Community discussions

MikroTik App
 
NSimpraga
newbie
Topic Author
Posts: 30
Joined: Fri Sep 27, 2019 2:47 pm

QoS setup

Mon Feb 03, 2020 3:50 pm

Hi all,

first of all I've read a lot of topics concerning QoS but couldn't find a concrete answer so that's why I am asking here.

I've been trying to set up QoS to limit video playback bandwidth that's available to my users but for some reason I can't get it to work.

My setup is the following:
1. Mark the packet with regexp in IP->Firewall->Layer7 (add comment=Video name=Video regexp=videoplayback|video)
2. Mark the connection in IP->Firewall->Mangle using that Layer7 rule (add action=mark-connection chain=prerouting comment="Mark Video Streaming" layer7-protocol=Video new-connection-mark=video_stream passthrough=yes)
3. Mark packets from that connection in IP->Firewall->Mangle (add action=mark-packet chain=prerouting comment="Mark Video Stream Packet" connection-mark=video_stream new-packet-mark=video_stream_packet passthrough=no)
4. Create queue tree and limit packet rate ( add burst-limit=192k burst-time=10s comment="Video Queue" max-limit=128k name=video-stream packet-mark=video_stream_packet parent=ether1-master queue=default)

My queue tree detects some packets but way too little. I turn on a video but it doesn't limit the bandwidth enough because I can still stream in 4K without a problem
What am I missing here?
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 1229
Joined: Fri Aug 10, 2012 6:46 am
Location: Jackson, MS, USA
Contact:

Re: QoS setup

Mon Feb 03, 2020 3:57 pm

Have you done a packet capture of your video to ensure that all ports/protocols and src/dst have been properly identified to mark?

What does your config look like?
Global - MikroTik Support & Consulting - English | Francais | Español | Portuguese +1 855-645-7684
https://iparchitechs.com/services/mikro ... l-support/ mikrotiksupport@iparchitechs.com
 
NSimpraga
newbie
Topic Author
Posts: 30
Joined: Fri Sep 27, 2019 2:47 pm

Re: QoS setup

Mon Feb 03, 2020 4:11 pm

I've written what exactly I've configured, but it seems that the issue has just been resolved. The mangle rules were not ordered correctly. After rearranging the one that were marking the packets to be first in the list, the queue tree seems to pick up a lot more traffic. Further testing needs to be done but this could be it
 
FRANKNunoz
just joined
Posts: 11
Joined: Mon Jan 20, 2020 9:38 pm

Re: QoS setup

Tue Feb 04, 2020 3:47 pm

Hello dear friend:
Here I leave you my QoS to be serviced, please publish your QoS so I can review it.
Thank you.

/ip firewall filter
add action=add-dst-to-address-list address-list="YOUTUBE LIST" address-list-timeout=\
none-dynamic chain=forward comment="YOUTUBE LIST" connection-state=new content=\
googlevideo.com dst-port=80,443 in-interface="PUENTE 1" protocol=tcp

/ip firewall mangle
add action=mark-connection chain=prerouting comment="-----ICMP (PING)-----" \
connection-state=new new-connection-mark=ICMP_C passthrough=yes protocol=icmp
add action=mark-packet chain=prerouting connection-mark=ICMP_C new-packet-mark=ICMP \
passthrough=no
add action=mark-connection chain=prerouting comment=-----DNS----- connection-state=new \
new-connection-mark=DNS_C passthrough=yes port=53 protocol=udp
add action=mark-packet chain=prerouting connection-mark=DNS_C new-packet-mark=DNS \
passthrough=no
add action=mark-connection chain=prerouting comment=-----YOUTUBE----- \
new-connection-mark=YOUTUBE_C passthrough=yes port=80,443 protocol=tcp \
src-address-list="YOUTUBE LIST"
add action=mark-connection chain=prerouting new-connection-mark=YOUTUBE_C passthrough=\
yes port=80,443 protocol=udp src-address-list="YOUTUBE LIST"
add action=mark-packet chain=prerouting connection-mark=YOUTUBE_C new-packet-mark=\
YOUTUBE passthrough=no
add action=mark-connection chain=prerouting comment=-----FACEBOOK----- layer7-protocol=\
FACEBOOK new-connection-mark=FACEBOOK_C passthrough=yes
add action=mark-packet chain=prerouting connection-mark=FACEBOOK_C new-packet-mark=\
FACEBOOK passthrough=no
add action=mark-connection chain=prerouting comment=-----WEB----- connection-mark=\
!WEB_BIG connection-state=new new-connection-mark=WEB_C passthrough=yes port=\
80,443,8000-9000 protocol=tcp
add action=mark-connection chain=prerouting comment=-----WEB-BIG----- connection-bytes=\
2496000-0 connection-mark=WEB_C connection-rate=2112k-10240k new-connection-mark=\
WEB_BIG passthrough=yes src-address-list="BLOQUEO CYBER"
add action=mark-packet chain=prerouting connection-mark=WEB_BIG new-packet-mark=WEB-BIG \
passthrough=no
add action=mark-packet chain=prerouting connection-mark=WEB_C new-packet-mark=WEB \
passthrough=no
add action=mark-connection chain=prerouting comment=-----REST----- connection-state=new \
new-connection-mark=REST_C passthrough=yes
add action=mark-packet chain=prerouting connection-mark=REST_C new-packet-mark=REST \
passthrough=no



I hope it helps you.
 
