Community discussions

MikroTik App
 
User avatar
samsoft08
Long time Member
Long time Member
Topic Author
Posts: 617
Joined: Sat Nov 26, 2005 10:52 pm

Proxy + PCQ = strange results !!!!!!

Wed Nov 01, 2006 10:56 pm

many topics , many users , tried to solve the problem of applying PCQ with web-proxy enabled , the problem was packet goes from proxy were not marked , finally i found this WIKI example by Valens :

http://wiki.mikrotik.com/wiki/Queue_wit ... _Web-Proxy

i applied this example as it is , but with changes to Qtree in order to test the difference between the direct packet mark and the proxy packet mark , i tested this config with downloading a file of 5MB which was direct download , in the Qtree i found that the proxy rate reaches the MAX while the direct rate still as it is !!!!!! somthing strange !!!!!! it should be vise versa that was i expect ... and here is the config i copied from WIKI and pictures in real time when that 5MB file was downloading :


MANGLE :
1   ;;; Upload
     chain=prerouting in-interface=localnet src-address=192.168.1.0/24 
     protocol=tcp p2p=!all-p2p action=mark-packet new-packet-mark=Up-Packet 
     passthrough=no 

 2   ;;; Download
     chain=forward src-address=192.168.1.0/24 protocol=tcp p2p=!all-p2p 
     action=mark-connection new-connection-mark=users-con passthrough=yes 

3   chain=forward in-interface=internet protocol=tcp connection-mark=users-co>
     action=mark-packet new-packet-mark=down-packet passthrough=no 

4   ;;; Proxy Marking
     chain=output out-interface=localnet dst-address=192.168.1.0/24 
     protocol=tcp action=mark-packet new-packet-mark=Proxy-down 
     passthrough=no 
Qtree
1   name="2-Int-up" parent=global-in packet-mark=Up-Packet limit-at=160000 
     queue=pcq-upload priority=2 max-limit=160000 burst-limit=0 
     burst-threshold=0 burst-time=0s 

 2   name="1-Local-down" parent=localnet packet-mark=down-packet 
     limit-at=600000 queue=pcq-download priority=2 max-limit=600000 
     burst-limit=0 burst-threshold=0 burst-time=0s 

3   name="3-Proxy download" parent=localnet packet-mark=Proxy-down 
     limit-at=750000 queue=pcq-download priority=2 max-limit=750000 
     burst-limit=0 burst-threshold=0 burst-time=0s 
Image
Image
 
User avatar
samsoft08
Long time Member
Long time Member
Topic Author
Posts: 617
Joined: Sat Nov 26, 2005 10:52 pm

Thu Nov 02, 2006 6:37 am

is WIKI aprooved ??
 
valens
Trainer
Trainer
Posts: 246
Joined: Tue Jun 01, 2004 5:42 pm
Location: INDONESIA
Contact:

Thu Nov 02, 2006 6:49 am

is the mangle counting correctly ?
 
User avatar
samsoft08
Long time Member
Long time Member
Topic Author
Posts: 617
Joined: Sat Nov 26, 2005 10:52 pm

Thu Nov 02, 2006 1:56 pm

yes , but also the proxy rule counts much higher than the download ..
but i read in your wiki that the 1st rule (mangle) is for non-HTTP and direct downloading and the second is for proxy , so does that mean the proxy rule includes ALL HTTP packets ?? even the file which is downloading from the internet and its not exist in the proxy , couse its HTTP downloading too?
 
valens
Trainer
Trainer
Posts: 246
Joined: Tue Jun 01, 2004 5:42 pm
Location: INDONESIA
Contact:

Thu Nov 02, 2006 3:37 pm

I didn't see any strange thing from your example.
Both rules are for client, not for proxy.
One rule is for direct connection, and the other is for down traffic through proxy.

You can not compare also the statistic in the winbox by downloding small file or several seconds test.
The refresh time of the statistic is (or more than) 1 second.

What I can see from your screen capture is:
That time, the direct traffic is small, the traffic via proxy was big.
And this doesn't mean that the condition was strange.
 
User avatar
samsoft08
Long time Member
Long time Member
Topic Author
Posts: 617
Joined: Sat Nov 26, 2005 10:52 pm

Thu Nov 02, 2006 9:07 pm

wht do you mean by through Proxy ?? it was supposed to be traffic from the cache drive , that was the problem before that some topics said that its impossible to mark ... i also repeated the test with 100MB file and its the same , do you mean that any file downloading must pass through the proxy ??
 
valens
Trainer
Trainer
Posts: 246
Joined: Tue Jun 01, 2004 5:42 pm
Location: INDONESIA
Contact:

Fri Nov 03, 2006 5:13 am

What is the strange thing, and what do you expect ?
 2   name="1-Local-down" parent=localnet packet-mark=down-packet
     limit-at=600000 queue=pcq-download priority=2 max-limit=600000
     burst-limit=0 burst-threshold=0 burst-time=0s

3   name="3-Proxy download" parent=localnet packet-mark=Proxy-down
     limit-at=750000 queue=pcq-download priority=2 max-limit=750000
     burst-limit=0 burst-threshold=0 burst-time=0s
The rule #2 will queueing direct traffic from internet to the client. If you set the proxy transparantly, you should test this rule using non http tcp port 80 traffic.

The rule #3 will queueing the traffic from proxy to the client. In previous reply, I said "traffic via proxy", yes, it's only the simple word... the content actually coming from internet, requested by proxy, and send to the client. So, this is not queueing the traffic from internet to the proxy, but from proxy to the client.

I look again your test, and still don't get which one goes wrong. If you set transparant proxy (I guess you do so), and you test the script by downloading file via HTTP TCP port 80... off course only one rule will efect. If you want to test the other rule, try to do direct traffic, e.g. FTP or bandwidth test.

I see many people said it's impossible to mark traffic from proxy to the client. But, CMIIW, I think it's possible. I try to test it my self, and I wrote the how to in the wiki. If you also think it's impossible... why you think so? IP flow system used by Mikrotik is quite complete... you can mark almost any packet.
 
User avatar
samsoft08
Long time Member
Long time Member
Topic Author
Posts: 617
Joined: Sat Nov 26, 2005 10:52 pm

Fri Nov 03, 2006 5:31 am

Ok , I got your point , but can we make a seperate rule to mark the traffik that goes from the CACHE drive to the users ?
 
valens
Trainer
Trainer
Posts: 246
Joined: Tue Jun 01, 2004 5:42 pm
Location: INDONESIA
Contact:

Fri Nov 03, 2006 8:34 am

Yes, you already make it.
 
User avatar
larmaid
Member Candidate
Member Candidate
Posts: 177
Joined: Tue Aug 30, 2005 3:06 pm

Fri Nov 03, 2006 2:09 pm

so.....which type is the best for queue.....?

and is it simple queue or queue tree is the best queue.....?
i like it

Who is online

Users browsing this forum: brwainer, eworm, kos, naudkuneha, ysha and 74 guests