Memanipulasi ToS ICMP & DNS di MikroTik
Tujuan :
- Memperkecil delay ping dari sisi klien ke arah Internet.
- Mempercepat resolving hostname ke ip address.
Asumsi : Klien-klien berada pada subnet 10.10.10.0/28
- Memanipulasi Type of Service untuk ICMP Packet :
> ip firewall mangle add chain=prerouting src-address=10.10.10.0/28 protocol=icmp action=mark-connection new-connection-mark=ICMP-CM passthrough=yes
> ip firewall mangle add chain=prerouting connection-mark=ICMP-CM action=mark-packet new-packet-mark=ICMP-PM passthrough=yes
> ip firewall mangle add chain=prerouting packet-mark=ICMP-PM action=change-tos new-tos=min-delay - Memanipulasi Type of Service untuk DNS Resolving :
> ip firewall mangle add chain=prerouting src-address=10.10.10.0/28 protocol=tcp dst-port=53 action=mark-connection new-connection-mark=DNS-CM passthrough=yes
> ip firewall mangle add chain=prerouting src-address=10.10.10.0/28 protocol=udp dst-port=53 action=mark-connection new-connection-mark=DNS-CM passthrough=yes
> ip firewall mangle add chain=prerouting connection-mark=DNS-CM action=mark-packet new-packet-mark=DNS-PM passthrough=yes
> ip firewall mangle add chain=prerouting packet-mark=DNS-PM action=change-tos new-tos=min-delay - Menambahkan Queue Type :
> queue type add name=”PFIFO-64″ kind=pfifo pfifo-limit=64 - Mengalokasikan Bandwidth untuk ICMP Packet :
> queue tree add name=ICMP parent=INTERNET packet-mark=ICMP-PM priority=1 limit-at=8000 max-limit=16000 queue=PFIFO-64 - Mengalokasikan Bandwidth untuk DNS Resolving :
> queue tree add name=DNS parent=INTERNET packet-mark=DNS-PM priority=1 limit-at=8000 max-limit=16000 queue=PFIFO-64 - Good Luck!!
Queue Tree with more than two interfaces
Basic Setup
This page will tak about how to make QUEUE TREE in RouterOS that with Masquerading for more than two interfaces. It’s for sharing internet connection among users on each interfacess. In manual this possibility isn’t writted.
First, let’s set the basic setting first. I’m using a machine with 3 or more network interfaces:
[admin@instaler] > in pr
# NAME TYPE RX-RATE TX-RATE MTU
0 R public ether 0 0 1500
1 R wifi1 wlan 0 0 1500
2 R wifi2 wlan 0 0 1500
3 R wifi3 wlan 0 0 1500
And this is the IP Addresses for each interface:
[admin@instaler] > ip ad pr
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.20.1.0/24 10.20.1.0 10.20.1.255 public
1 10.10.2.0/24 10.10.2.0 10.10.2.255 wifi1
2 10.10.3.0/24 10.10.3.0 10.10.3.255 wifi2
3 10.10.4.0/24 10.10.4.0 10.10.4.255 wifi3
On the public you can add NAT or proxy if you want.
And now is the most important part in this case.
We need to mark our users. One connectoin for upload and second for download. In this example I add mangle for one user. At the end I add mangle for local transmission because I don’t QoS local trafic emong users. But for user I need to separate upload and download.
[admin@instaler] ip firewall mangle> print
Flags: X - disabled, I - invalid, D - dynamic
disabled=no
0 chain=forward dst-address=10.10.2.36 action=mark-connection
new-connection-mark=users-userU passthrough=yes comment=”” disabled=no
1 chain=forward dst-address=10.10.2.36 action=mark-connection
new-connection-mark=users-userD passthrough=yes comment=”” disabled=no
2 chain=forward connection-mark=users-userU action=mark-packet
new-packet-mark=userU passthrough=yes comment=”” disabled=no
3 chain=forward connection-mark=users-userD action=mark-packet
new-packet-mark=userD passthrough=yes comment=”” disabled=no
98 chain=forward src-address=10.10.0.0/16 dst-address=10.10.0.0/16
action=mark-connection new-connection-mark=users-lokal passthrough=yes
99 chain=forward connection-mark=users-lokal action=mark-packet
new-packet-mark=lokalTrafic passthrough=yes
And now, the queue tree setting. We need one rule for downlink and one rule for uplink. Be careful when choosing the parent. for downlink traffic, we use parent “global-out”, because we have two or more downloading interfaces. And for uplink, we are using parent “public”, we want QoS uplink traffic. (I’m using pcq-up and download from manual) This example is for 2Mb/1Mb
[admin@instaler] > queue tree pr
Flags: X - disabled, I - invalid
0 name=”Download” parent=global-out packet-mark=”” limit-at=0
queue=pcq-download priority=1 max-limit=2000000 burst-limit=0
burst-threshold=0 burst-time=0s
1 name=”Upload” parent=WGW packet-mark=”” limit-at=0 queue=pcq-upload
priority=1 max-limit=1000000 burst-limit=0 burst-threshold=0
burst-time=0s
Now we add our user:
2 name=”user10D” parent=Download packet-mark=userD limit-at=0
queue=pcq-download priority=5 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s
3 name=”user10U” parent=Upload packet-mark=userU limit-at=0
queue=pcq-upload priority=5 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
5 comments:
Forbidden Porn! Extreme video! Secret Glleries!
