Community discussions

MikroTik App
 
thepossum
just joined
Topic Author
Posts: 11
Joined: Thu Feb 21, 2019 7:16 pm

How to prioritize all OSPF traffic?

Wed May 12, 2021 10:34 pm

We are setting up a network, using mpls/vpls/ospf to link the devices. As the connections are all over wireless links, link connectivity/uptime is not nearly as guaranteed as wired connections, so the mpls failovers need to be pretty robust. But of course, regular network traffic can overwhelm the data links. And not all links are created equal; some are slower than others simply due to which wifi channel was selected by the hardware. (ie. we can't actually know in advance what the maximum link speed is on any connection.)

So the goal then is to prioritize ospf over any other traffic. Based on what reading and links I could find, is this enough? Is there anything fundamentally broken about it?

The ospf traffic is easy enough to tag:
/ip firewall mangle
add action=mark-packet chain=prerouting comment="Prioritize OSPF" new-packet-mark=OSPF passthrough=no protocol=ospf
and just a simple pair of queue entries:
/queue simple
add name=OSPF packet-marks=OSPF priority=2/2
add limit-at=1G/1G max-limit=1G/1G name=not-OSPF parent=OSPF priority=7/7
(I note that trying to set a higher "limit" (ie. 10G) tells me that it's too big; apparently 4294967295/4294967295 is the maximum possible.)
 
mikeeg02
Member Candidate
Member Candidate
Posts: 110
Joined: Fri Mar 30, 2018 2:28 am
Location: Pennsylvania

Re: How to prioritize all OSPF traffic?

Thu May 13, 2021 6:02 am

The way this is written below, you have the parent being the ospf marked traffic, and then the child is traffic that does not have marked traffic, but if the parent requires marked traffic, there should be no un-marked traffic. This also will only affect routed traffic, not mpls/vpls

/queue simple
add name=OSPF packet-marks=OSPF priority=2/2
add limit-at=1G/1G max-limit=1G/1G name=not-OSPF parent=OSPF priority=7/7

I think you're going to want to specify the dst field on each ospf interface. And more likely use the queue tree for interface queues

/queue simple
add name="Link1" dst="ether1-Wan"
add limit-at=1M/1M max-limit=50M/50M name=OSPF parent=Link1 priority=2/2
add limit-at=49M/49M max-limit=50M/50M name=not-OSPF parent=Link1 priority=7/7

If theres a second direction

/queue simple
add name="Link1" dst="ether1-Wan"
add limit-at=1M/1M max-limit=50M/50M name=OSPF parent=Link1 priority=2/2
add limit-at=49M/49M max-limit=50M/50M name=not-OSPF parent=Link1 priority=7/7
add name="Link2" dst="ether2-Wan2"
add limit-at=1M/1M max-limit=50M/50M name=OSPF parent=Link2 priority=2/2
add limit-at=49M/49M max-limit=50M/50M name=not-OSPF parent=Link2 priority=7/7
Though I think you will want to use queue-tree for this application. As you will need to limit the vpls traffic at each end into the tunnel. This will not queue mpls/vpls traffic.
I believe your best bet is to set a vlan out interface, and have the wireless link drop based on vlan COS. You can mark your customer COS as appropriately needed.


I do think you want to use the output chain to mark your outgoing ospf traffic for interface queues:
/ip firewall mangle
add action=mark-packet chain=output comment="Mark OSPF" new-packet-mark=OSPF passthrough=no protocol=ospf
If you are going "out" a vlan interface, you may want to set COS priority and to do so:
/ip firewall mangle
add action=set-priority chain=output comment="Set OSPF vlan priority" new-priority=7 passthrough=no protocol=ospf
By using pre-routing chain and ospf, you are marking ospf packets into the router, not out of.
 
thepossum
just joined
Topic Author
Posts: 11
Joined: Thu Feb 21, 2019 7:16 pm

Re: How to prioritize all OSPF traffic?

Thu May 13, 2021 4:43 pm

/ip firewall mangle
add action=mark-packet chain=output comment="Mark OSPF" new-packet-mark=OSPF passthrough=no protocol=ospf
If you are going "out" a vlan interface, you may want to set COS priority and to do so:
/ip firewall mangle
add action=set-priority chain=output comment="Set OSPF vlan priority" new-priority=7 passthrough=no protocol=ospf
By using pre-routing chain and ospf, you are marking ospf packets into the router, not out of.

The entire goal is to prioritize OSPF packets so that they get delivered immediately regardless of other packets. Is this second "set-priority" rule sufficient to accomplish that? ie. if the priority is set, there would be no need to actually also mark the packets too. (minor note: apparently if both "marking" the packet AND setting its priority here is required, then the first rule in the list requires "passthrough=yes")

And having set the lower priority here in the firewall mangle rules, is there still a need to set up queues?
 
sindy
Forum Guru
Forum Guru
Posts: 7283
Joined: Mon Dec 04, 2017 9:19 pm

Re: How to prioritize all OSPF traffic?

