Community discussions

 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

FastTrack-Friendly QoS Script

Tue Oct 11, 2016 7:09 am

Hi all,

Here is my FastTrack-friendly QoS script, based on one made by IntrusDave. It supports IPv4 and IPv6, and uses DSCP markings to match packets. It is fasttrack-friendly, but does not require fasttrack.

The mappings of IP precedence values to queues is in line with Cisco's AVVID 802.1p UP-Based Traffic Types, used for wireless networks, and compatible with wireless priority from MikroTik and other vendors

To retain compatibility with FastTrack, it uses interface-attached HTB rather than global-attached (fasttracked packets bypass global HTB, but are still queued by interface HTB). The inbound WAN (download) rate queueing is implemented as outbound queueing on the internal interface, since interface-attached HTB only works for egress. This is fine for many home-use scenarios where there is only one LAN subnet and only one WAN subnet.

With this solution, any traffic that is left at DSCP 0 (Best Effort) will be fasttracked; other traffic will need to bypass fasttrack to get proper priority. Of course, in many cases, most traffic will not be tagged already. If you need to manually tag traffic, this can be done by bypassing fasttrack on only the packets you need to tag (by creating an 'accept' rule for that traffic (also matching connection-state=established,related) just above the fasttrack rule). Then you can add mangle rules to set DSCP tags on those packets, and place those mangle rules at the top of the list, above the other mangle rules created by this script.

You'll need to copy and paste the script into scripts (system->scripts->new (+)->paste), change the upload and download bandwidth and inbound and outbound interface names at the top to match your settings, and run the script. (the bandwidths should be slightly less than what you normally receive as your maximum)
# this is based on IntrusDave's QoS script, but modified
# qosClasses are largely based on Cisco Wireless QoS mappings/guide

#Set outbound (WAN) interface here
:local outboundInterface "ether1"

#Set UPLOAD bandwidth of the outbound (WAN) interface
:local outInterfaceBandwidth 4900k

#Set inbound (LAN) interface here
:local inboundInterface "bridge"

#Set DOWNLOAD bandwidth of the outbound (WAN) interface
:local inInterfaceBandwidth 34500k

#Set type of queue here
:local queueType wireless-default

#Set where in the chain the packets should be mangled
:local mangleChain postrouting

#Don't mess with these. They set the parameters for what is to follow
:local queueName ("QoS_" . $outboundInterface)
:local inQueueName ("QoS_" . $inboundInterface)
# qosClasses from highest to lowest priority
:local qosClasses [:toarray "Network Control (Top Priority),Internetwork Control (High Priority),Voice (Medium-High Priority),Interactive Video (Medium Priority),Critical Data or Call Signaling (Medium-Low Priority),Best Effort (Low Priority),Background (Very Low Priority),Scavenger (Bottom Priority)"]
# maps queue priorities from highest to lowest to IP precedence values
:local priorityToIpPrecedenceMappings [:toarray "7,6,5,4,3,0,2,1"]
# queue priority used for best effort traffic (IP precedence 0)
:local beQueuePriority 6

/ip firewall mangle add action=set-priority \
   chain=postrouting new-priority=from-dscp-high-3-bits \
   passthrough=yes comment="Respect DSCP tagging"
/ip firewall mangle add action=set-priority \
   chain=postrouting new-priority=6 packet-size=0-123 \
   passthrough=yes protocol=tcp tcp-flags=ack comment="Prioritize ACKs"
/ip firewall mangle add action=accept \
   chain=postrouting priority=0 \
   comment="IP Precedence (aka Packet Priority) 0 - Best Effort (Low Priority) (default)"


:for indexA from 1 to 7 do={
    :local qosIndex (7-$indexA)
    # skip best effort in list
    :if ($indexA <= (8-$beQueuePriority)) do={ :set qosIndex (8-$indexA) }
    :local subClass ([:pick $qosClasses $qosIndex] )
    /ip firewall mangle add action=mark-packet chain=$mangleChain comment=("IP Precedence (aka Packet Priority) " . $indexA . " - " . $subClass . " (apply packet mark ip_precedence_" . $indexA . ")") \
         disabled=no priority=($indexA) new-packet-mark=("ip_precedence_" . $indexA) passthrough=no
}

:if ([/system package find name=ipv6 disabled=no] = "") do={
    :log info "IPv6 package is not installed - skipping IPv6 mangle rules";
} else={

   :for dscpValue from 0 to 7 do={
   /ipv6 firewall mangle add action=accept \
      chain=postrouting dscp=$dscpValue \
      comment="IP Precedence 0 (DSCP $dscpValue) - Best Effort (Low Priority) (default)"
   }

   :for indexA from 1 to 7 do={
       :local qosIndex (7-$indexA)
       # skip best effort in list
       :if ($indexA <= (8-$beQueuePriority)) do={ :set qosIndex (8-$indexA) }
       :local subClass ([:pick $qosClasses $qosIndex] )
       :for dscpValue from ($indexA*8) to (($indexA*8)+7) do={
       /ipv6 firewall mangle add action=mark-packet chain=$mangleChain comment=("IP Precedence " . $indexA . " (DSCP " . $dscpValue . ") - " . $subClass . " (apply packet mark ip_precedence_" . $indexA . ")") \
            disabled=no dscp=$dscpValue new-packet-mark=("ip_precedence_" . $indexA) passthrough=no
       }
   }

}

/queue tree add max-limit=$outInterfaceBandwidth name=$queueName parent=$outboundInterface comment="Uplink QoS" queue=$queueType
:for queuePriority from=1 to=8 do={
   :local qosIndex ($queuePriority-1)
   :local subClass ([:pick $qosClasses $qosIndex] )
   :local ipPrecedence ([:pick $priorityToIpPrecedenceMappings $qosIndex])
   :local ipPrecedenceMark ("ip_precedence_" . $ipPrecedence)
   :if ($ipPrecedence = "0") do={ :set ipPrecedenceMark ("no-mark") }
   /queue tree add \ 
      name=("IP Precedence " . $ipPrecedence . ". " . $subClass . " - " . $outboundInterface ) \
      parent=$queueName \
      priority=($queuePriority) \
      queue=$queueType \
      packet-mark=$ipPrecedenceMark \
      comment=("Queue Priority " . $queuePriority)
}

