Community discussions

MUM Europe 2020
 
sandman
newbie
Topic Author
Posts: 37
Joined: Sat Apr 07, 2007 2:13 am

Simple Queue Catch All

Sat Apr 07, 2007 3:09 am

Is it possible to create a "catch-all" type simple queue that when no other queue above it catches the traffic, it does and then shapes it to say 56k?
 
User avatar
skillful
Trainer
Trainer
Posts: 557
Joined: Wed Sep 06, 2006 1:42 pm
Location: Abuja, Nigeria
Contact:

Sat Apr 07, 2007 4:17 pm

Make mangle rule to mark all connections and packets:

/ ip firewall mangle
add chain=prerouting action=mark-connection new-connection-mark=all \
passthrough=yes comment="" disabled=no
add chain=prerouting connection-mark=all action=mark-packet \
new-packet-mark=all_packets passthrough=no comment="" disabled=no

make these two rules the last two rule in mangle.

Now create PCQs for 56kbps upload and download:

/ queue type
add name="56k-downloads" kind=pcq pcq-rate=56000 pcq-limit=50 \
pcq-classifier=dst-address pcq-total-limit=2000
add name="56k-uploads" kind=pcq pcq-rate=56000 pcq-limit=50 \
pcq-classifier=src-address pcq-total-limit=2000

Then Create simple queue to limit "all_packets":

/ queue simple
add name="all" dst-address=0.0.0.0/0 interface=all parent=none \
packet-marks=all_packets direction=both priority=8 \
queue=56k-uploads/56k-downloads limit-at=0/0 max-limit=0/0 \
total-queue=default-small disabled=no
 
sandman
newbie
Topic Author
Posts: 37
Joined: Sat Apr 07, 2007 2:13 am

Tue Apr 10, 2007 5:33 pm

I'm not having much luck with this. I tried your suggestions, but I couldn't get it to work.

Here's what I need to do, maybe someone can suggest how to do do it.

I statically assign IP's to customers. We do not use DHCP. Each Access Point is in it's own subnet. With different customer speeds mixed thoughout the subnet.

I want to use simple queues to control each users bandwidth (single IP address). I will put a simple queue in for each user. This works fine.

However since some of my customers have the ability to change their IP address on their computer and/or router I want the ability to limit all bandwidth in the subnet to a low number like 56k. If I don't do this, they could change their IP address to an un-restricted one (one not listed in the simple queue) and have unlimited access.

I'm also using Queue Tree to do PCQ shapping on each subnet. I set a max bandwidth in each subnet's queue so not to overload the access point and to fairly share the bandwidth when at high loads.

I've tried adding a simple queue that has a target address of 192.168.201.0/24 after all the individual queue's, but no matter where it is located in the simple queue, it never gets traffic??? When I do it by mangle packet marks, it gets the traffic, but activates in addition to the single IP simple queue.

I'm missing something here, apparently. Surely someone else has done this exact thing. Please help...
 
sandman
newbie
Topic Author
Posts: 37
Joined: Sat Apr 07, 2007 2:13 am

Tue Apr 10, 2007 6:11 pm

Here's some other people trying to do what I'm describing. These threads are dated, but it seems what I'm trying to do may not be possible with Mikrotik? It's very easy to do with StarOS qshape. I'm surprised if this is the case. Anyone with any answers?

http://forum.mikrotik.com//viewtopic.ph ... ueue+catch

http://forum.mikrotik.com//viewtopic.ph ... ueue+catch
 
sandman
newbie
Topic Author
Posts: 37
Joined: Sat Apr 07, 2007 2:13 am

Tue Apr 10, 2007 6:17 pm

skillful

After reading your example config again, I understand how that will work, but the problem is, I'm using Mangle to mark complete /24 subnets of each access point for queue tree pcq shapping of each access point as a whole.

For your example to work, I would have to setup an access-list and specify each valid IP address for the tower the be marked BEFORE your catch all example. Correct?

IS there an easier way?
 
User avatar
skillful
Trainer
Trainer
Posts: 557
Joined: Wed Sep 06, 2006 1:42 pm
Location: Abuja, Nigeria
Contact:

Tue Apr 10, 2007 7:49 pm

A slight modification of the simple queue in my earlier post should solve your problems. Just introduce "target-addresses into the rule and remove PCQ

/ queue simple
add name="sub-a" target-addresses=x.x.x.x/24 dst-address=0.0.0.0/0 \
interface=all parent=none packet-marks=all_packets direction=both \
priority=8 queue=default/default limit-at=0/0 max-limit=56000/56000 \
total-queue=default disabled=no

now all 254 valid IP Addresses in the /24 range will share 56kbps upload and download.
 
msorensen
Frequent Visitor
Frequent Visitor
Posts: 68
Joined: Mon May 23, 2005 11:47 pm
Location: California

Wed Apr 11, 2007 6:56 pm

my understanding of and experience with Simple Queues is that they do process packets in the chain order.

So, if you have a simple queue for each assigned IP, you would just have a final (last) simple queue covering the entire subnet with your desired default speed.

I have one situation where that is exactly what I did... It works.

We have one simple queue for each assigned IP, with one at the end covering the entire applicable subnet.

... If you have a specific IP (queue) no longer using the service, just disable the queue... traffic from that IP will go down the simple queue list looking for a match, which it will find at your final queue.
.....
 
sandman
newbie
Topic Author
Posts: 37
Joined: Sat Apr 07, 2007 2:13 am

Wed Apr 11, 2007 9:15 pm

I understand that the simple queues are checked in a specified order (by queue number).
So to clearify this. In simple queues once a match is found, it no longer continues down the chain?

If that's the case, that's exactly what I want to do.
Can someone confirm this for me?
 
User avatar
skillful
Trainer
Trainer
Posts: 557
Joined: Wed Sep 06, 2006 1:42 pm
Location: Abuja, Nigeria
Contact:

Wed Apr 11, 2007 9:17 pm

I understand that the simple queues are checked in a specified order (by queue number).
So to clearify this. In simple queues once a match is found, it no longer continues down the chain?

If that's the case, that's exactly what I want to do.
Can someone confirm this for me?
Yea, that is right
 
sandman
newbie
Topic Author
Posts: 37
Joined: Sat Apr 07, 2007 2:13 am

Wed Apr 11, 2007 9:52 pm

GREAT! I will try the catch all at the end of the simple queue chain then.

Please tell me how Simple Queues and Queue Trees work together. I plan to use simple queues to control each users bandwidth by IP address. I plan to use Queue Trees to control each access points total bandwidth and use pcq for fair sharing. Can simple queues and queue trees be used at the same time? In what order is the queues processed, Simple queue 1st then queue tree or ???

Thanks for the help!
 
msorensen
Frequent Visitor
Frequent Visitor
Posts: 68
Joined: Mon May 23, 2005 11:47 pm
Location: California

Thu Apr 12, 2007 12:05 am

Another important consideration of Simple Queues is that traffic that does not find a rule match among the simple queues is uneffected, and unlimited by any simple queue.

Its kinda like having an unwritten final Firewall rule that says "everything-allow".

The "default" is unlimited... Unless you specify an inclusive rule at the end of the chain to designate some other "default" treatment.
.....
 
sandman
newbie
Topic Author
Posts: 37
Joined: Sat Apr 07, 2007 2:13 am

Thu Apr 12, 2007 1:38 am

I now have simple queues working as I think they should. However I tried to add some queue trees using Mangle marked packets to shape overall bandwidth per subnet and they are not working. The firewall mangle rules show packets are being marked, but when applied in Queue Shape 0 packets are shapped.

Can you have simple queues and queue trees at the same time? Maybe I'm doing something wrong???

BTW i'm running Version 2.9.42
 
firebat
Member
Member
Posts: 390
Joined: Mon Apr 11, 2005 8:38 am

Thu Apr 12, 2007 4:03 am

Sandman:

For you catch all simple queue, did you leave the target address blank to catch all other traffic coming through the interface or did you specify the subnet?

I too am interested as how to shape subnet bandwidth. Everyone in the past said you should use PCQ for everything but you have to mark packets for every IP flow. Why would you need to mark packets by IP when the OS can simply inspect the header for an IP match instead of or in addition to packet marks. If you could target by IP with PCQs, it would be easy. My desired goal would be able to mark packets by protocol/application type then: Limit overall bandwidth for an interface by interface queue, limit BW by protocol/APP as a sub queues of the interface queue (all of these needs to act as a single virtual interface so that you could apply multiple sub queues to it), and then limit by IP as a sub queue of the protocol/APP queue/virtual interface.
Last edited by firebat on Thu Apr 12, 2007 4:19 am, edited 1 time in total.
 
sandman
newbie
Topic Author
Posts: 37
Joined: Sat Apr 07, 2007 2:13 am

Thu Apr 12, 2007 4:19 am

firebat:

I specified the full subnets for the traffic I want to catch if not shapped by one of the simple queues above it in the chain.

For instance I added 40 or so simple queues with a single IP address of 192.168.100.X and at the END of the chain added a simple queue with a target address of 192.168.100.0/24 and set it to 56k up and down. The way it should be working, if there is traffic on any of the IP's in that subnet, that isn't specified in the simple queue, this simple queue will catch it.

It seems to be working. I guess another way would be to put a simple queue at the END of the chain and not specify a target address. It will shape EVERYTHING that isn't caught above it, no matter what subnet.

FYI: I tried doing this in version 3.0 Beta 7 and had no luck getting it to work. It appears Winbox is severly messed up with simple queues in that version. It creates random /xx subnets on single IP's entered. I didn't catch what was going at first and spend over a day trying to understand how the hell simple queues worked. :oops:

I still can't get queue tree to work in 2.9.42. I'm waiting on a answer to my question of will queue trees work at the SAME TIME as simple queues? And if so, what order is the queues processed in.

James
 
firebat
Member
Member
Posts: 390
Joined: Mon Apr 11, 2005 8:38 am

Thu Apr 12, 2007 4:25 am

For queue processing, its a little confusing. I made a post awhile ago that had info: http://forum.mikrotik.com//viewtopic.ph ... highlight=

However, I haven't got it working as I couldn't get a straight answer as to my proposed implementation. I added a feature request to the router OS wishlist for a Winbox graphical QOS flow. You might want to vote for it :D Check the top post in the forum for the link to the WIKI.
 
sandman
newbie
Topic Author
Posts: 37
Joined: Sat Apr 07, 2007 2:13 am

Thu Apr 12, 2007 6:25 pm

Why does adding a simple queue to the END of the chain with a target address of 0.0.0.0/0 or simply no target address seem to shape ALL traffic, INCLUDING traffic that is targeted by IP in the chain above it?

I'm wanting to create a simple queue at the end of the chain that shapes everything to 56k that isn't shapped above it, REGARDLESS of subnet. It seems to work fine to put a simple queue at the end of the chain and specify a subnet, like 192.168.100.0/24 will catch anything not shapped in the that subnet. But isn't there a way to catch ALL of it without specifying each subnet?
 
firebat
Member
Member
Posts: 390
Joined: Mon Apr 11, 2005 8:38 am

Tue Apr 17, 2007 9:08 am

Quiet bunch.
 
msorensen
Frequent Visitor
Frequent Visitor
Posts: 68
Joined: Mon May 23, 2005 11:47 pm
Location: California

Wed Apr 18, 2007 1:37 am

Why does adding a simple queue to the END of the chain with a target address of 0.0.0.0/0 or simply no target address seem to shape ALL traffic, INCLUDING traffic that is targeted by IP in the chain above it?
In my experience, it doesn't.

My first implementation of MT was to create an MT replacement for a layer 2 bandwidth shaping device that we had.... Which I did as I described above... that device works to this day. Originally V2.9.39 now V2.9.40.

In my case, The final queue in the chain applies to the entire applicable /24, EG: 12.x.x.x/24

I'm telling ya, if someone has a source IP of 12.x.x.x.5 (for example) they are controled by the Queue with that target address/32, the final queue has zero effect.

Anyone not shaped by a queue above the final queue in the chain is shaped by the final queue. And that is the only time the final queue comes into action.

I've looked at my config, and can not think of a configuration that might cause what you are seeing....

What version are you running?
.....
 
firebat
Member
Member
Posts: 390
Joined: Mon Apr 11, 2005 8:38 am

Wed Apr 18, 2007 3:43 am

Sandman is saying that if he doesn't set a source subnet and leaves it 0.0.0.0/0, its shapes all traffic even though there are queues above it in the list. Specifying a specific subnet does work as you noted.
 
sandman
newbie
Topic Author
Posts: 37
Joined: Sat Apr 07, 2007 2:13 am

Fri Apr 20, 2007 5:15 am

firebat is exactly right on in explainging what I'm seeing.

I'm running version 2.9.42 and I configure the simple queues in Winbox.
 
rgpmikrotik
Frequent Visitor
Frequent Visitor
Posts: 51
Joined: Mon May 14, 2007 5:45 pm

Tue May 22, 2007 5:14 am

1) I´m using only simple queues for the total bandwith & for each user bandwith, so, when a queue is matched, then the follow is executed, the process doesn´t finish. (at least that work)

2)When you configure simple queue you can choose another simple queue as parent. What is the diference with queue tree??

Who is online

Users browsing this forum: No registered users and 96 guests