Thu May 13, 2021 11:34 pm

The priority you set in the respective field of a VLAN tag is only honored, if at all, by an external device. All priority handling in Mikrotik itself is done by means of queues (queue tree and/or queue simple) and the only ways to let a packet (or frame) be handled by a particular queue are
  • to assign the packet a packet-mark value on which that queue matches (this works for both queues in the tree and for simple queues)
  • to set a "simple" queue's target value to match the source or destination IP address of that packet.
In each case, the packet/frame is handled by the queue that matched it first.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
mikeeg02
Member Candidate
Member Candidate
Posts: 110
Joined: Fri Mar 30, 2018 2:28 am
Location: Pennsylvania

Re: How to prioritize all OSPF traffic?

Fri May 14, 2021 7:07 am

Like Sindy said,

you would use the set-priority to assign the COS value in the vlan tag on outgoing packets so that the wireless link would make the decision to drop lower COS value traffic first (assuming you have it set to respect vlan COS value.

Marking traffic and using queue's affects how the mikrotik will prioritize traffic during congestion which you assign value to.

You will also want to set high priority on outgoing LDP traffic, this is very important, and you will need to assign proper priority value to bridged vpls traffic, which will get copied to the EXP field and be retained along the mpls path. (Though this can require a few extra steps for RB hardware.)
 
thepossum
just joined
Topic Author
Posts: 11
Joined: Thu Feb 21, 2019 7:16 pm

Re: How to prioritize all OSPF traffic?

Fri May 14, 2021 6:18 pm

So, queue trees then. And yes, I am fully aware that to prioritize all OSPF traffic I've got to do this on both devices, as each mikrotik can only actually control its own outbound packets.

As a test example, say that I've got one of two links between the devices paired on their matching "sfp-sfpplus2" interfaces. And a second link on a "vlan42" interface. The actual bandwidth is variable (depending on the weather, wifi interference, and nesting pigeons). Total link speeds are conceptually up to an including their 10G port speeds, but will obviously be generally less.

The packets are still trivial to mark:
/ip firewall mangle

add action=mark-packet chain=output comment="Mark OSPF" new-packet-mark=OSPF passthrough=yes protocol=ospf
(and I can see those counters climbing live on the webfig interface).

Then the queues:
/queue tree

add limit-at=0 max-limit=0 name=queue-sfp2 parent=sfp-sfpplus2 queue=default
add limit-at=0 max-limit=0 name=OSPF-sfp2 packet-mark=OSPF parent=queue-sfp2 priority=2 queue=default
add limit-at=0 max-limit=0 name=not-OSPF-sfp2 packet-mark=no-mark parent=queue-sfp2 priority=8 queue=default

add limit-at=0 max-limit=0 name=queue-vlan42 parent=vlan42 queue=default
add limit-at=0 max-limit=0 name=OSPF-vlan42 packet-mark=OSPF parent=queue-vlan42 priority=2 queue=default
add limit-at=0 max-limit=0 name=not-OSPF-vlan42 packet-mark=no-mark parent=queue-vlan42 priority=8 queue=default
But I'm still not quite getting my head wrapped around how to define these "limit-at" and "max-limit" values, given that the total bandwidth is unknown and unpredictable at any moment. The only thing that HAS to be done, is OSPF packets need to be delivered immediately, even at the expense of any bursting data.
 
mikeeg02
Member Candidate
Member Candidate
Posts: 110
Joined: Fri Mar 30, 2018 2:28 am
Location: Pennsylvania

Re: How to prioritize all OSPF traffic?

Fri May 14, 2021 7:32 pm

Max-limit is going to be the maximum value on the interface, usually minus 10% as a safety net and thats up to your discretion. You can also use this to help limit with customer bursts. Which leads to my second part of the statement, you are going to have to limit the bursts. If you are not shaping the bursting traffic, then you can not stop it from wiping out any other packets. You are going to want to segregate your traffic more for no-mark as it is "oblivious" to other potentially important traffic. IE LDP for mpls etc, because you are not marking it to be tracked and apply a queue for it. On the interfaces you have prioritized ospf packets, but you have not limited the bursting customer traffic into the queue to limit, so they are just passed.

Limit-at is used for when max-limit is reached on the interface (saturation) as a guaranteed during congestion. The sum of the combined limit-at's should not exceed the interface rate (or in your case, wireless path limit)

Who is online

Users browsing this forum: Bing [Bot], eworm, gkoleff, mirk and 248 guests