

I love this, when i can i want to try it out at home where i have one ADSL connection
Now i also want to implement it at my work where we have four ADSL connections and a default route point to all of them, how would i got about using you QoS design where i have four possible ADSL connections to work with

shadowskippie · September 9, 2011, 4:49pm

okay, it seems i need a little help

my RB750 is in a bridged setup, i have setup the three of the rules and find they are not working correctly

Flags: X - disabled, I - invalid, D - dynamic

1 ;;; Time critical traffic
chain=postrouting action=mark-packet new-packet-mark=time_critical passthrough=no protocol=udp out-interface=bridge1 dst-port=53
out-bridge-port=ADSL

2 chain=postrouting action=mark-packet new-packet-mark=time_critical passthrough=no protocol=tcp out-interface=bridge1 dst-port=53

3 chain=postrouting action=mark-packet new-packet-mark=time_critical passthrough=no tcp-flags=fin,syn,rst protocol=tcp
out-interface=bridge1 out-bridge-port=ADSL

i can see rule 1 working when i have bridge set as the out int but only like that, if i set the advance section with out-bridge-port=ADSL as you can see it stops marking packets.
rule 3 just doesn’t mark, period. where am i going wrong

edmidor · March 1, 2012, 5:04pm

How this config should be modified to give priority to packet order critical UDP connections, i.e. VoIP?

dgonzalezh · June 17, 2013, 5:47am

Hey there,

Great post I’d like to know if that’d apply to my personal setup, I’ve setup my MK with the PCC routing guide to load balance my two WANs, but I’d like to use one of them just to upload, outgoing Dropbox and FTP out stuff as it’s way faster than the other connection I’d love to use these rules as they look promising for what I’m looking for.

Thanks and sorry for hijacking your thread.

Cheers.

negge:

Hi everybody,

I’ve been struggling for some time to create a working QoS configuration, reading through countless manual pages, wikis, forum topics etc. I’ve noticed two things; in order to do something great with a Mikrotik router, you have to be a network guru. I thought I knew relatively much about networking when I got my router, but it seems I was wrong. Second, it seems like there’s a tendency among those who actually do know something and who actually have working configurations to be pretty secretive about them, which is understandable, but very frustrating for novices. That’s why I thought I’d post my QoS configuration here as well as explain what it does (or at least what I want it to do).

[snip]

Feel free to comment on my config if you have any suggestions that would make it better.

Edit: Forgot to mention that I changed the queue size to 200 packets (default is 50)

macgaiver · June 17, 2013, 7:58am

Interesting tread but i noticed that it went a little bit in the wrong direction!

Main thing - Priority and prioritization have nothing to do with packet order, it doesn’t put one packet before other.
Think of priority as “face control” guy on club entrance - he is standing in the doors and filter out those that he doesn’t wan’t in the club, order between those that got in remains the same.

There can be some out-of-order, but only in case you have different queue types and queue sizes in different subqueues.

If we are talking about small TCP ACK priority - it makes sense cause those packets come as acknowledgment to successful delivery of big packet, if something happens to this small ACK it will result in 2nd transmit of that big packet - that would be waste of bandwidth and increase of latency.

negge · June 17, 2013, 8:19am

Since I started this thread I have changed my configuration to a much simpler one. The main idea is still the same, I just stopped mangling the TCP ACK packets since it seems to be very hard to get that bit right. Simply prioritizing the ports you want seems to work way better, for example I can max out my upload speed while still getting the same ping latency as I would if the line was completely unused.

kraker · June 19, 2013, 9:25am

please share your new qos config..

thanks…

negge · June 19, 2013, 9:50am

It’s exactly the same as the one in the original post except the TCP ACK packets aren’t marked during mangling.

pcunite · August 31, 2013, 2:44pm

negge,

Thank you for this post, I had created my own thread on VoIP Qos’ing linked here before I found your topic. I’m still learning. Any thoughts? I’m using mark-connection to lessen the load on the CPU.

It’s exactly the same as the one in the original post except the TCP ACK packets aren’t marked during mangling.

So, it looks like this?

Note that … disabled=no passthrough=no … is set on all, removed for brevity

/ip firewall mangle
add action=mark-packet chain=postrouting out-interface=WAN new-packet-mark=link_critical protocol=udp dst-port=67 src-port=68
add action=mark-packet chain=postrouting out-interface=WAN new-packet-mark=link_critical protocol=ipsec-esp
add action=mark-packet chain=postrouting out-interface=WAN new-packet-mark=time_critical protocol=udp dst-port=53
add action=mark-packet chain=postrouting out-interface=WAN new-packet-mark=time_critical protocol=tcp tcp-flags=fin,syn,rst
add action=mark-packet chain=postrouting out-interface=WAN new-packet-mark=time_critical protocol=tcp connection-state=new
add action=mark-packet chain=postrouting out-interface=WAN new-packet-mark=high_pri_interactive protocol=tcp port=22,2200
add action=mark-packet chain=postrouting out-interface=WAN new-packet-mark=high_pri_interactive protocol=tcp port=8291
add action=mark-packet chain=postrouting out-interface=WAN new-packet-mark=low_pri_interactive protocol=tcp port=80,443,8112
add action=mark-packet chain=postrouting out-interface=WAN new-packet-mark=high_pri_non_interactive protocol=tcp connection-type=ftp
add action=mark-packet chain=postrouting out-interface=WAN new-packet-mark=low_pri_non_interactive protocol=tcp port=25,110
add action=mark-packet chain=postrouting out-interface=WAN new-packet-mark=non_critical protocol=tcp

