Community discussions

 
blackzero
just joined
Topic Author
Posts: 21
Joined: Tue Aug 09, 2011 3:40 pm

Queue question.

Fri Aug 12, 2011 11:13 am

My network config:

Internet -> Modem (bridge mode) -> Mikrotik (two ethernet cards)-> Hub -> LAN/Servers/Clients

Let's say I have a client (laptop) with ip 192.168.2.33 (Windows XP)
My Mikrotik LAN card has ip 192.168.2.1
My email server has ip 192.168.2.4 (Windows 2003 server with hmail)
I also has domain and redirect port 80 to web servers, and port 110 and 25 to email server.

Currently I have a queue for that IP 192.168.2.33 for 50k upload 100k download, and it's working just fine.

From outside, that laptop accesses email without being capped by mikrotik.

However, there's a capped bandwith based on Queue I set up for that IP when that PC is accessing email server from Internal network using pop and smtp for my domain (public DNS).

Of course the simplest solution would be to change POP and SMTP setting on that particular laptop, so it points to my email server's Windows hostname when it's inside my network, and change it back to public DNS when it's outside. But I don't want that solution - it's so inconvenient by design.

Is there a solution for this problem?


My mikrotik configs:
0   ;;; Masquerade
     chain=srcnat action=masquerade

1   ;;; Web
     chain=dstnat dst-address=118.96.xxx.xxx protocol=tcp dst-port=80
     action=dst-nat to-addresses=192.168.2.3 to-ports=80

2   chain=srcnat dst-address=192.168.2.3 protocol=tcp dst-port=80
     action=src-nat to-addresses=192.168.2.3 to-ports=80

3   ;;; Transparent Proxy
     chain=dstnat src-address=192.168.2.0/24 protocol=tcp dst-port=80
     action=redirect to-ports=3128

4   ;;; POP SMTP
     chain=dstnat dst-address=118.96.xxx.xxxprotocol=tcp dst-port=110
     action=dst-nat to-addresses=192.168.2.4 to-ports=110

5   chain=dstnat dst-address=118.96.xxx.xxx protocol=tcp dst-port=25
     action=dst-nat to-addresses=192.168.2.4 to-ports=25

6   ;;; VNC pt-xxxxxx.com
     chain=dstnat protocol=tcp dst-port=5900 action=dst-nat
     to-addresses=192.168.2.3 to-ports=5900

7   ;;; CCTV Besar
     chain=dstnat protocol=tcp dst-port=83 action=dst-nat
     to-addresses=192.168.2.2 to-ports=80

8   chain=dstnat protocol=tcp dst-port=4550 action=dst-nat
     to-addresses=192.168.2.2 to-ports=4550

9   chain=dstnat protocol=tcp dst-port=5550 action=dst-nat
     to-addresses=192.168.2.2 to-ports=0-65535

10   ;;; CCTV Kecil: 19 atas - 18 bawah
     chain=dstnat protocol=tcp dst-port=84 action=dst-nat
     to-addresses=192.168.2.18 to-ports=80

11   chain=dstnat protocol=tcp dst-port=85 action=dst-nat
     to-addresses=192.168.2.19 to-ports=80
 
blackzero
just joined
Topic Author
Posts: 21
Joined: Tue Aug 09, 2011 3:40 pm

Re: Queue question.

Tue Aug 23, 2011 10:47 am

bump
 
User avatar
dasiu
Trainer
Trainer
Posts: 232
Joined: Fri Jan 30, 2009 11:41 am
Location: Reading, UK
Contact:

Re: Queue question.

Tue Aug 23, 2011 12:07 pm

Show us your queue settings :)
If you are using queue simple - just create one queue with unlimited bandwidth for target address of the e-mail server and put it in the beginning of the list of queues.
If you are using queue tree - in the beginning of mangle just throw out the packets from/to e-mail server (so they won't be marked).
 
blackzero
just joined
Topic Author
Posts: 21
Joined: Tue Aug 09, 2011 3:40 pm

Re: Queue question.

