SlideShare ist ein Scribd-Unternehmen logo

Qo s of service with winbox

S
SONDAY Barbarwale
Technologie
1 von 36
Downloaden Sie, um offline zu lesen
© MikroTik 2008 MikroTik RouterOS Workshop QoS Best Practice Prague MUM Czech Republic 2009
© MikroTik 2008 2 Q: Is it possible to prioritize traffic by type for every single client while having strict per-user limitations on the same router? A: Yes! Q: What will I need to achieve that? A: You will need: 1)Packet Flow Diagram 2)HTB (queue tree), 3)Mangle, 4)PCQ, 5)Address List Questions and Answers
© MikroTik 2008 3 Mangle The mangle facility allows you to mark IP packets with special marks. These marks are used by other router facilities like routing and bandwidth management to identify the packets. Additionally, the mangle facility is used to modify some fields in the IP header, like TOS (DSCP) and TTL fields.
© MikroTik 2008 4 Hierarchical Token Bucket All bandwidth management implementation in RouterOS is based on Hierarchical Token Bucket (HTB) HTB allows you to create hierarchical queue structure and determine relations between queues RouterOS supports 3 virtual HTBs (global-in, global-total, global-out) and one more just before every output interface
© MikroTik 2008 5 QoS Packet Flow This diagram is created from RouterOS Packet Flow diagram. http://wiki.mikrotik.com/wiki/Packet_Flow
© MikroTik 2008 6 Double QoS It is possible to mark and shape traffic twice in the same router: Mangle chain Prerouting – for first marking Global-in HTB – for first shaping Mangle chain Forward or Postrouting for second marking Global-out or Out-interface HTB for second marking Double QoS is only possible with Queue Tree
© MikroTik 2008 7 Why not Simple Queues? Simple queues are ordered - similar to firewall rules In order to get to 999th queue packet will have to be checked for match to all 998 previous queues Each simple queue might stand for 3 separate queues: One in Global-in (“direct” part) One in Global-out (“reverse” part) One in Global-total (“total” part)
© MikroTik 2008 8 Simple Queues and Mangle
© MikroTik 2008 9 Queue Tree Tree queue is one directional only and can be placed in any of the available HTBs Queue Tree queues don't have any order – all traffic is processed simultaneously All child queues must have packet marks from “/ip firewall mangle” facility assigned to them If placed in the same HTB, Simple queue will take all the traffic away from the Queue Tree queue
© MikroTik 2008 10 Global-Out or Interface HTB? There are two fundamental differences In case of SRC-NAT (masquerade) Global-Out will be aware of private client addresses, but Interface HTB will not – Interface HTB is after SRC-NAT Each Interface HTB only receives traffic that will be leaving through a particular interface – there is no need for to separate upload and download in mangle
© MikroTik 2008 11 Conclusions We will use mangle and queue tree: Mark traffic by traffic type in mangle chain Prerouting Prioritize and limit traffic by type in Global-in HTB Re-Mark traffic by clients in mangle chain Forward Limit traffic per client in Interface HTB It is necessary to keep the amount of mangle rules and queues to a minimum to increase the performance of this configuration.
© MikroTik 2008 12 Client Limitation ~40 Mbps T3/E3 line ● You have more than 400 clients and 3 different connection types: ● Business (4Mbps/1Mbps) connection ● Standard (750kbps/250kbps) connection ● Basic (375kbps/125kbps) connection
© MikroTik 2008 13 PCQ Per Connection Queue is a queue type capable of dividing traffic into sub-streams based on selected classifiers Each sub-stream will then go through FIFO queue with queue size specified by “pcq-limit” option and maximal rate specified by “pcq-rate” option
© MikroTik 2008 14
© MikroTik 2008 15 PCQ Part 2 In order to ensure that each PCQ sub-stream represents one particular client we need to create 2 different PCQ types: PCQ_upload – source address as classifier PCQ_download - destination address as classifier PCQ will distribute available traffic equally between sub-queues until the pcq-rate is reached (if it is specified)
© MikroTik 2008 16
© MikroTik 2008 17
© MikroTik 2008 18 PCQ Types – Winbox View
© MikroTik 2008 19 Address Lists Address lists was introduced to assign multiple IP addresses/ranges to the same firewall rule, in this way reducing the total number of firewall rules and increasing router performance Address lists can be created: Manually Automatically from PPP profile – just specify address-list option and as soon as the client connects it will be added to the proper address list Automatically from RADIUS – attribute “Mikrotik:19”
© MikroTik 2008 20 Address Lists
© MikroTik 2008 21 Where?
© MikroTik 2008 22 Packet Marking Use “connection-mark” action to classify all connections based on client address list Use “packet-mark” action to classify all traffic based on connection marks Questions to think about: What speed should be available for Business client if downloading from basic client? Do you still have unmarked traffic?
© MikroTik 2008 23 Connection-mark rule
© MikroTik 2008 24 Packet-mark rule
© MikroTik 2008 25 Working Mangle- Winbox view
© MikroTik 2008 26 Working Mangle- Export view
© MikroTik 2008 27 Queue Tree – Winbox View
© MikroTik 2008 28 Queue Tree – Export View
© MikroTik 2008 29 PCQ Queue Size Total_limit = X can take up to X*(2000 bytes + 200 bytes) of RAM 2000 bytes – buffer for 1 packet 200 bytes – service data for 1 packet total_limit = 2000 =< 4,2MB RAM total_limit = 5000 =< 10,5MB RAM It can take only 40 users to fill the queue (because total_limit/limit = 2000/50 = 40) It is necessary to increase “total_limit” and/or decrease the “limit” value There should be at least 10-20 packet places in queue available per user
© MikroTik 2008 30 Queue Size
© MikroTik 2008 31 PCQ Adjustments There are ~340 Basic class clients so: pcq_limit = 40 pcq_total_limit = 7000 ( ~20*340) (~15MB) There are ~40 Standard class clients so: pcq_limit = 30 pcq_total_limit = 1000 ( ~20*40) (~2MB) There are ~20 Business class clients so: pcq_limit = 20 (!!!) pcq_total_limit = 500 ( ~20*20) (~1MB)
© MikroTik 2008 32 Traffic Prioritization Business Class Clients Standard Class Clients Basic Class Clients ~40 Mbps T3/E3 line You have problems with on-line communications (video, audio, VOIP, games) Task: Prioritize the traffic ~5Mbps abroad
© MikroTik 2008 33 Prioritization Plan
© MikroTik 2008 34 Where?
© MikroTik 2008 35 How?
© MikroTik 2008 36 Priorities Create packet marks in the mangle chain “Prerouting” for traffic prioritization in the global- in queue Ensign_services (Priority=1) User_requests (Priority=3) Communication_services (Priority=5) Download_services (Priority=7) P2P_services (Priority=8)