Note that … burst-limit=0 burst-threshold=0 burst-time=0s limit-at=0 disabled=no queue=default … is set on all, removed for brevity

/queue tree
add max-limit=2M name=“Outgoing queue” packet-mark=“” parent=WAN priority=8
add max-limit=2M name=“Link-critical” packet-mark=link_critical parent=“Outgoing queue” priority=1
add max-limit=2M name=“Time-critical” packet-mark=time_critical parent=“Outgoing queue” priority=2
add max-limit=2M name=“High-pri interactive” packet-mark=high_pri_interactive parent=“Outgoing queue” priority=4
add max-limit=2M name=“Low-pri interactive” packet-mark=low_pri_interactive parent=“Outgoing queue” priority=5
add max-limit=2M name=“High-pri non-interactive” packet-mark=high_pri_non_interactive parent=“Outgoing queue” priority=6
add max-limit=2M name=“Low-pri non-interactive” packet-mark=low_pri_non_interactive parent=“Outgoing queue” priority=7
add max-limit=2M name=“Non-critical” packet-mark=non_critical parent=“Outgoing queue” priority=8

dunga · September 13, 2013, 11:57am

Thanks Ngee,
For your configurations. Plz my network is not like your own but differently. My setup is just like this. WAN ------> Lan(Bridged: port 2 - 10).-------->Switch -------(AP). My uplink is 1meg/download is 2meg.

My clients are on hotspot just a user requires much speed, how do i about to use your setup to achieve a better QOS for my network, so that i can achieve the best from what i am being given.

Thanks

AaronG · November 14, 2013, 11:27pm

This is traffic prioritization, not really rate limiting. The only reason that the max bandwidth is specified is to make the mikrotik “aware” of it’s bandwidth budget. It’s preferable for the mikrotik to queue traffic rather than have it discarded by an overtaxed uplink.

If you want to implement rate limitations, you should look into PCQ.

http://wiki.mikrotik.com/wiki/Manual:Queues_-_PCQ_Examples

One really cool thing about setting up a PCQ is that it can work in tandem with IPprec (prioritization) like you see here, and you can specify your overall bandwidth budget in the parent queue.

gulliverrr · August 3, 2014, 6:46pm

Hello everybody!

I’ve also been looking for ages to setup my home network like that as torrents have been my main pita requiring continuing attention if I want to upload as much as I can.
My setup is a bit different so the above instructions do not work on me. I have a 5-port RB951-2n in the following setup:

Cable Modem <===> [MT port 1]
                  [MT port 2] <===> [Switch] <===> Torrent Machine
                  [MT port 3] <===> PC#1 
                  [MT port 4] <===> PC#2

The problem is that I have setup MT ports 1-5 to belong to a local bridge to simplify my routing so I dont think routing works the same way as negge’s case.

Can someone point me to the right direction about modifying these commands to apply QoS based on IP (all my machines have static IP) or interface (everybody get default high priority apart from interface 2 which gets low)

Any help will be very much appreciated as I am lost in so many related posts around the forum.

MosquitoCR · February 5, 2015, 6:17am

Hello Negge,

Can you share your latest version of your QOS ?
I have MK OS 6.26.

Please let me know.

Thanks.

vamose · March 3, 2015, 6:02pm

Guys,

I bought the Mikrotik router and used AP and PPOE settings to enable the router and my ISP provider.

I have 10MBs service, but when I use speediest websites such as testmy.net net performance maxes out at 3.2MBps.

I need your help with streamlining my configuration and with QOS. The requirement for QOS is as per the priority listed, can any one help me.

VOIP
Streaming video content - You tube
SSH
FTP
Downloading
Torrent downloads.

shadowskippie · March 3, 2015, 7:21pm

The problem may not be your qos. When you run the speed check your cpu. Lets start by making sure you’re not maxing it out

vamose · March 4, 2015, 2:28am

shadowskippie, please suggest how to do you check my CPU (which CPU router or laptop) is not maxing out and how do I check it? I am completely new to Mikrotik router, hence please do share the commands to use.

Ok, I tested the speed:

Mikrotik Router (Login → system → resources) - Maximum CPU load 26%
The result from testmy.net - DL 6 Mbps 754 kB/s, Upload 1.7 Mbps 216 kB/s - (no other application, except speed test website)
Laptop CPU load - below 5%

My ISP provider:

10MB of download speed
2Mbps of upload speed