Tue Aug 23, 2011 12:39 pm

Show us your queue settings :)
If you are using queue simple - just create one queue with unlimited bandwidth for target address of the e-mail server and put it in the beginning of the list of queues.
If you are using queue tree - in the beginning of mangle just throw out the packets from/to e-mail server (so they won't be marked).
I'm using simple queue.

And I already did put my Email server's IP Address in the queue as unlimited.
 2    name="DKMPDC" target-addresses=192.168.2.4/32 dst-address=0.0.0.0/0 
      interface=all parent=none direction=both priority=8 
      queue=default-small/default-small limit-at=0/0 max-limit=0/0 
      total-queue=default-small 

33    name="33" target-addresses=192.168.2.33/32 dst-address=0.0.0.0/0 
      interface=all parent=none direction=both priority=8 
      queue=default-small/default-small limit-at=0/0 max-limit=50000/128000 
      total-queue=default-small
Doesn't do the trick, as local client '192.168.2.33' which is using my domain name in both SMTP and POP setting is still being limited (50k upload/ 128k download).
 
User avatar
dasiu
Trainer
Trainer
Posts: 232
Joined: Fri Jan 30, 2009 11:41 am
Location: Reading, UK
Contact:

Re: Queue question.

Tue Aug 23, 2011 1:14 pm

0 ;;; Masquerade
chain=srcnat action=masquerade
- why do you need this? Is it really necessary to masquerade everything?
I have some problems with understanding the rules :).
But still the queue problem is strange. It should at least have unlimited upload, as the dst-nat (for upload packets) is done before any queueing and the packet should have dst-address 192.168.2.4 and be caught by the first queue.
Maybe unlimited queue for target-address=0.0.0.0/0 and dst-address=192.168.2.4 will change anything? (I don't think it would make any difference, but I have no better shot).
One more - the "DKMPDC" is simple queue number 2. What are queues number 0 and 1?
 
fewi
Forum Guru
Forum Guru
Posts: 7734
Joined: Tue Aug 11, 2009 3:19 am

Re: Queue question.

Tue Aug 23, 2011 1:17 pm

[url][http://wiki.mikrotik.com/wiki/Manual:Queue/url]
Simple Queues

Submenu level: /queue simple

One configuration item in /queue simle' can create from 0 to 3 separate queues - one queue in global-in, one queue in global-out and one queue in global-total. If all properties of a queue have default values (no set limits, queue type is default), and queue has no children, then it is not actually created. This way, for exanple, creation of global-total queues can be avoided if only upload/download limitation is used.
Set the rate limit to 1gbps (1g/1g) instead of 0/0. All default values mean that queue doesn't actually get created.
Specific answers require specific questions. When in doubt, post the output of "/ip address print detail", "/ip route print detail", "/interface print detail", "/ip firewall export", and an accurate network diagram.
 
blackzero
just joined
Topic Author
Posts: 21
Joined: Tue Aug 09, 2011 3:40 pm

Re: Queue question.

Tue Aug 23, 2011 1:29 pm

0 ;;; Masquerade
chain=srcnat action=masquerade
- why do you need this? Is it really necessary to masquerade everything?
I have some problems with understanding the rules :).
But still the queue problem is strange. It should at least have unlimited upload, as the dst-nat (for upload packets) is done before any queueing and the packet should have dst-address 192.168.2.4 and be caught by the first queue.
Maybe unlimited queue for target-address=0.0.0.0/0 and dst-address=192.168.2.4 will change anything? (I don't think it would make any difference, but I have no better shot).
One more - the "DKMPDC" is simple queue number 2. What are queues number 0 and 1?
Oh sorry, it was for the other servers.

