Suche senden
Hochladen
Qo s of service with winbox
•
1 gefällt mir
•
3,864 views
S
SONDAY Barbarwale
Folgen
Technologie
Diashow-Anzeige
Melden
Teilen
Diashow-Anzeige
Melden
Teilen
1 von 36
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
Sgbdr merise
Sgbdr merise
Fataltigers06
Wazuh Pre.pptx
Wazuh Pre.pptx
emnabenamor3
More Details about TR-069 (CPE WAN Management Protocol)
More Details about TR-069 (CPE WAN Management Protocol)
William Lee
Le pra livre blanc à découvrir avec le crip
Le pra livre blanc à découvrir avec le crip
PROJECT SI
Support du cours : Systèmes d'exploitation 2 (linux)
Support du cours : Systèmes d'exploitation 2 (linux)
Faycel Chaoua
Analysis of SOFTWARE DEFINED STORAGE (SDS)
Analysis of SOFTWARE DEFINED STORAGE (SDS)
Kaushik Rajan
NETCONF YANG tutorial
NETCONF YANG tutorial
Tail-f Systems
Diaporamas-Réseaux Informatiques.pdf
Diaporamas-Réseaux Informatiques.pdf
EST-UMI de Meknès
Empfohlen
Sgbdr merise
Sgbdr merise
Fataltigers06
Wazuh Pre.pptx
Wazuh Pre.pptx
emnabenamor3
More Details about TR-069 (CPE WAN Management Protocol)
More Details about TR-069 (CPE WAN Management Protocol)
William Lee
Le pra livre blanc à découvrir avec le crip
Le pra livre blanc à découvrir avec le crip
PROJECT SI
Support du cours : Systèmes d'exploitation 2 (linux)
Support du cours : Systèmes d'exploitation 2 (linux)
Faycel Chaoua
Analysis of SOFTWARE DEFINED STORAGE (SDS)
Analysis of SOFTWARE DEFINED STORAGE (SDS)
Kaushik Rajan
NETCONF YANG tutorial
NETCONF YANG tutorial
Tail-f Systems
Diaporamas-Réseaux Informatiques.pdf
Diaporamas-Réseaux Informatiques.pdf
EST-UMI de Meknès
Hacking the swisscom modem
Hacking the swisscom modem
Cyber Security Alliance
Simulation de réseaux pon
Simulation de réseaux pon
Mohamed Amine BERGACH
Les architectures client serveur
Les architectures client serveur
Ameni Ouertani
Expose linux gestion des processus
Expose linux gestion des processus
Fatima Zahra Fagroud
IBM DS8880 and IBM Z - Integrated by Design
IBM DS8880 and IBM Z - Integrated by Design
Stefan Lein
Traitement distribue en BIg Data - KAFKA Broker and Kafka Streams
Traitement distribue en BIg Data - KAFKA Broker and Kafka Streams
ENSET, Université Hassan II Casablanca
Cybersécurité & protection des données personnelles
Cybersécurité & protection des données personnelles
Mohamed MDELLA
Etude et mise en place d'une solution d'administration et de supervision Open...
Etude et mise en place d'une solution d'administration et de supervision Open...
Chiheb Ouaghlani
Maintenance du système Linux
Maintenance du système Linux
EL AMRI El Hassan
Sécurité de l'IoT | Internet des objets - Formation d'une journée
Sécurité de l'IoT | Internet des objets - Formation d'une journée
Tactika inc.
QCM Sécurité Informatique
QCM Sécurité Informatique
Zakariyaa AIT ELMOUDEN
IBM FlashSystems A9000/R presentation
IBM FlashSystems A9000/R presentation
Joe Krotz
Microsoft Active Directory.pptx
Microsoft Active Directory.pptx
masbulosoke
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
Tidiane Sylla
Comprendre les technologies LPWA (SIGFOX et LoRa)
Comprendre les technologies LPWA (SIGFOX et LoRa)
Robert Vivanco Salcedo
Linux et les systèmes embarqués
Linux et les systèmes embarqués
Stéphane Legrand
Cours bases de données partie 2 Prof. Khalifa MANSOURI
Cours bases de données partie 2 Prof. Khalifa MANSOURI
Mansouri Khalifa
Understanding DPDK
Understanding DPDK
Denys Haryachyy
Ch_1 - Généralités sur la sécurité informatique.pdf
Ch_1 - Généralités sur la sécurité informatique.pdf
Nafissa11
Architecture des Systèmes Logiciels
Architecture des Systèmes Logiciels
Ghazouani Mahdi
Mikrotik router os qos best practice
Mikrotik router os qos best practice
Bassel Kablawi
Technology Overview: Policer Implementation on MX Series, M120, and M320 Routers
Technology Overview: Policer Implementation on MX Series, M120, and M320 Routers
Juniper Networks
Weitere ähnliche Inhalte
Was ist angesagt?
