Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » networking » router » mikrotik_qos
Trace: mikrotik_qos
networking:router:mikrotik_qos

Table of Contents

Mikrotik QoS

See also other Mikrotik pages in this wiki

https://www.mikrotik-routeros.com/2014/05/the-mother-of-all-qos-trees-v6-0/

Background: http://www.rhyshaden.com/qos.htm

Background: http://wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service

Marking Connections: http://forum.mikrotik.com/viewtopic.php?t=49106#p249410

Bridged: http://wiki.mikrotik.com/wiki/TransparentTrafficShaper

Snom Wiki: http://wiki.snom.com/Category:HowTo:QoS

Service Provider: http://wiki.mikrotik.com/wiki/Traffic_Priortization,_RouterOS_QoS_Implemetation

Script: http://wiki.mikrotik.com/wiki/Traffic_Prioritization_Script

Enterprise QoS – A consistent QoS strategy: http://ethancbanks.com/2013/09/16/enterprise-qos-part-00-series-introduction/

http://gregsowell.com/?p=4665

These are notes on traffic prioritization with Mikrotik routers.

Generic QoS Comments

There is layer 2 and layer 3 QoS.

Layer 2 is in practice VLANs, where you give the packets in that VLAN a higher priority than packets in the default VLAN. The Ethernet switch is here the device that you need to control. If you do it right, you can have an ISDN-like quality level in your LAN, even if there is very heavy traffic in the LAN. You can set that up manually, but better is to use LLDP which is a kind of DHCP for the VLAN.

Layer 3 is using some bits in the IP header to tell the router with what priority the packet needs to be routed. The point here is that you need to have the router under your control. Those QoS bits are practically never used when you send a packet over the public Internet. But you can use them, for example, if you have a large corporate network where you control the routers.

From the PBX perspective, the PBX stays out of the discussion. You need to make sure that the PBX has an interface that has the VLAN set up correctly. The PBX tags (like the phones) the packets with reasonable bits on layer 3, so that the subsequent routers can process the packet accordingly.

DSCP and ToS Conversion

Quickie Chart

Voice Bearer Control Video
DSCP 46 (EF) 24 (CS3) 34 (AF41)
COS 5 3 4

More Complete Chart

DSCP Conversion Chart

Throttle Traffic

You can use Simple Queues to throttle all traffic to or from an IP address.

  • Throttle Printer Traffic

Simple Queues

Lite Script

FIXME Untested

:!: This script may be appropriate in a CPE router with an IP PBX behind it.

http://forum.mikrotik.com/viewtopic.php?f=13&t=73214#p371300

  • This is a very simple script with just two levels of priority
    • It prioritizes VoIP and that's it
  • Internet service in this example is 5M down and 1M up
  • Max-limit is the maximum amount that marked traffic may reach
    • This is necessary for the algorithms to function and must not be 0
    • Choose a value 80%-90% of your tested speed to prevent the ISP's equipment from buffering
  • Replace 192.168.100.5 withthe IP of your IP-PBX
# Qos Script Lite v1.0
# September 7, 2013
# Compatible with RouterOS 6.3
# Rename ether-WAN and ether-LAN to match your environment
 
# Mark all UDP traffic for an IP-PBX.
/ip firewall mangle
add chain=forward action=mark-connection protocol=udp   src-address=192.168.100.5 connection-state=new new-connection-mark="VOIP" comment="IP-PBX"
add chain=forward action=mark-packet     passthrough=no connection-mark="VOIP"    new-packet-mark="VOIP"
add chain=forward action=mark-connection protocol=udp   dst-address=192.168.100.5 connection-state=new new-connection-mark="VOIP"
add chain=forward action=mark-packet     passthrough=no connection-mark="VOIP"    new-packet-mark="VOIP"
 
# Mark everything else.
add chain=forward action=mark-connection connection-mark=no-mark                  new-connection-mark="OTHER" comment="OTHER"
add chain=forward action=mark-packet     passthrough=no connection-mark="OTHER"   new-packet-mark="OTHER"
 