0    name="CCTV" target-addresses=192.168.2.2/32 dst-address=0.0.0.0/0 
      interface=all parent=none direction=both priority=8 
      queue=default-small/default-small limit-at=0/0 max-limit=0/0 
      total-queue=default-small 

 1    name="DKM-JAKARTA" target-addresses=192.168.2.3/32 dst-address=0.0.0.0/0 
      interface=all parent=none direction=both priority=8 
      queue=default-small/default-small limit-at=0/0 max-limit=0/0 
      total-queue=default-small 

 2    name="DKMPDC" target-addresses=192.168.2.4/32 dst-address=0.0.0.0/0 
      interface=all parent=none direction=both priority=8 
      queue=default-small/default-small limit-at=0/0 max-limit=0/0 
      total-queue=default-small
I'll try this suggestion:
Maybe unlimited queue for target-address=0.0.0.0/0 and dst-address=192.168.2.4 will change anything?
As for the masquerade, sorry but I don't understand, either. That's what my friend taught me anyway... -_-

[url][http://wiki.mikrotik.com/wiki/Manual:Queue/url]
Simple Queues

Submenu level: /queue simple

One configuration item in /queue simle' can create from 0 to 3 separate queues - one queue in global-in, one queue in global-out and one queue in global-total. If all properties of a queue have default values (no set limits, queue type is default), and queue has no children, then it is not actually created. This way, for exanple, creation of global-total queues can be avoided if only upload/download limitation is used.
Set the rate limit to 1gbps (1g/1g) instead of 0/0. All default values mean that queue doesn't actually get created.
Here's my queue rule setting:

http://imageshack.us/photo/my-images/714/queuex.png/

But when I issue print command, it somehow displays my queue as 0/0. Weird.


Edit: I've done extensive researches and some recommend the use of 'mangle'. Unfortunately I'm still new in Mikrotik and don't understand such complex feature.
 
fewi
Forum Guru
Forum Guru
Posts: 7734
Joined: Tue Aug 11, 2009 3:19 am

Re: Queue question.

Tue Aug 23, 2011 1:47 pm

Edit the queue named "DKMPDC" and set its max-limit to 1000000/1000000. Do that for each queue that is supposed to be exempt from simple queues further down the list.
Specific answers require specific questions. When in doubt, post the output of "/ip address print detail", "/ip route print detail", "/interface print detail", "/ip firewall export", and an accurate network diagram.
 
User avatar
dasiu
Trainer
Trainer
Posts: 232
Joined: Fri Jan 30, 2009 11:41 am
Location: Reading, UK
Contact:

Re: Queue question.

Tue Aug 23, 2011 1:56 pm

Edit the queue named "DKMPDC" and set its max-limit to 1000000/1000000. Do that for each queue that is supposed to be exempt from simple queues further down the list.
I'm curious if it helps :). The queue is not created for default-small without limit, but the queue simple "rule" still "catches" the packets - so you can see number of bytes downloaded and uploaded. So the packets shouldn't be checked by the further "rules"...
I would add rule with "target-address=0.0.0.0/0 dst-address=192.168.2.4" and see if it helps :).
 
blackzero
just joined
Topic Author
Posts: 21
Joined: Tue Aug 09, 2011 3:40 pm

Re: Queue question.

Tue Aug 23, 2011 2:07 pm

Edit the queue named "DKMPDC" and set its max-limit to 1000000/1000000. Do that for each queue that is supposed to be exempt from simple queues further down the list.
Did that just now. Here's my new setting:

http://imageshack.us/photo/my-images/695/queue2.jpg/

From that laptop (192.168.2.33) I tried to send 9 MB email. It's still limited - queue 33 displays that the upload rate for that particular machine is as defined in the rule.

So I opted to follow Dasiu's advice:
Edit the queue named "DKMPDC" and set its max-limit to 1000000/1000000. Do that for each queue that is supposed to be exempt from simple queues further down the list.
I'm curious if it helps :). The queue is not created for default-small without limit, but the queue simple "rule" still "catches" the packets - so you can see number of bytes downloaded and uploaded. So the packets shouldn't be checked by the further "rules"...
I would add rule with "target-address=0.0.0.0/0 dst-address=192.168.2.4" and see if it helps :).
http://imageshack.us/photo/my-images/853/queue3u.png/

See the first rule there. This works!

Who is online

Users browsing this forum: No registered users and 31 guests