Community discussions

MUM Europe 2020
 
berlyn
newbie
Topic Author
Posts: 46
Joined: Wed Jun 06, 2012 1:55 pm

P2p limiting

Thu Mar 14, 2013 9:39 am

I will pay anyone who can help me limiting p2p on my network.
I have posted a few times for someone to help me but no one seem to be able too???
 
User avatar
dotnet
Frequent Visitor
Frequent Visitor
Posts: 53
Joined: Tue Feb 26, 2013 11:41 am
Location: Chittagong, Bangladesh.

Re: P2p limiting

Thu Mar 14, 2013 10:22 am

yes you can limiting p2p
pls follow the rules :

/queue simple
add name="main" target-addresses=192.168.0.0/24 max-limit=512000/512000
add name="http" parent=main packet-marks=http max-limit=256000/256000 priority=1
add name="p2p" parent=main packet-marks=p2p max-limit=56000/56000 priority=8
add name="other" parent=main packet-marks=other max-limit=200000/200000 priority=5

/ip firewall mangle
add chain=prerouting protocol=tcp dst-port=80 action=mark-connection new-connection-mark=http_conn passthrough=yes
add chain=prerouting connection-mark=http_conn action=mark-packet new-packet-mark=http passthrough=no

add chain=prerouting p2p=all-p2p action=mark-connection new-connection-mark=p2p_conn passthrough=yes
add chain=prerouting connection-mark=p2p_conn action=mark-packet new-packet-mark=p2p passthrough=no

add chain=prerouting action=mark-connection new-connection-mark=other_conn passthrough=yes
add chain=prerouting connection-mark=other_conn action=mark-packet new-packet-mark=other passthrough=no

*** Pls don't copy-paste, just use the rules ***

Best regards
Suman

Dotnet
(Mini ISP)
 
berlyn
newbie
Topic Author
Posts: 46
Joined: Wed Jun 06, 2012 1:55 pm

Re: P2p limiting

Thu Mar 14, 2013 10:41 am

is this working? and what should my target address be?
 
User avatar
dotnet
Frequent Visitor
Frequent Visitor
Posts: 53
Joined: Tue Feb 26, 2013 11:41 am
Location: Chittagong, Bangladesh.

Re: P2p limiting

Thu Mar 14, 2013 11:23 am

your user's network address
Suman

Dotnet
(Mini ISP)
 
berlyn
newbie
Topic Author
Posts: 46
Joined: Wed Jun 06, 2012 1:55 pm

Re: P2p limiting

Thu Mar 14, 2013 11:47 am

if i have 3 , 4 meg lines what should max limits be? And does this work?
 
User avatar
dotnet
Frequent Visitor
Frequent Visitor
Posts: 53
Joined: Tue Feb 26, 2013 11:41 am
Location: Chittagong, Bangladesh.

Re: P2p limiting

Thu Mar 14, 2013 12:09 pm

yes it will be work.
if your line is 1 mb
*** 1mb = 1024000
*** 2mb = 2048000
just change your requirement

/queue simple
add name="main" target-addresses=192.168.0.0/24 max-limit=2048000/2048000

*** you can specific also your ssl connections.
/queue simple
add name="ssl" parent=main packet-marks=htt max-limit=128000/128000 priority=3

/ip firewall mangle
add chain=prerouting protocol=tcp dst-port=443 action=mark-connection new-connection-mark=ssl_conn passthrough=yes
add chain=prerouting connection-mark=ssl_conn action=mark-packet new-packet-mark=ssl passthrough=no


**** Pls don't copy-paste, just follow the rules ***


Best regards
Suman

Dotnet
(Mini ISP)
 
berlyn
newbie
Topic Author
Posts: 46
Joined: Wed Jun 06, 2012 1:55 pm

Re: P2p limiting

Thu Mar 14, 2013 12:39 pm

Thanks, should this be done every routrboard on my netwprk or only the main, and if i have 3 10 meg lines that is load balanced by linux server what should the max be for the queues.

help is appreciated
 
User avatar
dotnet
Frequent Visitor
Frequent Visitor
Posts: 53
Joined: Tue Feb 26, 2013 11:41 am
Location: Chittagong, Bangladesh.

Re: P2p limiting

Thu Mar 14, 2013 12:49 pm

already i told that 1mb = 1024000
so you will multiply your acutual bandwidth quantity.
*** just for example
50 mb = (1024000 x 50)= 51200000 (Max Limit for Main)

Now try yourself. I hope you will success ...

you have to setup Bridge in your Router for Better performances.
just follow the rules

/ interface bridge
add name="bridge1"
/ interface bridge port
add interface=WAN bridge=bridge1
add interface=LAN bridge=bridge1
/ interface bridge settings
set use-ip-firewall=yes

*** Please don't copy-paste, just follow the rules ***


Best regards
Suman

Dotnet
(Mini ISP)
 
berlyn
newbie
Topic Author
Posts: 46
Joined: Wed Jun 06, 2012 1:55 pm

Re: P2p limiting

Thu Mar 14, 2013 1:24 pm

Its not working
 
berlyn
newbie
Topic Author
Posts: 46
Joined: Wed Jun 06, 2012 1:55 pm

Re: P2p limiting

Thu Mar 14, 2013 7:29 pm

any other ideas
 
ditonet
Forum Veteran
Forum Veteran
Posts: 841
Joined: Mon Oct 19, 2009 12:52 am
Location: Europe/Poland/Konstancin-Jeziorna
Contact:

Re: P2p limiting

Thu Mar 14, 2013 9:18 pm

There is topic about P2P blocking: http://forum.mikrotik.com/viewtopic.php?t=21178

HTH,
Grzegorz | MTCNA, MTCRE, MTCSE | konsultacje MikroTik Warszawa
It is a book about a Spanish guy called Manual. You should read it. - Dilbert
 
berlyn
newbie
Topic Author
Posts: 46
Joined: Wed Jun 06, 2012 1:55 pm

Re: P2p limiting

Fri Mar 15, 2013 7:22 am

dont want to block want to limit
 
berlyn
newbie
Topic Author
Posts: 46
Joined: Wed Jun 06, 2012 1:55 pm

Re: P2p limiting

Tue Mar 19, 2013 6:40 pm

anyone else
 
User avatar
dotnet
Frequent Visitor
Frequent Visitor
Posts: 53
Joined: Tue Feb 26, 2013 11:41 am
Location: Chittagong, Bangladesh.

Re: P2p limiting

Sat Jun 22, 2013 10:13 am

To configure 10k for p2p traffic.

/queue simple
add target-address=<network_address_of_your_local_network> max-limit=10k/10k p2p=all-p2p

It limits widely used p2p protocols, except encrypted p2p.


best regards
Suman

Dotnet
(Mini ISP)
 
deejayq
Member Candidate
Member Candidate
Posts: 195
Joined: Wed Feb 23, 2011 8:33 am

Re: P2p limiting

Mon Jul 01, 2013 11:53 am

the idea is to add to address-list addresses that open, let's say, more than 4 udp connections and 8 tcp connections to ports 1024-65535
then with this address list you can do whatever you want, like mark the packets going to 1024-65535 and then use a queue to limit the speed.
 
jandafields
Forum Guru
Forum Guru
Posts: 1514
Joined: Mon Sep 19, 2005 6:12 pm

Re: P2p limiting

Tue Jul 02, 2013 6:14 am


It limits widely used p2p protocols, except encrypted p2p.
Most p2p is encrypted now, and on port 80. The built-in "p2p" marker is useless.

Who is online

Users browsing this forum: anav and 41 guests