# Create two queue trees set to 90% of ISP Internet service.
/queue tree
add name="LEVEL_A_UP"   parent=ether-WAN queue=default max-limit=900k
add name="LEVEL_A_DOWN" parent=ether-LAN queue=default max-limit=4M
add name="LEVEL_B_UP"   parent=ether-WAN queue=default max-limit=900k
add name="LEVEL_B_DOWN" parent=ether-LAN queue=default max-limit=4M
 
# Add our marked connections as children of queue so priority works.
add name="VOIP_U"       parent="LEVEL_A_UP"   packet-mark="VOIP"  queue=default priority=1
add name="VOIP_D"       parent="LEVEL_A_DOWN" packet-mark="VOIP"  queue=default priority=1
add name="OTHER_U"      parent="LEVEL_B_UP"   packet-mark="OTHER" queue=default priority=2
add name="OTHER_D"      parent="LEVEL_B_DOWN" packet-mark="OTHER" queue=default priority=2

More Flexible Script

http://forum.mikrotik.com/viewtopic.php?f=13&t=73214#p371301

FIXME Untested 

# Date: November 11, 2013
# Version: 1.2
# Tested with RouterOS 6.6
# Rename ether-WAN and ether-LAN to match your environment
 
 
 
###############################################################################
# Mangle
#
# Using prerouting/postrouting since we don't have dst or src checks.
#
/ip firewall mangle
###############################################################################
 
# DNS requests. Mark in two places because DNS is sent out by the router (itself) too.
add chain=prerouting  action=mark-connection protocol=udp   port=53 connection-state=new new-connection-mark="DNS"  comment="DNS"
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="DNS"        new-packet-mark="DNS"
add chain=postrouting action=mark-connection protocol=udp   port=53 connection-state=new new-connection-mark="DNS"
add chain=postrouting action=mark-packet     passthrough=no connection-mark="DNS"        new-packet-mark="DNS"
 
# Mark all VoIP traffic. We've set all our equiptment to use SIP 5060,5061 and RTP 10000-20000.
add chain=prerouting  action=mark-connection protocol=udp   port=5060,5061,10000-20000   new-connection-mark="VOIP" comment="VOIP"
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="VOIP"       new-packet-mark="VOIP"
 
# Mark all UDP traffic. Mark different UDP streams if you want more granularity.
add chain=prerouting  action=mark-connection protocol=udp   connection-state=new         new-connection-mark="UDP" comment="UDP"
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="UDP"        new-packet-mark="UDP"
 
# Ping replies. Mark in two places because ICMP is sent out by the router (itself) too.
add chain=prerouting  action=mark-connection protocol=icmp  connection-state=new         new-connection-mark="ICMP" comment="ICMP"
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="ICMP"       new-packet-mark="ICMP"
add chain=postrouting action=mark-connection protocol=icmp  connection-state=new         new-connection-mark="ICMP"
add chain=postrouting action=mark-packet     passthrough=no connection-mark="ICMP"       new-packet-mark="ICMP"
 
# ACK traffic. Based on viewtopic.php?f=2&t=67965
add chain=postrouting action=mark-packet passthrough=no protocol=tcp tcp-flags=ack packet-size=0-123 new-packet-mark="ACK" comment="ACK"
add chain=prerouting  action=mark-packet passthrough=no protocol=tcp tcp-flags=ack packet-size=0-123 new-packet-mark="ACK"
 
# Mark all new HTTP(s) connections with "HTTP" if they have not previously been marked as "HTTP_BIG".
# If the current mark of "HTTP" tranfers more than 5MB and at a rate of 200k+ then mark it as "HTTP_BIG" for the duration of the TCP session.
add chain=prerouting  action=mark-connection protocol=tcp   connection-mark=!"HTTP_BIG"  new-connection-mark="HTTP"     connection-state=new      port=80,443  comment="HTTP"
add chain=prerouting  action=mark-connection protocol=tcp   connection-mark="HTTP"       new-connection-mark="HTTP_BIG" connection-bytes=500000-0 connection-rate=200k-100M
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="HTTP_BIG"   new-packet-mark="HTTP_BIG"    
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="HTTP"       new-packet-mark="HTTP"
 
