I only have 2 Question.
1. What happened with dst-nat-ed packets and how or where should i mark the packet so I can apply bandwidth management to it.
2. Which is better to apply in a shared wan connection, PCQ queue tree or regular queue tree? since the received bandwidth is always unstable(up-to)
Now the explaination:
I'm trying to find the best bandwidth management to this topology. Appology if i use explained topology not graphical to better explain the situation.
1. Users will connect to a switch. the network is 192.168.1.0/24
2. Switch is connected to a port in mikrotik RB750 with 192.168.1.1/24 address in mikrotik
3. A Linux based proxy server with 192.168.2.2/24 ip address is connected to another port in mikrotik with 192.168.2.1/24 address
4. Another port in mikrotik with ip address of 192.168.10.254 is connected to an ADSL modem using 192.168.10.1/24 address
5. ADSL modem is connected to internet using PPPoE connection to the ISP
/ip address add address=192.168.2.1/24 disabled=no interface=04-Proxy network=192.168.2.0 add address=192.168.10.254/24 disabled=no interface=05-Speedy network=192.168.10.0 add address=192.168.1.1/24 disabled=no interface=02-LAN network=192.168.1.0 add address=192.168.3.1/24 disabled=no interface=01-None network=192.168.3.0
/ip firewall nat add action=masquerade chain=srcnat comment="" disabled=no out-interface=\ 05-Speedy add action=dst-nat chain=dstnat comment="Proxy for Local redirection" disabled=no dst-port=80,8080,3128 in-interface=\ 02-LAN protocol=tcp to-addresses=192.168.2.2 to-ports=3128 add action=dst-nat chain=dstnat comment="Redirect DNS Request from LAN" disabled=no dst-port=53 protocol=udp to-ports=53 add action=redirect chain=dstnat comment="Redirect DNS Request from squid" disabled=no dst-port=53 in-interface=04-Proxy \ protocol=udp to-ports=53above are my ip address and nat
as my question above, i'm having trouble to create suitable queue for 12 users only when the http requests are dst-nated to proxy. I have marked the hit packet from proxy with DSCP 12. where should i put marking for the http requests that are automatically routed to proxy, and how to limit the bandwidth so even proxy request to the server also limited. because even tho i can limit the MISS packet to the users, the proxy request to the internet is still unlimited, so the other service such as game connection is disrupted. Especially, how can i best manage the upload request that has been passed through proxy so that it is also properly managed?
Thankyou so much for replies.