Testwiki/Quality of Service: Difference between revisions

From MikroTik Wiki
Jump to navigation Jump to search
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
=Quality of Service=
=Quality of Service=


==Traffic management and bandwidth control features on RouterOS==


Quality of service is the ability to provide different priority to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow.
In RouterOS are two main options for traffic limitation and prioritization:
<ul class="bullets">
<li>'''/queue simple''' menu - designed to ease configuration of simple, everyday queuing and rate limitation tasks (such as single client or group of users upload/download limitation, p2p traffic limitation, set up specific queuing type etc.).
<li>'''/queue tree''' menu - for implementing advanced queuing tasks (such as implement hierarchical (multi-level) queues per interface or global for all router’s interfaces, global prioritization policy, user group limitations). Queue tree requires marked packet flows from '''/ip firewall mangle''' facility in order process packet in queue.  Basically queue tree is way how easy to implement classful queuing discipline (HTB) in your router. Although ''simple queue'' support HTB but recommended to use ''queue tree'' for this purpose. 
</ul>
Under Queue menu in RouterOS are defined most of Quality of Service (QoS) features. Below are listed the some features of MikroTik RouterOS Bandwidth Control mechanism:
<ul class="bullets">
<li>limit data rate per interface
<li>limit data rate for certain IP addresses, subnets, protocols, ports, and other parameters
<li>limit peer-to-peer traffic (such as bit-torrent, edonkey and others peer-to-peer protocols)
<li>create hierarchical queue structure per interface or per router
<li>prioritize some packet flows over others
<li>set up queue bursts for faster WEB browsing
<li>apply queues on fixed time intervals (defined time when queue is active)
<li>apply queues for bandwidth equal distribution between users
</ul>
Compete RouterOS QoS command reference with explanations and others configuration examples are available [http://wiki.mikrotik.com/wiki/Manual:Queue here].
When we implement QoS we basically define two things: queuing discipline (type) and/or rate limit.
===Queuing disciplines===
===Queuing disciplines===


Line 38: Line 14:
# '''''Queue management''''' – control buffer availability and length of queue as well as leads packet rejection (drops packet) when it is necessary.  
# '''''Queue management''''' – control buffer availability and length of queue as well as leads packet rejection (drops packet) when it is necessary.  
# '''''Queuing (scheduling) algorithms''''' – its describes which packet will be transmitted next in line
# '''''Queuing (scheduling) algorithms''''' – its describes which packet will be transmitted next in line
==Queue type ''(/queue type)''==
Different queuing strategies have different functionality and parameters. There is one important property for all of a queue types it is m''aximum queue size''. Some others parameters can be defined under specific queue discipline. Configuring '''/queue type''' on RouterOS you need to specify:
<ul class="bullets">
<li>'''name'''<nowiki>: user defined unique queue identifier that can be used in </nowiki>''simple queues'' and ''queue tree'' as value of queue option
<li>'''kind''' (bfifo | pcq | pfifo | red | sfq): kind of particular queue type
<li>specific parameters for each kind of queue type: (like'' pfifo-limit, red-limit, red-min-threshold,'''' red-max-threshold, pcq-rate and etc.'')
</ul>
Queue configuration example:
<pre>
/queue type add name=myqueue kind=pfifo pfifo-limit=40
</pre>
Check defined '''/queue type''' on router:
<pre>
[admin@Augsha] /queue type> print
0 name="default" kind=pfifo pfifo-limit=50
1 name="ethernet-default" kind=pfifo pfifo-limit=50
2 name="wireless-default" kind=sfq sfq-perturb=5 sfq-allot=1514
3 name="synchronous-default" kind=red red-limit=60 red-min-threshold=10
  red-max-threshold=50 red-burst=20 red-avg-packet=1000
4 name="hotspot-default" kind=sfq sfq-perturb=5 sfq-allot=1514
5 name="myqueue" kind=pfifo pfifo-limit=40
6 name="default-small" kind=pfifo pfifo-limit=10
</pre>
==Queue interface ''(/queue interface)''==
Before sending data over an interface, it is processed with a queuing discipline. By default, queuing disciplines are set under '''/queue interface''' for each physical interface.
For each available interface type (Ethernet, wireless, bridge, PPTP and others) RouterOS by default is assigned some of default defined queue types that can be changed.  You can to check assigned queue type for each interface using command:
<pre>
[admin@Augsha] /queue interface> print
Flags: D - dynamic
#  INTERFACE                              QUEUE                           
0  ether1                                  ethernet-default                 
1  ether2                                  ethernet-default                 
2  ether3                                  ethernet-default                                         
3  vlan3                                  default                         
4  vlan3-bridge                            default                         
5  vrrp1                                  default                         
6  pptp-in1                                default                         
7  etunels                                default                         
8  bridge101                                default 
</pre>
You can change queue type for interface like this:
<pre>
[admin@Augsha] /queue interface> set 3 queue=myqueue
</pre>
Generally, we can set only one queue for an interface but as you can see later in this section, then using HTB we can to define many of queues (queue hierarchy) per interface, where each queue is for different client, client group, subnet, port or other parameter.