Hacking the swisscom modem
Hacking the swisscom modem
Cyber Security Alliance
Simulation de réseaux pon
Simulation de réseaux pon
Mohamed Amine BERGACH
Les architectures client serveur
Les architectures client serveur
Ameni Ouertani
Expose linux gestion des processus
Expose linux gestion des processus
Fatima Zahra Fagroud
IBM DS8880 and IBM Z - Integrated by Design
IBM DS8880 and IBM Z - Integrated by Design
Stefan Lein
Traitement distribue en BIg Data - KAFKA Broker and Kafka Streams
Traitement distribue en BIg Data - KAFKA Broker and Kafka Streams
ENSET, Université Hassan II Casablanca
Cybersécurité & protection des données personnelles
Cybersécurité & protection des données personnelles
Mohamed MDELLA
Etude et mise en place d'une solution d'administration et de supervision Open...
Etude et mise en place d'une solution d'administration et de supervision Open...
Chiheb Ouaghlani
Maintenance du système Linux
Maintenance du système Linux
EL AMRI El Hassan
Sécurité de l'IoT | Internet des objets - Formation d'une journée
Sécurité de l'IoT | Internet des objets - Formation d'une journée
Tactika inc.
QCM Sécurité Informatique
QCM Sécurité Informatique
Zakariyaa AIT ELMOUDEN
IBM FlashSystems A9000/R presentation
IBM FlashSystems A9000/R presentation
Joe Krotz
Microsoft Active Directory.pptx
Microsoft Active Directory.pptx
masbulosoke
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
Tidiane Sylla
Comprendre les technologies LPWA (SIGFOX et LoRa)
Comprendre les technologies LPWA (SIGFOX et LoRa)
Robert Vivanco Salcedo
Linux et les systèmes embarqués
Linux et les systèmes embarqués
Stéphane Legrand
Cours bases de données partie 2 Prof. Khalifa MANSOURI
Cours bases de données partie 2 Prof. Khalifa MANSOURI
Mansouri Khalifa
Understanding DPDK
Understanding DPDK
Denys Haryachyy
Ch_1 - Généralités sur la sécurité informatique.pdf
Ch_1 - Généralités sur la sécurité informatique.pdf
Nafissa11
Architecture des Systèmes Logiciels
Architecture des Systèmes Logiciels
Ghazouani Mahdi
Was ist angesagt?
(20)
Hacking the swisscom modem
Hacking the swisscom modem
Simulation de réseaux pon
Simulation de réseaux pon
Les architectures client serveur
Les architectures client serveur
Expose linux gestion des processus
Expose linux gestion des processus
IBM DS8880 and IBM Z - Integrated by Design
IBM DS8880 and IBM Z - Integrated by Design
Traitement distribue en BIg Data - KAFKA Broker and Kafka Streams
Traitement distribue en BIg Data - KAFKA Broker and Kafka Streams
Cybersécurité & protection des données personnelles
Cybersécurité & protection des données personnelles
Etude et mise en place d'une solution d'administration et de supervision Open...
Etude et mise en place d'une solution d'administration et de supervision Open...