/queue tree add max-limit=$inInterfaceBandwidth name=$inQueueName parent=$inboundInterface comment="Downlink QoS" queue=$queueType
:for queuePriority from=1 to=8 do={
   :local qosIndex ($queuePriority-1)
   :local subClass ([:pick $qosClasses $qosIndex] )
   :local ipPrecedence ([:pick $priorityToIpPrecedenceMappings $qosIndex])
   :local ipPrecedenceMark ("ip_precedence_" . $ipPrecedence)
   :if ($ipPrecedence = "0") do={ :set ipPrecedenceMark ("no-mark") }
   /queue tree add \ 
      name=("IP Precedence " . $ipPrecedence . ". " . $subClass . " - " . $inboundInterface ) \
      parent=$inQueueName \
      priority=($queuePriority) \
      queue=$queueType \
      packet-mark=$ipPrecedenceMark \
      comment=("Queue Priority " . $queuePriority)
}
Then, if you are using fasttrack, to allow DSCP-tagged packets to be classified properly, bypass fast-track for those packets by adding the following:
/ip firewall filter add action=accept chain=forward comment="Bypass fasttrack for non-zero DSCP" connection-state=established,related dscp=!0
Move that filter just *BEFORE* your fast-track rule! All DSCP-marked packets will then be queued appropriately, and DSCP 0 packets fast-tracked. Fast-tracked packets are all placed in the best effort queue.
Last edited by mducharme on Fri Oct 28, 2016 3:16 am, edited 14 times in total.
 
naylynnaung
just joined
Posts: 12
Joined: Wed Oct 12, 2016 7:53 am
Location: Yangon, Myanmar
Contact:

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 8:08 pm

Thanks for your script. I change the necessary values in your script just like you said. My network use PPPOE connection to my ISP. So, I change the outbound interface to PPPOE, which is the name of the interface I set in my configuration. It is actually virtual interface which use ether 1 interface. I set upload speed to 512k and download speed to 1024k. I think I can see the significant improvements in my network. However, I think some of the mangle rules are not match. Because I look at the bytes. Some of the mangle rules not match yet. Why? The rules not match are,

Background
Critical Data
Interactive Video
Voice
Network Control

They seems to not match. Why?

Please help me.
Nay Lynn Aung
MTCNA, MTCRE, MTCTCE
Yangon, Myanmar
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 8:37 pm

Thanks for your script. I change the necessary values in your script just like you said. My network use PPPOE connection to my ISP. So, I change the outbound interface to PPPOE, which is the name of the interface I set in my configuration. It is actually virtual interface which use ether 1 interface. I set upload speed to 512k and download speed to 1024k. I think I can see the significant improvements in my network. However, I think some of the mangle rules are not match. Because I look at the bytes. Some of the mangle rules not match yet. Why? The rules not match are,

Background
Critical Data
Interactive Video
Voice
Network Control

They seems to not match. Why?

Please help me.
This matches traffic that is already tagged with DSCP tags. If your traffic has no tag, you can create your own mangle rules to match the traffic and apply a relevant DSCP tag at the top of the mangle list, above the other rules. Then when it hits that rule, it will match the DSCP and will get placed into the proper queue.

If you use fasttrack, you might also need to create a regular firewall rule to bypass fasttrack for for the traffic you need DSCP applied to. At your low bandwidth though, you probably do not need fasttrack.
 
naylynnaung
just joined
Posts: 12
Joined: Wed Oct 12, 2016 7:53 am
Location: Yangon, Myanmar
Contact:

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 9:06 pm

How to do? I'm very new to MikroTik. I'm not familiar with terms and options. Please guide me step by step if you can. Please. I want all of your mangle rules to match and used. Also, please check my mangle page that I attached. Thanks.
You do not have the required permissions to view the files attached to this post.
Nay Lynn Aung
MTCNA, MTCRE, MTCTCE
Yangon, Myanmar
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 9:28 pm

Nice QoS support script.

One question though:
It's my understanding that fasttrack skips pretty much everything in the packet forwarding process - including firewall and queues.
So wouldn't a fasttracked connection simply skip over all of this?
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
naylynnaung
just joined
Posts: 12
Joined: Wed Oct 12, 2016 7:53 am
Location: Yangon, Myanmar
Contact:

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 9:41 pm

Do I need to set DSCP values also in every mangles?
When I run the script, the priority 1 to 7 do not have DSCP values. Only the priority 0 have DSCP. Other 7 priority only have priority values not DSCP values.
In your codes, there is some lines with "$dscp". What that mean? I think I have problem with DSCP values now.
Please help me. Only DSCP values.
Thanks. I don't have any DSCP values in Priority 1 to 7. Why?
Nay Lynn Aung
MTCNA, MTCRE, MTCTCE
Yangon, Myanmar
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 10:09 pm

Do I need to set DSCP values also in every mangles?
When I run the script, the priority 1 to 7 do not have DSCP values. Only the priority 0 have DSCP.
No - the priority is derived from DSCP.
Note the very first mangle rule created by this script:
add action=set-priority chain=postrouting new-priority=from-dscp-high-3-bits passthrough=yes
This means that the router will examine each IP packet after the routing decision has been made, and use the top 3 bits of the DSCP field (which itself is the top 6 bits of the TOS byte) and use those three bits to set the priority. This is the standard for DSCP anyway - it is laid out so that the top 3 bits of the various DSCP values will map to an "IP precedence" value 0..7

So basically, if a packet comes along, having an IP precedence value of 4, the mangle rule will set the packet priority to 4 as well. This priority is what the remaining mangle rules will use to match the packets and put packet marks on them.

@mducharme: One other thing I noticed is that the Best Effort mark requires both dscp=0 and priority=0. Why did you specify dscp=0 as a criteria in this rule? There are a few possible DSCP values which still map to IP precedence 0, and those packets would fall through the mangle table un-marked... which I suppose is not going to affect which queue they hit since the BE queue is matching un-marked packets, but the stickler in me sees these packets being forced to compare against all rules and not just quick-exiting at the beginning with the rest of the BE traffic.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
naylynnaung
just joined
Posts: 12
Joined: Wed Oct 12, 2016 7:53 am
Location: Yangon, Myanmar
Contact:

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 10:19 pm

Still. I got some mangle rules not matched. Why? You can check my above attached screenshot. Some mangles are 0 bytes. Also there is one thing. Some syntax error have in this chunk of code

:if ([/system package find name=ipv6 disabled=no] = "") do={
:log info "IPv6 package is not installed - skipping IPv6 mangle rules";
} else={

:for dscpValue from 0 to 7 do={
/ipv6 firewall mangle add action=accept \
chain=postrouting dscp=$dscpValue \
comment="IP Precedence 0 (DSCP $dscpValue) - Best Effort (Low Priority) (default)"
}

In the final line, comment="IP Precedence 0 (DSCP $dscpValue) - Best Effort (Low Priority) (default)"
What is that "$" sign. The system said it is wrong with red cursor.
I can only run the script when I delete that "$" sign.
I'm afraid that some functionality might be missed.
Educate me. Thanks
Nay Lynn Aung
MTCNA, MTCRE, MTCTCE
Yangon, Myanmar
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 10:50 pm

Still. I got some mangle rules not matched. Why?
This is probably normal. Most traffic is going to have DSCP=0, thus you're not going to see a lot of matches on these other priorities.
What these script rules basically do is enforce the DSCP values if they already exist on packets.

If your devices aren't sending packets with DSCP values in them, then you must match packets by some other criteria and set the priority value yourself.

Other things that typically mark packets by default are:
SIP (typically precedence 3)
RTP (voice) - uses DSCP_46 which maps to priority 5

I noticed that ROS's BGP and OSPF engines mark their packets with CS6 (IP precedence 6), so routing protocol traffic would get mapped to the internetwork control queue - nice!
(These are more important than voice because if they get dropped due to congestion, then network connectivity could be completely lost)
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 11:00 pm

In the final line, comment="IP Precedence 0 (DSCP $dscpValue) - Best Effort (Low Priority) (default)"
What is that "$" sign. The system said it is wrong with red cursor.
I can only run the script when I delete that "$" sign.
I'm afraid that some functionality might be missed.
Educate me. Thanks
I didn't notice it supports QoS for IPv6 as well. Awesome!

The $ means "variable" - so the script is supposed to replace $dscpValue with the actual dscp value (e.g. 46).
The line you refer to only uses it to make the comment tell you what DSCP value the rule is matching, so that line doesn't affect functionality.

Note how long the IPv6 mangle chain is because it doesn't support "priority from high 3 bits of TOS" action.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
naylynnaung
just joined
Posts: 12
Joined: Wed Oct 12, 2016 7:53 am
Location: Yangon, Myanmar
Contact:

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 11:10 pm

That IPv6 function code have some syntax error I think.
Take a look at my attached screenshot. There is red cursor over the $ sign and I can't execute the script. After I delete the $ sign, the script run normally.
What is wrong in that code, I don't know. Please explain.
You do not have the required permissions to view the files attached to this post.
Nay Lynn Aung
MTCNA, MTCRE, MTCTCE
Yangon, Myanmar
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 11:30 pm

Do you have IPv6 installed on your router? If not, then don't worry about it. The error seems to begin on the line "/ipv6 firewall" (firewall should be blue, not red - meaning that it doesn't know what that keyword means - everything after that is messed up by virtue of the fact that the command is invalid after that point)

Also - this script is designed to be pasted into a /system script, not directly onto the command line.

I went into scripts, added a new script, and pasted this script into the Source: window, then clicked Apply and Run Script.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
naylynnaung
just joined
Posts: 12
Joined: Wed Oct 12, 2016 7:53 am
Location: Yangon, Myanmar
Contact:

Re: FastTrack-Friendly QoS Script

Wed Oct 12, 2016 11:50 pm

Now. It's OK. Thanks for everything. It has something to do with " " and <space> and ( ) and those kind of things. Now, it's OK. It's already 3:00 AM in the morning here. I have to sleep. Bye.
Nay Lynn Aung
MTCNA, MTCRE, MTCTCE
Yangon, Myanmar
 
pe1chl
Forum Guru
Forum Guru
Posts: 5707
Joined: Mon Jun 08, 2015 12:09 pm

Re: FastTrack-Friendly QoS Script

Thu Oct 13, 2016 12:27 am

Still. I got some mangle rules not matched. Why?
This is probably normal. Most traffic is going to have DSCP=0, thus you're not going to see a lot of matches on these other priorities.
What these script rules basically do is enforce the DSCP values if they already exist on packets.

If your devices aren't sending packets with DSCP values in them, then you must match packets by some other criteria and set the priority value yourself.
It is best to handle this situation in prerouting by setting the DSCP on those packets, e.g. you match on IP, proto/port, whatever
to identify your voice traffic and then set the DSCP to 46 for those. Then later on in postrouting they are treated with proper
priority. And, the DSCP is further carried with the packet so you don't need all criteria for classifying the traffic at all your routers,
only at the edge routers that face the broken equipment/software that does not properly set DSCP itself.
(I try to do this in the sending system itself rather than in the router, but my systems are usually Linux so it is easy to do)
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Thu Oct 13, 2016 1:07 am

Nice QoS support script.

One question though:
It's my understanding that fasttrack skips pretty much everything in the packet forwarding process - including firewall and queues.
So wouldn't a fasttracked connection simply skip over all of this?
Yes and no.

Interface-attached queue trees work with fasttracked packets. What doesn't work is matching the DSCP tags and marking them, so all fasttracked packets will have no mark.