==Simple Queue==
==Simple Queue==
Line 159: Line 71:




==Queue Tree==
HTB (Hierarchical Token Bucket) is a classful queuing discipline that is useful for applying different handling for different kinds of traffic. When we create queue tree we have always followed three basic steps:
<ul class="bullets">
<li>'''''Matching and marking traffic''''''' –'' classify traffic for further use. Consists of one or more matching parameters to select packets for the specific class.
<li>'''''Create rules (policy) for marking traffic '''''– put specific traffic class into specific queue and to define the actions that are taken for each class.
<li>'''''Attach policy''''for specific interface(-s)''' ''– append policy for all interfaces (''global-in, global-out or global-total''), for specific interface or for specific parent queue.
</ul>
Queue tree creates only one directional queue in one of the HTBs. Hierarchical Token Bucket allows to create a hierarchical queue structure and to determine relations between queues. Hierarchy is implemented with different level of queues and new term is established like ''parent queue. ''Look at next Figure 8.7, for example of HTB hierarchy where Queue_A is parent queue for Queue_C and Queue_B, but Queue_B is parent queue for Queue_D and Queue_E. Queues without any sub-queues (children) like Queue_C, Queue_D, Queue_E in this case called as '''leaf''' queues. ''Leaf'' queues make actual traffic consumption whereas ''parent ''queues are responsible only for traffic distribution. All '''leaf''' queues are treated on equal basis. In RouterOS it is necessary to specify '''parent''' option to assign queue as a child to other queue.
<center>[[Image:image8007.gif]]</center>
For example, using HTB ('''/queue tree''') we can set a maximum data rate for a workgroup and then distribute that amount of traffic between the members of that workgroup.
Each queue in the HTB hierarchy has three important parameters: There are 2 major parameters in RouterOS which refer to rates limit and one - to prioritizing:
<ul class="bullets">
<li>'''limit-at''' (Committed Information Rate - CIR) - data rate that is guaranteed to traffic flow (class) within specific queue (amount of available traffic rate regardless of other traffic flows)
<li>'''max-limit''' (Maximum Information Rate - MIR) - maximal data rate that is allowed for a traffic flow within specific queue if there is free any part of parent queue bandwidth.
<li>'''priority''' - order in which classes are served at the same level (8 is the lowest priority, 1 is the highest)
</ul>
In other words, at first '''limit-at''' of the all queues will be satisfied, only then child queues will try to borrow the necessary data rate from their parents in order to reach their '''max-limit'''.
{| class="MsoTableGrid" style="margin-left: 36.0pt; background: #EEECE1; border-collapse: collapse; border: none" border="1"
| style="width: 473.4pt; border-top: solid black 1.0pt; border-left: none; border-bottom: solid black 1.0pt; border-right: none; padding: 0cm 5.4pt 0cm 5.4pt" width="631" valign="top" |
NOTE '''CIR''' will be assigned to the corresponding queue no matter what.
|}
Priority is responsible for distribution of remaining parent queues traffic to child queues so that they are able to reach '''max-limit'''
The Queue with higher priority will reach its '''max-limit''' before the queue with lower priority.
For example (refer to Figure 8.7), if we assume that parent Queue_B (max-limit=limit-at=512kbps) and its child queues is set as follows: Queue_D (max-limit=512kbps limit-at=128kbps), Queue_E (max-limit=512kbps limit-at=384kbps) both of child queues have the same priority. It means that for Queue_D guaranteed bandwidth is 128kbps and for Queue_E 384kbps. Queue_D can to reach data rate 512kbps when Queue_E is empty (no data to send). Or if Queue_E uses only 256Kbps from allowed data rate, queue_D gets also 256Kbps (all remaining part of available bandwidth).
