Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » networking » router » mikrotik_qos
Trace: zabbix_host ftp_server
networking:router:mikrotik_qos

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
networking:router:mikrotik_qos [2014/08/20 09:00]
gcooper 		networking:router:mikrotik_qos [2019/03/14 07:57] (current)
gcooper
Line 2: Line 2:
  
 See also **[[https://www.sonoracomm.com/wiki/doku.php?do=search&id=mikrotik|other Mikrotik pages in this wiki]]** See also **[[https://www.sonoracomm.com/wiki/doku.php?do=search&id=mikrotik|other Mikrotik pages in this wiki]]**
 +
 +https://www.mikrotik-routeros.com/2014/05/the-mother-of-all-qos-trees-v6-0/
  
 **Background**: http://www.rhyshaden.com/qos.htm **Background**: http://www.rhyshaden.com/qos.htm
 +
 +**Background**: http://wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 +
 +**Marking Connections**: http://forum.mikrotik.com/viewtopic.php?t=49106#p249410
 +
 +**Bridged**: http://wiki.mikrotik.com/wiki/TransparentTrafficShaper
  
 **Snom Wiki**: http://wiki.snom.com/Category:HowTo:QoS **Snom Wiki**: http://wiki.snom.com/Category:HowTo:QoS
Line 33: Line 41:
 ^ ^Voice Bearer  ^Control ^Video      ^ ^ ^Voice Bearer  ^Control ^Video      ^
 |DSCP |46 (EF)       |24 (CS3) |34 (AF41)  | |DSCP |46 (EF)       |24 (CS3) |34 (AF41)  |
-|COS |5        |3            |4          |+|COS |5        |3               |4          |
  
