Difference between revisions of "Different limits for Local/Overseas traffic for 3 bandwitch rates using pcq and queue tree"

From MikroTik Wiki
Jump to: navigation, search
(1. Introduction)
 
(12 intermediate revisions by 6 users not shown)
Line 1: Line 1:
==Introdution==
+
==1. Introduction==
Let's consider the scenario, when you want to apply different limits for many users to Local and Oversea traffic and don`t want load cpu with a lot of simple queues and you want sell for customers 3 bandwitch rates.
 
1. 12/6 Mbps Latvian Traffic 1Mbps/512Kbps Overseas traffic
 
2. 6/3 Mbps Latvian Traffic 512kbps/256Kbps Overseas traffic
 
3. 4/2 Mbps Latvian Traffic 256Kbps/128Kbps Overseas traffic
 
Queue trees will limit data rate for the Local country traffic and Oversea traffic
 
In this scenario local country is Latvia. List of all Latvian subnets located at http://www.nic.lv/local.net
 
==Configuration==
 
<pre>
 
/ ip firewall mangle
 
add chain=forward action=mark-packet new-packet-mark=LV_DL_6M passthrough=yes \
 
    in-interface=public src-address-list=latvia comment="Default mangle for \
 
    Latvia Download" disabled=no
 
add chain=forward action=mark-packet new-packet-mark=LV_UL_3M passthrough=yes \
 
    in-interface=local dst-address-list=latvia comment="Default mangle for \
 
    Latvia Upload" disabled=no
 
add chain=forward action=mark-packet new-packet-mark=OS_DL_512k \
 
    passthrough=yes in-interface=public src-address-list=!latvia \
 
    comment="Default mangle for Oversea Download" disabled=no
 
add chain=forward action=mark-packet new-packet-mark=OS_UL_256k \
 
    passthrough=yes in-interface=local dst-address-list=!latvia \
 
    comment="Default mangle for Oversea Upload" disabled=no
 
add chain=forward action=mark-packet new-packet-mark=LV_DL_12M passthrough=no \
 
    in-interface=public src-address-list=latvia dst-address-list=12/6 \
 
    comment="Tarif 12/6 Latvia Download" disabled=no
 
add chain=forward action=mark-packet new-packet-mark=LV_UL_6M passthrough=no \
 
    in-interface=local src-address-list=12/6 dst-address-list=latvia \
 
    comment="Tarif 12/6 Latvia Upload" disabled=no
 
add chain=forward action=mark-packet new-packet-mark=OS_DL_1M passthrough=no \
 
    in-interface=public src-address-list=!latvia dst-address-list=12/6 \
 
    comment="Tarif 12/6 Oversea Download" disabled=no
 
add chain=forward action=mark-packet new-packet-mark=OS_UL_512k passthrough=no \
 
    in-interface=local src-address-list=12/6 dst-address-list=!latvia \
 
    comment="Tarif 12/6 Oversea Upload" disabled=no
 
add chain=forward action=mark-packet new-packet-mark=LV_DL_4M passthrough=no \
 
    in-interface=public src-address-list=latvia dst-address-list=4/2 \
 
    comment="Tarif 4/2 Latvia Download" disabled=no
 
add chain=forward action=mark-packet new-packet-mark=LV_UL_2M passthrough=no \
 
    in-interface=local src-address-list=4/2 dst-address-list=latvia \
 
    comment="Tarif 4/2 Latvia Upload" disabled=no
 
add chain=forward action=mark-packet new-packet-mark=OS_DL_256k passthrough=no \
 
    in-interface=public src-address-list=!latvia dst-address-list=4/2 \
 
    comment="Tarif 4/2 Oversea Download" disabled=no
 
add chain=forward action=mark-packet new-packet-mark=OS_UL_128k passthrough=no \
 
    in-interface=local src-address-list=4/2 dst-address-list=!latvia \
 
    comment="Tarif 4/2 Oversea Upload" disabled=no
 
  
 +
Let's consider the scenario where you want to apply different limits for many users to Local and Overseas traffic and don`t want to load cpu with a lot of simple queues and want sell 3 different bandwidth rates.
  
