Community discussions

MikroTik App
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Queues Not Working

Sun Jan 15, 2023 12:24 pm

RB4011IGS V6.49 LAST STABLE
Fasttrack = OFF

i am trying to limit bandwidth in my Address list using Queues and Packet (Mark Connection and MArk Packet) but i got unlimithed bandwidth ? :shock:
 
erlinden
Forum Guru
Forum Guru
Posts: 1920
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: Queues Not Working

Sun Jan 15, 2023 12:32 pm

Can you please share your config:
/export hide-sensitive file=anynameyoulike
Don't forget to remove any personal information.
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: Queues Not Working

Sun Jan 15, 2023 12:46 pm

# jan/15/2023 12:44:04 by RouterOS 6.49.7
# software id = 
#
# model = RB4011iGS+
# serial number = 
/interface bridge
add admin-mac=DC::34:C8:17 auto-mac=no comment=defconf name=bridge
/interface ethernet switch port
set 0 default-vlan-id=0
set 1 default-vlan-id=0
set 2 default-vlan-id=0
set 3 default-vlan-id=0
set 4 default-vlan-id=0
set 5 default-vlan-id=0
set 6 default-vlan-id=0
set 7 default-vlan-id=0
set 8 default-vlan-id=0
set 9 default-vlan-id=0
set 10 default-vlan-id=0
set 11 default-vlan-id=0
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
add name=PPOE-POOL ranges=192.168.200.10-192.168.200.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge name=defconf
/ppp profile
add local-address=192.168.200.1 name=16_2M only-one=yes rate-limit=\
    16588k/16588k remote-address=default-dhcp
add local-address=192.168.200.1 name=20M only-one=yes rate-limit=\
    20684k/20684k remote-address=default-dhcp
add local-address=192.168.200.1 name=12M only-one=yes rate-limit=\
    12800k/12800k remote-address=default-dhcp
add local-address=192.168.200.1 name=16_5M only-one=yes rate-limit=\
    16896k/16896k remote-address=default-dhcp
add local-address=192.168.200.1 name=Test only-one=yes rate-limit=200M/200M \
    remote-address=default-dhcp
/queue type
add kind=pcq name=Download pcq-classifier=\
    src-address,dst-address,src-port,dst-port pcq-rate=768k
add kind=pcq name=Upload pcq-classifier=\
    src-address,dst-address,src-port,dst-port pcq-rate=768k
/interface bridge port
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=sfp-sfpplus1
/ip neighbor discovery-settings
set discover-interface-list=none protocol=""
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/interface pppoe-server server
add default-profile=16_2M disabled=no interface=bridge max-mru=1500 max-mtu=\
    1500 mrru=1600 service-name=service1
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
    192.168.88.0
/ip dhcp-client
add add-default-route=no disabled=no interface=ether1 use-peer-dns=no \
    use-peer-ntp=no
add add-default-route=no disabled=no interface=ether2 use-peer-dns=no \
    use-peer-ntp=no
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall address-list
add address=72.246.151.34 list=tiktok
add address=138.199.14.19 list=tiktok
add address=167.82.86.73 list=tiktok
add address=72.246.151.40 list=tiktok
add address=104.77.202.64 list=tiktok
add address=82.213.5.9 list=tiktok
add address=213.244.78.9 list=tiktok
add address=72.246.151.250 list=tiktok
add address=72.246.151.217 list=tiktok
add address=72.246.151.67 list=tiktok
add address=72.246.151.99 list=tiktok
add address=82.213.5.50 list=tiktok
add address=72.246.151.97 list=tiktok
add address=213.244.74.139 list=tiktok
add address=82.213.5.10 list=tiktok
add address=72.246.151.43 list=tiktok
add address=213.244.78.10 list=tiktok
add address=72.246.151.50 list=tiktok
add address=104.77.202.66 list=tiktok
add address=138.199.14.55 list=tiktok
add address=72.246.151.33 list=tiktok
add address=23.32.238.233 list=tiktok
add address=213.244.74.154 list=tiktok
add address=104.77.202.67 list=tiktok
add address=213.244.74.147 list=tiktok
add address=138.199.14.16 list=tiktok
add address=138.199.14.45 list=tiktok
add address=138.199.14.52 list=tiktok
add address=23.32.238.217 list=tiktok

