User:Toby

From MikroTik Wiki
Revision as of 17:52, 21 March 2009 by Toby (talk | contribs) (New page: = Hotspot with fast download from Proxy Cache and FTP Server = We have a MT router with OS 3.2 that serves about 40 wireless clients using the Hotspot function. There is a 2 GB memory ca...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Hotspot with fast download from Proxy Cache and FTP Server

We have a MT router with OS 3.2 that serves about 40 wireless clients using the Hotspot function. There is a 2 GB memory card as proxy cache. We are using a queue tree with PCQs to equally distribute the available bandwidth among the clients. Furthermore, there is an FTP server connected to the 192.168.1.0 network to which of course also the ADSL router is connected. The objective was to allow the cache hits and data from the FTP server to download at a faster rate than the traffic from the internet.

Addresses

 /ip address
 add address=192.168.1.13/24 broadcast=192.168.1.255 comment="added by setup" \
   disabled=no interface=ether1 network=192.168.1.0
 add address=192.168.100.1/24 broadcast=192.168.100.255 comment="" disabled=no \
   interface=wlan1 network=192.168.100.0

Web Proxy Cache

 /ip proxy
 set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
   cache-on-disk=yes enabled=yes max-cache-size=unlimited \
   max-client-connections=600 max-fresh-time=3d max-server-connections=600 \
   parent-proxy=0.0.0.0 parent-proxy-port=0 port=8855 serialize-connections=\
   yes src-address=0.0.0.0

The parameter cache-hit-dscp=4 will be used (misused?) in Mangle to identify the packets coming from the cache memory.

Mangle

 /ip firewall mangle
 add action=mark-connection chain=forward comment="MARK CONNECTION AND PACKETS \
   FOR FTP TRAFFIC.    PACKET MARKS ARE USED IN QUEUE TREE." disabled=no \
   dst-address=192.168.1.240 new-connection-mark=FTP-conn passthrough=yes
 add action=mark-packet chain=forward comment="" connection-mark=FTP-conn \
   disabled=no new-packet-mark=Highspeed-P passthrough=no

The above two rules mark the packets to and from the FTP server, whose address is 192.168.1.240. 

 add action=passthrough chain=prerouting comment=\
   "********* SPEED-UP PROXY CACHE TRAFFIC *********" disabled=yes
 add action=mark-connection chain=output comment=\
   "CACHE HIT TRAFFIC: MARK CONNECTIONS AND PACKETS" disabled=no dscp=4 \
   new-connection-mark=Cache-conn passthrough=yes
 add action=mark-packet chain=output comment="" connection-mark=Cache-conn \
   disabled=no new-packet-mark=Highspeed-P passthrough=no

The above two rules mark the packets coming from the cache memory. The rules are placed in the output chain because it is traffic coming from the router. 

 add action=mark-connection chain=output comment=\
   "REMAINING TRAFFIC THROUGH OUTPUT CHAIN" disabled=no new-connection-mark=\
   Remaining-conn passthrough=yes
 add action=mark-packet chain=output comment="" connection-mark=Remaining-conn \
   disabled=no new-packet-mark=Lowspeed-P passthrough=no
 add action=mark-connection chain=forward comment=\
   "REMAINING TRAFFIC THROUGH FORWARD CHAIN" disabled=no \
   new-connection-mark=Remaining-conn passthrough=yes
 add action=mark-packet chain=forward comment="" connection-mark=\
   Remaining-conn disabled=no new-packet-mark=Lowspeed-P passthrough=no

The above 4 rules mark all other packets which do not originate from the proxy cache and which pass either through the output or the forward chain. It was noted that most traffic passes through the output chain.

Queue Tree

 /queue tree
 add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
   max-limit=0 name=DOWN-TRAFFIC packet-mark="" parent=wlan1 priority=8 \
   queue=default
 add burst-limit=4000000 burst-threshold=3200000 burst-time=8s disabled=no \
   limit-at=0 max-limit=3500000 name="HOTSPOT DOWN" packet-mark=\
   Lowspeed-P parent=DOWN-TRAFFIC priority=8 queue=hotspot-down
 add burst-limit=3000000 burst-threshold=1900000 burst-time=8s disabled=no \
   limit-at=0 max-limit=2000000 name="FTP DOWN AND CACHE" packet-mark=\
   Highspeed-P parent=DOWN-TRAFFIC priority=8 queue=default

The first of the above queues is attached to the wireless interface and is the parent for the following two queues. They control the bandwidth for the traffic going to the clients (download). 

 add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
   max-limit=0 name=UP-TRAFFIC packet-mark="" parent=ether1 priority=8 \
   queue=default
 add burst-limit=3000000 burst-threshold=1900000 burst-time=8s disabled=no \
   limit-at=0 max-limit=2000000 name="FTP UP" packet-mark=Highspeed-P \
   parent=UP-TRAFFIC priority=8 queue=default
 add burst-limit=450000 burst-threshold=380000 burst-time=8s disabled=no \
   limit-at=0 max-limit=400000 name="HOTSPOT UP" packet-mark=Lowspeed-P \
   parent=UP-TRAFFIC priority=8 queue=hotspot-up

The first of the above queues is attached to the public interface (ether1) and is the parent for the following two queues. They control the bandwidth for the traffic coming from the clients (upload). 


 /queue type
 set default kind=pfifo name=default pfifo-limit=50
 add kind=pcq name=hotspot-up pcq-classifier=src-address,src-port pcq-limit=50 \
   pcq-rate=75000 pcq-total-limit=5000
 add kind=pcq name=hotspot-down pcq-classifier=dst-address,dst-port pcq-limit=\
   50 pcq-rate=800000 pcq-total-limit=5000

Above is a listing of the queue types used. The PCQ has worked quite well with our 40 clients. There is no need for setting a rate limit in Hotspot User Profile.

Retrieved from "https://wiki.mikrotik.com/index.php?title=User:Toby&oldid=11551"