/ queue type
+
12/6 Mbps Latvian Traffic 1Mbps/512Kbps Overseas traffic
add name="LV_DL_12M" kind=pcq pcq-rate=12000000 pcq-limit=50 \
+
6/3 Mbps Latvian Traffic 512kbps/256Kbps Overseas traffic
    pcq-classifier=dst-address pcq-total-limit=2000
+
4/2 Mbps Latvian Traffic 256Kbps/128Kbps Overseas traffic
add name="LV_DL_6M" kind=pcq pcq-rate=6000000 pcq-limit=50 \
 
    pcq-classifier=dst-address pcq-total-limit=2000
 
add name="LV_DL_4M" kind=pcq pcq-rate=4000000 pcq-limit=50 \
 
    pcq-classifier=dst-address pcq-total-limit=2000
 
add name="LV_UL_6M" kind=pcq pcq-rate=6000000 pcq-limit=50 \
 
    pcq-classifier=src-address pcq-total-limit=2000
 
add name="LV_UL_3M" kind=pcq pcq-rate=6000000 pcq-limit=50 \
 
    pcq-classifier=src-address pcq-total-limit=2000
 
add name="LV_UL_2M" kind=pcq pcq-rate=2000000 pcq-limit=50 \
 
    pcq-classifier=src-address pcq-total-limit=2000
 
add name="OS_DL_1M" kind=pcq pcq-rate=1000000 pcq-limit=50 \
 
    pcq-classifier=dst-address pcq-total-limit=2000
 
add name="OS_DL_512k" kind=pcq pcq-rate=512000 pcq-limit=50 \
 
    pcq-classifier=dst-address pcq-total-limit=2000
 
add name="OS_DL_256k" kind=pcq pcq-rate=256000 pcq-limit=50 \
 
    pcq-classifier=dst-address pcq-total-limit=2000
 
add name="OS_UL_512k" kind=pcq pcq-rate=512000 pcq-limit=50 \
 
    pcq-classifier=src-address pcq-total-limit=2000
 
add name="OS_UL_256k" kind=pcq pcq-rate=256000 pcq-limit=50 \
 
    pcq-classifier=src-address pcq-total-limit=2000
 
add name="OS_UL_128k" kind=pcq pcq-rate=128000 pcq-limit=50 \
 
    pcq-classifier=src-address pcq-total-limit=2000
 
  
/ queue tree
+
We will limit the data rate for the ''Local'' country traffic and ''Overseas'' traffic using Queue Trees.                                           
add name="LV_DL_12M" parent=local packet-mark=LV_DL_12M limit-at=0 queue=LV_DL_12M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
In this scenario, the local country is Latvia. A list of all Latvian subnets is located at http://www.nic.lv/local.net.
    disabled=no
+
 
add name="LV_DL_6M" parent=local packet-mark=LV_DL_6M limit-at=0 queue=LV_DL_6M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
==2. Configuration==                                                                                                         
    disabled=no  
+
 
add name="LV_UL_2M" parent=public packet-mark=LV_UL_2M limit-at=0 queue=LV_UL_2M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
/ ip firewall address-list
    disabled=no
+
add list=12/6 address=192.168.0.2 comment="12/6mbps Local traffic 1mbps/512kbps overseas"
add name="LV_DL_4M" parent=local packet-mark=LV_DL_4M limit-at=0 queue=LV_DL_4M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
add list=6/3 address=192.168.0.3 comment="6/3mbps Local traffic 512kbps/256kbps overseas"
    disabled=no  
+
add list=4/2 address=192.168.0.4 comment="4/2mbps Local traffic 256kbps/128kbps overseas"
add name="LV_UL_3M" parent=public packet-mark=LV_UL_3M limit-at=0 queue=LV_UL_3M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
add list=Latvia address=159.148.0.0/16
    disabled=no
+
add list=Latvia address=193.41.195.0/24
add name="LV_UL_6M" parent=public packet-mark=LV_UL_6M limit-at=0 queue=LV_UL_6M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
add list=Latvia address=193.41.33.0/24
    disabled=no
+
add list=Latvia address=193.41.45.0/24
add name="OS_DL_1M" parent=local packet-mark=OS_DL_1M limit-at=0 queue=OS_DL_1M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
add list=Latvia address=193.68.64.0/19
    disabled=no
+
add list=Latvia address=193.108.29.0/24
add name="OS_DL_256k" parent=local packet-mark=OS_DL_256k limit-at=0 queue=OS_DL_256k priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
add list=Latvia address=193.108.144.0/22
    disabled=no
+
add list=Latvia address=193.108.185.0/24
add name="OS_DL_512k" parent=local packet-mark=OS_DL_512k limit-at=0 queue=OS_DL_512k priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
 
