Bandwith control on ADSL link
Contents
Bandwith control on ADSL link
Scenario
I used the MikroTok / RouterOS as my gateway to the Internet. It servers as a PPPoE-client (as my ISP uses PPPoE over ASDL), a router and AP. It does the job perfectly, but with a range of different clients connected, some more "important" that other, and a relatively slow internet-connection, I want to shape and prioritize the the traffic going to and from the internet.
Here is a quick network map:
Notes:
- ADSL is a PPPoE-interface. It's running on ether1, as ether1 is the port connected to the ADSL-modem.
- wan1 and ether3 is slaves in bridge1. They do not have any IP.
- bridge1 has 192.168.10.1/24 as it's IP and net.
- I use NAT/Masquerading to provied connectivity to all clients.
- The ADSL link-speed is: 5000/500 kbps
Clients
| Client | IP | Priority | Notes |
|---|---|---|---|
| Server | 192.168.10.5 | Depends on service, see below | Running Bittorrent, SSH (as services available on the Internet) |
| Playstation 3 | 192.168.10.6 | 3 | Used for gaming, need enough bandwidth and low latency. High priority. |
| Dreambox | 192.168.10.7 | 1 | TV Set-up box. Need minimum bandwidth, but it of highest priority |
| Logitech Squeezebox | 192.168.10.8 | 2 | Music and Internet radio. Needs seldom more than 160kbps, and almost no upload. Very high priority. |
| Workstations | 192.168.10.10-.50 | Low, except icmp and ssh. | Typical workstation. No gaming. |
| Guests | 192.168.10.100-.200 | Lowest, except icmp and ssh. | Lowest priority, except from bittorrent. |
Services
| Service | Port/Protocol | Priority | Target | Notes |
|---|---|---|---|---|
| ICMP | icmp | Highest | All | - |
| SSH | 22/tcp | High | All | Need to be responsive |
| Bittorrent | 33600-33604/tcp | Low | 192.168.10.5 | - |
| Everything else | - | Medium | All | - |
The task
What I want to do is to shape and prioritize the traffic to get an effective Internet-connection. The goals are:
- Since the ADSL modem has a small buffer and a tendency to slow everything down when it's full, the MikroTik must never send more than 95% of the up- and download-speed of my line.
- When the Dreambox wants to talk, it will get the highest priority, regardless of bandwidth requirements.
- ICMP is the second most important. Bandwidth is low, but not specified.
- The Squeezebox needs a CIR (Committed Information Rate) - a guaranteed data rate, since it's going to stream Internet Radio.
- The Playstation 3 is also of high priority. Latency need to be low and it also needs a CIR.
- SSH is a protocol which benefits of low latency. It does not need a CIR.
- Bittorrent has the lowest priority. Only when everybody else is satisfied, Bittorrent can get in line.
- All other traffic will get a default priority.
- Both the server, the clients in the workstation-range and in the guest-range will get a CIR.
- If there is spare bandwidth, share it! So if the only client is the server, running Bittorrent, it gets 100%!
- These rules applies only to traffic going in and out of the PPPoE interface (named ADSL).
Challenge 1: Limit down- and upload speed
Since the ADSL modem has a small buffer and a tendency to slow everything down when it's full, the MikroTik must never send more than about 95% of the up- and download-speed of my line. After some bandwidth-test I figured out I had a real speed of 5660/563. Using that, I started with the challenge of limiting the data-traffic.
First of I need to mark all traffic with a name (users). All traffic is coming from the 192.168.10.0/24-network, so we use it as src-address:
/ip firewall mangle add chain=forward src-address=192.168.10.0/24 action=mark-connection new-connection-mark=users-con /ip firewall mangle add connection-mark=users-con action=mark-packet new-packet-mark=users chain=forward
Then I added 2 new PCQ types. The first, called DSL-download will group all traffic by destination address. As we will attach this queue type to the bridge1 interface, it will create a dynamic queue for each destination address (user) which is downloading to the network 192.168.10.0/24. The second type, called dsl-upload will group the traffic by source address. We will attach this queue to the ADSL interface so it will make one dynamic queue for each user who is uploading to Internet from the local network 192.168.10.0/24.
/queue type add name=DSL-download kind=pcq pcq-classifier=dst-address /queue type add name=DSL-upload kind=pcq pcq-classifier=src-address
Finally I add a queue-tree to actually limit the traffic, using 90-05% of my real up- and download speed:
/queue tree add name=Download parent=bridge1 max-limit=5300k /queue tree add parent=Download queue=DSL-download packet-mark=users /queue tree add name=Upload parent=ADSL max-limit=530k /queue tree add parent=Upload queue=DLS-upload packet-mark=users
(Moved from User:Sitron personal page. Nest is NOT the original author!)
