Monday, September 28, 2015

Per Connection Queues on a Mikrotik Home Router

Per Connection Based Queues


Set up the address lists


/ip firewall address-list
add address=10.0.0.0/8 list="RFC 1918 Private"
add address=172.16.0.0/12 list="RFC 1918 Private"
add address=192.168.0.0/16 list="RFC 1918 Private"
add address=255.255.255.0 list="RFC 1918 Private"
add address=255.255.255.255 list="RFC 1918 Private"

/ipv6 firewall address-list
add address=2001:44b8:2143:8c00::/56 list=Local
add address=fe80::/16 list=Local

Now set up the packet tagging.


/ip firewall mangle
add action=mark-packet chain=forward dst-address-list="RFC 1918 Private" \
    new-packet-mark=MARK_LOCAL_TO_LOCAL passthrough=no src-address-list=\
    "RFC 1918 Private"
add action=mark-packet chain=forward in-interface=pppoe-out1 new-packet-mark=\
    MARK_INCOMING_HIGH_PRIORITY packet-size=0-123 passthrough=no protocol=tcp tcp-flags=\
    ack
add action=mark-packet chain=forward in-interface=pppoe-out1 new-packet-mark=\
    MARK_INCOMING_HIGH_PRIORITY passthrough=no protocol=udp src-port=53
add action=mark-packet chain=forward in-interface=pppoe-out1 new-packet-mark=\
    MARK_INCOMING_HIGH_PRIORITY passthrough=no protocol=tcp src-port=53
add action=mark-packet chain=forward in-interface=pppoe-out1 new-packet-mark=\
    MARK_INCOMING_NORMAL_PRIORITY passthrough=no
add action=mark-packet chain=forward in-interface=bridge-local new-packet-mark=\
    MARK_OUTGOING_HIGH_PRIORITY packet-size=0-123 passthrough=no protocol=tcp tcp-flags=\
    ack
add action=mark-packet chain=forward dst-port=53 in-interface=bridge-local \
    new-packet-mark=MARK_OUTGOING_HIGH_PRIORITY passthrough=no protocol=udp
add action=mark-packet chain=forward dst-port=53 in-interface=bridge-local \
    new-packet-mark=MARK_OUTGOING_HIGH_PRIORITY passthrough=no protocol=tcp
add action=mark-packet chain=forward in-interface=bridge-local new-packet-mark=\
    MARK_OUTGOING_NORMAL_PRIORITY passthrough=no
add action=mark-packet chain=forward log=yes log-prefix="Mark: should not get here" \
    new-packet-mark=error passthrough=no


/ipv6 firewall mangle
add action=mark-packet chain=forward dst-address-list=Local new-packet-mark=\
    MARK_LOCAL_TO_LOCAL passthrough=no src-address-list=Local
add action=mark-packet chain=forward in-interface=pppoe-out1 new-packet-mark=\
    MARK_INCOMING_HIGH_PRIORITY packet-size=0-123 passthrough=no protocol=tcp tcp-flags=\
    ack
add action=mark-packet chain=forward in-interface=pppoe-out1 new-packet-mark=\
    MARK_INCOMING_HIGH_PRIORITY passthrough=no protocol=udp src-port=53
add action=mark-packet chain=forward in-interface=pppoe-out1 new-packet-mark=\
    MARK_INCOMING_HIGH_PRIORITY passthrough=no protocol=tcp src-port=53
add action=mark-packet chain=forward in-interface=pppoe-out1 new-packet-mark=\
    MARK_INCOMING_NORMAL_PRIORITY passthrough=no
add action=mark-packet chain=forward in-interface=bridge-local new-packet-mark=\
    MARK_OUTGOING_HIGH_PRIORITY packet-size=0-123 passthrough=no protocol=tcp tcp-flags=\
    ack
add action=mark-packet chain=forward dst-port=53 in-interface=bridge-local \
    new-packet-mark=MARK_OUTGOING_HIGH_PRIORITY passthrough=no protocol=udp
add action=mark-packet chain=forward dst-port=53 in-interface=bridge-local \
    new-packet-mark=MARK_OUTGOING_HIGH_PRIORITY passthrough=no protocol=tcp
add action=mark-packet chain=forward in-interface=bridge-local new-packet-mark=\
    MARK_OUTGOING_NORMAL_PRIORITY passthrough=no
add action=mark-packet chain=forward new-packet-mark=error passthrough=no

Add the queue types


/queue type
add kind=pcq name=pcq-download pcq-classifier=dst-address pcq-limit=128k \
    pcq-src-address-mask=0 pcq-src-address6-mask=0
add kind=pcq name=pcq-upload pcq-classifier=src-address pcq-dst-address-mask=0 \
    pcq-dst-address6-mask=0 pcq-limit=128k

And now add the queue tree


/queue tree
add burst-limit=20M burst-time=2s limit-at=10M max-limit=18M name=Total_Upload parent=\
    global priority=1 queue=default
add burst-limit=50M burst-time=10s limit-at=25M max-limit=48M name=Total_Download \
    parent=global priority=1 queue=default
add burst-limit=2M burst-threshold=2M burst-time=2s limit-at=256k max-limit=2M name=\
    incoming_high_priority packet-mark=MARK_INCOMING_HIGH_PRIORITY parent=Total_Download \
    priority=1 queue=pcq-download
add burst-limit=50M burst-threshold=50M burst-time=2s limit-at=256k max-limit=50M name=\
    incoming_normal_priority packet-mark=MARK_INCOMING_NORMAL_PRIORITY parent=\
    Total_Download priority=2 queue=pcq-download
add burst-limit=1M burst-threshold=1M burst-time=2s limit-at=256k max-limit=1M name=\
    outgoing_high_priority packet-mark=MARK_OUTGOING_HIGH_PRIORITY parent=Total_Upload \
    priority=1 queue=pcq-upload
add burst-limit=20M burst-threshold=20M burst-time=2s limit-at=256k max-limit=20M name=\
    outgoing_normal_priority packet-mark=MARK_OUTGOING_NORMAL_PRIORITY parent=\
    Total_Upload priority=2 queue=pcq-upload


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)