Difference between revisions of "QoS"
From CTWUG Wiki
| Line 4: | Line 4: | ||
<code> | <code> | ||
/ip firewall mangle | /ip firewall mangle | ||
| − | add action=change-dscp chain=prerouting comment="Mark all traffic by default to best effort" disabled=no new-dscp=0 | + | add action=change-dscp chain=prerouting comment="Mark all traffic by default to best effort" disabled=no new-dscp=0 |
| − | add action=change-dscp chain=prerouting comment="" disabled=no new-dscp=6 protocol=icmp | + | add action=change-dscp chain=prerouting comment="" disabled=no new-dscp=6 protocol=icmp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no new-dscp=6 protocol=ospf | + | add action=change-dscp chain=prerouting comment="" disabled=no new-dscp=6 protocol=ospf |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=21 new-dscp=0 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=21 new-dscp=0 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no new-dscp=0 p2p=all-p2p | + | add action=change-dscp chain=prerouting comment="" disabled=no new-dscp=0 p2p=all-p2p |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=22 new-dscp=6 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=22 new-dscp=6 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=23 new-dscp=6 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=23 new-dscp=6 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=53 new-dscp=4 protocol=udp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=53 new-dscp=4 protocol=udp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=80 new-dscp=4 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=80 new-dscp=4 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=123 new-dscp=4 protocol=udp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=123 new-dscp=4 protocol=udp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=161 new-dscp=6 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=161 new-dscp=6 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=411 new-dscp=4 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=411 new-dscp=4 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=513 new-dscp=6 protocol=udp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=513 new-dscp=6 protocol=udp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=2222 new-dscp=0 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=2222 new-dscp=0 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=2222 new-dscp=0 protocol=udp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=2222 new-dscp=0 protocol=udp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=3389-3390 new-dscp=4 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=3389-3390 new-dscp=4 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=4321 new-dscp=4 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=4321 new-dscp=4 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=4569 new-dscp=6 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=4569 new-dscp=6 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=4569 new-dscp=6 protocol=udp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=4569 new-dscp=6 protocol=udp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=5060 new-dscp=6 protocol=udp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=5060 new-dscp=6 protocol=udp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=6667 new-dscp=4 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=6667 new-dscp=4 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=6697 new-dscp=4 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=6697 new-dscp=4 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8118 new-dscp=4 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8118 new-dscp=4 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8291 new-dscp=6 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8291 new-dscp=6 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8765 new-dscp=6 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8765 new-dscp=6 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8766 new-dscp=6 protocol=udp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8766 new-dscp=6 protocol=udp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=9000-9004 new-dscp=6 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=9000-9004 new-dscp=6 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=27000-27065 new-dscp=6 protocol=udp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=27000-27065 new-dscp=6 protocol=udp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=27000-27065 new-dscp=6 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=27000-27065 new-dscp=6 protocol=tcp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=28960 new-dscp=4 protocol=udp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=28960 new-dscp=4 protocol=udp |
| − | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=10000-10001 new-dscp=4 protocol=tcp | + | add action=change-dscp chain=prerouting comment="" disabled=no dst-port=10000-10001 new-dscp=4 protocol=tcp |
| − | add action=mark-connection chain=postrouting comment="INTERACTIVE - Change DSCP 4 into connection mark Interactive-Conn" disabled=no dscp=4 \ | + | add action=mark-connection chain=postrouting comment="INTERACTIVE - Change DSCP 4 into connection mark Interactive-Conn" disabled=no dscp=4 \ |
