being back from MUM, I am now playing with the MT router in the wild, doing various tests. I think that now it is the right time to ask some questions, as I read various docs, tried some stuff myself, but would like to know how some things work ...
Is there any good firewall template? You know, reading back the MUM training docs, looking at official docs, some wiki stuff, I can see various strategies taken. E.g. at MUM training we defined separate chain for ICMP, but with fw config posted to wiki, there is no such strategy. Is wiki posted fw generally sufficient solution to secure your network?
The part I am confused about the most. Well, it is not simple topic after all, right? Understanding how HTB works takes some time, but it remains in theoretical level for me anyway ...
So - what strategy to choose? I can see some ppl use Simple Queues, wiki article describes PCQ, some ppl use Queue Trees in combination with Simple queuing.
I now have few questions, answer to whose could help me to get to next level of MT understanding (I am interested in some internals, to better understand what is happening):
1) wireless interface/wireless tab. I can see there tx/rx limit. If I use this setting, does it equal to setting simple queue, or e.g. interface queue?
2) wireless/access list/chossing client - I can see the possibility of setting rx/tx limit for each user separately. Now - is it good idea to use this setting in opposite to simple queue? Second sub-question - if I have 10 users on a radio and I set each of them to 512/128 - are they sharing that bandwidth or by using this tab setting I simply mistakenly defined guaranteed 512/128 line for each of them? (I hope not)
3) wireless interface/datarates - we changed it to "supported rates" 1, 2, 5.5 and the same values for "basic rates" for our 2.4 interface. Is that ok? Docs suggest to let it in default, but some guys adviced to turn Ovislink to some 2mbit value and lower AP limit I mentioned. I hope this is ok?
4) Simple queues. I defined queue1 as 128/512. Now If I define queue2 as 128/256, will this queue2 use the same bandwidth, or additional one? I mean - will it consume part of queue1 bandwidth space, or will it be 512 + 256? (I have 1mbit site). I expect queue2 does not touch queue1 bandwidth space, unless queue2 is defined with queue1 as a parent? But that is pure speculation on my side
5) I run bandwidth test and I can see it is reporting slightly lower values than watching interfaces or queues bandwidth in Winbox? Why are they different? Is it because of Bandwidth test calculates clean data throughput, excluding the packet payload (headers)?
6) When I switched the test to UDP, graph was not narrow, but kind of "zig-zag" simply slightly jumping up and down - is it more difficult to shape UDP packets with simple queues?
OK guys, you don't need to answer all the questions. Hopefully someone answers this, someone that, and in the end if I am lucky, I will get them all answered
Thanks a lot,