Community discussions

MUM Europe 2020
 
variable
Member Candidate
Member Candidate
Topic Author
Posts: 217
Joined: Wed Apr 13, 2005 4:36 am

traffic prioritizing

Fri Aug 25, 2006 7:21 am

I am finally to the point where queueing individual users is no longer the only solution necessary. I would like to start prioritizing traffic from my main router. I am using mikrotik as my main router and all traffic is going through it. I would like traffic priority to go in the following order: voip, http, other, p2p; and have created these rules:
/ip firewall mangle print
 0   chain=prerouting src-address=xxx action=mark-connection 
     new-connection-mark=voip_conn passthrough=yes 
 
 1   chain=prerouting src-address=xxx action=mark-packet 
     new-packet-mark=voip passthrough=no 
 
 2   chain=prerouting protocol=tcp dst-port=80 action=mark-connection 
     new-connection-mark=http_conn passthrough=yes 
 
 3   chain=prerouting connection-mark=http_conn action=mark-packet 
     new-packet-mark=http passthrough=no 
 
 4   chain=prerouting p2p=all-p2p action=mark-connection 
     new-connection-mark=p2p_conn passthrough=yes 
 
 5   chain=prerouting connection-mark=p2p_conn action=mark-packet 
     new-packet-mark=p2p passthrough=no 
 
 6   chain=prerouting action=mark-connection new-connection-mark=other_conn 
     passthrough=yes 
 
 7   chain=prerouting connection-mark=other_conn action=mark-packet 
     new-packet-mark=other passthrough=no 
 
and
/queue tree print
Flags: X - disabled, I - invalid 
 0   name="http" parent=global-total packet-mark=http limit-at=0 queue=default 
     priority=2 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s 
 
 1   name="voip" parent=global-total packet-mark=voip limit-at=0 queue=default 
     priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s 
 
 2   name="other" parent=global-total packet-mark=other limit-at=0 
     queue=default priority=3 max-limit=0 burst-limit=0 burst-threshold=0 
     burst-time=0s 
 
 3   name="p2p" parent=global-total packet-mark=p2p limit-at=0 queue=default 
     priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
does this look correct?
 
cmit
Forum Guru
Forum Guru
Posts: 1552
Joined: Fri May 28, 2004 12:49 pm
Location: Germany

Fri Aug 25, 2006 10:04 am

I suppose your mangle rule number 1 (the second rule) should read:
1   chain=prerouting connection-mark=voip_conn action=mark-packet
     new-packet-mark=voip passthrough=no
(i.e. marking the packets belonging to the voip connections, as you did further down with the other protocols).
If you can identify all VoIP traffic just by your source address, depends on your setup - but you'll know what you do.

Apart from that things look good for starters.
You could save one mangle rule, though: To mark the "rest", I'd say there's no need to connection-mark first - just mark ALL remaining packets directly.
So, replace rules 6 and 7 with just one rule:
6   chain=prerouting action=mark-packet new-packet-mark=other
     passthrough=no
Best regards,
Christian Meis
 
variable
Member Candidate
Member Candidate
Topic Author
Posts: 217
Joined: Wed Apr 13, 2005 4:36 am

Fri Aug 25, 2006 7:18 pm

Is this all I would need or is there other configurations I need elsewhere that to make the traffic prioritized. I tried to testing by making icmp priority 1, voip 2, etc... And loaded my line to full and then tried to ping stuff and was still getting the same high numbers as if I had no prioritizing at all?
 
User avatar
Equis
Forum Veteran
Forum Veteran
Posts: 888
Joined: Mon Jun 06, 2005 6:48 am

Sun Aug 27, 2006 2:54 pm

I have found for it to work you have to set your max to about 15% less than your real bandwidth.

I have 1m but need to set max at 800 - 850 to be affective.
 
variable
Member Candidate
Member Candidate
Topic Author
Posts: 217
Joined: Wed Apr 13, 2005 4:36 am

Mon Aug 28, 2006 12:13 am

do you need to set max just to prioritize the traffic? Do you set it to amount*.85 for each item then?
 
User avatar
Equis
Forum Veteran
Forum Veteran
Posts: 888
Joined: Mon Jun 06, 2005 6:48 am

Mon Aug 28, 2006 12:59 am

Hello

You set a max for the parent (I use simple queues) of .85
the other dont matter

start low (.85) and work your way up.

to test, open a p2p program wait 5 mins, then do a ftp transfer, teh p2p should almost stop to wait

:)
 
variable
Member Candidate
Member Candidate
Topic Author
Posts: 217
Joined: Wed Apr 13, 2005 4:36 am

Mon Aug 28, 2006 1:32 am

Ah, so you need to set a parent queue, mt wont detect that line x is a t1 and act accordingly?
 
variable
Member Candidate
Member Candidate
Topic Author
Posts: 217
Joined: Wed Apr 13, 2005 4:36 am

Sun Sep 17, 2006 1:42 am

should it look something more like this for a t1?
 0   name="http" parent=master packet-mark=http limit-at=0 queue=default 
     priority=3 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s 

 1   name="voip" parent=master packet-mark=voip limit-at=0 queue=default 
     priority=2 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s 

 2   name="other" parent=master packet-mark=other limit-at=0 queue=default 
     priority=4 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s 

 3   name="p2p" parent=master packet-mark=p2p limit-at=0 queue=default 
     priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s 

 4   name="ping" parent=master packet-mark=ping limit-at=0 queue=default 
     priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s 

 5   name="master" parent=global-total packet-mark="" limit-at=0 queue=default 
     priority=8 max-limit=1544000 burst-limit=0 burst-threshold=0 
     burst-time=0s 
 
User avatar
Equis
Forum Veteran
Forum Veteran
Posts: 888
Joined: Mon Jun 06, 2005 6:48 am

Sun Sep 17, 2006 8:21 am

Yep

What I do is have p2p & ftp running at teh same time

Slow parent down untill p2p stops and ftp goes faster.

