How to apply different limits for Local/Overseas traffic: Difference between revisions
No edit summary |
No edit summary |
||
Line 3: | Line 3: | ||
Oversea traffic - traffic that doesn't belong to the Local country traffic. | Oversea traffic - traffic that doesn't belong to the Local country traffic. | ||
To distinguish oversea traffic from Local country traffic, we will use 'mangle marks' and 'address-list' features. It will place marks to the packets to/from the Local country | To distinguish oversea traffic from Local country traffic, we will use 'mangle marks' and 'address-list' features. It will place appropriate marks to the packets to/from the Local country and Oversea networks. | ||
Local traffic is ' | Local traffic is 'latvian traffic' in the particular example, list of network numbers belonging to ISPs in Latvia can be extracted from file: | ||
http://www.nic.lv/local.net | http://www.nic.lv/local.net | ||
'address-list' | |||
Note, 'address-list' entries should be replaced with respective addresses, if your router isn't located in Latvia. To find the actual list of network numbers belonging to your country, use Google or any other resources. | |||
Simple queues will limit data rate for the Local country traffic and Oversea traffic. | Simple queues will limit data rate for the Local country traffic and Oversea traffic. | ||
==Quick Start for Impatient== | |||
Configuration export from the router: | |||
<pre> | |||
/ ip firewall address-list | |||
add list=Latvia address=159.148.0.0/16 comment="" disabled=no | |||
add list=Latvia address=193.41.195.0/24 comment="" disabled=no | |||
add list=Latvia address=193.41.33.0/24 comment="" disabled=no | |||
add list=Latvia address=193.41.45.0/24 comment="" disabled=no | |||
add list=Latvia address=193.68.64.0/19 comment="" disabled=no | |||
add list=Latvia address=193.108.29.0/24 comment="" disabled=no | |||
add list=Latvia address=193.108.144.0/22 comment="" disabled=no | |||
add list=Latvia address=193.108.185.0/24 comment="" disabled=no | |||
add list=Latvia address=193.109.211.0/24 comment="" disabled=no | |||
add list=Latvia address=193.109.85.0/24 comment="" disabled=no | |||
add list=Latvia address=193.110.8.0/23 comment="" disabled=no | |||
add list=Latvia address=193.110.164.0/23 comment="" disabled=no | |||
... | |||
add list=Latvia address=193.111.244.0/22 comment="" disabled=no | |||
/ ip firewall mangle | |||
add chain=prerouting src-address=192.168.100.0/24 action=mark-connection \ | |||
new-connection-mark="Con Entire Traffic" passthrough=yes \ | |||
comment="Mark-connection All Traffic" disabled=no | |||
add chain=prerouting src-address=192.168.100.0/24 connection-mark="Con Entire \ | |||
Traffic" dst-address-list=!Latvia action=mark-connection \ | |||
new-connection-mark="Con Oversea" passthrough=yes comment="Mark-connection \ | |||
Oversea Traffic" disabled=no | |||
add chain=prerouting connection-mark="Con Oversea" action=mark-packet \ | |||
new-packet-mark="Oversea traffic" passthrough=no comment="Mark-packet \ | |||
Oversea Traffic" disabled=no | |||
add chain=prerouting action=mark-packet new-packet-mark="Local Country Traffic" \ | |||
passthrough=no comment="Mark-packet Local Country Traffic" disabled=no | |||
/ queue simple | |||
add name="queue1" target-addresses=192.168.100.254/32 dst-address=0.0.0.0/0 \ | |||
interface=all parent=none packet-marks="Oversea traffic" direction=both \ | |||
priority=8 queue=default-small/default-small limit-at=0/0 \ | |||
max-limit=256000/256000 total-queue=default-small disabled=yes | |||
add name="queue4" target-addresses=192.168.100.254/32 dst-address=0.0.0.0/0 \ | |||
interface=all parent=none packet-marks="Local Traffic" direction=both \ | |||
priority=8 queue=default-small/default-small limit-at=0/0 \ | |||
max-limit=1024000/1024000 total-queue=default-small disabled=yes | |||
</pre> | |||
==Explanation== | |||
===Address-list=== |
Revision as of 17:25, 26 September 2006
Introduction
Let us consider the scenario, when you want to apply different limit to Local and Oversea traffic. Oversea traffic - traffic that doesn't belong to the Local country traffic.
To distinguish oversea traffic from Local country traffic, we will use 'mangle marks' and 'address-list' features. It will place appropriate marks to the packets to/from the Local country and Oversea networks. Local traffic is 'latvian traffic' in the particular example, list of network numbers belonging to ISPs in Latvia can be extracted from file: http://www.nic.lv/local.net
Note, 'address-list' entries should be replaced with respective addresses, if your router isn't located in Latvia. To find the actual list of network numbers belonging to your country, use Google or any other resources.
Simple queues will limit data rate for the Local country traffic and Oversea traffic.
Quick Start for Impatient
Configuration export from the router:
/ ip firewall address-list add list=Latvia address=159.148.0.0/16 comment="" disabled=no add list=Latvia address=193.41.195.0/24 comment="" disabled=no add list=Latvia address=193.41.33.0/24 comment="" disabled=no add list=Latvia address=193.41.45.0/24 comment="" disabled=no add list=Latvia address=193.68.64.0/19 comment="" disabled=no add list=Latvia address=193.108.29.0/24 comment="" disabled=no add list=Latvia address=193.108.144.0/22 comment="" disabled=no add list=Latvia address=193.108.185.0/24 comment="" disabled=no add list=Latvia address=193.109.211.0/24 comment="" disabled=no add list=Latvia address=193.109.85.0/24 comment="" disabled=no add list=Latvia address=193.110.8.0/23 comment="" disabled=no add list=Latvia address=193.110.164.0/23 comment="" disabled=no ... add list=Latvia address=193.111.244.0/22 comment="" disabled=no / ip firewall mangle add chain=prerouting src-address=192.168.100.0/24 action=mark-connection \ new-connection-mark="Con Entire Traffic" passthrough=yes \ comment="Mark-connection All Traffic" disabled=no add chain=prerouting src-address=192.168.100.0/24 connection-mark="Con Entire \ Traffic" dst-address-list=!Latvia action=mark-connection \ new-connection-mark="Con Oversea" passthrough=yes comment="Mark-connection \ Oversea Traffic" disabled=no add chain=prerouting connection-mark="Con Oversea" action=mark-packet \ new-packet-mark="Oversea traffic" passthrough=no comment="Mark-packet \ Oversea Traffic" disabled=no add chain=prerouting action=mark-packet new-packet-mark="Local Country Traffic" \ passthrough=no comment="Mark-packet Local Country Traffic" disabled=no / queue simple add name="queue1" target-addresses=192.168.100.254/32 dst-address=0.0.0.0/0 \ interface=all parent=none packet-marks="Oversea traffic" direction=both \ priority=8 queue=default-small/default-small limit-at=0/0 \ max-limit=256000/256000 total-queue=default-small disabled=yes add name="queue4" target-addresses=192.168.100.254/32 dst-address=0.0.0.0/0 \ interface=all parent=none packet-marks="Local Traffic" direction=both \ priority=8 queue=default-small/default-small limit-at=0/0 \ max-limit=1024000/1024000 total-queue=default-small disabled=yes