Mikrotik:QOS

From My notepad
Jump to: navigation, search

This is a basic tree which separates voice and data traffic. The entire connection is limited to 95% of the bandwidth. The data portion is limited to 75% of the bandwidth. This is not a perfected queue. Use it as a starter.

Interfaces:
   ether5 - WAN/Outbound
   ether1 - LAN/Inbound

Bandwidth:
   Downstream - 1544k
   Upstream - 1544k

/ ip firewall mangle 
add chain=forward action=jump jump-target=markpackets comment="" disabled=no
add chain=prerouting action=jump jump-target=markpackets comment="" \
    disabled=no
add chain=markpackets action=mark-packet new-packet-mark=Unclassified \
    passthrough=yes comment="Default: Mark all packets as UNKNOWN" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=VoIP-IAX2 passthrough=no \
    src-port=4569 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=VoIP-IAX2 passthrough=yes \
    dst-port=4569 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=VoIP-SIP passthrough=no \
    src-port=5060 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=VoIP-SIP passthrough=no \
    dst-port=5060 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=VoIP-SIP passthrough=no \
    src-port=5061 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=VoIP-SIP passthrough=no \
    dst-port=5061 protocol=udp comment="" disabled=no 
add chain=markpackets protocol=tcp dst-port=21 action=mark-connection \
    new-connection-mark=FTPCON passthrough=yes comment="ftp" disabled=no 
add chain=markpackets connection-mark=FTPCON action=mark-packet new-packet-mark=Data-FTP \
    passthrough=yes comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-SMTP passthrough=no \
    src-port=25 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-SMTP passthrough=no \
    dst-port=25 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-DNS passthrough=no \
    src-port=53 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-DNS passthrough=no \
    dst-port=53 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-DNS passthrough=no \
    src-port=53 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-DNS passthrough=no \
    dst-port=53 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-HTTP passthrough=no \
    src-port=80 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-HTTP passthrough=no \
    dst-port=80 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-POP3 passthrough=no \
    src-port=110 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-POP3 passthrough=no \
    dst-port=110 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-NNTP passthrough=no \
    src-port=119 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-NNTP passthrough=no \
    dst-port=119 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-HTTPS passthrough=no \
    src-port=443 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-HTTPS passthrough=no \
    dst-port=443 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PRINTER \
    passthrough=no src-port=515 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PRINTER \
    passthrough=no dst-port=515 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PRINTER \
    passthrough=no src-port=515 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PRINTER \
    passthrough=no dst-port=515 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-RSYNC passthrough=no \
    src-port=873 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-RSYNC passthrough=no \
    dst-port=873 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-L2TP passthrough=no \
    src-port=1701 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-L2TP passthrough=no \
    dst-port=1701 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-L2TP passthrough=no \
    src-port=1701 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-L2TP passthrough=no \
    dst-port=1701 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PPTP passthrough=no \
    src-port=1723 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PPTP passthrough=no \
    dst-port=1723 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PPTP passthrough=no \
    src-port=1723 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PPTP passthrough=no \
    dst-port=1723 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PRINTER \
    passthrough=no src-port=9100 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PRINTER \
    passthrough=no dst-port=9100 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PRINTER \
    passthrough=no src-port=9100 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-PRINTER \
    passthrough=no dst-port=9100 protocol=udp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-RDP passthrough=no \
    src-port=3389 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=Data-RDP passthrough=no \
    dst-port=3389 protocol=tcp comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=VoIP-Data passthrough=no \
    dst-address-list=voip-servers comment="" disabled=no 
add chain=markpackets action=mark-packet new-packet-mark=VoIP-Data passthrough=no \
    src-address-list=voip-servers comment="" disabled=no 
add chain=markpackets action=passthrough comment="This rule shows us how many \
    packets are still Unclassified... change the action to log to see what \
    they are" disabled=no 

/ queue type
add name="qos" kind=red red-limit=250 red-min-threshold=10 \
    red-max-threshold=225 red-burst=20 red-avg-packet=1000