FRANKNunoz
just joined
Posts: 11
Joined: Mon Jan 20, 2020 9:38 pm

Re: QoS setup

Wed Feb 05, 2020 3:34 pm

I've written what exactly I've configured, but it seems that the issue has just been resolved. The mangle rules were not ordered correctly. After rearranging the one that were marking the packets to be first in the list, the queue tree seems to pick up a lot more traffic. Further testing needs to be done but this could be it
Dear friend,
I served you the QoS that I publish, I am waiting for your response.
 
NSimpraga
newbie
Topic Author
Posts: 30
Joined: Fri Sep 27, 2019 2:47 pm

Re: QoS setup

Wed Feb 05, 2020 5:29 pm

Layer7:

/ip firewall layer7-protocol
add comment=Video name=Video regexp=videoplayback|video
add comment="Microsoft Update" name="Microsoft Updates" regexp=User-Agent:.Microsoft-Delivery-Optimization

Mangle:

add action=mark-connection chain=prerouting comment="Mark Video Streaming" in-interface="ether2 - BIDC Local " layer7-protocol=Video new-connection-mark=video_stream passthrough=yes
add action=mark-packet chain=prerouting comment="Mark Video Stream Packet" connection-mark=video_stream new-packet-mark=video_stream_packet passthrough=no
add action=mark-packet chain=prerouting comment="Microsoft Updates" new-packet-mark=msupdates passthrough=yes src-address-list="Windows Update"

Queue:

/queue tree
add burst-limit=192k burst-time=10s comment="Video Queue" max-limit=128k name=video-stream packet-mark=video_stream_packet parent=ether1-gateway queue=default
add burst-limit=256k burst-threshold=256k burst-time=10s comment="Windows Update Limit" max-limit=256k name=limit-windows-update packet-mark=msupdates parent=ether1-gateway queue=default

MS updates and video QoS implementation.
 
FRANKNunoz
just joined
Posts: 11
Joined: Mon Jan 20, 2020 9:38 pm

Re: QoS setup

Wed Feb 05, 2020 5:53 pm

Layer7:

/ip firewall layer7-protocol
add comment=Video name=Video regexp=videoplayback|video
add comment="Microsoft Update" name="Microsoft Updates" regexp=User-Agent:.Microsoft-Delivery-Optimization

Mangle:

add action=mark-connection chain=prerouting comment="Mark Video Streaming" in-interface="ether2 - BIDC Local " layer7-protocol=Video new-connection-mark=video_stream passthrough=yes
add action=mark-packet chain=prerouting comment="Mark Video Stream Packet" connection-mark=video_stream new-packet-mark=video_stream_packet passthrough=no
add action=mark-packet chain=prerouting comment="Microsoft Updates" new-packet-mark=msupdates passthrough=yes src-address-list="Windows Update"

Queue:

/queue tree
add burst-limit=192k burst-time=10s comment="Video Queue" max-limit=128k name=video-stream packet-mark=video_stream_packet parent=ether1-gateway queue=default
add burst-limit=256k burst-threshold=256k burst-time=10s comment="Windows Update Limit" max-limit=256k name=limit-windows-update packet-mark=msupdates parent=ether1-gateway queue=default

MS updates and video QoS implementation.

and you don't mark anything else friend
 
NSimpraga
newbie
Topic Author
Posts: 30
Joined: Fri Sep 27, 2019 2:47 pm

Re: QoS setup

Thu Feb 06, 2020 11:19 am

I don't understand what you are trying to say. Video packets are being marked and queued, that's the most important part of our QoS, which seems to be working properly when it's implemented this way. Do you have any suggestions or?
 
FRANKNunoz
just joined
Posts: 11
Joined: Mon Jan 20, 2020 9:38 pm

Re: QoS setup

Fri Feb 07, 2020 3:58 pm

I don't understand what you are trying to say. Video packets are being marked and queued, that's the most important part of our QoS, which seems to be working properly when it's implemented this way. Do you have any suggestions or?

What I mean is that if in your mangrove, you only mark the packages for the video, you do not mark the Facebook packages, the web traffic, the "ICMP" traffic, the DNS traffic, just as I mark them in my Mangrove, I hope you understand me friend
 
RpMz
just joined
Posts: 2
Joined: Mon Jul 16, 2007 11:25 pm

Re: QoS setup

Thu Jul 02, 2020 9:36 am

Hello,

I want to reduce the download speed the Windows 10 Updates, via simple queue, but don't work.

If add rule to drop it, works fine.
/ip firewall layer7-protocol
add name=MicrosoftUpdates regexp="^.+(update.microsoft|windowsupdate|download.microsoft|wustat|wsus|sls.update.microsoft|vortex-win.data.microsoft.com|fe2.update.microsoft.com.akadns.net|vortex.data.microsoft|dl.delivery.mp|statsfe2.update.microsoft.com.akadns.net|ntservicepack).*$"

/ip firewall mangle
add action=mark-connection chain=forward comment="ms list dst Address List" connection-state=established,related,new new-connection-mark=ms-list1 passthrough=yes src-address-list=Windows_Update
add action=mark-packet chain=forward connection-mark=ms-list1 connection-state=established,related,new new-packet-mark=ms passthrough=no

/ip firewall filter
add action=add-src-to-address-list address-list=Windows_Update address-list-timeout=3w4d chain=forward comment="Windows Update tracking" in-interface-list=WAN layer7-protocol=MicrosoftUpdates protocol=tcp src-port=80,443

/queue simple
add limit-at=3M/250k max-limit=10M/750k name=MS packet-marks=ms queue=pcq-upload-default/pcq-download-default target=pppoe-out1

Who is online

Users browsing this forum: Bing [Bot], Google [Bot], gotsprings, kvstudio6 and 88 guests