Community discussions

 
Smops
just joined
Topic Author
Posts: 2
Joined: Fri May 04, 2007 12:50 pm

Bandwith shaping with mangle and address lists problems

Fri May 04, 2007 1:34 pm

Hello,
I have tried to set up bandwith shaping, using address lists as source of IPs and mangle with queue trees.
I have read the manual, looked at examples, read the wiki and searched all over the forums before asking for help :).

It seems that I have created a mistake somewhere, yet I cannot find it. It looks to me that system correctly identifies download traffic, and shapes it accordingly, but mangle rules for upload do not cach any traffic.

First, the network layout:

6 Mikrotik access points, all have PPPoE access concentrators on them. Every pppoe server is managed via it's own secrets (no centralized radius yet, but in the plans). Every user gets a static IP address at their PPPoE access concentrator.

All these are routed via static routes to our gateway which is runing Mikrotik.

On the gateway, I have created mangle rules, separately for upload and download for each package type. After that I have created dynamic queue tree with separate queues for each package.

Here is config output I used:

MANGLE:

Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting src-address-list=pk1 action=mark-connection
new-connection-mark=pk1_d_con passthrough=no

1 chain=prerouting connection-mark=pk1_d_con action=mark-packet
new-packet-mark=pk1_d_pak passthrough=yes

2 chain=prerouting dst-address-list=pk1 action=mark-connection
new-connection-mark=pk1_up_con passthrough=no

3 chain=prerouting connection-mark=pk1_up_con action=mark-packet
new-packet-mark=pk1_up_pak passthrough=no

4 chain=prerouting src-address-list=pk2 action=mark-connection
new-connection-mark=pk2_d_con passthrough=no

5 chain=prerouting connection-mark=pk2_d_con action=mark-packet
new-packet-mark=pk2_d_pak passthrough=yes

6 chain=prerouting dst-address-list=pk2 action=mark-connection
new-connection-mark=pk2_up_con passthrough=no

7 chain=prerouting connection-mark=pk2_up_con action=mark-packet
new-packet-mark=pk2_up_pak passthrough=no

8 chain=prerouting src-address-list=pk_S action=mark-connection
new-connection-mark=pk_S_d_con passthrough=no

9 chain=prerouting connection-mark=pk_S_d_con action=mark-packet
new-packet-mark=pk_S_d_pak passthrough=no

10 chain=prerouting dst-address-list=pk_S action=mark-connection
new-connection-mark=pk_S_up_con passthrough=no

11 chain=prerouting connection-mark=pk_S_up_con action=mark-packet
new-packet-mark=pk_S_up_pak passthrough=no


QUEUE:

Flags: X - disabled, I - invalid

name="pk_1_down" parent=Download packet-mark=pk1_d_pak limit-at=0
queue=pk_1_down priority=7 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s

name="pk_1_up" parent=Upload packet-mark=pk1_up_pak limit-at=0
queue=pk_1_up priority=7 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s

name="pk_2_down" parent=Download packet-mark=pk2_d_pak limit-at=0
queue=pk_2_down priority=7 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s

name="pk_2_up" parent=Upload packet-mark=pk2_up_pak limit-at=0
queue=pk_2_up priority=7 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s

name="pk_S_down" parent=Download packet-mark=pk_S_d_pak limit-at=0
queue=pk_S_down priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s

name="pk_S_up" parent=Upload packet-mark=pk_S_up_pak limit-at=0
queue=pk_S_up priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s

name="Download" parent=LAN packet-mark="" limit-at=0 queue=default
priority=8 max-limit=15000000 burst-limit=0 burst-threshold=0
burst-time=0s

name="Upload" parent=WAN packet-mark="" limit-at=0 queue=default
priority=8 max-limit=30000000 burst-limit=0 burst-threshold=0
burst-time=0s


Can anybody point me at what I am doing wrong ?
 
Pacov
just joined
Posts: 7
Joined: Tue Jan 10, 2006 8:35 pm

Re: Bandwith shaping with mangle and address lists problems

Sat May 05, 2007 10:36 pm

Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting src-address-list=pk1 action=mark-connection
new-connection-mark=pk1_d_con passthrough=no
I am interested in this also, can anybody tell if this is the right way to do it ?
 