# Mark everything else that has no mark applied.
add chain=prerouting action=mark-connection  connection-mark=no-mark                     new-connection-mark="OTHER" comment="OTHER"
add chain=prerouting action=mark-packet      passthrough=no connection-mark="OTHER"      new-packet-mark="OTHER"
 
 
 
###############################################################################
# HTB Queue Tree a unidirectional queue
#
# Based on 90% of 1Mup/5Mdown Internet service.
#
# Notes:
# priority means 'drop packets' WHEN needed.
# When limit-at=0   priority starts when max-limit is reached.
# When limit-at=123 priority starts when limit-at is reached.
#
# The priority option applies to children not parents. Parent is for setting
# overall limits. Therefore use limit-at and max-limit on the children if
# you want more granularity.
#
# max-limit must always be set or priority will not happen.
#
# Tips for TCP (not VoIP) SOHO network:
# limit-at  = Total bandwidth / max hosts
# max-limit = Total bandwidth / min hosts
#
/queue tree
###############################################################################
 
# The secret to ensuring VoIP quality (or any UDP traffic) is to put it into
# a queue that will never be full and thus never prioritize (drop) packets.
add name="LEVEL_A_UP"   parent=ether-WAN  queue=default max-limit=900k
add name="LEVEL_A_DOWN" parent=ether-LAN  queue=default max-limit=4M
 
# Next, create a queue for high priority traffic.
add name="LEVEL_B_UP"   parent=ether-WAN  queue=default max-limit=900k
add name="LEVEL_B_DOWN" parent=ether-LAN  queue=default max-limit=4M
 
# Finally, create a queues for traffic that normally exceeds levels.
add name="LEVEL_C_UP"   parent=ether-WAN  queue=default max-limit=900k
add name="LEVEL_C_DOWN" parent=ether-LAN  queue=default max-limit=4M
 
# A
add name="VOIP_U"       parent="LEVEL_A_UP"    packet-mark="VOIP"     queue=default priority=1
add name="VOIP_D"       parent="LEVEL_A_DOWN"  packet-mark="VOIP"     queue=default priority=1
# B
add name="ACK_U"        parent="LEVEL_B_UP"    packet-mark="ACK"      queue=default priority=1
add name="ACK_D"        parent="LEVEL_B_DOWN"  packet-mark="ACK"      queue=default priority=1
add name="DNS_U"        parent="LEVEL_B_UP"    packet-mark="DNS"      queue=default priority=2
add name="DNS_D"        parent="LEVEL_B_DOWN"  packet-mark="DNS"      queue=default priority=2
add name="UDP_U"        parent="LEVEL_B_UP"    packet-mark="UDP"      queue=default priority=3
add name="UDP_D"        parent="LEVEL_B_DOWN"  packet-mark="UDP"      queue=default priority=3
add name="ICMP_U"       parent="LEVEL_B_UP"    packet-mark="ICMP"     queue=default priority=4
add name="ICMP_D"       parent="LEVEL_B_DOWN"  packet-mark="ICMP"     queue=default priority=4
# C
add name="HTTP_U"       parent="LEVEL_C_UP"    packet-mark="HTTP"     queue=default priority=1
add name="HTTP_D"       parent="LEVEL_C_DOWN"  packet-mark="HTTP"     queue=default priority=1
add name="HTTP_BIG_U"   parent="LEVEL_C_UP"    packet-mark="HTTP_BIG" queue=default priority=2
add name="HTTP_BIG_D"   parent="LEVEL_C_DOWN"  packet-mark="HTTP_BIG" queue=default priority=2
add name="OTHER_U"      parent="LEVEL_C_UP"    packet-mark="OTHER"    queue=default priority=3
add name="OTHER_D"      parent="LEVEL_C_DOWN"  packet-mark="OTHER"    queue=default priority=3
networking/router/mikrotik_qos.txt · Last modified: 2019/03/14 07:57 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki