Having some issues with a config that I am trying to develop for a customer. What we are trying to offer is Ethernet connectivity delivered over 1 (or more) ports on a RB450 which must be subject to an aggregated throughput limit across all ports used to deliver the service. Protocol composition is unknown (could be IPv4/6, ARP, VLAN, PPP, Appletalk etc) and as such the throughput limit needs to apply to all traffic, not just IP traffic.
I've made a bridge filter rule for traffic coming into the port ether3 that add a mark "service1". I have another bridge filter rule which logs traffic marked with "service1" so I definitely know the marks are being applied correctly.
I have then made a queue tree as follows: "aggregate" with a parent of global-out and max limit of 6M. "service1" with a parent of "aggregate" and matching the mark "service1". My problem is that only IP traffic is seen by the queue while other protocols such as ARP is not.
Does anybody know why this would be? I have tried looking through the wiki/forums/google and cannot find anything related to this problem.
I have a RB450 running ROS 4.10, aside from the included config bits it can otherwise be assumed to have a blank configuration. Sorry if this breaks tables.
Code: Select all
[admin@MikroTik] > int ethernet print
Flags: X - disabled, R - running, S - slave
# NAME MTU MAC-ADDRESS ARP MASTER-PORT SWITCH
0 ether1 1500 00:0C:42:54:C0:AA enabled none switch1
1 ether2 1500 00:0C:42:54:C0:AB enabled none switch1
2 R ether3 - service1 1500 00:0C:42:54:C0:AC enabled none switch1
3 R ether4 - upstream 1500 00:0C:42:54:C0:AD enabled none switch1
4 ether5 1500 00:0C:42:54:C0:AE enabled none switch1
[admin@MikroTik] > int bridge print
Flags: X - disabled, R - running
0 R name="bridge1" mtu=1500 l2mtu=1524 arp=enabled mac-address=00:0C:42:54:C0:AC protocol-mode=none priority=0x8000 auto-mac=yes
admin-mac=00:00:00:00:00:00 max-message-age=20s forward-delay=15s transmit-hold-count=6 ageing-time=5m
[admin@MikroTik] > int bridge filter print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=forward action=mark-packet new-packet-mark=service1 in-interface=ether3 - service1
1 chain=forward action=log in-interface=ether3 - service1 packet-mark=service1 log-prefix=""
[admin@MikroTik] > int bridge port print
Flags: X - disabled, I - inactive, D - dynamic
# INTERFACE BRIDGE PRIORITY PATH-COST HORIZON
0 ether3 - service1 bridge1 0x80 10 none
1 ether4 - upstream bridge1 0x80 10 none
[admin@MikroTik] > int bridge settings print
use-ip-firewall: yes
use-ip-firewall-for-vlan: no
use-ip-firewall-for-pppoe: no
[admin@MikroTik] > queue tree print
Flags: X - disabled, I - invalid
0 name="aggregate" parent=global-out limit-at=0 priority=8 max-limit=6M burst-limit=0 burst-threshold=0 burst-time=0s
1 name="service1" parent=aggregate packet-mark=service1 limit-at=0 queue=default priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s 
