I'm wondering if there is an easy way to limit all traffic on a bridged or switched router. When I setup a simple queue on the WAN interface, only a fraction of the upload traffic is limited. I suspect that "output" traffic (generated from router as opposed to traffic passing through or going into router) from the router is not being included in this queue but I'm not sure. Here is the configuration:
RouterOS version: 6.38.5
Hardware: hEX lite (mibspbe)
set [ find default-name=ether1 ] comment=WAN
set [ find default-name=ether2 ] comment=LAN master-port=ether1
add max-limit=20M/20M name=catchall2 target=ether1
With this configuration, some of the upload traffic is not queued. I can tell because the TX traffic on the WAN interface is consistently much higher than the Upload traffic on the queue. The download pretty much matches (hard to tell exactly because the numbers reported on the ethernet interface and the queue appear to average over different periods; I believe it is working correctly this direction though). Over time, I noticed that upload on the queue is averaging about 15kbps while upload on the interface is averaging about 100kbps. Upload on the queue peaks at about 20kbps while upload on the interface peaks at 200kbps+.
I have tried:
- Setting target to 0.0.0.0/0 instead of ether1
- using a bridge instead of switched (setting master-interface on ether2)
- setting queue on bridge interface (only queues traffic in one direction)
- Configuring bridge:
/interface bridge settings
set allow-fast-path=no use-ip-firewall=yes
Does anyone know what the easiest way to configure a router to limit all traffic passing through it is? We have many of these routers deployed and I'm trying to find a configuration that is not specific to whether the router is bridged or routed and not specific to the IP addresses/networks assigned so we can have a standard configuration based on interface.