Canvis Recents - Cercar:

HomePage

Serveis

Nodes

Propostes

Documentació?

Donacions

Com conectar-me

Instal·lacions

Telefonia

Proxmox?

Wiki

edit SideBar

QoS2 /

QoS2

Aquesta és una proposta de millora respecte a l'anterior de QoS .

En aquesta proposta li sumem a les prestacions anteriors la priorització segons el temps de connexió. Això permet detectar descàrregues continuades (megaupload, descàrregues http, etc) i encuar-ho amb menys prioritat que la resta del tràfic. A més ho he posat a la PCQ (Per Client Queue) o sigui que ho sumem al fet de tenir l'ample de banda delimitat per usuari...

Podeu veure més informació d'aquest métode al wiki de Mikrotik:

http://wiki.mikrotik.com/wiki/Manual:Connection_Rate

Moltes gràcies a en Joan Llopard per la info i a en Sebastian Galeano per la seva correcció en les regles de BGP i DNS:

Definició dels objectius de la política de QoS:

-Prioritzar el tràfic segons el servei que s'utilitzi (amb QDISC)

-Garantir un mateix ampla de banda per usuari (amb PCQ)

-Detectar descàrregues continuades i posar-les en una cua amb menys ample de banda i menys prioritat.

Quina política de priorització de tràfic?

Aquest és l'ordre que establim pel diferent tràfic que viatja per l'enrutador. El criteri ha sigut prioritzar el tràfic vital pel bon funcionament de la propia xarxa (enrutaments i resolució de noms) i també la VOIP. A continuació el tràfic generat en el manteniment de la xarxa, després VPNs i per últim el que consumeix més ample de banda: els proxys, el P2P i per últim la resta del tràfic.

1-Interactiu (enrutament dinàmic: OSPF, BGP, EGP i DNS)

2-VOIP (telefonia sobre IP:SIP I IAX2)

3-Manteniment (ssh, telnet i winbox)

4-VPN (PPTP I OPEN VPN)

5-Proxy (bona part del tràfic actual)

6-Bulk (la resta del tràfic)

7-P2P (ftp, p2p i sopa de pedres)

Política de marcatge de paquets (On marquem els paquets)

PCQ --> marca els paquets a Forward i posa a la cua a Global-out Penjarem també de la cua pare Global-out les cues "heavy_trafic" (per les descàrregues continuades)i "other trafic" (per la resta de tràfic)

QDISC --> marca els paquets a Prerouting i posa en cua a Global-in

L'script sencer és provisionalmet aquest:

/ip firewall mangle

add action=mark-packet chain=prerouting comment=ospf disabled=no new-packet-mark=interactive passthrough=no protocol=ospf

add action=mark-packet chain=prerouting comment=bgp disabled=no new-packet-mark=interactive passthrough=no protocol=egp

add action=mark-packet chain=prerouting comment=ping disabled=no new-packet-mark=interactive passthrough=no protocol=icmp

add action=mark-packet chain=prerouting comment=DNS disabled=no new-packet-mark=interactive passthrough=no protocol=udp src-port=53

add action=mark-packet chain=prerouting comment=DNS disabled=no dst-port=53 new-packet-mark=interactive passthrough=no protocol=udp

add action=mark-packet chain=prerouting comment=DNS disabled=no new-packet-mark=interactive passthrough=no protocol=tcp src-port=53

add action=mark-packet chain=prerouting comment=DNS disabled=no dst-port=53 new-packet-mark=interactive passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment="SIP and RTP" disabled=no dscp=46 new-packet-mark=voip passthrough=no

add action=mark-packet chain=prerouting comment="SIP and RTP" connection-type=sip disabled=no new-packet-mark=voip passthrough=no

add action=mark-packet chain=prerouting comment="" disabled=no dscp=26 new-packet-mark=voip passthrough=no

add action=mark-packet chain=prerouting comment="IAX2 entrada" disabled=no dst-port=4569 new-packet-mark=voip passthrough=no protocol=udp

add action=mark-packet chain=prerouting comment="IAX2 sortida" disabled=no new-packet-mark=voip passthrough=no protocol=udp src-port=4569

add action=mark-packet chain=prerouting comment="SSH entrada" disabled=no dst-port=22 new-packet-mark=manteniment passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment="SSH sortida" disabled=no new-packet-mark=manteniment passthrough=no protocol=tcp src-port=22

add action=mark-packet chain=prerouting comment="telnet entrada" disabled=no dst-port=23 new-packet-mark=manteniment passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment="telnet sortida" disabled=no new-packet-mark=manteniment passthrough=no protocol=tcp src-port=23

add action=mark-packet chain=prerouting comment="winbox entrada" disabled=no dst-port=8291 new-packet-mark=manteniment passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment="winbox sortida" disabled=no new-packet-mark=manteniment passthrough=no protocol=tcp src-port=8291

add action=mark-connection chain=forward comment=heavy connection-mark= !heavy_traffic_conn disabled=no new-connection-mark=all_conn passthrough= yes

add action=mark-connection chain=forward comment="" connection-bytes=500000-0 connection-mark=all_conn connection-rate=200k-100M disabled=no new-connection-mark=heavy_traffic_conn passthrough=yes protocol=tcp

add action=mark-connection chain=forward comment="" connection-bytes=500000-0 connection-mark=all_conn connection-rate=200k-100M disabled=no new-connection-mark=heavy_traffic_conn passthrough=yes protocol=udp