User avatar
tneumann
Member
Member
Posts: 394
Joined: Sat Apr 16, 2005 6:38 pm
Location: Germany

Sun May 06, 2007 12:00 am

Smops,

there's a problem with your mangle rules. All your mangle rules with action=mark-connection should have passthrough=yes

--Tom
 
Smops
just joined
Topic Author
Posts: 2
Joined: Fri May 04, 2007 12:50 pm

Mon May 07, 2007 4:06 pm

Smops,

there's a problem with your mangle rules. All your mangle rules with action=mark-connection should have passthrough=yes

--Tom
I changed that, but I do not see any difference. Mu upload is still not shaping. Can anybody confirm that I am doing this the right way?
 
titius
Member
Member
Posts: 338
Joined: Mon Oct 17, 2005 11:43 am
Location: Titel Serbia

Tue May 08, 2007 1:24 am

13 X ;;; blade
     chain=prerouting dst-address=192.168.8.51 src-address-list=!list 
     action=mark-packet new-packet-mark=net_blade_in passthrough=yes 

14 X chain=prerouting src-address=192.168.8.51 dst-address-list=!list
     action=mark-packet new-packet-mark=net_blade_out passthrough=yes
here is my example that works

I mark packet for dst and src address, src-address is im my case /32 IP but you can put address list instead off /32 IP

then queue
22 X  name="blade_in" dst-address=0.0.0.0/0 interface=all parent=none 
      packet-marks=net_blade_in direction=both priority=1 
      queue=default/default limit-at=0/0 max-limit=128000/128000 
      burst-limit=256000/256000 burst-threshold=100000/100000 
      burst-time=30s/30s total-queue=default 

23 X  name="blade_out" dst-address=0.0.0.0/0 interface=all parent=none 
      packet-marks=net_blade_out direction=both priority=8 
      queue=default/default limit-at=40000/40000 max-limit=40000/40000 
      total-queue=default
ignore burst tuning . ..
 
dancms
Frequent Visitor
Frequent Visitor
Posts: 96
Joined: Fri Oct 06, 2006 5:03 am

Mon May 14, 2007 10:34 pm

Could you explain futher what these rules are doing. I have been trying to do something simular but dont follow 100%.

Thanks,
 
User avatar
samsoft08
Long time Member
Long time Member
Posts: 617
Joined: Sat Nov 26, 2005 10:52 pm

Tue May 15, 2007 3:02 am

are you sure its working ? what about the ( X ) ??
 
titius
Member
Member
Posts: 338
Joined: Mon Oct 17, 2005 11:43 am
Location: Titel Serbia

Re: Bandwith shaping with mangle and address lists problems

Wed May 30, 2007 11:29 pm

Heh, X'es . . .

these rules are disabled, I was testing something.

Well these rules are marking packets from internet to IP address

then simple queue uses that packet mark to throttle bqndwith . .

thats all.

But I still have trouble to shape p2p :(, so Im using Squid Proxy without these rules for now.
 
g.tusa
just joined
Posts: 8
Joined: Mon May 07, 2007 6:13 pm

Re: Bandwith shaping with mangle and address lists problems

Thu May 31, 2007 1:01 pm

Hello Smops, I'm trying to do something similar, I still have some troubles but...
1) be sure all the passtrough are set in the correct way: according to my knowledge and tests, you have to set it to yes when you want to continue in the mangle matches search: for example, after a connection mark, you want to continue to put the packet mark for the marked connection, so passthrough=yes. After you put the correct mark for a given ingress packet, you do not have to continue
2) be sure you are managing dst-address-list and src-address-list in the correct way: if they are lists of clients IP addresses (as I think), for download you should use dst-address-list, otherwise (upload), you should use src-address-list.

Hope this can help you in some way.
--gio
 
valens
Trainer
Trainer
Posts: 246
Joined: Tue Jun 01, 2004 5:42 pm
Location: INDONESIA
Contact:

Re: Bandwith shaping with mangle and address lists problems

Thu May 31, 2007 7:03 pm

do you have web-proxy on the ROS?

for queue tree, if you use proxy, for uplink you have to use parent global-in

Who is online

Users browsing this forum: MSN [Bot] and 57 guests