 ==== More Complete Chart ==== ==== More Complete Chart ====
  
 {{ :networking:router:dscp_tos.png |DSCP Conversion Chart}} {{ :networking:router:dscp_tos.png |DSCP Conversion Chart}}
 +
 +===== Throttle Traffic =====
 +
 +You can use Simple Queues to throttle all traffic to or from an IP address.
 +
 +  * Throttle Printer Traffic
 +
 +{{ :networking:router:mikrotik_simple_queues_printers.png?750 |Simple Queues}}
 +
 +===== Lite Script =====
 +
 +FIXME Untested
 +
 +:!: This script may be appropriate in a CPE router with an IP PBX behind it.
 +
 +http://forum.mikrotik.com/viewtopic.php?f=13&t=73214#p371300
 +
 +  * This is a very simple script with just two levels of priority
 +    * It prioritizes VoIP and that's it
 +  * Internet service in this example is 5M down and 1M up
 +  * Max-limit is the maximum amount that marked traffic may reach
 +    * This is necessary for the algorithms to function and must not be 0
 +    * Choose a value 80%-90% of your tested speed to prevent the ISP's equipment from [[http://forum.mikrotik.com/viewtopic.php?f=13&t=73214&p=371363#p371361|buffering]]
 +  * Replace ''192.168.100.5'' withthe IP of your IP-PBX
 +
 +<file>
 +# Qos Script Lite v1.0
 +# September 7, 2013
 +# Compatible with RouterOS 6.3
 +# Rename ether-WAN and ether-LAN to match your environment
 + 
 +# Mark all UDP traffic for an IP-PBX.
 +/ip firewall mangle
 +add chain=forward action=mark-connection protocol=udp   src-address=192.168.100.5 connection-state=new new-connection-mark="VOIP" comment="IP-PBX"
 +add chain=forward action=mark-packet     passthrough=no connection-mark="VOIP"    new-packet-mark="VOIP"
 +add chain=forward action=mark-connection protocol=udp   dst-address=192.168.100.5 connection-state=new new-connection-mark="VOIP"
 +add chain=forward action=mark-packet     passthrough=no connection-mark="VOIP"    new-packet-mark="VOIP"
 + 
 +# Mark everything else.
 +add chain=forward action=mark-connection connection-mark=no-mark                  new-connection-mark="OTHER" comment="OTHER"
 +add chain=forward action=mark-packet     passthrough=no connection-mark="OTHER"   new-packet-mark="OTHER"
 + 
 +# Create two queue trees set to 90% of ISP Internet service.
 +/queue tree
 +add name="LEVEL_A_UP"   parent=ether-WAN queue=default max-limit=900k
 +add name="LEVEL_A_DOWN" parent=ether-LAN queue=default max-limit=4M
 +add name="LEVEL_B_UP"   parent=ether-WAN queue=default max-limit=900k
 +add name="LEVEL_B_DOWN" parent=ether-LAN queue=default max-limit=4M
 + 
 +# Add our marked connections as children of queue so priority works.
 +add name="VOIP_U"       parent="LEVEL_A_UP"   packet-mark="VOIP"  queue=default priority=1
 +add name="VOIP_D"       parent="LEVEL_A_DOWN" packet-mark="VOIP"  queue=default priority=1
 +add name="OTHER_U"      parent="LEVEL_B_UP"   packet-mark="OTHER" queue=default priority=2
 +add name="OTHER_D"      parent="LEVEL_B_DOWN" packet-mark="OTHER" queue=default priority=2
 +</file>
 +
 +===== More Flexible Script =====
 +
 +http://forum.mikrotik.com/viewtopic.php?f=13&t=73214#p371301
 +
 +FIXME Untested
 +
 +<file>
 +# Date: November 11, 2013
 +# Version: 1.2
 +# Tested with RouterOS 6.6
 +# Rename ether-WAN and ether-LAN to match your environment
 + 
 + 
 + 
 +###############################################################################
 +# Mangle
 +#
 +# Using prerouting/postrouting since we don't have dst or src checks.
 +#
 +/ip firewall mangle
 +###############################################################################
 + 
 +# DNS requests. Mark in two places because DNS is sent out by the router (itself) too.
 +add chain=prerouting  action=mark-connection protocol=udp   port=53 connection-state=new new-connection-mark="DNS"  comment="DNS"
 +add chain=prerouting  action=mark-packet     passthrough=no connection-mark="DNS"        new-packet-mark="DNS"
 +add chain=postrouting action=mark-connection protocol=udp   port=53 connection-state=new new-connection-mark="DNS"
 +add chain=postrouting action=mark-packet     passthrough=no connection-mark="DNS"        new-packet-mark="DNS"
 + 
 +# Mark all VoIP traffic. We've set all our equiptment to use SIP 5060,5061 and RTP 10000-20000.
 +add chain=prerouting  action=mark-connection protocol=udp   port=5060,5061,10000-20000   new-connection-mark="VOIP" comment="VOIP"
 +add chain=prerouting  action=mark-packet     passthrough=no connection-mark="VOIP"       new-packet-mark="VOIP"
 + 
 +# Mark all UDP traffic. Mark different UDP streams if you want more granularity.
 +add chain=prerouting  action=mark-connection protocol=udp   connection-state=new         new-connection-mark="UDP" comment="UDP"
 +add chain=prerouting  action=mark-packet     passthrough=no connection-mark="UDP"        new-packet-mark="UDP"
 + 
 +# Ping replies. Mark in two places because ICMP is sent out by the router (itself) too.
 +add chain=prerouting  action=mark-connection protocol=icmp  connection-state=new         new-connection-mark="ICMP" comment="ICMP"
 +add chain=prerouting  action=mark-packet     passthrough=no connection-mark="ICMP"       new-packet-mark="ICMP"