Maintenance du système Linux
Maintenance du système Linux
Sécurité de l'IoT | Internet des objets - Formation d'une journée
Sécurité de l'IoT | Internet des objets - Formation d'une journée
QCM Sécurité Informatique
QCM Sécurité Informatique
IBM FlashSystems A9000/R presentation
IBM FlashSystems A9000/R presentation
Microsoft Active Directory.pptx
Microsoft Active Directory.pptx
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
Comprendre les technologies LPWA (SIGFOX et LoRa)
Comprendre les technologies LPWA (SIGFOX et LoRa)
Linux et les systèmes embarqués
Linux et les systèmes embarqués
Cours bases de données partie 2 Prof. Khalifa MANSOURI
Cours bases de données partie 2 Prof. Khalifa MANSOURI
Understanding DPDK
Understanding DPDK
Ch_1 - Généralités sur la sécurité informatique.pdf
Ch_1 - Généralités sur la sécurité informatique.pdf
Architecture des Systèmes Logiciels
Architecture des Systèmes Logiciels
Andere mochten auch
Mikrotik router os qos best practice
Mikrotik router os qos best practice
Bassel Kablawi
Technology Overview: Policer Implementation on MX Series, M120, and M320 Routers
Technology Overview: Policer Implementation on MX Series, M120, and M320 Routers
Juniper Networks
OpenWRT Case Study
OpenWRT Case Study
Bob Chao
Class 6
Class 6
mozaharulhoq
Class 4
Class 4
mozaharulhoq
Class 5
Class 5
mozaharulhoq
Class 2
Class 2
mozaharulhoq
Mikrotik basic configuration
Mikrotik basic configuration
Tola LENG
Mikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW Management
gopartheredbuff
Class 3
Class 3
mozaharulhoq
Class 7
Class 7
mozaharulhoq
Class 1
Class 1
mozaharulhoq
MTCWE
MTCWE
Romualdo Simatupang
P3 konfigurasi dasar mikrotik
P3 konfigurasi dasar mikrotik
Karya Gunawan
Mikrotik firewall filter
Mikrotik firewall filter
Achmad Mardiansyah
VLAN on mikrotik
VLAN on mikrotik
Achmad Mardiansyah
Leaky bucket algorithm
Leaky bucket algorithm
Umesh Gupta
MikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port Knocking
Akbar Azwir, MM, PMP, PMI-SP, PSM I, CISSP
Andere mochten auch
(18)
Mikrotik router os qos best practice
Mikrotik router os qos best practice
Technology Overview: Policer Implementation on MX Series, M120, and M320 Routers
Technology Overview: Policer Implementation on MX Series, M120, and M320 Routers
OpenWRT Case Study
OpenWRT Case Study
Class 6
Class 6
Class 4
Class 4
Class 5
Class 5
Class 2
Class 2
Mikrotik basic configuration
Mikrotik basic configuration
Mikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW Management
Class 3
Class 3
Class 7
Class 7
Class 1
Class 1
MTCWE
MTCWE
P3 konfigurasi dasar mikrotik
P3 konfigurasi dasar mikrotik
Mikrotik firewall filter
Mikrotik firewall filter
VLAN on mikrotik
VLAN on mikrotik
Leaky bucket algorithm
Leaky bucket algorithm
MikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port Knocking
Ähnlich wie Qo s of service with winbox
Lets talk about QoS by Megis.pdf
Lets talk about QoS by Megis.pdf
ssusere31f1c
Cdot Max ng architecture working models
Cdot Max ng architecture working models
RahmanScholar
Mikrotik load balansing
Mikrotik load balansing
Кирилл Кекер
ETE405-lec9.ppt
ETE405-lec9.ppt
mashiur
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
ssusercbaa33
ETE405-lec9.pdf
ETE405-lec9.pdf
mashiur
cisco-cbs350-48p-4x-datasheet.pdf
cisco-cbs350-48p-4x-datasheet.pdf
Hi-Network.com
cisco-cbs350-24fp-4x-datasheet.pdf
cisco-cbs350-24fp-4x-datasheet.pdf
Hi-Network.com
cisco-cbs350-48t-4x-datasheet.pdf
cisco-cbs350-48t-4x-datasheet.pdf
Hi-Network.com
OptiQNet-842-DM-v0.4-for-852
OptiQNet-842-DM-v0.4-for-852
Yi-Neng Lin
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPN
Cisco Canada
Webinar: Comunicação TCP/IP segura
Webinar: Comunicação TCP/IP segura
Embarcados
Improving Network Efficiency with Simplemux
Improving Network Efficiency with Simplemux
Jose Saldana
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
abdenour boussioud
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
PROIDEA
cisco-n3k-c31108pc-v-datasheet.pdf
cisco-n3k-c31108pc-v-datasheet.pdf
Hi-Network.com
cisco-cbs350-24p-4g-datasheet.pdf
cisco-cbs350-24p-4g-datasheet.pdf
Hi-Network.com
PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...
PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...
PROIDEA
cisco-cbs350-24t-4x-datasheet.pdf
cisco-cbs350-24t-4x-datasheet.pdf
Hi-Network.com
cisco-cbs350-24fp-4g-datasheet.pdf
cisco-cbs350-24fp-4g-datasheet.pdf
Hi-Network.com
Ähnlich wie Qo s of service with winbox
(20)
Lets talk about QoS by Megis.pdf
Lets talk about QoS by Megis.pdf
Cdot Max ng architecture working models
Cdot Max ng architecture working models
Mikrotik load balansing
Mikrotik load balansing
ETE405-lec9.ppt
ETE405-lec9.ppt
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
ETE405-lec9.pdf
ETE405-lec9.pdf
cisco-cbs350-48p-4x-datasheet.pdf
cisco-cbs350-48p-4x-datasheet.pdf
cisco-cbs350-24fp-4x-datasheet.pdf
cisco-cbs350-24fp-4x-datasheet.pdf
cisco-cbs350-48t-4x-datasheet.pdf
cisco-cbs350-48t-4x-datasheet.pdf
OptiQNet-842-DM-v0.4-for-852
OptiQNet-842-DM-v0.4-for-852
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPN
Webinar: Comunicação TCP/IP segura
Webinar: Comunicação TCP/IP segura
Improving Network Efficiency with Simplemux
Improving Network Efficiency with Simplemux
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
Krzysztof Mazepa - Netflow/cflow - ulubionym narzędziem operatorów SP
cisco-n3k-c31108pc-v-datasheet.pdf
cisco-n3k-c31108pc-v-datasheet.pdf
cisco-cbs350-24p-4g-datasheet.pdf
cisco-cbs350-24p-4g-datasheet.pdf
PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...
PLNOG 13: Krzysztof Konkowski: Cisco Access Architectures: GPON, Ethernet, Ac...
cisco-cbs350-24t-4x-datasheet.pdf
cisco-cbs350-24t-4x-datasheet.pdf
cisco-cbs350-24fp-4g-datasheet.pdf
cisco-cbs350-24fp-4g-datasheet.pdf
Kürzlich hochgeladen
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Pixlogix Infotech
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Kürzlich hochgeladen
(20)
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Qo s of service with winbox
1.
© MikroTik 2008 MikroTik
RouterOS Workshop QoS Best Practice Prague MUM Czech Republic 2009
2.
© MikroTik 2008
2 Q: Is it possible to prioritize traffic by type for every single client while having strict per-user limitations on the same router? A: Yes! Q: What will I need to achieve that? A: You will need: 1)Packet Flow Diagram 2)HTB (queue tree), 3)Mangle, 4)PCQ, 5)Address List Questions and Answers
3.
© MikroTik 2008
3 Mangle The mangle facility allows you to mark IP packets with special marks. These marks are used by other router facilities like routing and bandwidth management to identify the packets. Additionally, the mangle facility is used to modify some fields in the IP header, like TOS (DSCP) and TTL fields.
4.
© MikroTik 2008
4 Hierarchical Token Bucket All bandwidth management implementation in RouterOS is based on Hierarchical Token Bucket (HTB) HTB allows you to create hierarchical queue structure and determine relations between queues RouterOS supports 3 virtual HTBs (global-in, global-total, global-out) and one more just before every output interface
5.
© MikroTik 2008
5 QoS Packet Flow This diagram is created from RouterOS Packet Flow diagram. http://wiki.mikrotik.com/wiki/Packet_Flow
6.
© MikroTik 2008
6 Double QoS It is possible to mark and shape traffic twice in the same router: Mangle chain Prerouting – for first marking Global-in HTB – for first shaping Mangle chain Forward or Postrouting for second marking Global-out or Out-interface HTB for second marking Double QoS is only possible with Queue Tree
7.
© MikroTik 2008
7 Why not Simple Queues? Simple queues are ordered - similar to firewall rules In order to get to 999th queue packet will have to be checked for match to all 998 previous queues Each simple queue might stand for 3 separate queues: One in Global-in (“direct” part) One in Global-out (“reverse” part) One in Global-total (“total” part)
8.
© MikroTik 2008
8 Simple Queues and Mangle
9.
© MikroTik 2008
9 Queue Tree Tree queue is one directional only and can be placed in any of the available HTBs Queue Tree queues don't have any order – all traffic is processed simultaneously All child queues must have packet marks from “/ip firewall mangle” facility assigned to them If placed in the same HTB, Simple queue will take all the traffic away from the Queue Tree queue
10.
© MikroTik 2008
10 Global-Out or Interface HTB? There are two fundamental differences In case of SRC-NAT (masquerade) Global-Out will be aware of private client addresses, but Interface HTB will not – Interface HTB is after SRC-NAT Each Interface HTB only receives traffic that will be leaving through a particular interface – there is no need for to separate upload and download in mangle
11.