Empfohlen

OSPF On Router OS7
OSPF On Router OS7OSPF On Router OS7
OSPF On Router OS7GLC Networks
 
BGP tuning: Peer with loopback
BGP tuning: Peer with loopbackBGP tuning: Peer with loopback
BGP tuning: Peer with loopbackGLC Networks
 
MUM Melbourne : Build Enterprise Wireless with CAPsMAN
MUM Melbourne : Build Enterprise Wireless with CAPsMANMUM Melbourne : Build Enterprise Wireless with CAPsMAN
MUM Melbourne : Build Enterprise Wireless with CAPsMANGLC Networks
 
Voice Services, From Circuit Switch to VoIP
Voice Services, From Circuit Switch to VoIPVoice Services, From Circuit Switch to VoIP
Voice Services, From Circuit Switch to VoIPGLC Networks
 
The Factoring Dead: Preparing for the Cryptopocalypse
The Factoring Dead: Preparing for the CryptopocalypseThe Factoring Dead: Preparing for the Cryptopocalypse
The Factoring Dead: Preparing for the CryptopocalypseAlex Stamos
 
Routing fundamentals with mikrotik
Routing fundamentals with mikrotikRouting fundamentals with mikrotik
Routing fundamentals with mikrotikAchmad Mardiansyah
 
MQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsMQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsBryan Boyd
 
Limiting bandwidth of specific destination based on address list
Limiting bandwidth of specific destination based on address listLimiting bandwidth of specific destination based on address list
Limiting bandwidth of specific destination based on address listAchmad Mardiansyah
 

Empfohlen

OSPF On Router OS7
OSPF On Router OS7OSPF On Router OS7
OSPF On Router OS7GLC Networks
 
BGP tuning: Peer with loopback
BGP tuning: Peer with loopbackBGP tuning: Peer with loopback
BGP tuning: Peer with loopbackGLC Networks
 
MUM Melbourne : Build Enterprise Wireless with CAPsMAN
MUM Melbourne : Build Enterprise Wireless with CAPsMANMUM Melbourne : Build Enterprise Wireless with CAPsMAN
MUM Melbourne : Build Enterprise Wireless with CAPsMANGLC Networks
 
Voice Services, From Circuit Switch to VoIP
Voice Services, From Circuit Switch to VoIPVoice Services, From Circuit Switch to VoIP
Voice Services, From Circuit Switch to VoIPGLC Networks
 
The Factoring Dead: Preparing for the Cryptopocalypse
The Factoring Dead: Preparing for the CryptopocalypseThe Factoring Dead: Preparing for the Cryptopocalypse
The Factoring Dead: Preparing for the CryptopocalypseAlex Stamos
 
Routing fundamentals with mikrotik
Routing fundamentals with mikrotikRouting fundamentals with mikrotik
Routing fundamentals with mikrotikAchmad Mardiansyah
 
MQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsMQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsBryan Boyd
 
Limiting bandwidth of specific destination based on address list
Limiting bandwidth of specific destination based on address listLimiting bandwidth of specific destination based on address list
Limiting bandwidth of specific destination based on address listAchmad Mardiansyah
 
VTI の中身
VTI の中身VTI の中身
VTI の中身Masakazu Asama
 
Introduction to MQTT
Introduction to MQTTIntroduction to MQTT
Introduction to MQTTEMQ
 
Mikrotik firewall mangle
Mikrotik firewall mangleMikrotik firewall mangle
Mikrotik firewall mangleAchmad Mardiansyah
 
MPLS on Router OS V7 - Part 2
MPLS on Router OS V7 - Part 2MPLS on Router OS V7 - Part 2
MPLS on Router OS V7 - Part 2GLC Networks
 
ISP load balancing with mikrotik nth
ISP load balancing with mikrotik nthISP load balancing with mikrotik nth
ISP load balancing with mikrotik nthAchmad Mardiansyah
 
FEX -PPT By NETWORKERS HOME
FEX -PPT By NETWORKERS HOMEFEX -PPT By NETWORKERS HOME
FEX -PPT By NETWORKERS HOMEnetworkershome
 
Linux Locking Mechanisms
Linux Locking MechanismsLinux Locking Mechanisms
Linux Locking MechanismsKernel TLV
 
Mikrotik firewall raw table
Mikrotik firewall raw tableMikrotik firewall raw table
Mikrotik firewall raw tableAchmad Mardiansyah
 
Using mikrotik with radius
Using mikrotik with radiusUsing mikrotik with radius
Using mikrotik with radiusAchmad Mardiansyah
 
Open ROADM Design and Technical Scope
Open ROADM Design and Technical ScopeOpen ROADM Design and Technical Scope
Open ROADM Design and Technical Scopekinsleyaniston
 
Icmp
IcmpIcmp
IcmpAbhishek Kesharwani
 
OpenFlow
OpenFlowOpenFlow
OpenFlowKingston Smiler
 
Queue Type on Mikrotik
Queue Type on MikrotikQueue Type on Mikrotik
Queue Type on MikrotikGLC Networks
 
Mikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCMikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCGLC Networks
 
Error control coding using bose chaudhuri hocquenghem bch codes
Error control coding using bose chaudhuri hocquenghem bch codesError control coding using bose chaudhuri hocquenghem bch codes
Error control coding using bose chaudhuri hocquenghem bch codesIAEME Publication
 
Internet Key Exchange Protocol
Internet Key Exchange ProtocolInternet Key Exchange Protocol
Internet Key Exchange ProtocolPrateek Singh Bapna
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network InterfacesKernel TLV
 
Implementing cisco mpls
Implementing cisco mplsImplementing cisco mpls
Implementing cisco mplsMatiullah Jamil
 
Mikrotik Hotspot
Mikrotik HotspotMikrotik Hotspot
Mikrotik HotspotGLC Networks
 
GRE (generic routing encapsulation)
GRE (generic routing encapsulation)GRE (generic routing encapsulation)
GRE (generic routing encapsulation)Netwax Lab
 
Mikrotik router os qos best practice
Mikrotik router os qos best practiceMikrotik router os qos best practice
Mikrotik router os qos best practiceBassel Kablawi
 
Technology Overview: Policer Implementation on MX Series, M120, and M320 Routers
Technology Overview: Policer Implementation on MX Series, M120, and M320 RoutersTechnology Overview: Policer Implementation on MX Series, M120, and M320 Routers
Technology Overview: Policer Implementation on MX Series, M120, and M320 RoutersJuniper Networks
 

Weitere ähnliche Inhalte

Was ist angesagt?

Introduction to MQTT
Introduction to MQTTIntroduction to MQTT
Introduction to MQTTEMQ
 
MPLS on Router OS V7 - Part 2
MPLS on Router OS V7 - Part 2MPLS on Router OS V7 - Part 2
MPLS on Router OS V7 - Part 2GLC Networks
 
ISP load balancing with mikrotik nth
ISP load balancing with mikrotik nthISP load balancing with mikrotik nth
ISP load balancing with mikrotik nthAchmad Mardiansyah
 
FEX -PPT By NETWORKERS HOME
FEX -PPT By NETWORKERS HOMEFEX -PPT By NETWORKERS HOME
FEX -PPT By NETWORKERS HOMEnetworkershome
 
Linux Locking Mechanisms
Linux Locking MechanismsLinux Locking Mechanisms
Linux Locking MechanismsKernel TLV
 
Open ROADM Design and Technical Scope
Open ROADM Design and Technical ScopeOpen ROADM Design and Technical Scope
Open ROADM Design and Technical Scopekinsleyaniston
 
Queue Type on Mikrotik
Queue Type on MikrotikQueue Type on Mikrotik
Queue Type on MikrotikGLC Networks
 
Mikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCMikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCGLC Networks
 
Error control coding using bose chaudhuri hocquenghem bch codes
Error control coding using bose chaudhuri hocquenghem bch codesError control coding using bose chaudhuri hocquenghem bch codes
Error control coding using bose chaudhuri hocquenghem bch codesIAEME Publication
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network InterfacesKernel TLV
 
GRE (generic routing encapsulation)
GRE (generic routing encapsulation)GRE (generic routing encapsulation)
GRE (generic routing encapsulation)Netwax Lab
 

Was ist angesagt? (20)

VTI の中身
VTI の中身VTI の中身
VTI の中身
 
Introduction to MQTT
Introduction to MQTTIntroduction to MQTT
Introduction to MQTT
 
Mikrotik firewall mangle
Mikrotik firewall mangleMikrotik firewall mangle
Mikrotik firewall mangle
 
MPLS on Router OS V7 - Part 2
MPLS on Router OS V7 - Part 2MPLS on Router OS V7 - Part 2
MPLS on Router OS V7 - Part 2
 
ISP load balancing with mikrotik nth
ISP load balancing with mikrotik nthISP load balancing with mikrotik nth
ISP load balancing with mikrotik nth
 
FEX -PPT By NETWORKERS HOME
FEX -PPT By NETWORKERS HOMEFEX -PPT By NETWORKERS HOME
FEX -PPT By NETWORKERS HOME
 
Linux Locking Mechanisms
Linux Locking MechanismsLinux Locking Mechanisms
Linux Locking Mechanisms
 
Mikrotik firewall raw table
Mikrotik firewall raw tableMikrotik firewall raw table
Mikrotik firewall raw table
 
Using mikrotik with radius
Using mikrotik with radiusUsing mikrotik with radius
Using mikrotik with radius
 
Open ROADM Design and Technical Scope
Open ROADM Design and Technical ScopeOpen ROADM Design and Technical Scope
Open ROADM Design and Technical Scope
 
Icmp
IcmpIcmp
Icmp
 
OpenFlow
OpenFlowOpenFlow
OpenFlow
 
Queue Type on Mikrotik
Queue Type on MikrotikQueue Type on Mikrotik
Queue Type on Mikrotik
 
Mikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCMikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCC
 
Error control coding using bose chaudhuri hocquenghem bch codes
Error control coding using bose chaudhuri hocquenghem bch codesError control coding using bose chaudhuri hocquenghem bch codes
Error control coding using bose chaudhuri hocquenghem bch codes
 
Internet Key Exchange Protocol
Internet Key Exchange ProtocolInternet Key Exchange Protocol
Internet Key Exchange Protocol
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network Interfaces
 
Implementing cisco mpls
Implementing cisco mplsImplementing cisco mpls
Implementing cisco mpls
 
Mikrotik Hotspot
Mikrotik HotspotMikrotik Hotspot
Mikrotik Hotspot
 
GRE (generic routing encapsulation)
GRE (generic routing encapsulation)GRE (generic routing encapsulation)
GRE (generic routing encapsulation)
 

Andere mochten auch

Mikrotik router os qos best practice
Mikrotik router os qos best practiceMikrotik router os qos best practice
Mikrotik router os qos best practiceBassel Kablawi
 
Technology Overview: Policer Implementation on MX Series, M120, and M320 Routers
Technology Overview: Policer Implementation on MX Series, M120, and M320 RoutersTechnology Overview: Policer Implementation on MX Series, M120, and M320 Routers
Technology Overview: Policer Implementation on MX Series, M120, and M320 RoutersJuniper Networks
 
OpenWRT Case Study
OpenWRT Case StudyOpenWRT Case Study
OpenWRT Case StudyBob Chao
 
Mikrotik basic configuration
Mikrotik basic configurationMikrotik basic configuration
Mikrotik basic configurationTola LENG
 
Mikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW ManagementMikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW Managementgopartheredbuff
 
P3 konfigurasi dasar mikrotik
P3 konfigurasi dasar mikrotikP3 konfigurasi dasar mikrotik
P3 konfigurasi dasar mikrotikKarya Gunawan
 
Leaky bucket algorithm
Leaky bucket algorithmLeaky bucket algorithm
Leaky bucket algorithmUmesh Gupta
 

Andere mochten auch (18)

Mikrotik router os qos best practice
Mikrotik router os qos best practiceMikrotik router os qos best practice
Mikrotik router os qos best practice
 
Technology Overview: Policer Implementation on MX Series, M120, and M320 Routers
Technology Overview: Policer Implementation on MX Series, M120, and M320 RoutersTechnology Overview: Policer Implementation on MX Series, M120, and M320 Routers
Technology Overview: Policer Implementation on MX Series, M120, and M320 Routers
 
OpenWRT Case Study
OpenWRT Case StudyOpenWRT Case Study
OpenWRT Case Study
 
Class 6
Class 6Class 6
Class 6
 
Class 4
Class 4Class 4
Class 4
 
Class 5
Class 5Class 5
Class 5
 
Class 2
Class 2Class 2
Class 2
 
Mikrotik basic configuration
Mikrotik basic configurationMikrotik basic configuration
Mikrotik basic configuration
 
Mikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW ManagementMikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW Management
 
Class 3
Class 3Class 3
Class 3
 
Class 7
Class 7Class 7
Class 7
 
Class 1
Class 1Class 1
Class 1
 
MTCWE
MTCWEMTCWE
MTCWE
 
P3 konfigurasi dasar mikrotik
P3 konfigurasi dasar mikrotikP3 konfigurasi dasar mikrotik
P3 konfigurasi dasar mikrotik
 
Mikrotik firewall filter
Mikrotik firewall filterMikrotik firewall filter
Mikrotik firewall filter
 
VLAN on mikrotik
VLAN on mikrotikVLAN on mikrotik
VLAN on mikrotik
 
Leaky bucket algorithm
Leaky bucket algorithmLeaky bucket algorithm
Leaky bucket algorithm
 
MikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port KnockingMikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port Knocking
 

Ähnlich wie Qo s of service with winbox

Lets talk about QoS by Megis.pdf
Lets talk about QoS by Megis.pdfLets talk about QoS by Megis.pdf
Lets talk about QoS by Megis.pdfssusere31f1c
 
Cdot Max ng architecture working models
Cdot Max ng architecture working modelsCdot Max ng architecture working models
Cdot Max ng architecture working modelsRahmanScholar
 
ETE405-lec9.ppt
ETE405-lec9.pptETE405-lec9.ppt
ETE405-lec9.pptmashiur
 
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdfBRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdfssusercbaa33
 