/ queue tree
add name="Outbound" parent=ether5 packet-mark="" limit-at=0 queue=qos \
    priority=8 max-limit=1544000 burst-limit=0 burst-threshold=0 burst-time=0s \
    disabled=no
add name="Inbound" parent=ether1 packet-mark="" limit-at=0 queue=qos \
    priority=8 max-limit=1544000 burst-limit=0 burst-threshold=0 burst-time=0s \
    disabled=no
add name="VoIP-Outbound" parent=Outbound packet-mark="" limit-at=0 \
    queue=qos priority=1 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="VoIP-Inbound" parent=Inbound packet-mark="" limit-at=0 queue=qos \
    priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
    disabled=no
add name="Other-Inbound" parent=Inbound packet-mark="" limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Other-Outbound" parent=Outbound packet-mark="" limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-Unclassified" parent=Other-Outbound packet-mark=Unclassified \
    limit-at=0 queue=qos priority=8 max-limit=0 burst-limit=0 \
    burst-threshold=0 burst-time=0s disabled=no
add name="In-Unclassified" parent=Other-Inbound packet-mark=Unclassified \
    limit-at=0 queue=qos priority=8 max-limit=0 burst-limit=0 \
    burst-threshold=0 burst-time=0s disabled=no
add name="Out-VoIPData" parent=VoIP-Outbound packet-mark=VoIP-Data limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-VoIPData" parent=VoIP-Inbound packet-mark=VoIP-Data limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-HTTP" parent=Other-Inbound packet-mark=Data-HTTP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-SMTP" parent=Other-Inbound packet-mark=Data-SMTP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-HTTP" parent=Other-Outbound packet-mark=Data-HTTP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-SMTP" parent=Other-Outbound packet-mark=Data-SMTP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-DNS" parent=Other-Inbound packet-mark=Data-DNS limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-DNS" parent=Other-Outbound packet-mark=Data-DNS limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-RDP" parent=Other-Inbound packet-mark=Data-RDP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-RDP" parent=Other-Outbound packet-mark=Data-RDP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-FTP" parent=Other-Inbound packet-mark=Data-FTP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-FTP" parent=Other-Outbound packet-mark=Data-FTP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-HTTPS" parent=Other-Inbound packet-mark=Data-HTTPS limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-HTTPS" parent=Other-Outbound packet-mark=Data-HTTPS limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-POP3" parent=Other-Inbound packet-mark=Data-POP3 limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-POP3" parent=Other-Outbound packet-mark=Data-POP3 limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-NNTP" parent=Other-Inbound packet-mark=Data-NNTP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-NNTP" parent=Other-Outbound packet-mark=Data-NNTP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-RSYNC" parent=Other-Inbound packet-mark=Data-RSYNC limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-RSYNC" parent=Other-Outbound packet-mark=Data-RSYNC limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-VoIP-SIP" parent=VoIP-Inbound packet-mark=VoIP-SIP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-VoIP-SIP" parent=VoIP-Outbound packet-mark=VoIP-SIP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-VoIP-IAX2" parent=VoIP-Inbound packet-mark=VoIP-IAX2 limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-VoIP-IAX2" parent=VoIP-Outbound packet-mark=VoIP-IAX2 limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-PPTP" parent=Other-Inbound packet-mark=Data-PPTP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-PPTP" parent=Other-Outbound packet-mark=Data-PPTP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-L2TP" parent=Other-Inbound packet-mark=Data-L2TP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-L2TP" parent=Other-Outbound packet-mark=Data-L2TP limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="In-PRINTER" parent=Other-Inbound packet-mark=Data-PRINTER limit-at=0 \
    queue=qos priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
add name="Out-PRINTER" parent=Other-Outbound packet-mark=Data-PRINTER \
    limit-at=0 queue=qos priority=8 max-limit=0 burst-limit=0 \
    burst-threshold=0 burst-time=0s disabled=no
Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox