Community discussions

MikroTik App
 
sojicmk
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Fri May 04, 2007 4:32 pm

Is this P2P BANDWIDTH LIMITING OK?

Mon Jul 09, 2007 3:22 pm

Scenario:

I have xMB link

I want to limit local users to:
1. Local traffic - unlimited
2. Internet traffic - 512/512 each
3. P2P applications - 128/512 all

Is this configuration OK?
/ ip firewall address-list 
add list=Lokalni address=88.85.123.0/24 comment="" disabled=no 

/ ip firewall mangle 
add chain=prerouting p2p=all-p2p dst-address-list=!Lokalni \
    action=mark-connection new-connection-mark=p2p_conn passthrough=yes \
    comment="" disabled=no 
add chain=prerouting connection-mark=p2p_conn action=mark-packet \
    new-packet-mark=p2p passthrough=no comment="" disabled=no 
add chain=prerouting dst-address-list=!Lokalni action=mark-connection \
    new-connection-mark=internet_con passthrough=yes comment="" disabled=no 
add chain=prerouting connection-mark=internet_con action=mark-packet \
    new-packet-mark=internet passthrough=no comment="" disabled=no 

/queue simple
add name="1" target-addresses=88.85.123.1/32 dst-address=0.0.0.0/0 \
    interface=all parent=none packet-marks=internet direction=both priority=8 \
    queue=default-small/default-small limit-at=0/0 max-limit=512000/512000 \
    total-queue=default-small disabled=no 
..........................
add name="254" target-addresses=88.85.123.254/32 dst-address=0.0.0.0/0 \
    interface=all parent=none packet-marks=internet direction=both priority=8 \
    queue=default-small/default-small limit-at=0/0 max-limit=512000/512000 \
    total-queue=default-small disabled=no 
add name="p2p" dst-address=0.0.0.0/0 interface=all parent=none \
    packet-marks=p2p direction=both priority=8 \
    queue=default-small/default-small limit-at=0/0 max-limit=128000/512000 \
    total-queue=default-small disabled=no 
 
UniKyrn
Member Candidate
Member Candidate
Posts: 245
Joined: Fri Dec 24, 2004 9:27 pm
Location: Spokane, WA

Re: Is this P2P BANDWIDTH LIMITING OK?

Mon Jul 09, 2007 6:13 pm

Don't bother trying to limit P2P traffic, it doesn't work against some P2P clients and it just gets you involved in an arms race you're always behind in.

You'd be better off making sure your Terms of Service included clauses forbidding interfering with the access of other customers or running services and then monitoring the bandwidth used by your customers. Customers who become a problem can then be identified and can become a problem for a different ISP.
 
User avatar
netalberta
just joined
Posts: 8
Joined: Tue Jun 06, 2006 9:40 pm

Re: Is this P2P BANDWIDTH LIMITING OK?

Thu Jul 12, 2007 11:28 pm

Don't bother trying to limit P2P traffic, it doesn't work against some P2P clients and it just gets you involved in an arms race you're always behind in.

You'd be better off making sure your Terms of Service included clauses forbidding interfering with the access of other customers or running services and then monitoring the bandwidth used by your customers. Customers who become a problem can then be identified and can become a problem for a different ISP.
Nothing like passing the buck. lol
 
Borage
Member Candidate
Member Candidate
Posts: 170
Joined: Sun Sep 26, 2004 10:19 pm

Re: Is this P2P BANDWIDTH LIMITING OK?

Fri Jul 13, 2007 1:08 am

Scenario:
Is this configuration OK?
Like the UniKyrn said, it does not work with some clients that uses encryption. It's better to create rules for all standard protocols, and limit everything else.
 
UniKyrn
Member Candidate
Member Candidate
Posts: 245
Joined: Fri Dec 24, 2004 9:27 pm
Location: Spokane, WA

Re: Is this P2P BANDWIDTH LIMITING OK?

Fri Jul 13, 2007 3:04 am

Nothing like passing the buck. lol
Do you really want a customer that trashes an AP without regard for anybody but himself to be your problem, or would you rather it was your local competitor who's support phone was ringing off the hook with customers threatening to leave because their service wasn't working?

Trying to filter/block the stuff is a battle you can't win. The best you can hope for is that your infrastructure allows you to easily and quickly locate and deal with customers who think that AP is there for their exclusive use. Sometimes they just need educating, sometimes they'll lie to you as many times as you let them.
 
User avatar
jp
Long time Member
Long time Member
Posts: 603
Joined: Wed Mar 02, 2005 5:06 am
Location: Maine
Contact:

Re: Is this P2P BANDWIDTH LIMITING OK?

Fri Jul 13, 2007 5:34 am

I'll agree blocking p2p is not effective and just creates an arms race / spy versus spy situation. Limiting p2p capacity or lowering p2p priority is effective based on my emperical observation operating an ISP.
 
UniKyrn
Member Candidate
Member Candidate
Posts: 245
Joined: Fri Dec 24, 2004 9:27 pm
Location: Spokane, WA

Re: Is this P2P BANDWIDTH LIMITING OK?

Fri Jul 13, 2007 5:47 am

Trying to limit it creates the same arms race, based on what I saw while I ran an ISP. Example, we're on the MT forum and an MT can block, but not limit all forms of P2P. Add to that the problem of legit uses of P2P becoming more common. I quit counting the calls we got about World of Warcraft updates not being available because the ISP I worked out was trying to block P2P. The number was high enough to be meaningless and the customers didn't care what our excuse for denying them their program updates was.

P2P is just the convenient target of an admin's anger. The real problem, the one that transcends P2P protocols, is abusive customers. They believe that small monthly fee entitles them to the full bandwidth of your network 24/7, be it P2P, Usenet, or file downloads in the middle of the business day. That's the real problem and that's why my original post talked about your Terms of Service being worded such that they made that kind of behavior something you could terminate a customer for. When the customers expectations of what they've paid for doesn't match the reality of your business, let them become somebody else's problem.

Who is online

Users browsing this forum: Bing [Bot], CoMMyz, Google [Bot] and 95 guests