ETE405-lec9.pdf
ETE405-lec9.pdfETE405-lec9.pdf
ETE405-lec9.pdfmashiur
 
cisco-cbs350-48p-4x-datasheet.pdf
cisco-cbs350-48p-4x-datasheet.pdfcisco-cbs350-48p-4x-datasheet.pdf
cisco-cbs350-48p-4x-datasheet.pdfHi-Network.com
 
cisco-cbs350-24fp-4x-datasheet.pdf
cisco-cbs350-24fp-4x-datasheet.pdfcisco-cbs350-24fp-4x-datasheet.pdf
cisco-cbs350-24fp-4x-datasheet.pdfHi-Network.com
 
cisco-cbs350-48t-4x-datasheet.pdf
cisco-cbs350-48t-4x-datasheet.pdfcisco-cbs350-48t-4x-datasheet.pdf
cisco-cbs350-48t-4x-datasheet.pdfHi-Network.com
 
OptiQNet-842-DM-v0.4-for-852
OptiQNet-842-DM-v0.4-for-852OptiQNet-842-DM-v0.4-for-852
OptiQNet-842-DM-v0.4-for-852Yi-Neng Lin
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
 
Webinar: Comunicação TCP/IP segura
Webinar: Comunicação TCP/IP seguraWebinar: Comunicação TCP/IP segura
Webinar: Comunicação TCP/IP seguraEmbarcados
 
Improving Network Efficiency with Simplemux
Improving Network Efficiency with SimplemuxImproving Network Efficiency with Simplemux
Improving Network Efficiency with SimplemuxJose Saldana
 
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...abdenour boussioud
 
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SPKrzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SPPROIDEA
 
cisco-n3k-c31108pc-v-datasheet.pdf
cisco-n3k-c31108pc-v-datasheet.pdfcisco-n3k-c31108pc-v-datasheet.pdf
cisco-n3k-c31108pc-v-datasheet.pdfHi-Network.com
 
cisco-cbs350-24p-4g-datasheet.pdf
cisco-cbs350-24p-4g-datasheet.pdfcisco-cbs350-24p-4g-datasheet.pdf
cisco-cbs350-24p-4g-datasheet.pdfHi-Network.com
 
PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...
PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...
PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...PROIDEA
 
cisco-cbs350-24t-4x-datasheet.pdf
cisco-cbs350-24t-4x-datasheet.pdfcisco-cbs350-24t-4x-datasheet.pdf
cisco-cbs350-24t-4x-datasheet.pdfHi-Network.com
 
cisco-cbs350-24fp-4g-datasheet.pdf
cisco-cbs350-24fp-4g-datasheet.pdfcisco-cbs350-24fp-4g-datasheet.pdf
cisco-cbs350-24fp-4g-datasheet.pdfHi-Network.com
 

Ähnlich wie Qo s of service with winbox (20)

Lets talk about QoS by Megis.pdf
Lets talk about QoS by Megis.pdfLets talk about QoS by Megis.pdf
Lets talk about QoS by Megis.pdf
 
Cdot Max ng architecture working models
Cdot Max ng architecture working modelsCdot Max ng architecture working models
Cdot Max ng architecture working models
 
Mikrotik load balansing
Mikrotik load balansingMikrotik load balansing
Mikrotik load balansing
 
ETE405-lec9.ppt
ETE405-lec9.pptETE405-lec9.ppt
ETE405-lec9.ppt
 
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdfBRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
 
ETE405-lec9.pdf
ETE405-lec9.pdfETE405-lec9.pdf
ETE405-lec9.pdf
 
cisco-cbs350-48p-4x-datasheet.pdf
cisco-cbs350-48p-4x-datasheet.pdfcisco-cbs350-48p-4x-datasheet.pdf
cisco-cbs350-48p-4x-datasheet.pdf
 
cisco-cbs350-24fp-4x-datasheet.pdf
cisco-cbs350-24fp-4x-datasheet.pdfcisco-cbs350-24fp-4x-datasheet.pdf
cisco-cbs350-24fp-4x-datasheet.pdf
 
cisco-cbs350-48t-4x-datasheet.pdf
cisco-cbs350-48t-4x-datasheet.pdfcisco-cbs350-48t-4x-datasheet.pdf
cisco-cbs350-48t-4x-datasheet.pdf
 
OptiQNet-842-DM-v0.4-for-852
OptiQNet-842-DM-v0.4-for-852OptiQNet-842-DM-v0.4-for-852
OptiQNet-842-DM-v0.4-for-852
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPN
 
Webinar: Comunicação TCP/IP segura
Webinar: Comunicação TCP/IP seguraWebinar: Comunicação TCP/IP segura
Webinar: Comunicação TCP/IP segura
 
Improving Network Efficiency with Simplemux
Improving Network Efficiency with SimplemuxImproving Network Efficiency with Simplemux
Improving Network Efficiency with Simplemux
 
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
 
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SPKrzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
 
cisco-n3k-c31108pc-v-datasheet.pdf
cisco-n3k-c31108pc-v-datasheet.pdfcisco-n3k-c31108pc-v-datasheet.pdf
cisco-n3k-c31108pc-v-datasheet.pdf
 
cisco-cbs350-24p-4g-datasheet.pdf
cisco-cbs350-24p-4g-datasheet.pdfcisco-cbs350-24p-4g-datasheet.pdf
cisco-cbs350-24p-4g-datasheet.pdf
 
PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...
PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...
PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...
 
cisco-cbs350-24t-4x-datasheet.pdf
cisco-cbs350-24t-4x-datasheet.pdfcisco-cbs350-24t-4x-datasheet.pdf
cisco-cbs350-24t-4x-datasheet.pdf
 
cisco-cbs350-24fp-4g-datasheet.pdf
cisco-cbs350-24fp-4g-datasheet.pdfcisco-cbs350-24fp-4g-datasheet.pdf
cisco-cbs350-24fp-4g-datasheet.pdf
 

Kürzlich hochgeladen

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 

Kürzlich hochgeladen (20)

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 

Qo s of service with winbox

  • 1. © MikroTik 2008 MikroTik RouterOS Workshop QoS Best Practice Prague MUM Czech Republic 2009
  • 2. © MikroTik 2008 2 Q: Is it possible to prioritize traffic by type for every single client while having strict per-user limitations on the same router? A: Yes! Q: What will I need to achieve that? A: You will need: 1)Packet Flow Diagram 2)HTB (queue tree), 3)Mangle, 4)PCQ, 5)Address List Questions and Answers
  • 3. © MikroTik 2008 3 Mangle The mangle facility allows you to mark IP packets with special marks. These marks are used by other router facilities like routing and bandwidth management to identify the packets. Additionally, the mangle facility is used to modify some fields in the IP header, like TOS (DSCP) and TTL fields.
  • 4. © MikroTik 2008 4 Hierarchical Token Bucket All bandwidth management implementation in RouterOS is based on Hierarchical Token Bucket (HTB) HTB allows you to create hierarchical queue structure and determine relations between queues RouterOS supports 3 virtual HTBs (global-in, global-total, global-out) and one more just before every output interface
  • 5. © MikroTik 2008 5 QoS Packet Flow This diagram is created from RouterOS Packet Flow diagram. http://wiki.mikrotik.com/wiki/Packet_Flow
  • 6. © MikroTik 2008 6 Double QoS It is possible to mark and shape traffic twice in the same router: Mangle chain Prerouting – for first marking Global-in HTB – for first shaping Mangle chain Forward or Postrouting for second marking Global-out or Out-interface HTB for second marking Double QoS is only possible with Queue Tree
  • 7. © MikroTik 2008 7 Why not Simple Queues? Simple queues are ordered - similar to firewall rules In order to get to 999th queue packet will have to be checked for match to all 998 previous queues Each simple queue might stand for 3 separate queues: One in Global-in (“direct” part) One in Global-out (“reverse” part) One in Global-total (“total” part)
  • 8. © MikroTik 2008 8 Simple Queues and Mangle
  • 9. © MikroTik 2008 9 Queue Tree Tree queue is one directional only and can be placed in any of the available HTBs Queue Tree queues don't have any order – all traffic is processed simultaneously All child queues must have packet marks from “/ip firewall mangle” facility assigned to them If placed in the same HTB, Simple queue will take all the traffic away from the Queue Tree queue
  • 10. © MikroTik 2008 10 Global-Out or Interface HTB? There are two fundamental differences In case of SRC-NAT (masquerade) Global-Out will be aware of private client addresses, but Interface HTB will not – Interface HTB is after SRC-NAT Each Interface HTB only receives traffic that will be leaving through a particular interface – there is no need for to separate upload and download in mangle
  • 11. © MikroTik 2008 11 Conclusions We will use mangle and queue tree: Mark traffic by traffic type in mangle chain Prerouting Prioritize and limit traffic by type in Global-in HTB Re-Mark traffic by clients in mangle chain Forward Limit traffic per client in Interface HTB It is necessary to keep the amount of mangle rules and queues to a minimum to increase the performance of this configuration.
  • 12. © MikroTik 2008 12 Client Limitation ~40 Mbps T3/E3 line ● You have more than 400 clients and 3 different connection types: ● Business (4Mbps/1Mbps) connection ● Standard (750kbps/250kbps) connection ● Basic (375kbps/125kbps) connection
  • 13. © MikroTik 2008 13 PCQ Per Connection Queue is a queue type capable of dividing traffic into sub-streams based on selected classifiers Each sub-stream will then go through FIFO queue with queue size specified by “pcq-limit” option and maximal rate specified by “pcq-rate” option
  • 15. © MikroTik 2008 15 PCQ Part 2 In order to ensure that each PCQ sub-stream represents one particular client we need to create 2 different PCQ types: PCQ_upload – source address as classifier PCQ_download - destination address as classifier PCQ will distribute available traffic equally between sub-queues until the pcq-rate is reached (if it is specified)
  • 18. © MikroTik 2008 18 PCQ Types – Winbox View
  • 19. © MikroTik 2008 19 Address Lists Address lists was introduced to assign multiple IP addresses/ranges to the same firewall rule, in this way reducing the total number of firewall rules and increasing router performance Address lists can be created: Manually Automatically from PPP profile – just specify address-list option and as soon as the client connects it will be added to the proper address list Automatically from RADIUS – attribute “Mikrotik:19”
  • 20. © MikroTik 2008 20 Address Lists
  • 21. © MikroTik 2008 21 Where?
  • 22. © MikroTik 2008 22 Packet Marking Use “connection-mark” action to classify all connections based on client address list Use “packet-mark” action to classify all traffic based on connection marks Questions to think about: What speed should be available for Business client if downloading from basic client? Do you still have unmarked traffic?
  • 23. © MikroTik 2008 23 Connection-mark rule
  • 24. © MikroTik 2008 24 Packet-mark rule
  • 25. © MikroTik 2008 25 Working Mangle- Winbox view
  • 26. © MikroTik 2008 26 Working Mangle- Export view
  • 27. © MikroTik 2008 27 Queue Tree – Winbox View
  • 28. © MikroTik 2008 28 Queue Tree – Export View
  • 29. © MikroTik 2008 29 PCQ Queue Size Total_limit = X can take up to X*(2000 bytes + 200 bytes) of RAM 2000 bytes – buffer for 1 packet 200 bytes – service data for 1 packet total_limit = 2000 =< 4,2MB RAM total_limit = 5000 =< 10,5MB RAM It can take only 40 users to fill the queue (because total_limit/limit = 2000/50 = 40) It is necessary to increase “total_limit” and/or decrease the “limit” value There should be at least 10-20 packet places in queue available per user
  • 30. © MikroTik 2008 30 Queue Size
  • 31. © MikroTik 2008 31 PCQ Adjustments There are ~340 Basic class clients so: pcq_limit = 40 pcq_total_limit = 7000 ( ~20*340) (~15MB) There are ~40 Standard class clients so: pcq_limit = 30 pcq_total_limit = 1000 ( ~20*40) (~2MB) There are ~20 Business class clients so: pcq_limit = 20 (!!!) pcq_total_limit = 500 ( ~20*20) (~1MB)
  • 32. © MikroTik 2008 32 Traffic Prioritization Business Class Clients Standard Class Clients Basic Class Clients ~40 Mbps T3/E3 line You have problems with on-line communications (video, audio, VOIP, games) Task: Prioritize the traffic ~5Mbps abroad
  • 33. © MikroTik 2008 33 Prioritization Plan
  • 34. © MikroTik 2008 34 Where?
  • 35. © MikroTik 2008 35 How?
  • 36. © MikroTik 2008 36 Priorities Create packet marks in the mangle chain “Prerouting” for traffic prioritization in the global- in queue Ensign_services (Priority=1) User_requests (Priority=3) Communication_services (Priority=5) Download_services (Priority=7) P2P_services (Priority=8)