Sum of committed rates of all children must be less or equal to amount of traffic that is available to parent: ''CIR(parent)* ? CIR(child1) + CIR(child1)...+ CIR(childN).'' In case if parent is main'' parent CIR(parent)=MIR(parent)''
Maximal rate (MIR) of any child must be less or equal to maximal rate of the parent. 
===HTB configuration example===
Assume that our network diagram is as Figure 8.6, and we want to limit maximum download speed for subnet 10.1.1.0/24 to 2Mbps and distribute this amount of traffic between the server and workstations like Figure 8.9 using HTB. To limit upload to 2Mbps and distribute upload bandwidth like Figure 8.8. As remember that HTB work in one direction and is implemented on outbound interface.  If we referring to Figure 8.6 then HTB for download is introduced on ether2 whereas HTB for upload is on ether1. 
<center>[[Image:image8008.gif]]</center>
<center>[[Image:image8009.gif]]</center>
The first, we need to classify traffic.
Mark traffic form/to server. The first rule we will mark the outgoing connection from server and with the second one, all packets, which belong to this connection (download and upload packets for this connection):
<pre>
/ip firewall mangle> add chain=prerouting src-address=10.1.1.1/32 action=mark-connection \
new-connection-mark=server_con
/ip firewall mangle> add chain=forward connection-mark=server_con action=mark-packet  \
new-packet-mark=server
</pre>
Do the same for workstation too. Match all workstation connections, mark it with the same mark (new-connection-mark=workstation_con) and after that mark all packets which belong to these workstation.
<pre>
/ip firewall mangle> add chain=prerouting src-address=10.1.1.2
action=mark-connection new-connection-mark=workstation_con
/ip firewall mangle> add chain=prerouting src-address=10.1.1.3
action=mark-connection new-connection-mark=workstation_con
/ip firewall mangle> add chain=prerouting src-address=10.1.1.4
action=mark-connection new-connection-mark=workstation_con
/ip firewall mangle> add chain='''forward''' connection-mark=workstation_con  action=mark-packet \
new-packet-mark=workstations
</pre>
At the end create '''/queue tree''' for upload and download based on figure 8.8 and figure 8.9.
Queue tree for upload limitation is implemented on '''''ether1''''' interface.
<pre>
;;; Queue_A1 creation
/queue tree> add name=Queue_A1 parent='''ether1''' max-limit=2048k
;;; Queue_B1 creation
/queue tree> add name=Queue_B1 parent=Queue_A1 max-limit=2048k limit-at=1024k
;;; Queue_C1 creation
/queue tree> add name=Queue_C1 parent=Queue_A1 max-limit=2048k limit-at=1024k priority=7 \
packet-mark=server
;;; Queue_D1, Queue_E1 and Queue_F1 creation
/queue tree> add name=Queue_D1 parent=Queue_B1 max-limit=2048k limit-at=340k priority=8 \
packet-mark=workstations
/queue tree> add name=Queue_E1 parent=Queue_B1 max-limit=2048k limit-at=340k priority=8 \
packet-mark=workstations
/queue tree> add name=Queue_F1 parent=Queue_B1 max-limit=2048k limit-at=340k priority=8 \
packet-mark=workstations
</pre>
Priority value by default is 8 so it is not specified here.   
Queue tree for download limitation is implemented on '''''ether2''''' interface.
<pre>
;;; Queue_A2 creation
/queue tree> add name=Queue_A2 parent='''ether1''' max-limit=2048k
;;; Queue_B2 creation
/queue tree> add name=Queue_B2 parent=Queue_A2 max-limit=2048k limit-at=1536k
;;; Queue_C creation
/queue tree> add name=Queue_C2 parent=Queue_A2 max-limit=2048k limit-at=512k priority=7 \
packet-mark=server
;;; Queue_D2, Queue_E2 and Queue_F2 creation
/queue tree> add name=Queue_D2 parent=Queue_B2 max-limit=2048k limit-at=512k priority=8 \
packet-mark=workstations
/queue tree> add name=Queue_E2 parent=Queue_B2 max-limit=2048k limit-at=512k priority=8 \
packet-mark=workstations
/queue tree> add name=Queue_F2 parent=Queue_B2 max-limit=2048k limit-at=512k priority=8 \
packet-mark=workstations
</pre>
==Configuring PCQ==
==Configuring PCQ==