 +add chain=postrouting action=mark-connection protocol=icmp  connection-state=new         new-connection-mark="ICMP"
 +add chain=postrouting action=mark-packet     passthrough=no connection-mark="ICMP"       new-packet-mark="ICMP"
 + 
 +# ACK traffic. Based on viewtopic.php?f=2&t=67965
 +add chain=postrouting action=mark-packet passthrough=no protocol=tcp tcp-flags=ack packet-size=0-123 new-packet-mark="ACK" comment="ACK"
 +add chain=prerouting  action=mark-packet passthrough=no protocol=tcp tcp-flags=ack packet-size=0-123 new-packet-mark="ACK"
 + 
 +# Mark all new HTTP(s) connections with "HTTP" if they have not previously been marked as "HTTP_BIG".
 +# If the current mark of "HTTP" tranfers more than 5MB and at a rate of 200k+ then mark it as "HTTP_BIG" for the duration of the TCP session.
 +add chain=prerouting  action=mark-connection protocol=tcp   connection-mark=!"HTTP_BIG"  new-connection-mark="HTTP"     connection-state=new      port=80,443  comment="HTTP"
 +add chain=prerouting  action=mark-connection protocol=tcp   connection-mark="HTTP"       new-connection-mark="HTTP_BIG" connection-bytes=500000-0 connection-rate=200k-100M
 +add chain=prerouting  action=mark-packet     passthrough=no connection-mark="HTTP_BIG"   new-packet-mark="HTTP_BIG"    
 +add chain=prerouting  action=mark-packet     passthrough=no connection-mark="HTTP"       new-packet-mark="HTTP"
 + 
 +# Mark everything else that has no mark applied.
 +add chain=prerouting action=mark-connection  connection-mark=no-mark                     new-connection-mark="OTHER" comment="OTHER"
 +add chain=prerouting action=mark-packet      passthrough=no connection-mark="OTHER"      new-packet-mark="OTHER"
 + 
 + 
 + 
 +###############################################################################
 +# HTB Queue Tree a unidirectional queue
 +#
 +# Based on 90% of 1Mup/5Mdown Internet service.
 +#
 +# Notes:
 +# priority means 'drop packets' WHEN needed.
 +# When limit-at=0   priority starts when max-limit is reached.
 +# When limit-at=123 priority starts when limit-at is reached.
 +#
 +# The priority option applies to children not parents. Parent is for setting
 +# overall limits. Therefore use limit-at and max-limit on the children if
 +# you want more granularity.
 +#
 +# max-limit must always be set or priority will not happen.
 +#
 +# Tips for TCP (not VoIP) SOHO network:
 +# limit-at  = Total bandwidth / max hosts
 +# max-limit = Total bandwidth / min hosts
 +#
 +/queue tree
 +###############################################################################
 + 
 +# The secret to ensuring VoIP quality (or any UDP traffic) is to put it into
 +# a queue that will never be full and thus never prioritize (drop) packets.
 +add name="LEVEL_A_UP"   parent=ether-WAN  queue=default max-limit=900k
 +add name="LEVEL_A_DOWN" parent=ether-LAN  queue=default max-limit=4M
 + 
 +# Next, create a queue for high priority traffic.
 +add name="LEVEL_B_UP"   parent=ether-WAN  queue=default max-limit=900k
 +add name="LEVEL_B_DOWN" parent=ether-LAN  queue=default max-limit=4M
 + 
 +# Finally, create a queues for traffic that normally exceeds levels.
 +add name="LEVEL_C_UP"   parent=ether-WAN  queue=default max-limit=900k
 +add name="LEVEL_C_DOWN" parent=ether-LAN  queue=default max-limit=4M
 + 
 +# A
 +add name="VOIP_U"       parent="LEVEL_A_UP"    packet-mark="VOIP"     queue=default priority=1
 +add name="VOIP_D"       parent="LEVEL_A_DOWN"  packet-mark="VOIP"     queue=default priority=1
 +# B
 +add name="ACK_U"        parent="LEVEL_B_UP"    packet-mark="ACK"      queue=default priority=1
 +add name="ACK_D"        parent="LEVEL_B_DOWN"  packet-mark="ACK"      queue=default priority=1
 +add name="DNS_U"        parent="LEVEL_B_UP"    packet-mark="DNS"      queue=default priority=2
 +add name="DNS_D"        parent="LEVEL_B_DOWN"  packet-mark="DNS"      queue=default priority=2
 +add name="UDP_U"        parent="LEVEL_B_UP"    packet-mark="UDP"      queue=default priority=3
 +add name="UDP_D"        parent="LEVEL_B_DOWN"  packet-mark="UDP"      queue=default priority=3
 +add name="ICMP_U"       parent="LEVEL_B_UP"    packet-mark="ICMP"     queue=default priority=4
 +add name="ICMP_D"       parent="LEVEL_B_DOWN"  packet-mark="ICMP"     queue=default priority=4
 +# C
 +add name="HTTP_U"       parent="LEVEL_C_UP"    packet-mark="HTTP"     queue=default priority=1
 +add name="HTTP_D"       parent="LEVEL_C_DOWN"  packet-mark="HTTP"     queue=default priority=1
 +add name="HTTP_BIG_U"   parent="LEVEL_C_UP"    packet-mark="HTTP_BIG" queue=default priority=2
 +add name="HTTP_BIG_D"   parent="LEVEL_C_DOWN"  packet-mark="HTTP_BIG" queue=default priority=2
 +add name="OTHER_U"      parent="LEVEL_C_UP"    packet-mark="OTHER"    queue=default priority=3
 +add name="OTHER_D"      parent="LEVEL_C_DOWN"  packet-mark="OTHER"    queue=default priority=3
 +</file>
networking/router/mikrotik_qos.1408546800.txt.gz · Last modified: 2014/08/20 09:00 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki