MikroTik RouterOS (часть 3) - [122] :: В помощь системному администратору

BigElectricCat
Сам этого не заметил изначально. Вот переделал все по подсказке от Chupaka

[admin@inet_radius] > ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; mark-conn-down
chain=forward action=mark-connection new-connection-mark=mark-conn passthrough=yes dst-address-list=Clients

1 ;;; mark-icmp-down
chain=forward action=mark-packet new-packet-mark=mark-icmp-down passthrough=no protocol=icmp
in-interface=pppoe-out1 connection-mark=mark-conn

2 ;;; mark-icmp-up
chain=forward action=mark-packet new-packet-mark=mark-icmp-up passthrough=no protocol=icmp
out-interface=pppoe-out1 connection-mark=mark-conn

3 ;;; mark-udp-1513-down
chain=forward action=mark-packet new-packet-mark=mark-udp-1513-down passthrough=no protocol=udp
in-interface=pppoe-out1 src-port=1513 connection-mark=mark-conn

4 ;;; mark-udp-1513-up
chain=forward action=mark-packet new-packet-mark=mark-udp-1513-up passthrough=no protocol=udp
out-interface=pppoe-out1 dst-port=1513 connection-mark=mark-conn

5 ;;; mark-tcp-80-down
chain=forward action=mark-packet new-packet-mark=mark-tcp-80-down passthrough=no protocol=tcp
in-interface=pppoe-out1 src-port=80 connection-mark=mark-conn

6 ;;; mark-tcp-80-up
chain=forward action=mark-packet new-packet-mark=mark-tcp-80-up passthrough=no protocol=tcp
out-interface=pppoe-out1 dst-port=80 connection-mark=mark-conn

7 ;;; mark-tcp-53-down
chain=forward action=mark-packet new-packet-mark=mark-udp-53-down passthrough=no protocol=udp
in-interface=pppoe-out1 src-port=53 connection-mark=mark-conn

8 ;;; mark-udp-53-up
chain=forward action=mark-packet new-packet-mark=mark-udp-53-up passthrough=no protocol=udp
out-interface=pppoe-out1 dst-port=53 connection-mark=mark-conn

9 ;;; mark-tcp-other-down
chain=forward action=mark-packet new-packet-mark=mark-other-down passthrough=no protocol=tcp
in-interface=pppoe-out1 connection-mark=mark-conn

10 ;;; mark-tcp-other-up
chain=forward action=mark-packet new-packet-mark=mark-other-up passthrough=no protocol=tcp
out-interface=pppoe-out1 connection-mark=mark-conn

11 ;;; mark-udp-other-down
chain=forward action=mark-packet new-packet-mark=mark-udp-other-down passthrough=no protocol=udp
in-interface=pppoe-out1 connection-mark=mark-conn

12 ;;; mark-udp-other-up
chain=forward action=mark-packet new-packet-mark=mark-udp-other-up passthrough=no protocol=udp
out-interface=pppoe-out1 connection-mark=mark-conn

[admin@inet_radius] >

И строим цепочку:

[admin@inet_radius] > queue tree print
Flags: X - disabled, I - invalid
0 name="Down" parent=global-out packet-mark="" limit-at=0 queue=pcq-down priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s

1 name="Down-icmp" parent=Down packet-mark=mark-icmp-down limit-at=0 queue=pcq-down priority=1 max-limit=0
burst-limit=0 burst-threshold=0 burst-time=0s

2 name="Down-tcp-other" parent=Down packet-mark=mark-other-down limit-at=0 queue=pcq-down priority=5 max-limit=0
burst-limit=0 burst-threshold=0 burst-time=0s

3 name="Up" parent=global-out packet-mark="" limit-at=0 queue=pcq-up priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s

4 name="Up-icmp" parent=Up packet-mark=mark-icmp-up limit-at=0 queue=pcq-up priority=1 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s

5 name="Up-tcp-other" parent=Up packet-mark=mark-other-up limit-at=0 queue=pcq-up priority=5 max-limit=0
burst-limit=0 burst-threshold=0 burst-time=0s

6 name="Down-udp-other" parent=Down packet-mark=mark-udp-other-down limit-at=0 queue=pcq-down priority=8 max-limit=0
burst-limit=0 burst-threshold=0 burst-time=0s

7 name="Up-udp-other" parent=Up packet-mark=mark-udp-other-up limit-at=0 queue=pcq-up priority=8 max-limit=0
burst-limit=0 burst-threshold=0 burst-time=0s

8 name="Down-udp-1513" parent=Down packet-mark=mark-udp-1513-down limit-at=0 queue=pcq-down priority=2 max-limit=0
burst-limit=0 burst-threshold=0 burst-time=0s

9 name="Up-udp-1513" parent=Up packet-mark=mark-udp-1513-up limit-at=0 queue=pcq-up priority=2 max-limit=0
burst-limit=0 burst-threshold=0 burst-time=0s

10 name="Down-tcp-80" parent=Down packet-mark=mark-tcp-80-down limit-at=0 queue=pcq-down priority=4 max-limit=0
burst-limit=0 burst-threshold=0 burst-time=0s

11 name="Up-tcp-80" parent=Up packet-mark=mark-tcp-80-up limit-at=0 queue=pcq-up priority=4 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s

12 name="Down-udp-53" parent=Down packet-mark=mark-udp-53-down limit-at=0 queue=pcq-down priority=3 max-limit=0
burst-limit=0 burst-threshold=0 burst-time=0s

13 name="Up-udp-53" parent=Up packet-mark=mark-udp-53-up limit-at=0 queue=pcq-up priority=3 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s
[admin@inet_radius] >

В результате получаем картину еще хуже чем была, icmp пакеты проходят еще с большей задержкой и появляются потери в канале, исходящий канал все 512к у меня, даже если на каждый из типом пакетов выделить max-limit 50k в итоге получиться загрузка 250к, тогда видим более менее стабильную передачу icmp.
Задача сделать динамическое распределение исходящего канала с выделение для icmp 16k и приоритетом трафика

Модерирует : lynx, Crash_Master, dg, emx, ShriEkeR
ShriEkeR (05-01-2012 00:59):	Версия для печати • Подписаться • Добавить в закладки
Страницы: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147