It's very hard to find a balence.

It's got to do with we cannot control what is requested and comes in. we can only slow it down on our side.
 
dannyboy
Member Candidate
Member Candidate
Posts: 195
Joined: Fri Sep 16, 2005 4:21 am
Location: Nicaragua/USA
Contact:

Tue Sep 19, 2006 7:37 am

question,

how doyou know what is VOIP traffic?
 
User avatar
Equis
Forum Veteran
Forum Veteran
Posts: 888
Joined: Mon Jun 06, 2005 6:48 am

Tue Sep 19, 2006 7:45 am

Use Torch.

I find out teh providers IP and prioriteze to that IP (not port)
 
dannyboy
Member Candidate
Member Candidate
Posts: 195
Joined: Fri Sep 16, 2005 4:21 am
Location: Nicaragua/USA
Contact:

Tue Sep 19, 2006 8:09 am

ok I see the ip, now I have four wans, I want to make all VOIP to go through one of my wans, so i need to make a mark routing where all connections to that ip uses that wan? I the voip server ip the dst or src address?

thanks
 
variable
Member Candidate
Member Candidate
Topic Author
Posts: 217
Joined: Wed Apr 13, 2005 4:36 am

Tue Sep 19, 2006 8:09 am

on my network all voip comes from a single server, so i just have that ip's traffic put in the voip mangle.
 
dannyboy
Member Candidate
Member Candidate
Posts: 195
Joined: Fri Sep 16, 2005 4:21 am
Location: Nicaragua/USA
Contact:

Tue Sep 19, 2006 8:25 am

thanks for the info I tried to do this but I see no traffic, also I use vonage and I see a couple of ip that show up. What I want to do for my clients, is to setup my mt to detect voip and to have that traffic use only one single wan for all voip. I have little bandwidth here in my country and I have four 512k for 40 users, now most of them got vonage!!! hate it and they complain about the quality of the voice, I know this is bamdwidth related and thats why I want to setup one wan just for voip. thats why I tried with ports 5060-5061 and 10000-20000, i read somewhere that does r the ports that vonage uses. but i could not get it to work

any idea how I can do this?
 
dannyboy
Member Candidate
Member Candidate
Posts: 195
Joined: Fri Sep 16, 2005 4:21 am
Location: Nicaragua/USA
Contact:

Tue Sep 26, 2006 7:52 am

Hello,

I tried to do some QoS with the p2p control. It does not work!! At least for Ares, I setup a simple queue telling it to give me a 64K limit on dowloads and uploads, well Ares just laughs at the rule. Has anyone have this working for Ares? I want to have the whole network set to a 128k upload and download.

I went into a simple queue, named it P2P, set the target ip to my computers ip and set the target upload and target download to 128k, went to Advance tab and set the P2P=all-p2p

IT DOES NOT WORK!!

So if this doesnt work, there is no QoS for p2p in MT, the only thing that works for me is to drop all p2p, than Ares cant connect at all.
 
User avatar
Equis
Forum Veteran
Forum Veteran
Posts: 888
Joined: Mon Jun 06, 2005 6:48 am

Tue Sep 26, 2006 8:01 am

Did you set Max limit or Limit at?

Make sure to set Max Limit
 
dannyboy
Member Candidate
Member Candidate
Posts: 195
Joined: Fri Sep 16, 2005 4:21 am
Location: Nicaragua/USA
Contact:

Tue Sep 26, 2006 8:24 am

name="p2p" target-addresses=192.168.10.131/32 dst-address=0.0.0.0/0
interface=all parent=none direction=both priority=1
queue=default/default limit-at=64000/64000 max-limit=64000/64000
total-queue=default-small p2p=all-p2p


this is the queue, but still does not work...
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Tue Sep 26, 2006 12:25 pm

it won't affect encrypted p2p. That can only be dropped in the firewall.
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
dannyboy
Member Candidate
Member Candidate
Posts: 195
Joined: Fri Sep 16, 2005 4:21 am
Location: Nicaragua/USA
Contact:

Tue Sep 26, 2006 6:03 pm

Ok,

For some reason the QoS code that is on this thread does not work for me. I copy and paste the firewall code for Http, there is two firewall rules, one connection-mark the other packet-mark, if I do it exactly like is on the thread, I wont be able to surf the Internet. So I played around and noticed that if I select passthrough on the mark-packet rule than I am able to surf. I looked at other examples and all of them have the passthrough unchecked, but if I do that I cant surf.

Any suggestions?

DannyBoy

Who is online

Users browsing this forum: MSN [Bot], tharangan and 146 guests