The way to make this work with fasttrack is you bypass fasttrack for all packets that you need to mark as something other than "best effort" by adding firewall rules to "accept" these before they hit the fasttrack rule. All best effort packets are still fasttracked, so you still benefit from fasttrack.

See screenshot below:
fasttrack-bypass.PNG
You do not have the required permissions to view the files attached to this post.
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Thu Oct 13, 2016 1:16 am

@mducharme: One other thing I noticed is that the Best Effort mark requires both dscp=0 and priority=0. Why did you specify dscp=0 as a criteria in this rule? There are a few possible DSCP values which still map to IP precedence 0, and those packets would fall through the mangle table un-marked... which I suppose is not going to affect which queue they hit since the BE queue is matching un-marked packets, but the stickler in me sees these packets being forced to compare against all rules and not just quick-exiting at the beginning with the rest of the BE traffic.
Thanks, just fixed that. I didn't notice the issue because I use fasttrack, so my BE packets get fasttracked and most do not hit the rule anyway.
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Thu Oct 13, 2016 2:47 am

Also, you can bypass fasttrack for any packets that have non-zero DSCP; this is helpful for matching packets marked by some other device.
fasttrack-bypass-dscp.PNG
You do not have the required permissions to view the files attached to this post.
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: FastTrack-Friendly QoS Script

Thu Oct 13, 2016 7:24 pm

I've been thinking about this some more.
In a nutshell, I think you cannot use fastpath forwarding if you want to perform QoS prioritization in your router.

If I'm missing something here, definitely point it out because my goal is to be as knowledgeable as possible.
Anyway, here we go.....

This solution is definitely an efficient QoS mechanism for ROS and I like it very much, but I think that mixing fastpath and slowpath traffic in the same router will break QoS.
The hybrid methodology of skipping fasttrack in order to queue certain traffic while allowing the rest to be fasttracked would be fine for a selective rate limiting solution, but would fail for actual packet priority-based QoS.

Here's why:
  • QoS prioritization only matters during congestion.
  • If there's no congestion, all traffic is simply forwarded in fifo fashion and everyone's happy. No packets are lost.
  • If there IS congestion, then QoS is the triage process by which the least important packets are dropped whenever the output buffer and output queues are all full.
  • In order to make an informed decision, the QoS mechanism must know how much bandwidth is available so that it knows when to start dropping low-priority packets in favor of important packets.
So far, so good, but here's where the hybrid fast/slow path solution runs into trouble:
  • Fastpath skips the system queues and goes straight to the final HW queue on the interface itself. If the HW queue is full, then the packet will be dropped. If not, then it will be queued.
  • The job of the system queues is to ensure there will always be room on the HW queue for priority packets.
  • If a low-priority packet comes along which would fill the HW queue, then this packet should be dropped as long as the priority queue still has bandwidth available in its budget.
  • The tree's root queue is how this bandwidth is tracked - child queues borrow bandwidth budget points from their parent queues.
  • The parent queue should run out of bandwidth at the same moment when the actual interface runs out of bandwidth. (or sooner)
Again - fastpath skips the system queues.

Therefore, the synchronization between the root queue of the tree is lost.

Because of this loss of sync, the queue tree can forward a low priority packet thinking there is still plenty of bandwidth remaining (fifo ftw!), unaware other flows have consumed the interface's bandwidth which the queue tree considered to be available. In this case, a high priority packet will not be prioritized over low priority traffic in the queue trees because the tree thinks there's still plenty of room for everyone - when in actuality there is not. Thus traffic is proceeding through the tree in a fifo manner. When the queue tree goes to place the packet (whatever its priority) onto the HW queue for egress - shock! the HW queue is full! The queue tree must drop the packet (rather, the HW queue will drop the packet)

The HW queue isn't always where this drop happens though. It gets worse.....

Suppose the router's egress interface is a high-capacity interface (like a gigabit ethernet port) but traffic is being throttled by some other device farther upstream. If this throttling device (DSL/cable modem, ONT, Wireless radio, etc) doesn't have any notion of QoS, then it's just going to do fifo and discard all packets that it has no room for on the wire (or which exceed a policing rate) regardless of priority. If the bottleneck DOES honor QoS - then you're going to be okay anyway, but this is pretty rare in most Internet access circuits. QoS-enabled circuits are usually enterprise-class offerings, and are usually internal wan links - not Internet connections because the Internet itself is a "best effort" network to begin with.

In this scenario where the bottleneck is upstream from your router, the only recourse is for your router to intelligently rate limit and prioritize the traffic BEFORE it reaches the dumb fifo such that it will always be below the fifo's threshold - i.e. you present traffic that the dumb fifo will never need to discard. This can only be done if the master queue's bandwidth budget is 100% accurate, and matches (or falls beneath) the actual bottleneck bandwidth amount.
THAT requires 100% of traffic to go through the queues.

Again, I love this simple architecture - and it's great in a no-fastpath-forwarding scenario. It's also great if you choose to do throttling - e.g.: rate limit video streaming to some maximum, while fasttracking the rest - but true priority-based QoS cannot function properly if the bandwidth budget is inaccurate.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Thu Oct 13, 2016 7:31 pm

  • Fastpath skips the system queues and goes straight to the final HW queue on the interface itself. If the HW queue is full, then the packet will be dropped. If not, then it will be queued.
    .
Here I am talking about FastTrack, and not FastPath. However, what you say is not completely accurate:

FastTrack skips all simple queues - so they are useless, yes
FastTrack skips all queue trees (HTB) with parent global, so they are useless, yes

However, FastTrack DOES NOT skip any queue trees with an *interface* as the parent. All FastTrack'ed packets are still queued by the queue tree, not the hardware queue. The only problem is everything has no-mark because FastTrack also skips any mangle rules that would mark the packets.

If you try it out, you see every FastTrack'ed packet indeed does get processed through this queue tree as a no-mark packet.

So with this solution, all traffic, including FastTrack traffic, is still queued and rate-limited, so the QoS functions properly.
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: FastTrack-Friendly QoS Script

Thu Oct 13, 2016 7:46 pm

However, FastTrack DOES NOT skip any queue trees with an *interface* as the parent. All FastTrack'ed packets are still queued by the queue tree, not the hardware queue. The only problem is everything has no-mark because FastTrack also skips any mangle rules that would mark the packets.
Okay - that's good to know. And given this, even traffic which skips the mangle table (fasttracked packets) will still hit the best effort queue because that queue is configured to match un-marked packets. Thus the parent queue's budget stays accurate.
Brilliant. That clears things up for me.

Sorry my post was so long, but I felt that I needed to explain why the issue of traffic missing the queue was an issue for prioritization (especially for those reading along who're learning how QoS works) - I wasn't trying to imply that you don't know what you're doing.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Thu Oct 13, 2016 7:53 pm

Sorry my post was so long, but I felt that I needed to explain why the issue of traffic missing the queue was an issue for prioritization (especially for those reading along who're learning how QoS works) - I wasn't trying to imply that you don't know what you're doing.
No offense taken, it is a common issue with QoS where some traffic does not get handled and bypasses the queueing. This is part of the reason why I generally prefer interface-attached HTB, because then with a no-mark option, and all marks accounted for, you can be sure that you have actually properly assigned a queue for all potential traffic.

BTW, these interface attached queue trees (HTB) similarly catch MPLS as no-mark and therefore can do queueing of MPLS packets. (and, there are also ways to mark specific MPLS packets so that you can do full blown MPLS QoS)
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Thu Oct 13, 2016 8:46 pm

Sorry my post was so long, but I felt that I needed to explain why the issue of traffic missing the queue was an issue for prioritization (especially for those reading along who're learning how QoS works) - I wasn't trying to imply that you don't know what you're doing.
BTW, is there a way of fixing the MikroTik wiki page on FastTrack (http://wiki.mikrotik.com/wiki/Manual:IP/Fasttrack) to reflect this behavior? Paragraph 2 on the page has the correct information:
Note that not all packets in a connection can be fasttracked, so it is likely to see some packets going through slow path even though connection is marked for fasttrack. This is the reason why fasttrack-connection is usually followed be identical action=accept rule. Fasttracked packets bypass firewall, connection tracking, simple queues, queue tree with parent=global, ip traffic-flow(restriction removed in 6.33), ip accounting, ipsec, hotspot universal client, vrf assignment, so it is up to administrator to make sure fasttrack does not interfere with other configuration;
The above quote from the wiki is completely accurate because it does not say that Fasttracked packets bypass queue tree with an interface as the parent (and they do not); however, later on the same page, there is a misleading warning:
Warning: Queues, firewall filter and mangle rules will not be applied for FastTracked traffic.
This not completely true due to the exception of interface-attached queue trees, and this warning is likely the reason why people have the misunderstanding that it is not possible to queue FastTrack'ed packets other than the regular hardware queue that everything goes through.

Is there a way to clarify that warning?
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: FastTrack-Friendly QoS Script

Thu Oct 13, 2016 9:04 pm

Warning: Queues, firewall filter and mangle rules will not be applied for FastTracked traffic.
This not completely true due to the exception of interface-attached queue trees, and this warning is likely the reason why people have the misunderstanding that it is not possible to queue FastTrack'ed packets other than the regular hardware queue that everything goes through.

Is there a way to clarify that warning?
Yeah, I think that's what was in my mind all along. I don't think the forums moderators have any editorial power on the wiki - so perhaps a Mikrotik admin will see this post and update it to something like this:

Warning: Queues (except queue trees parented to interfaces), firewall filter and mangle rules will not be applied for FastTracked traffic.

The Packet flow diagram v6 certainly depicts the interface HTB as the final step prior to egress, but it doesn't really show where fastpath fits into the flow... so perhaps that should be included in the updates.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
mltobing
just joined
Posts: 11
Joined: Thu Dec 15, 2016 9:19 am

Re: FastTrack-Friendly QoS Script

Mon Dec 26, 2016 10:54 am

Hello, I'm just beginner with mikrotik

I'm using QoS from alaskanjackal - Using RouterOS to prioritize (Qos) traffic for a Class C net
http://forum.routerboard.com/viewtopic. ... 33#p501518
With this, I can separate HTTP BROWSING & HTTP DOWNLOAD (connection-bytes=500000-0 connection-rate=200k-1000M)

At that thread, there is someone (IntrusDave) suggest using DSCP, and I found yours (I see your script based on IntrusDave's QoS script).
If I'm using your script, Can I get same result ?

Thanks
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Mon Dec 26, 2016 10:02 pm

Hello, I'm just beginner with mikrotik

I'm using QoS from alaskanjackal - Using RouterOS to prioritize (Qos) traffic for a Class C net
http://forum.routerboard.com/viewtopic. ... 33#p501518
With this, I can separate HTTP BROWSING & HTTP DOWNLOAD (connection-bytes=500000-0 connection-rate=200k-1000M)

At that thread, there is someone (IntrusDave) suggest using DSCP, and I found yours (I see your script based on IntrusDave's QoS script).
If I'm using your script, Can I get same result ?

Thanks
Yes you can with my script, you just have to add the rules to do this. I imagine if it is HTTP download, you'll probably want to reduce it to 'background', so you would probably give it a DSCP value of 16. First you should back up your config, and then remove the existing queues and QoS rules created by the existing script so they don't conflict, before installing mine. Then add the rule to de-prioritize HTTP download to 'background' class (ip precedence 2).

The idea of my script is to use existing DSCP on packets in a fasttrack-friendly way that still lets you keep your fasttrack rules. I don't include rules to apply DSCP to packets that don't have them because that will really depend on the user, each person may have different priorities in mind. Also, you need to bypass fasttrack for any packets that you need to apply DSCP tags to, so you lose more and more fasttrack benefits as you apply more and more DSCP tags. That is another reason why I do not include an 'HTTP Download' rule and things like that. A lot of QoS scripts will put in many rules that users do not really need, to prioritize things that they do not even use. Mine is kind of a 'base setup' that you add your own rules to based on the particular things that you either want to prioritize or de-prioritize.

I kind of see this happening in two different parts
- The nuts and bolts of the QoS being provided by the QoS engine, which is my script
- A 'rule bank' for applying DSCP tags to different types of traffic; users would pick rules from the 'rule bank' depending on what they needed and add them to the QoS system

My script is really the engine; there is no 'rule bank' currently, except you can pick and choose rules from other QoS scripts and apply them here, by placing them above the existing QoS rules and applying DSCP, and bypassing fasttrack for that same traffic so that the mangle rules work.
 
mltobing
just joined
Posts: 11
Joined: Thu Dec 15, 2016 9:19 am

Re: FastTrack-Friendly QoS Script

Wed Dec 28, 2016 9:51 am

Hi mducharme,

I cannot make it work. How to separate Browsing & Download traffic

If my script before:
add action=mark-connection chain=prerouting comment=HTTP connection-state=new \
    new-connection-mark=HTTP passthrough=yes port=80,443 protocol=tcp
add action=mark-connection chain=prerouting connection-bytes=800000-0 \
    connection-mark=HTTP connection-rate=128k-1G new-connection-mark=HTTP_BIG \
    passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=HTTP new-packet-mark=\
    HTTP passthrough=no
add action=mark-packet chain=prerouting connection-mark=HTTP_BIG \
    new-packet-mark=HTTP_BIG passthrough=no 
If I am using your script and I have fasttrack rule, how to get same result. Please help me. Thanks
 
mpdamon
just joined
Posts: 6
Joined: Tue Jan 31, 2017 6:42 pm

Re: FastTrack-Friendly QoS Script

Wed Feb 01, 2017 1:10 am

  • Fastpath skips the system queues and goes straight to the final HW queue on the interface itself. If the HW queue is full, then the packet will be dropped. If not, then it will be queued.
    .
Here I am talking about FastTrack, and not FastPath. However, what you say is not completely accurate:

FastTrack skips all simple queues - so they are useless, yes
FastTrack skips all queue trees (HTB) with parent global, so they are useless, yes

However, FastTrack DOES NOT skip any queue trees with an *interface* as the parent. All FastTrack'ed packets are still queued by the queue tree, not the hardware queue. The only problem is everything has no-mark because FastTrack also skips any mangle rules that would mark the packets.

If you try it out, you see every FastTrack'ed packet indeed does get processed through this queue tree as a no-mark packet.

So with this solution, all traffic, including FastTrack traffic, is still queued and rate-limited, so the QoS functions properly.
Very informative so thank you for that. I am confused though when you say that FastTrack bypasses mangle rules yet below you say that the traffic is still queued and rate-limited. So in that case how would I be able to mark the traffic that I want to prioritize?

Thanks
 
mpdamon
just joined
Posts: 6
Joined: Tue Jan 31, 2017 6:42 pm

Re: FastTrack-Friendly QoS Script

Thu Feb 02, 2017 7:50 pm

Is there a reason you use sfq instead of pcq?
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Wed Feb 08, 2017 6:26 am

Very informative so thank you for that. I am confused though when you say that FastTrack bypasses mangle rules yet below you say that the traffic is still queued and rate-limited. So in that case how would I be able to mark the traffic that I want to prioritize?

Thanks
Sorry, I missed this before. In order to mark the traffic you want to prioritize, you must create firewall rules that 'accept' this specific traffic that you want to mark before it hits the fasttrack rule, then your mangle will work because you will be effectively bypassing fasttrack for those packets only. Any traffic that hits the fasttrack rule will skip mangle and will therefore be treated as best-effort; any traffic that you either want to prioritize above best effort or de-prioritize below best effort must be mangled, and in order to mangle it, you must prevent this traffic from hitting the fasttrack rule by accepting it before it reaches that rule.

The first post includes a rule that automatically bypasses fasttrack if DSCP is non-zero, so for packets that are already tagged with DSCP, this will take care of all of them. You only need to create additional fasttrack bypass rules if there are packets that do not have DSCP applied that you either want to apply DSCP to, or simply apply the appropriate packet mark.
Last edited by mducharme on Wed Feb 08, 2017 6:38 am, edited 2 times in total.
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Wed Feb 08, 2017 6:29 am

Is there a reason you use sfq instead of pcq?
I would expect SFQ to be slightly more efficient in terms of CPU usage. SFQ is like PCQ but without the configuration options, if you are not going to tweak those, I believe there is little reason to use PCQ over SFQ.
 
mpdamon
just joined
Posts: 6
Joined: Tue Jan 31, 2017 6:42 pm

Re: FastTrack-Friendly QoS Script

Thu Mar 02, 2017 7:59 pm

Very informative so thank you for that. I am confused though when you say that FastTrack bypasses mangle rules yet below you say that the traffic is still queued and rate-limited. So in that case how would I be able to mark the traffic that I want to prioritize?

Thanks
Sorry, I missed this before. In order to mark the traffic you want to prioritize, you must create firewall rules that 'accept' this specific traffic that you want to mark before it hits the fasttrack rule, then your mangle will work because you will be effectively bypassing fasttrack for those packets only. Any traffic that hits the fasttrack rule will skip mangle and will therefore be treated as best-effort; any traffic that you either want to prioritize above best effort or de-prioritize below best effort must be mangled, and in order to mangle it, you must prevent this traffic from hitting the fasttrack rule by accepting it before it reaches that rule.

The first post includes a rule that automatically bypasses fasttrack if DSCP is non-zero, so for packets that are already tagged with DSCP, this will take care of all of them. You only need to create additional fasttrack bypass rules if there are packets that do not have DSCP applied that you either want to apply DSCP to, or simply apply the appropriate packet mark.