    disabled=no
+
/ ip firewall mangle
add name="OS_UL_128k" parent=public packet-mark=OS_UL_128k limit-at=0 queue=OS_UL_128k priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
add chain=forward action=mark-packet new-packet-mark=LV_DL_6M passthrough=yes \
    disabled=no
+
    in-interface=public src-address-list=latvia comment="Default mangle for \
add name="OS_UL_256k" parent=public packet-mark=OS_UL_256k limit-at=0 queue=OS_UL_256k priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
    Latvia Download"
    disabled=no
+
add chain=forward action=mark-packet new-packet-mark=LV_UL_3M passthrough=yes \
add name="OS_UL_512k" parent=public packet-mark=OS_UL_512k limit-at=0 queue=OS_UL_512k priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
+
    in-interface=local dst-address-list=latvia comment="Default mangle for \
    disabled=no
+
    Latvia Upload"
</pre>
+
add chain=forward action=mark-packet new-packet-mark=OS_DL_512k \
==Explanation==
+
    passthrough=yes in-interface=public src-address-list=!latvia \
 +
    comment="Default mangle for Oversea Download"
 +
add chain=forward action=mark-packet new-packet-mark=OS_UL_256k \
 +
    passthrough=yes in-interface=local dst-address-list=!latvia \
 +
    comment="Default mangle for Oversea Upload"
 +
add chain=forward action=mark-packet new-packet-mark=LV_DL_12M passthrough=no \
 +
    in-interface=public src-address-list=latvia dst-address-list=12/6 \
 +
    comment="Tarif 12/6 Latvia Download"
 +
add chain=forward action=mark-packet new-packet-mark=LV_UL_6M passthrough=no \
 +
    in-interface=local src-address-list=12/6 dst-address-list=latvia \
 +
    comment="Tarif 12/6 Latvia Upload"
 +
add chain=forward action=mark-packet new-packet-mark=OS_DL_1M passthrough=no \
 +
    in-interface=public src-address-list=!latvia dst-address-list=12/6 \
 +
    comment="Tarif 12/6 Oversea Download"
 +
add chain=forward action=mark-packet new-packet-mark=OS_UL_512k passthrough=no \
 +
    in-interface=local src-address-list=12/6 dst-address-list=!latvia \
 +
    comment="Tarif 12/6 Oversea Upload"
 +
add chain=forward action=mark-packet new-packet-mark=LV_DL_4M passthrough=no \
 +
    in-interface=public src-address-list=latvia dst-address-list=4/2 \
 +
    comment="Tarif 4/2 Latvia Download"
 +
add chain=forward action=mark-packet new-packet-mark=LV_UL_2M passthrough=no \
 +
    in-interface=local src-address-list=4/2 dst-address-list=latvia \
 +
    comment="Tarif 4/2 Latvia Upload"
 +
add chain=forward action=mark-packet new-packet-mark=OS_DL_256k passthrough=no \
 +
    in-interface=public src-address-list=!latvia dst-address-list=4/2 \
 +
    comment="Tarif 4/2 Oversea Download"
 +
add chain=forward action=mark-packet new-packet-mark=OS_UL_128k passthrough=no \
 +
    in-interface=local src-address-list=4/2 dst-address-list=!latvia \
 +
    comment="Tarif 4/2 Oversea Upload"
 +
 
 +
/ queue type
 +
add name="LV_DL_12M" kind=pcq pcq-rate=12000000 pcq-classifier=dst-address
 +
add name="LV_DL_6M" kind=pcq pcq-rate=6000000 pcq-classifier=dst-address
 +
add name="LV_DL_4M" kind=pcq pcq-rate=4000000 pcq-classifier=dst-address
 +
add name="LV_UL_6M" kind=pcq pcq-rate=6000000 pcq-classifier=src-address
 +
add name="LV_UL_3M" kind=pcq pcq-rate=3000000 pcq-classifier=src-address
 +
add name="LV_UL_2M" kind=pcq pcq-rate=2000000 pcq-classifier=src-address
 +
add name="OS_DL_1M" kind=pcq pcq-rate=1000000 pcq-classifier=dst-address
 +
add name="OS_DL_512k" kind=pcq pcq-rate=512000 pcq-classifier=dst-address
 +
add name="OS_DL_256k" kind=pcq pcq-rate=256000 pcq-classifier=dst-address
 +
add name="OS_UL_512k" kind=pcq pcq-rate=512000 pcq-classifier=src-address
 +
add name="OS_UL_256k" kind=pcq pcq-rate=256000 pcq-classifier=src-address
 +
add name="OS_UL_128k" kind=pcq pcq-rate=128000 pcq-classifier=src-address
 +
 
 +
/ queue tree
 +
add name="LV_DL_12M" parent=local packet-mark=LV_DL_12M queue=LV_DL_12M
 +
add name="LV_DL_6M" parent=local packet-mark=LV_DL_6M queue=LV_DL_6M
 +
add name="LV_UL_2M" parent=public packet-mark=LV_UL_2M queue=LV_UL_2M
 +
add name="LV_DL_4M" parent=local packet-mark=LV_DL_4M queue=LV_DL_4M
 +
add name="LV_UL_3M" parent=public packet-mark=LV_UL_3M queue=LV_UL_3M
 +
add name="LV_UL_6M" parent=public packet-mark=LV_UL_6M queue=LV_UL_6M
 +
add name="OS_DL_1M" parent=local packet-mark=OS_DL_1M queue=OS_DL_1M
 +
add name="OS_DL_256k" parent=local packet-mark=OS_DL_256k queue=OS_DL_256k
 +
add name="OS_DL_512k" parent=local packet-mark=OS_DL_512k queue=OS_DL_512k
 +
add name="OS_UL_128k" parent=public packet-mark=OS_UL_128k queue=OS_UL_128k
 +
add name="OS_UL_256k" parent=public packet-mark=OS_UL_256k queue=OS_UL_256k
 +
add name="OS_UL_512k" parent=public packet-mark=OS_UL_512k queue=OS_UL_512k
 +
 
 +
 
 +
==3. Explanation==
 +
 
 +
In '''/ip firewall address-list''' we created 3 lists for bandwidth profiles and a list named ''Latvia'' for Latvian subnets.
 +
In '''/ip firewall mangle''' we created address-list-based packet marks for use with bandwidth profiles.
 +
All IPs which are not included in any address list will fall through to secondary bandwidth profile rates.
 +
In '''/queue types''' we created pcq types for bandwidth profiles.
 +
In '''/queue tree''' we created rules with Local/Overseas packet marks and queue types for bandwidth profiles.
 +
 
 +
Now, a customer with an IP of 192.168.0.2 will have 1 profile rate, a customer with an IP 192.168.0.3 will have 2 profile rates,
 +
a client with IP 192.168.0.4 have 3 profile rates, and all others will have 2 bandwidth rates; so all traffic
 +
will be limited and your cpu power will be free for other tasks.
 +
 
 +
===Important note===
 +
This setup will work correctly if local network is not masqueraded. If masquerade is used then the parent for all upload queues must be 'global-out' instead of 'public'. The reason for this is that the ''pcq_upload'' classifier is source address. In case of masquerading, the source address is changed to public IP address. If a queue is set to 'public', interface pcq will think that all packets are coming from one source ( public IP ). PCQ must see the source address before masquerading occurs; according to the packet flow diagram from the manual, 'global-out' is before 'src-nat'.
 +
 
 +
[[Category:QoS]]

Latest revision as of 17:54, 2 March 2010

1. Introduction

Let's consider the scenario where you want to apply different limits for many users to Local and Overseas traffic and don`t want to load cpu with a lot of simple queues and want sell 3 different bandwidth rates.

12/6 Mbps Latvian Traffic 1Mbps/512Kbps Overseas traffic
6/3 Mbps Latvian Traffic 512kbps/256Kbps Overseas traffic
4/2 Mbps Latvian Traffic 256Kbps/128Kbps Overseas traffic

We will limit the data rate for the Local country traffic and Overseas traffic using Queue Trees. In this scenario, the local country is Latvia. A list of all Latvian subnets is located at http://www.nic.lv/local.net.

2. Configuration

/ ip firewall address-list
add list=12/6 address=192.168.0.2 comment="12/6mbps Local traffic 1mbps/512kbps overseas"
add list=6/3 address=192.168.0.3 comment="6/3mbps Local traffic 512kbps/256kbps overseas"
add list=4/2 address=192.168.0.4 comment="4/2mbps Local traffic 256kbps/128kbps overseas"
add list=Latvia address=159.148.0.0/16
add list=Latvia address=193.41.195.0/24
add list=Latvia address=193.41.33.0/24
add list=Latvia address=193.41.45.0/24
add list=Latvia address=193.68.64.0/19
add list=Latvia address=193.108.29.0/24
add list=Latvia address=193.108.144.0/22
add list=Latvia address=193.108.185.0/24
/ ip firewall mangle
add chain=forward action=mark-packet new-packet-mark=LV_DL_6M passthrough=yes \
    in-interface=public src-address-list=latvia comment="Default mangle for \
    Latvia Download"
add chain=forward action=mark-packet new-packet-mark=LV_UL_3M passthrough=yes \
    in-interface=local dst-address-list=latvia comment="Default mangle for \
    Latvia Upload"
add chain=forward action=mark-packet new-packet-mark=OS_DL_512k \
    passthrough=yes in-interface=public src-address-list=!latvia \
    comment="Default mangle for Oversea Download"
add chain=forward action=mark-packet new-packet-mark=OS_UL_256k \
    passthrough=yes in-interface=local dst-address-list=!latvia \
    comment="Default mangle for Oversea Upload"
add chain=forward action=mark-packet new-packet-mark=LV_DL_12M passthrough=no \
    in-interface=public src-address-list=latvia dst-address-list=12/6 \
    comment="Tarif 12/6 Latvia Download"
add chain=forward action=mark-packet new-packet-mark=LV_UL_6M passthrough=no \
    in-interface=local src-address-list=12/6 dst-address-list=latvia \
    comment="Tarif 12/6 Latvia Upload"
add chain=forward action=mark-packet new-packet-mark=OS_DL_1M passthrough=no \
    in-interface=public src-address-list=!latvia dst-address-list=12/6 \
    comment="Tarif 12/6 Oversea Download"
add chain=forward action=mark-packet new-packet-mark=OS_UL_512k passthrough=no \
    in-interface=local src-address-list=12/6 dst-address-list=!latvia \
    comment="Tarif 12/6 Oversea Upload"
add chain=forward action=mark-packet new-packet-mark=LV_DL_4M passthrough=no \
    in-interface=public src-address-list=latvia dst-address-list=4/2 \
    comment="Tarif 4/2 Latvia Download"
add chain=forward action=mark-packet new-packet-mark=LV_UL_2M passthrough=no \
    in-interface=local src-address-list=4/2 dst-address-list=latvia \
    comment="Tarif 4/2 Latvia Upload"
add chain=forward action=mark-packet new-packet-mark=OS_DL_256k passthrough=no \
    in-interface=public src-address-list=!latvia dst-address-list=4/2 \
    comment="Tarif 4/2 Oversea Download"
add chain=forward action=mark-packet new-packet-mark=OS_UL_128k passthrough=no \
    in-interface=local src-address-list=4/2 dst-address-list=!latvia \
