Community discussions

MikroTik App
 
User avatar
DuDuS
newbie
Topic Author
Posts: 30
Joined: Sat May 29, 2004 1:06 pm
Location: POLAND
Contact:

when connection limit for UDP ?

Wed Aug 31, 2005 2:17 am

Hi all.

I need for limit UDP connections in MT.
Now I can limit only TCP connections.

Question for MT Team, when You will add this function to RouterOS ?

Best regards
 
changeip
Forum Guru
Forum Guru
Posts: 3806
Joined: Fri May 28, 2004 5:22 pm

Wed Aug 31, 2005 2:45 am

UDP is connection-less, meaning there is no such thing as true connection. You can limit packet rates of UDP though just like any other limiting. Use something like this if you are concerned about too many packets per second of UDP:

chain=input in-interface=1-coxBiz protocol=udp limit=5,5
connection-state=new action=log log-prefix="UDPLIMIT"

not sure the connection-state=new does anything but I think so if you have connection-tracking turned on. There really isn't such a thing as connections in UDP but the stateful firewall will keep track of them. You can see in the firewall / connections tab there are UDP connections being tracked, so as far as MT goes you can limit just like anything else.

Sam
 
User avatar
DuDuS
newbie
Topic Author
Posts: 30
Joined: Sat May 29, 2004 1:06 pm
Location: POLAND
Contact:

Wed Aug 31, 2005 2:47 pm

this is rule limiting 5 UDP packet/s on each ip ? or it is 5packet/s for all network?

what services can work worse with this rule ?

Best Regards
DuDuS
 
changeip
Forum Guru
Forum Guru
Posts: 3806
Joined: Fri May 28, 2004 5:22 pm

Wed Aug 31, 2005 7:04 pm

This was an example that it could be done, not that it should be done. Who knows what will break ... Im sure DNS queries would be affected which then causes all hell to break loose : ) You would want to set that burst limit VERY high for dos protection only - not sure what else you would use it for. One of the best options is to turn the connection-tracking timeout on UDP down to like 5s or something minimal.

Sam
 
User avatar
larmaid
Member Candidate
Member Candidate
Posts: 177
Joined: Tue Aug 30, 2005 3:06 pm

Wed Sep 07, 2005 1:34 pm

hi dudus..
can u tell me how to limiting a network bandwidth using tcp with 2 network and 2 config..?
thanks
i like it

Who is online

Users browsing this forum: Kuba1301, MSN [Bot], sri2007 and 96 guests