Latest revision as of 12:36, 20 October 2011

Quality of Service

Queuing disciplines

Before we start to speak about queue and queuing disciplines (algorithms) we need to understand where queue is allocated, what is queuing and how it is implemented.

Buffer memory are typically used for queue allocation and it is used when there is a difference between the rate at which data is received and the rate at which it can be sent.

Queuing is the process of sequencing packets before they leave a router interface and it decides the order that packets leave any given interface. Normally, packets leave the router in the order they arrived. The queuing is only useful for packets in the outbound direction because packet arrives on an interface in the inbound direction it's already too late to queue it - it's already consumed network bandwidth. Which of queuing strategy to implement in your network is absolute your decision.

When we speak about queues we need understand two basic classes that related to traffic flows control algorithms in buffer memory on router interface:

  1. Queue management – control buffer availability and length of queue as well as leads packet rejection (drops packet) when it is necessary.
  2. Queuing (scheduling) algorithms – its describes which packet will be transmitted next in line

Simple Queue

The simplest way to limit data rate for specific IP addresses and/or subnets, is to use simple queues.

You can also use simple queues to build advanced QoS applications. They have useful integrated features:

  • Peer-to-peer traffic queuing
  • Applying queue rules on chosen time intervals
  • Priorities
  • Using multiple packet marks from /ip firewall mangle
  • Shaping (scheduling) of bidirectional traffic (one limit for the total of upload + download)

Assume we have network topology like Figure 8.6 and we want to limited download and upload for private network (upload - 256kbps, and download – 512kbps).

File:Image8006.gif

Add a simple queue rule, which will limit the download traffic to 512kbps and upload to 256kbps for the network 10.1.1.0/24, served by the interface Ether2:

[admin@MikroTik] /queue simple> add name=private target-addresses=10.1.1.0/24 max-limit=256K/512K \
interface=ether2
In this case statement works right also if we indicate only one of parameters: "target-addresses=" or "interface=", because both of these define where and for which traffic this queue will be implemented.


Check your configuration:

[admin@Augsha] /queue simple> print 

Flags: X - disabled, I - invalid, D - dynamic 
 0    name="private" target-addresses=10.1.1.0/24 dst-address=0.0.0.0/0 
      interface=ether2 parent=none direction=both priority=8 
      queue=default-small/default-small limit-at=0/0 max-limit=256k/512k 
      burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 
      total-queue=default-small


The max-limit parameter cuts down the maximum available bandwidth. The value max-limit=256k/512k means that clients from private network will get maximum of 512kbps for download and 256kbps for upload. The target-addresses allows to define the source IP addresses to which the queue rule will be applied.


Probably, you want to exclude the server from being limited, if so, add a queue for it without any limitation (max-limit=0/0 which means no limitation). Move this rule to the beginning of the list, because items in /queue simple are executed in order one by one if router finds rule that satisfy certain packet next rules aren’t compared:


[admin@MikroTik] /queue simple> add name=server target-addresses=10.1.1.1/32 max-limit=0/0 \
interface=ether2

All simple queue command references are available here.


Configuring PCQ

Per Connection Queue (PCQ) was introduced to optimize massive QoS systems, where most of the queues are exactly the same for different sub-streams. PCQ allows dynamically and equally share download and upload traffic (called also as “bandwidth equal distribution between users”). It means that if you have subnet with 3 hosts and maximum bandwidth for subnet is 6 Mbps, we can share it equally using PCQ. If one of host is downloading 1Mbps, all others share 5 Mbps and vice versa. There might be situation when all of the three hosts want to use maximum bandwidth (4 Mbps), then each of them receive 2 Mbps.

Look at previously example (see Figure 8.9) where we were limited download traffic equally among server and all workstation (see Figure 8.6) applying specific queue tree structure. We can perform it easy using PCQ rate limiting. In the same as configuring HTB also here is needed packet marking, it can be the similar as previously, but in this case we need to mark all packets that related to the network 10.1.1.0/24 with one common mark.


/ip firewall mangle> add chain=prerouting src-address=10.1.1.0/24
 action=mark-connection new-connection-mark=private_con

/ip firewall mangle> add chain=forward connection-mark=private_con 
action=mark-packet new-packet-mark='''private'''


Next think that we need to do is to define new PCQ type which will group all traffic by destination address. As I mentioned previous about PCQ then it allows to classify traffic flows (streams) by four parameters:

  • Source address
  • Destination address
  • Source port
  • Destination port

In this case we classify download traffic only by one parameter – destination address (dst-address), it will create a dynamic queue for each destination address.


 /queue type add name=pcq-download kind=pcq pcq-classifier=dst-address


Finally, make a queue tree for download traffic:


 /queue tree add name=Download parent=ether2 max-limit=2048
 /queue tree add parent=Download queue=pcq-download packet-mark='''private'''

It means, that PCQ can to perform equal bandwidth sharing on interface ether2, it will make one dynamic queue for each separate destination address. If we have network with four hosts (figure 8.6.) where maximum download is limited to 2Mbps and each of them want to use more than 512kbps, then all of them will receive data rate – 512Kbps.

In the same manner you can also equal distribute upload traffic from your LAN, but this case you create new queue tree and attach this queue to the public interface.