/ip firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked disabled=yes
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid disabled=yes
add action=accept chain=input comment="defconf: accept ICMP" disabled=yes \
    protocol=icmp
add action=accept chain=input comment=\
    "defconf: accept to local loopback (for CAPsMAN)" disabled=yes \
    dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    disabled=yes in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
    disabled=yes ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
    disabled=yes ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related disabled=yes
add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked disabled=yes
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid disabled=yes
add action=drop chain=forward comment=\
    "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new disabled=yes in-interface-list=WAN
add action=add-dst-to-address-list address-list=Winbox address-list-timeout=\
    none-static chain=input dst-port=1994 in-interface-list=WAN protocol=tcp
add action=accept chain=input dst-port=1994 protocol=tcp
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address-type=!local \
    new-connection-mark=WAN_CON_1 passthrough=yes per-connection-classifier=\
    both-addresses-and-ports:2/0 src-address=192.168.88.0/24
add action=mark-connection chain=prerouting dst-address-type=!local \
    new-connection-mark=WAN_CON_2 passthrough=yes per-connection-classifier=\
    both-addresses-and-ports:2/1 src-address=192.168.88.0/24
add action=mark-routing chain=prerouting connection-mark=WAN_CON_1 \
    new-routing-mark=ROUTING1 passthrough=yes src-address=192.168.88.0/24
add action=mark-routing chain=prerouting connection-mark=WAN_CON_2 \
    new-routing-mark=ROUTING2 passthrough=yes src-address=192.168.88.0/24
add action=add-dst-to-address-list address-list=tiktok\
    address-list-timeout=none-static chain=prerouting comment=tiktok\
    disabled=yes protocol=tcp tls-host=*.tiktok.*
add action=add-dst-to-address-list address-list=tiktok address-list-timeout=\
    none-static chain=prerouting comment=Tiktok1 disabled=yes protocol=tcp \
    tls-host=*.tiktokcdn.com
add action=add-dst-to-address-list address-list=tiktok address-list-timeout=\
    none-static chain=prerouting comment=Tiktok2 disabled=yes protocol=tcp \
    tls-host=*.tiktokv.com
add action=add-dst-to-address-list address-list=tiktok address-list-timeout=\
    none-static chain=prerouting comment=Tiktok3 disabled=yes protocol=tcp \
    tls-host=*.myqcloud.com
add action=add-dst-to-address-list address-list=tiktok address-list-timeout=\
    none-static chain=prerouting comment=Tiktok4 disabled=yes protocol=tcp \
    tls-host=*.byteoversea.com
add action=add-dst-to-address-list address-list=tiktok address-list-timeout=\
    none-static chain=prerouting comment=Tiktok5 disabled=yes protocol=tcp \
    tls-host=*.ibyteimg.com
add action=add-dst-to-address-list address-list=tiktok address-list-timeout=\
    none-static chain=prerouting comment=Tiktok6 disabled=yes protocol=tcp \
    tls-host=*.ibytedtos.com
add action=add-dst-to-address-list address-list=tiktok address-list-timeout=\
    none-static chain=prerouting comment=Tiktok7 disabled=yes protocol=tcp \
    tls-host=*.tiktok.com


/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    ipsec-policy=out,none
/ip route
add comment=WAN1 distance=1 gateway=192.168.20.1 routing-mark=ROUTING1
add comment=WAN2 distance=1 gateway=192.168.1.1 routing-mark=ROUTING2


add distance=1 gateway=192.168.20.1
add distance=2 gateway=192.168.1.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api disabled=yes
set winbox port=1994
set api-ssl disabled=yes
/ip ssh
set strong-crypto=yes
/ppp secret