add action=mark-packet chain=forward comment="" connection-mark= heavy_traffic_conn disabled=no new-packet-mark=heavy_traffic passthrough= no

add action=mark-packet chain=forward comment="heavy fi" connection-mark= all_conn disabled=no new-packet-mark=other_traffic passthrough=no

add action=mark-packet chain=prerouting comment="Proxy entrada" disabled=no dst-port=3128 new-packet-mark=proxy passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment="Proxy sortida" disabled=no new-packet-mark=proxy passthrough=no protocol=tcp src-port=3128

add action=mark-packet chain=prerouting comment="PPTP entrada" disabled=no dst-port=1723 new-packet-mark=vpn passthrough=no protocol=udp

add action=mark-packet chain=prerouting comment="PPTP sortida" disabled=no new-packet-mark=vpn passthrough=no protocol=udp src-port=1723

add action=mark-packet chain=prerouting comment="PPTP entrada" disabled=no dst-port=1723 new-packet-mark=vpn passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment="PPTP sortida" disabled=no new-packet-mark=vpn passthrough=no protocol=tcp src-port=1723

add action=mark-packet chain=prerouting comment="OPENVPN entrada" disabled=no dst-port=1194 new-packet-mark=vpn passthrough=no protocol=udp

add action=mark-packet chain=prerouting comment="OPENVPN sortida" disabled=no new-packet-mark=vpn passthrough=no protocol=udp src-port=1194

add action=mark-packet chain=prerouting comment="OPENVPN entrada" disabled=no dst-port=1194 new-packet-mark=vpn passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment="OPENVPN sortida" disabled=no new-packet-mark=vpn passthrough=no protocol=tcp src-port=1194

add action=mark-packet chain=prerouting comment=vpn disabled=no new-packet-mark=vpn passthrough=no protocol=gre

add action=mark-packet chain=prerouting comment="BGP TCP entrada" disabled=no dst-port=179 new-packet-mark=interactive passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment="BGP TCP sortida" disabled=no new-packet-mark=interactive passthrough=no protocol=tcp src-port=179

add action=mark-packet chain=prerouting comment=FTP connection-type=ftp disabled=no new-packet-mark=p2p passthrough=no

add action=mark-packet chain=prerouting comment=P2P disabled=no new-packet-mark=p2p p2p=all-p2p passthrough=no

add action=mark-packet chain=prerouting comment=Sopa disabled=no dst-address= 10.140.52.131 dst-port=80 new-packet-mark=p2p passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment=Sopa disabled=no dst-address= 10.139.66.134 dst-port=80 new-packet-mark=p2p passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment=Sopa disabled=no dst-address= 10.140.52.131 dst-port=80 new-packet-mark=p2p passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment=Sopa disabled=no dst-address= 10.139.56.134 dst-port=80 new-packet-mark=p2p passthrough=no protocol=tcp

add action=mark-packet chain=prerouting comment=BULK disabled=no new-packet-mark=bulk packet-mark=!interactive passthrough=no

add action=mark-packet chain=forward comment="" disabled=no new-packet-mark= pcq passthrough=no

QUEUES----------------------------------------------------------------------------------

/queue type

set default kind=pfifo name=default pfifo-limit=50

set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50

set wireless-default kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5

set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10

set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb= 5

add kind=pcq name=pcq_up pcq-classifier=src-address pcq-limit=50 pcq-rate= 8000000 pcq-total-limit=2000

add kind=pcq name=pcq_down pcq-classifier=dst-address pcq-limit=50 pcq-rate= 8000000 pcq-total-limit=2000

set default-small kind=pfifo name=default-small pfifo-limit=10

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=qdisc parent=global-in priority=1

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=20M name=download packet-mark=pcq parent=global-out priority=8

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=6M name=upload packet-mark=pcq parent=global-out priority=8

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=500k max-limit=4M name=interactive packet-mark=interactive parent=qdisc priority=1 queue=wireless-default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=500k max-limit=4M name=voip packet-mark=voip parent=qdisc priority=3 queue= wireless-default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=500k max-limit=4M name=manteniment packet-mark=manteniment parent=qdisc priority=4 queue=wireless-default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1M max-limit=4M name=vpn packet-mark=vpn parent=qdisc priority=5 queue= wireless-default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=2M max-limit=8M name=proxy packet-mark=proxy parent=qdisc priority=6 queue= wireless-default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=8M name=bulk packet-mark=bulk parent=qdisc priority=7 queue= wireless-default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=8M name=p2p packet-mark=p2p parent=qdisc priority=8 queue= wireless-default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=2M max-limit=20M name=other_download packet-mark=other_traffic parent= download priority=1 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=2M max-limit=6M name=heavy_download packet-mark=heavy_traffic parent= download priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=2M max-limit=10M name=other_upload packet-mark=other_traffic parent=upload priority=1 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=2M max-limit=4M name=heavy_upload packet-mark=heavy_traffic parent=upload priority=8 queue=default

/queue interface

set ether1 queue=ethernet-default

set ether2 queue=ethernet-default

set wlan2 queue=wireless-default

set wlan1 queue=wireless-default

set ether3 queue=ethernet-default

set wLan/Lan queue=default

set wlan4 queue=wireless-default

set wlan3 queue=wireless-default

Edita - Història - Imprimir - Canvis Recents - Cercar
Darrera modificació de la pàgina el 10 de d'abril del 2011 a les 13h25