    comment="Tarif 4/2 Oversea Upload"
/ queue type
add name="LV_DL_12M" kind=pcq pcq-rate=12000000 pcq-classifier=dst-address
add name="LV_DL_6M" kind=pcq pcq-rate=6000000 pcq-classifier=dst-address
add name="LV_DL_4M" kind=pcq pcq-rate=4000000 pcq-classifier=dst-address
add name="LV_UL_6M" kind=pcq pcq-rate=6000000 pcq-classifier=src-address
add name="LV_UL_3M" kind=pcq pcq-rate=3000000 pcq-classifier=src-address
add name="LV_UL_2M" kind=pcq pcq-rate=2000000 pcq-classifier=src-address
add name="OS_DL_1M" kind=pcq pcq-rate=1000000 pcq-classifier=dst-address
add name="OS_DL_512k" kind=pcq pcq-rate=512000 pcq-classifier=dst-address
add name="OS_DL_256k" kind=pcq pcq-rate=256000 pcq-classifier=dst-address
add name="OS_UL_512k" kind=pcq pcq-rate=512000 pcq-classifier=src-address
add name="OS_UL_256k" kind=pcq pcq-rate=256000 pcq-classifier=src-address
add name="OS_UL_128k" kind=pcq pcq-rate=128000 pcq-classifier=src-address
/ queue tree
add name="LV_DL_12M" parent=local packet-mark=LV_DL_12M queue=LV_DL_12M
add name="LV_DL_6M" parent=local packet-mark=LV_DL_6M queue=LV_DL_6M
add name="LV_UL_2M" parent=public packet-mark=LV_UL_2M queue=LV_UL_2M
add name="LV_DL_4M" parent=local packet-mark=LV_DL_4M queue=LV_DL_4M
add name="LV_UL_3M" parent=public packet-mark=LV_UL_3M queue=LV_UL_3M
add name="LV_UL_6M" parent=public packet-mark=LV_UL_6M queue=LV_UL_6M
add name="OS_DL_1M" parent=local packet-mark=OS_DL_1M queue=OS_DL_1M
add name="OS_DL_256k" parent=local packet-mark=OS_DL_256k queue=OS_DL_256k
add name="OS_DL_512k" parent=local packet-mark=OS_DL_512k queue=OS_DL_512k
add name="OS_UL_128k" parent=public packet-mark=OS_UL_128k queue=OS_UL_128k
add name="OS_UL_256k" parent=public packet-mark=OS_UL_256k queue=OS_UL_256k
add name="OS_UL_512k" parent=public packet-mark=OS_UL_512k queue=OS_UL_512k


3. Explanation

In /ip firewall address-list we created 3 lists for bandwidth profiles and a list named Latvia for Latvian subnets. In /ip firewall mangle we created address-list-based packet marks for use with bandwidth profiles. All IPs which are not included in any address list will fall through to secondary bandwidth profile rates. In /queue types we created pcq types for bandwidth profiles. In /queue tree we created rules with Local/Overseas packet marks and queue types for bandwidth profiles.

Now, a customer with an IP of 192.168.0.2 will have 1 profile rate, a customer with an IP 192.168.0.3 will have 2 profile rates, a client with IP 192.168.0.4 have 3 profile rates, and all others will have 2 bandwidth rates; so all traffic will be limited and your cpu power will be free for other tasks.

Important note

This setup will work correctly if local network is not masqueraded. If masquerade is used then the parent for all upload queues must be 'global-out' instead of 'public'. The reason for this is that the pcq_upload classifier is source address. In case of masquerading, the source address is changed to public IP address. If a queue is set to 'public', interface pcq will think that all packets are coming from one source ( public IP ). PCQ must see the source address before masquerading occurs; according to the packet flow diagram from the manual, 'global-out' is before 'src-nat'.