[url=http://img154.imagevenue.com/img.php?image=th_08601_100_123_156lo.jpg][img]http://img154.imagevenue.com/loc156/th_08601_100_123_156lo.jpg[/img][/url] [url=http://img23.imagevenue.com/img.php?image=th_07183_038_123_197lo.jpg][img]http://img23.imagevenue.com/loc197/th_07183_038_123_197lo.jpg[/img][/url] [url=http://img224.imagevenue.com/img.php?image=th_08589_094_123_646lo.jpg][img]http://img224.imagevenue.com/loc646/th_08589_094_123_646lo.jpg[/img][/url] [url=http://img252.imagevenue.com/img.php?image=th_07171_034_123_380lo.jpg][img]http://img252.imagevenue.com/loc380/th_07171_034_123_380lo.jpg[/img][/url] [url=http://img255.imagevenue.com/img.php?image=th_07123_012_123_426lo.jpg][img]http://img255.imagevenue.com/loc426/th_07123_012_123_426lo.jpg[/img][/url] [url=http://img16.imagevenue.com/img.php?image=th_08585_091_123_47lo.jpg][img]http://img16.imagevenue.com/loc47/th_08585_091_123_47lo.jpg[/img][/url] [url=http://img233.imagevenue.com/img.php?image=th_07150_022_123_107lo.jpg][img]http://img233.imagevenue.com/loc107/th_07150_022_123_107lo.jpg[/img][/url] [url=http://img235.imagevenue.com/img.php?image=th_08635_107_123_98lo.jpg][img]http://img235.imagevenue.com/loc98/th_08635_107_123_98lo.jpg[/img][/url] [url=http://img270.imagevenue.com/img.php?image=th_07349_066_123_46lo.jpg][img]http://img270.imagevenue.com/loc46/th_07349_066_123_46lo.jpg[/img][/url] [url=http://img155.imagevenue.com/img.php?image=th_08568_090_123_250lo.jpg][img]http://img155.imagevenue.com/loc250/th_08568_090_123_250lo.jpg[/img][/url] [url=http://img139.imagevenue.com/img.php?image=th_07117_005_123_1022lo.jpg][img]http://img139.imagevenue.com/loc1022/th_07117_005_123_1022lo.jpg[/img][/url] [url=http://img231.imagevenue.com/img.php?image=th_07321_056_123_362lo.jpg][img]http://img231.imagevenue.com/loc362/th_07321_056_123_362lo.jpg[/img][/url] [url=http://img182.imagevenue.com/img.php?image=th_07358_071_123_548lo.jpg][img]http://img182.imagevenue.com/loc548/th_07358_071_123_548lo.jpg[/img][/url] [url=http://img24.imagevenue.com/img.php?image=th_07296_045_123_248lo.jpg][img]http://img24.imagevenue.com/loc248/th_07296_045_123_248lo.jpg[/img][/url] [url=http://img219.imagevenue.com/img.php?image=th_08566_087_123_1040lo.jpg][img]http://img219.imagevenue.com/loc1040/th_08566_087_123_1040lo.jpg[/img][/url]
Hello everyone!
I would like to burn a theme at this forum. There is such a nicey, called HYIP, or High Yield Investment Program. It reminds of financial piramyde, but in rare cases one may happen to meet a company that really pays up to 2% daily not on invested money, but from real profits.
For several years , I make money with the help of these programs.
I don't have problems with money now, but there are heights that must be conquered . I make 2G daily, and I started with funny 500 bucks.
Right now, I'm very close at catching at last a guaranteed variant to make a sharp rise . Turn to my blog to get additional info.
http://theinvestblog.com Online Investment Blog
In the seventh heaven Reborn Year, everyone! :)
[url=http://sexrolikov.net.ua/tags/giant/]giant[/url] Смотри и дрочи : [url=http://sexrolikov.net.ua/tags/%C0%ED%E0%F2%EE%EB%FC%E5%E2%ED%E0/]Анатольевна[/url] , это все смотри
The belt uses gel pads postioned over the center abdominals and the outdoors obliques.
Here is my web blog: www.H2O-h2o.com
Post a Comment