Community discussions

MikroTik App
 
MrJingles
just joined
Topic Author
Posts: 4
Joined: Tue Jan 21, 2014 10:34 pm

rate-limit a VLAN

Mon Apr 14, 2014 9:59 am

Hi Guys

I am trying to rate limit our customers per VLAN.

I have my setup as follows -

Juniper -> Our PE Mikrotik -> customers on various ports on different VLANs

We only do the IPs from the juniper and not from the tiks.

add bridge=bridge-access-port-london interface=ether5

add interface=bridge-access-port-london l2mtu=1594 name=vlan1015-cust1 \
vlan-id=1015
add interface=bridge-access-port-london l2mtu=1594 name=vlan1019-peering-london \
vlan-id=1019



I will be adding more customers this week and need to shape them to 50Mbps each

Cust 1 is on ether 4 and my access port to london is on ether 5, new customers on eth2 and eth9

I have tried adding a queue as follows without any luck

name="queue2" target=vlan1015-somcast parent=none packet-marks=somcast
priority=8/8 queue=default-small/default-small limit-at=0/0
max-limit=50M/50M burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s


Please help, not sure what I am doing wrong, added a queue to the ethernet interface and still no luck, what am I doing wrong?

I'd prefer if we didn't do a mangle rule to mark packets as i only have a 2011 in their at the moment and my CCR is still being shipped and will only arrive through customs later this week or next week sometime.
 
CelticComms
Forum Guru
Forum Guru
Posts: 1766
Joined: Wed May 02, 2012 5:48 am

Re: rate-limit a VLAN

Mon Apr 14, 2014 2:18 pm

You seem to have a packet mark listed on the queue. Is that actually being set somewhere?
Interlynx | Networking and Information Security Consultants & Trainers | Email: routerlynx@gmail.com
BGP | EIGRP | OSPF | MPLS | Firewall | VPN | IPsec | Multicast | QOS | IPv4/6 | STP | VLAN | PON | AE | M2M | and more!

 
MrJingles
just joined
Topic Author
Posts: 4
Joined: Tue Jan 21, 2014 10:34 pm

Re: rate-limit a VLAN

Mon Apr 14, 2014 2:44 pm

Hi

yes that was another attempt to do packet mark and rate limit accordingly but also didn't work...maybe I'm doing something wrong?
 
CelticComms
Forum Guru
Forum Guru
Posts: 1766
Joined: Wed May 02, 2012 5:48 am

Re: rate-limit a VLAN

Mon Apr 14, 2014 3:31 pm

Well make sure that you are either packet marking and using the packet marks in the queue - or not...
Interlynx | Networking and Information Security Consultants & Trainers | Email: routerlynx@gmail.com
BGP | EIGRP | OSPF | MPLS | Firewall | VPN | IPsec | Multicast | QOS | IPv4/6 | STP | VLAN | PON | AE | M2M | and more!

 
MrJingles
just joined
Topic Author
Posts: 4
Joined: Tue Jan 21, 2014 10:34 pm

Re: rate-limit a VLAN

Thu Apr 17, 2014 4:10 pm

Ok so here is my current config-

I have an access port as follows -

add bridge=bridge-access-london interface=ether3-access-port-london

on that bridge I have all my VLANS -

add interface=bridge-access-london l2mtu=1594 name=vlan-1001-cust1 vlan-id=1001
add interface=bridge-access-london l2mtu=1594 name=vlan-1002-cust2 vlan-id=1002
add interface=bridge-access-london l2mtu=1594 name=vlan1003-cust3 vlan-id=1003



and then I bridge the vlan with the customer's interfaces as follows -

add bridge=bridge-cust3 interface=vlan1003-cust3
add bridge=bridge-cust3 interface=ether4-cust3
add bridge=bridge-cust1 interface=ether8
add bridge=bridge-cust1 interface=vlan-1001-cust1
add bridge=bridge-cust2 interface=vlan-1002-cust2
add bridge=bridge-cust2 interface=ether2-cust2


I dont have any IPs on the mikrotik between tik and customer, only VLANs

now I need to rate-limit these customers on 50Mbps, 150Mpbs and 100Mbps

when I add a queue as follows it doesn't work as it doesn't pick up any traffic on the queue even though the customer is doing 50Mbps +

add max-limit=50M/50M name=queue-vlan-cust1 target=vlan-1001-cust1


please can someone help me

thanks
 
Duduhandelman
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Wed Jan 04, 2012 5:30 pm

Re: rate-limit a VLAN

Thu Apr 17, 2014 9:47 pm

Lets give it a try.
Have you enabled the firewall on the bridge?
Have you created packet marks with the firewall?

After you will see the counters climbing in the firewall mangle create quee tree.
And it should work keep in mind that you are limiting only the outgoing interface.

Give it a try.

Who is online

Users browsing this forum: Baks38RUS, Bing [Bot], capy2008, Moomoo71, Sob, StephenL and 85 guests