Thanks for your help with this. I've gotten this to work pretty well but I'm having an issue where I'm trying to mark some packets as precedence 7 but they are going through as 6. I have listed what I have added to see if you can help determine why. I can see it in the log when I log 6 and 7 mangle rules.

add action=mark-connection chain=postrouting comment="PS4 Outgoing Connection" connection-state=new log-prefix="ps4 connection:" \
new-connection-mark=ps4-connection-out passthrough=yes src-address=192.168.1.104
add action=mark-packet chain=postrouting comment="PS4 Outgoing Packets" connection-mark=ps4-connection-out log-prefix="ps4 marked:" \
new-packet-mark=ip_precedence_7 passthrough=no

add action=accept chain=forward log-prefix=ps4: src-address=192.168.1.104
add action=accept chain=forward comment="Bypass fasttrack for non-zero DSCP" connection-state=established,related dscp=!0
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Fri Mar 03, 2017 1:05 am

Thanks for your help with this. I've gotten this to work pretty well but I'm having an issue where I'm trying to mark some packets as precedence 7 but they are going through as 6. I have listed what I have added to see if you can help determine why. I can see it in the log when I log 6 and 7 mangle rules.

add action=mark-connection chain=postrouting comment="PS4 Outgoing Connection" connection-state=new log-prefix="ps4 connection:" \
new-connection-mark=ps4-connection-out passthrough=yes src-address=192.168.1.104
add action=mark-packet chain=postrouting comment="PS4 Outgoing Packets" connection-mark=ps4-connection-out log-prefix="ps4 marked:" \
new-packet-mark=ip_precedence_7 passthrough=no

add action=accept chain=forward log-prefix=ps4: src-address=192.168.1.104
add action=accept chain=forward comment="Bypass fasttrack for non-zero DSCP" connection-state=established,related dscp=!0
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
Perhaps they are getting caught by the "prioritize ACKs" mangle rule?
 
mpdamon
just joined
Posts: 6
Joined: Tue Jan 31, 2017 6:42 pm

Re: FastTrack-Friendly QoS Script

Fri Mar 03, 2017 1:13 am

Perhaps they are getting caught by the "prioritize ACKs" mangle rule?
I have my mangle rules above that one. I just looked and now I'm not getting any packets marked as "7" i must have something wrong somewhere. Maybe shouldn't be postrouting?


I take that back. they won't actually show up in the precedence 7 because I'm marking them earlier. however I do still have traffice from that ip showing up in precedence 6. So not sure why for that.
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Fri Mar 03, 2017 3:05 am

Perhaps they are getting caught by the "prioritize ACKs" mangle rule?
I have my mangle rules above that one. I just looked and now I'm not getting any packets marked as "7" i must have something wrong somewhere. Maybe shouldn't be postrouting?


I take that back. they won't actually show up in the precedence 7 because I'm marking them earlier. however I do still have traffice from that ip showing up in precedence 6. So not sure why for that.
What are you seeing in the packet counters, and what is getting logged?

In case it helps, I can show you a similar rule I have for NetFlix prioritization (though I do it slightly differently)

I find that NetFlix always sends data to me from a certain IP so I match that IP (185.101.97.195).

In my firewall filter rules I have:

30 ;;; bypass fasttrack for netflix
chain=forward action=accept connection-state=established,related connection-mark=netflix log=no log-prefix=""

Then, in my mangle rules:

17 ;;; Prioritize Netflix
chain=forward action=mark-connection new-connection-mark=netflix passthrough=yes src-address=185.101.97.195 log=no log-prefix=""

18 chain=forward action=change-dscp new-dscp=32 passthrough=yes connection-mark=netflix log=no log-prefix=""

19 ;;; Respect DSCP tagging
chain=postrouting action=set-priority new-priority=from-dscp-high-3-bits passthrough=yes

Mangle rule 19 above is already included with my script, I just included it so that you could see the relative positioning of my prioritization rules.

I mark the DSCP tags instead of directly marking the precedence so that I can use this tag on additional internal routers if I had them, but I could just as easily mark packet as ip_precedence_4 with the mangle rule listed as 18, then I wouldn't really need the passthrough=yes on that setting (that approach is closer to what you are doing).
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Fri Mar 03, 2017 3:15 am

Also, look in the "Connections" tab of IP->Firewall to make sure the connection in question is getting marked properly. You should see it in there with the connection mark you are applying.

As you can see, it works for me and makes certain that I can browse the web on my PC without interfering with NetFlix viewing:
Netflix Priority.PNG
Netflix-connection.PNG
You do not have the required permissions to view the files attached to this post.
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Fri Mar 03, 2017 3:44 am

From looking at the packet flow diagram: https://wiki.mikrotik.com/wiki/Manual:Packet_Flow_v6

It looks like postrouting happens *after* the connection tracking, so that might explain why your PS4 prioritization isn't working.
 
mpdamon
just joined
Posts: 6
Joined: Tue Jan 31, 2017 6:42 pm

Re: FastTrack-Friendly QoS Script

Fri Mar 03, 2017 5:15 am

From looking at the packet flow diagram: https://wiki.mikrotik.com/wiki/Manual:Packet_Flow_v6

It looks like postrouting happens *after* the connection tracking, so that might explain why your PS4 prioritization isn't working.
I'll take a look at the connections tab. I hadn't really looked at that yet. the traffic is going up on the firewall rule. thanks for your help. I'm going to look through your example to understand better.
 
mducharme
Trainer
Trainer
Topic Author
Posts: 795
Joined: Tue Jul 19, 2016 6:45 pm

Re: FastTrack-Friendly QoS Script

Fri Mar 03, 2017 5:27 am

From looking at the packet flow diagram: https://wiki.mikrotik.com/wiki/Manual:Packet_Flow_v6

It looks like postrouting happens *after* the connection tracking, so that might explain why your PS4 prioritization isn't working.
I'll take a look at the connections tab. I hadn't really looked at that yet. the traffic is going up on the firewall rule. thanks for your help. I'm going to look through your example to understand better.
Oh, BTW I missed one rule change from my screenshots - the NetFlix address changed, so I had to change the mangle rule:

17 ;;; Prioritize Netflix
chain=forward action=mark-connection new-connection-mark=netflix passthrough=yes src-address=108.175.32.0/20 log=no log-prefix=""

The old rule did not catch the 108.175.42.191 address
 
pe1chl
Forum Guru
Forum Guru
Posts: 5707
Joined: Mon Jun 08, 2015 12:09 pm

Re: FastTrack-Friendly QoS Script

Fri Mar 03, 2017 12:09 pm

That is going to be an ongoing problem. You might be able to work around it by using a DNS-based address list.
(I don't know how Netflix uses addresses and DNS)
 
User avatar
nest
Forum Veteran
Forum Veteran
Posts: 809
Joined: Tue Feb 27, 2007 1:52 am
Location: UK
Contact:

Re: FastTrack-Friendly QoS Script

Thu Mar 16, 2017 3:35 pm

Is there a way to clarify that warning?
I have corrected the Wiki :)
It now states:
"Queues (except Queue Trees parented to interfaces), firewall filter and mangle rules will not be applied for FastTracked traffic"
Ron Touw - Mikrotik Certified Trainer
LinITX.com - MultiThread Consultants
Get your MikroTik RBs and Training: http://linitx.com/category/166
Largest Official UK MikroTik Distributor
IRC channel: #routerboard on irc.z.je (IPv4), 6.irc.z.je (IPv6)
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: FastTrack-Friendly QoS Script

Thu Mar 16, 2017 10:16 pm

Very informative so thank you for that. I am confused though when you say that FastTrack bypasses mangle rules yet below you say that the traffic is still queued and rate-limited. So in that case how would I be able to mark the traffic that I want to prioritize?

Thanks
This is just the physical hardware queues which are simple fifos - so no prioritization is possible with them.

EDIT:
Whoops, this is what I get for not reading the thread after being away for a while.... The above is not correct. What I should have said was:

The firewall filter rules are configured to only trigger fasttrack-connection whenever the packet is part of a "best effort" flow. This means that future packets in the fast-tracked connection cannot be mangled - thus they will not be packet-marked. However, a queue tree parented to the egress interface will see the packets (even if fast-tracked). So the best-effort sub-queue of this tree is configured to match unmarked packets; that way it will match the best effort traffic and queue accordingly. All other classes of traffic must never match the "fasttrack-connection" rule in your forward chain, or else they will get lumped in with the best effort.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
User avatar
frank333
Member Candidate
Member Candidate
Posts: 117
Joined: Mon Dec 18, 2017 12:17 pm
Location: italy Router model: RB3011UiAS-RM

Re: FastTrack-Friendly QoS Script

Sun Jan 14, 2018 12:32 am

Hi all,
Here is my FastTrack-friendly QoS script, based on one made by IntrusDave. It supports IPv4 and IPv6, and uses DSCP markings to match packets. It is fasttrack-friendly, but does not require fasttrack...............
I tried to run the script with ROS 6.41 but didn't start.
I tried to run only the main part of the script and it works; while the rest does not work.
I wanted to use your script to run Active Congestion Control.
 
MarekP
just joined
Posts: 2
Joined: Fri Feb 16, 2018 1:42 pm

Re: FastTrack-Friendly QoS Script

Fri Feb 16, 2018 3:48 pm

Hi! Im new in the world of mikrotil!!! :)

I have a question about how to work the priorization! My network is over MPLS/VPLS and pppoe for the customers.
I want apply QoS for my VoIP (Because the comunication sound like robotic). I have this in mi MK:

chain=forward action=set-priority new-priority=from-dscp-high-3-bits passthrough=yes

The packet are marked as "EF" in the Asterisk and in the ATA customer!
I dont created queues and the trunks never are full.

Thanks in advace guys!
 
Rexxv
just joined
Posts: 1
Joined: Thu May 10, 2018 6:45 pm

Re: FastTrack-Friendly QoS Script

Thu May 10, 2018 7:27 pm

hi,

this script does not seem to unin ROS 6.42.1
 
edouardkleinhans
just joined
Posts: 2
Joined: Thu Jun 14, 2018 5:58 pm

Re: FastTrack-Friendly QoS Script

Mon Jun 18, 2018 6:21 pm

Hi,

Hello,

if i understand you script, when i want to add priority to HTTP service, i need to bypass fasttrack

;;; bypass fasttrack for HTTP
chain=forward action=accept connection-state=established,related connection-mark=HTTP

Then, in my mangle rules:

17 ;;; Prioritize HTTP
add action=mark-connection chain=prerouting comment=HTTP connection-mark=!HTTP_BIG connection-state=new new-connection-mark=HTTP port=80,443,8080 protocol=tcp
add action=mark-connection chain=prerouting connection-bytes=500000-0 connection-mark=HTTP connection-rate=200k-100M new-connection-mark=HTTP_BIG protocol=tcp
add action=mark-packet chain=prerouting connection-mark=HTTP_BIG new-packet-mark=ip_precedence_4 passthrough=no
add action=mark-packet chain=prerouting connection-mark=HTTP new-packet-mark=ip_precedence_5 passthrough=no

19 ;;; Respect DSCP tagging
chain=postrouting action=set-priority new-priority=from-dscp-high-3-bits passthrough=yes

Can you confirm this configuration ?
 
User avatar
Etz
Member Candidate
Member Candidate
Posts: 153
Joined: Thu Mar 27, 2014 10:09 am
Location: Estonia

Re: FastTrack-Friendly QoS Script

Mon Aug 05, 2019 7:40 pm

You'll need to copy and paste the script into scripts (system->scripts->new (+)->paste), change the upload and download bandwidth and inbound and outbound interface names at the top to match your settings, and run the script. (the bandwidths should be slightly less than what you normally receive as your maximum)
Got a question though, what if I have multiple outbound interfaces (2 bridges, one per switch group)?

Who is online

Users browsing this forum: No registered users and 5 guests