I have for a long time now been trying to get a good QoS system working on my mikrotik router @ home and work. I know how intimidating Mikrotik's seem when you are new to them, and some times u just want to get some thing working, and all every one says is, read this or read that, and it takes time etc.
So After following many tutorials and reading up i have come up with a VERY simple QoS that works great and it very easy to setup and is very versatile with diff setups. I thought i would just share it for people who just want to spend 5 min copying 2 small pieces of code and then enjoy the pleasures of a working QoS.
This is my 1st Educational post so go easy on me (i'm normally asking questions)
If you just want to do it instantly just follow the steps below:
All the steps are to be completed in the terminal. (please note when copying, that each function u adding has to be on the same line, if it goes onto the 2nd it will not add correctly. I know that this some times hapens on the forum. If so i will attach a .txt with the code in) But on my screen it seems fine.
Step 1:
type:
Code: Select all
/ip firewall mangle
copy: ( use right click copy, right click past and NOT ctrl c + ctrl v)
Code: Select all
add chain=prerouting action=mark-packet new-packet-mark=http-total passthrough=yes protocol=tcp port=80
add chain=prerouting action=mark-packet new-packet-mark=https-total passthrough=yes protocol=tcp port=443
add chain=prerouting action=mark-packet new-packet-mark=voip-sip-total passthrough=yes dscp=26
add chain=prerouting action=mark-packet new-packet-mark=icmp-total passthrough=yes protocol=icmp
add chain=prerouting action=mark-packet new-packet-mark=voip-rtp-total passthrough=yes dscp=46
add chain=prerouting action=mark-packet new-packet-mark=smtp-tx passthrough=yes protocol=tcp dst-port=25
add chain=prerouting action=mark-packet new-packet-mark=imap-rx passthrough=yes protocol=tcp src-port=143
add chain=prerouting action=mark-packet new-packet-mark=imap-rx passthrough=yes protocol=udp src-port=143
add chain=prerouting action=mark-packet new-packet-mark=imap-rx passthrough=yes protocol=tcp src-port=993
add chain=prerouting action=mark-packet new-packet-mark=pop3-rx passthrough=yes protocol=tcp src-port=995
add chain=prerouting action=mark-packet new-packet-mark=smtp-tx passthrough=yes protocol=tcp dst-port=465
add chain=prerouting action=mark-packet new-packet-mark=voip-sip-total passthrough=yes connection-type=sip
add chain=prerouting action=mark-packet new-packet-mark=p2p_tota passthrough=yes p2p=all-p2p
add chain=prerouting action=mark-packet new-packet-mark=pop3-rx passthrough=yes protocol=tcp src-port=110
add chain=prerouting action=mark-packet new-packet-mark=imap-rx passthrough=yes protocol=tcp src-port=585
add chain=prerouting action=mark-packet new-packet-mark=smtp-tx passthrough=yes protocol=tcp dst-port=465
add chain=prerouting action=mark-packet new-packet-mark=dns_total passthrough=yes protocol=tcp port=53
add chain=prerouting action=mark-packet new-packet-mark=dns_total passthrough=yes protocol=udp port=53
add chain=prerouting action=mark-packet new-packet-mark=ftp_total passthrough=yes protocol=tcp port=20,21
add chain=prerouting action=mark-packet new-packet-mark=rdp_total passthrough=yes protocol=tcp port=3389
add chain=prerouting action=mark-packet new-packet-mark=ssh_total passthrough=yes protocol=tcp port=22
Type:
Code: Select all
/queue tree
copy: ( use right click copy, right click past and NOT ctrl c + ctrl v)
Code: Select all
add name="Global_In" parent=global-in limit-at=0 priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="pop3-rx" parent=Global_In packet-mark=pop3-rx limit-at=0 queue=default priority=4 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="imap-rx" parent=Global_In packet-mark=imap-rx limit-at=0 queue=default priority=4 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="Globall_Out" parent=global-out packet-mark=smtp-tx limit-at=0 priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="Global_Total" parent=global-total limit-at=0 priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="voip-rtp-total" parent=Global_Total packet-mark=voip-rtp-total limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="icmp-total" parent=Global_Total packet-mark=icmp-total limit-at=0 queue=default priority=4 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="http-total" parent=Global_Total packet-mark=http-total limit-at=0 queue=default priority=3 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="https-total" parent=Global_Total packet-mark=https-total limit-at=0 queue=default priority=3 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="voip_sip_total" parent=Global_Total packet-mark=voip-sip-total limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="smtp_tx" parent=Globall_Out packet-mark=smtp-tx limit-at=0 queue=default priority=7 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="p2p_total" parent=Global_Total packet-mark=p2p_total limit-at=0 queue=default priority=7 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="dns_total" parent=Global_Total packet-mark=dns_total limit-at=0 queue=default priority=2 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="ftp_total" parent=Global_Total packet-mark=ftp_total limit-at=0 queue=default priority=5 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="rdp_total" parent=Global_Total packet-mark=rdp_total limit-at=0 queue=default priority=2 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name="ssh_total" parent=Global_Total packet-mark=ssh_total limit-at=0 queue=default priority=2 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
Im sorry, but the comments from the mangle rules Do not copy in the code so it will look very messy:
The priorities i have configured to my likes, but it is very easy to change them:
you simply go to queue, queue tree in Winbox and click on each queue and change the priority. (8 being the lowest and 1 the highest)
Updates To follow: (as i make and find out more improvements) but the aim was to provide people with a very simple easy BASE system to start with. Feel free to play and add more.
If you feel that the QoS identification is not refined enough then you can simply add more mangle rules where u make the same packet mark, but you just have different classifiers e.g
say u have port 25 as smtp with packet mark : smtp_total
if you now want to add the other ports or classify it by ip addresses etc you make another rule with packet mark : smtp_total
This will now make all smtp traffic have the same priority. (ask if u want it explained better)