© MikroTik 2008
11 Conclusions We will use mangle and queue tree: Mark traffic by traffic type in mangle chain Prerouting Prioritize and limit traffic by type in Global-in HTB Re-Mark traffic by clients in mangle chain Forward Limit traffic per client in Interface HTB It is necessary to keep the amount of mangle rules and queues to a minimum to increase the performance of this configuration.
12.
© MikroTik 2008
12 Client Limitation ~40 Mbps T3/E3 line ● You have more than 400 clients and 3 different connection types: ● Business (4Mbps/1Mbps) connection ● Standard (750kbps/250kbps) connection ● Basic (375kbps/125kbps) connection
13.
© MikroTik 2008
13 PCQ Per Connection Queue is a queue type capable of dividing traffic into sub-streams based on selected classifiers Each sub-stream will then go through FIFO queue with queue size specified by “pcq-limit” option and maximal rate specified by “pcq-rate” option
14.
© MikroTik 2008
14
15.
© MikroTik 2008
15 PCQ Part 2 In order to ensure that each PCQ sub-stream represents one particular client we need to create 2 different PCQ types: PCQ_upload – source address as classifier PCQ_download - destination address as classifier PCQ will distribute available traffic equally between sub-queues until the pcq-rate is reached (if it is specified)
16.
© MikroTik 2008
16
17.
© MikroTik 2008
17
18.
© MikroTik 2008
18 PCQ Types – Winbox View
19.
© MikroTik 2008
19 Address Lists Address lists was introduced to assign multiple IP addresses/ranges to the same firewall rule, in this way reducing the total number of firewall rules and increasing router performance Address lists can be created: Manually Automatically from PPP profile – just specify address-list option and as soon as the client connects it will be added to the proper address list Automatically from RADIUS – attribute “Mikrotik:19”
20.
© MikroTik 2008
20 Address Lists
21.
© MikroTik 2008
21 Where?
22.
© MikroTik 2008
22 Packet Marking Use “connection-mark” action to classify all connections based on client address list Use “packet-mark” action to classify all traffic based on connection marks Questions to think about: What speed should be available for Business client if downloading from basic client? Do you still have unmarked traffic?
23.
© MikroTik 2008
23 Connection-mark rule
24.
© MikroTik 2008
24 Packet-mark rule
25.
© MikroTik 2008
25 Working Mangle- Winbox view
26.
© MikroTik 2008
26 Working Mangle- Export view
27.
© MikroTik 2008
27 Queue Tree – Winbox View
28.
© MikroTik 2008
28 Queue Tree – Export View
29.
© MikroTik 2008
29 PCQ Queue Size Total_limit = X can take up to X*(2000 bytes + 200 bytes) of RAM 2000 bytes – buffer for 1 packet 200 bytes – service data for 1 packet total_limit = 2000 =< 4,2MB RAM total_limit = 5000 =< 10,5MB RAM It can take only 40 users to fill the queue (because total_limit/limit = 2000/50 = 40) It is necessary to increase “total_limit” and/or decrease the “limit” value There should be at least 10-20 packet places in queue available per user
30.
© MikroTik 2008
30 Queue Size
31.
© MikroTik 2008
31 PCQ Adjustments There are ~340 Basic class clients so: pcq_limit = 40 pcq_total_limit = 7000 ( ~20*340) (~15MB) There are ~40 Standard class clients so: pcq_limit = 30 pcq_total_limit = 1000 ( ~20*40) (~2MB) There are ~20 Business class clients so: pcq_limit = 20 (!!!) pcq_total_limit = 500 ( ~20*20) (~1MB)
32.
© MikroTik 2008
32 Traffic Prioritization Business Class Clients Standard Class Clients Basic Class Clients ~40 Mbps T3/E3 line You have problems with on-line communications (video, audio, VOIP, games) Task: Prioritize the traffic ~5Mbps abroad
33.
© MikroTik 2008
33 Prioritization Plan
34.
© MikroTik 2008
34 Where?
35.
© MikroTik 2008
35 How?
36.
© MikroTik 2008
36 Priorities Create packet marks in the mangle chain “Prerouting” for traffic prioritization in the global- in queue Ensign_services (Priority=1) User_requests (Priority=3) Communication_services (Priority=5) Download_services (Priority=7) P2P_services (Priority=8)
Jetzt herunterladen