Community discussions

MUM Europe 2020
 
netrat
Member
Member
Topic Author
Posts: 403
Joined: Thu Jun 07, 2007 1:16 pm
Location: Virginia

rate limit mpls vpn

Thu Jun 05, 2008 9:57 am

I've been reading over the wiki and have a working MPLS configuration. I'm just wondering how do you rate limit VPLS? For example 10 VPLS over a gigabit link each having 100mbit of bandwidth.
 
Mplsguy
MikroTik Support
MikroTik Support
Posts: 226
Joined: Fri Jun 06, 2008 5:06 pm

Re: rate limit mpls vpn

Fri Jun 06, 2008 5:22 pm

Assuming that you are bridging some ethernets with VPLS interfaces on VPLS "endpoint", you can set up bridge firewall to mark packets based on ethernet interface they arrived on and then make "queue tree" on interface over which they will leave router (e.g. your gigabit link).
 
tprice42
just joined
Posts: 11
Joined: Thu Nov 22, 2007 4:25 am

Re: rate limit mpls vpn

Tue Jul 08, 2008 1:58 am

I have a problem which i think is related:

One circuit setup using VPLS between a RB133 and an x86 PC both running Mikrotik 3.10.
The circuit is working fine with customer traffic but i am unable to rate limit the circuit.

I have tried setting up connection / packet marking on the interfaces in the bridge but the firewall rules see no traffic.

I have tried turning on the 'Use IP Firewall' setting in the bridge settings and then the firewall sees some traffic but not all because the customer is using vlans. So i turned on 'Use IP Firewall for VLAN' in the bridge settings which causes the customers traffic to stop completely.

I have tried setting up packet marking in the bridge filter and i see the bytes and packets counter increment, i even set the action to 'log' and verified that the correct packets were being marked, but then the queue doesn't see the packet marks for some reason.

Can anyone shed any light on this problem for me? It is important to note that the circuit needs to be completely transparent to the customer, as-in they should be able to put whatever protocols they like through the circuit and the queue / firewall should rate limit it without knowing what it is.

I'm assuming that it can be done as MPLS/VPLS are carrier grade technologies by definition and carriers don't often know or care what their circuits are being used for.

Who is online

Users browsing this forum: No registered users and 78 guests