/system clock
set time-zone-name=
/system identity
set name=Windows
/system scheduler
add interval=20s name=schedule1 on-event=":local HOST \"8.8.8.8\"\r\
    \n:local PINGCOUNT \"30\"\r\
    \n:local INT \"ether1\"\r\
    \n:local DELAY \"5s\"\r\
    \n:local sub1 ([/system identity get name])\r\
    \n:local sub2 ([/system clock get time])\r\
    \n:local sub3 ([/system clock get date])\r\
    \n\r\
    \n:if ([/ping \$HOST interface=ether1 interval=1 count=\$PINGCOUNT] = 0) d\
    o={\r\
    \n:log error \"HOST \$HOST is not responding to ping request, reseting \$I\
    NT interface ...\"\r\
    \n/interface disable \$INT\r\
    \n:log error \"\$INT is now disabled, waiting \$DELAY ...\"\r\
    \n} else {\r\
    \n:log warning \"HOST \$HOST ping is ok, no need to take any action ...\";\
    \r\
    \n/interface enable \$INT\r\
    \n\r\
    \n}" policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    start-date=dec/15/2022 start-time=17:04:02
add interval=50s name=schedule2 on-event=":local HOST \"8.8.8.8\"\r\
    \n:local PINGCOUNT \"30\"\r\
    \n:local INT \"ether1\"\r\
    \n:local DELAY \"5s\"\r\
    \n:local sub1 ([/system identity get name])\r\
    \n:local sub2 ([/system clock get time])\r\
    \n:local sub3 ([/system clock get date])\r\
    \n:local ADMINMAIL1 \\"\r\
    \n\r\
    \n/interface enable \$INT\r\
    \n:delay \$DELAY\r\
    \n:if ([/ping \$HOST interface=ether1 interval=1 count=\$PINGCOUNT] = 0) d\
    o={\r\
    \n:log error \"Not Yet ...\"\r\
    \n/tool e-mail send to=\"\" subject=\" \
    Offline\"\r\
    \n\r\
    \n} else {\r\
    \n:log warning \"Now Oline ... \";\r\
    \n/interface enable \$INT\r\
    \n\r\
    \n}" policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    start-date=dec/15/2022 start-time=18:45:39
/tool e-mail
set address=smtp.privateemail.com from= port=465 \
    start-tls=tls-only user=
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool mac-server ping
set enabled=no
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2865
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: Queues Not Working

Mon Jan 16, 2023 9:55 am

@telecom...

PLEASE DO USE proper tags instead of posting 3 screens long configuration as a post.
Use proper tags eg. "code" one to post code
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: Queues Not Working

Mon Jan 16, 2023 7:23 pm

Thank for your tips
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: Queues Not Working

Wed Jan 18, 2023 12:15 pm

Queues Not Working ?
 
erlinden
Forum Guru
Forum Guru
Posts: 1920
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: Queues Not Working

Wed Jan 18, 2023 12:29 pm

I'm using simple queues (which work pretty straight forward). Might be sufficient for you as well?
/queue simple
add dst=[WAN interface] max-limit=100M/100M name=[ANYNAMEYOULIKE] target=[IP ADDRESS]
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: Queues Not Working

Thu Jan 19, 2023 11:45 am

I'm using simple queues (which work pretty straight forward). Might be sufficient for you as well?
/queue simple
add dst=[WAN interface] max-limit=100M/100M name=[ANYNAMEYOULIKE] target=[IP ADDRESS]
i trying to limit some websits traffice sorted in address list in firewall but i cant fin where is the issues due limitation not working

Who is online

Users browsing this forum: Ahrefs [Bot], Amazon [Bot], baragoon, bertus, ivicask, tuiespacecorp and 88 guests