new-connection-mark=Interactive-Conn passthrough=yes | new-connection-mark=Interactive-Conn passthrough=yes | ||
| − | add action=mark-packet chain=postrouting comment="INTERACTIVE - Change connection mark Interactive-Conn into packet mark Interactive" connection-mark=\ | + | add action=mark-packet chain=postrouting comment="INTERACTIVE - Change connection mark Interactive-Conn into packet mark Interactive" connection-mark=\ |
Interactive-Conn disabled=no new-packet-mark=Interactive passthrough=yes | Interactive-Conn disabled=no new-packet-mark=Interactive passthrough=yes | ||
| − | add action=mark-connection chain=postrouting comment="VOIP - Change DSCP 6 into Connection mark Voice-Conn" disabled=no dscp=6 new-connection-mark=Voice-Conn \ | + | add action=mark-connection chain=postrouting comment="VOIP - Change DSCP 6 into Connection mark Voice-Conn" disabled=no dscp=6 new-connection-mark=Voice-Conn \ |
passthrough=yes | passthrough=yes | ||
| − | add action=mark-packet chain=postrouting comment="VOIP - Change connection mark Voice-Conn to packet mark Voice" connection-mark=Voice-Conn disabled=no \ | + | add action=mark-packet chain=postrouting comment="VOIP - Change connection mark Voice-Conn to packet mark Voice" connection-mark=Voice-Conn disabled=no \ |
new-packet-mark=Voice passthrough=yes | new-packet-mark=Voice passthrough=yes | ||
| − | add action=mark-connection chain=postrouting comment="BULK - Change DSCP 0 into connection mark Bulk-Conn" disabled=no dscp=0 new-connection-mark=Bulk-Conn \ | + | add action=mark-connection chain=postrouting comment="BULK - Change DSCP 0 into connection mark Bulk-Conn" disabled=no dscp=0 new-connection-mark=Bulk-Conn \ |
passthrough=yes | passthrough=yes | ||
| − | add action=mark-packet chain=postrouting comment="BULK - Change connection mark Bulk-Conn into packet mark Bulk" connection-mark=Bulk-Conn disabled=no \ | + | add action=mark-packet chain=postrouting comment="BULK - Change connection mark Bulk-Conn into packet mark Bulk" connection-mark=Bulk-Conn disabled=no \ |
new-packet-mark=Bulk passthrough=yes | new-packet-mark=Bulk passthrough=yes | ||
| − | add action=passthrough chain=postrouting comment="" disabled=no dscp=4 ipv4-options=any | + | add action=passthrough chain=postrouting comment="" disabled=no dscp=4 ipv4-options=any |
| − | add action=set-priority chain=postrouting comment="" disabled=no new-priority=from-dscp passthrough=yes | + | add action=set-priority chain=postrouting comment="" disabled=no new-priority=from-dscp passthrough=yes |
</code> | </code> | ||
Revision as of 19:13, 13 November 2008
Quality of Service
Mangle Rules
/ip firewall mangle add action=change-dscp chain=prerouting comment="Mark all traffic by default to best effort" disabled=no new-dscp=0 add action=change-dscp chain=prerouting comment="" disabled=no new-dscp=6 protocol=icmp add action=change-dscp chain=prerouting comment="" disabled=no new-dscp=6 protocol=ospf add action=change-dscp chain=prerouting comment="" disabled=no dst-port=21 new-dscp=0 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no new-dscp=0 p2p=all-p2p add action=change-dscp chain=prerouting comment="" disabled=no dst-port=22 new-dscp=6 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=23 new-dscp=6 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=53 new-dscp=4 protocol=udp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=80 new-dscp=4 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=123 new-dscp=4 protocol=udp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=161 new-dscp=6 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=411 new-dscp=4 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=513 new-dscp=6 protocol=udp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=2222 new-dscp=0 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=2222 new-dscp=0 protocol=udp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=3389-3390 new-dscp=4 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=4321 new-dscp=4 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=4569 new-dscp=6 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=4569 new-dscp=6 protocol=udp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=5060 new-dscp=6 protocol=udp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=6667 new-dscp=4 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=6697 new-dscp=4 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8118 new-dscp=4 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8291 new-dscp=6 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8765 new-dscp=6 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=8766 new-dscp=6 protocol=udp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=9000-9004 new-dscp=6 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=27000-27065 new-dscp=6 protocol=udp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=27000-27065 new-dscp=6 protocol=tcp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=28960 new-dscp=4 protocol=udp add action=change-dscp chain=prerouting comment="" disabled=no dst-port=10000-10001 new-dscp=4 protocol=tcp add action=mark-connection chain=postrouting comment="INTERACTIVE - Change DSCP 4 into connection mark Interactive-Conn" disabled=no dscp=4 \ new-connection-mark=Interactive-Conn passthrough=yes add action=mark-packet chain=postrouting comment="INTERACTIVE - Change connection mark Interactive-Conn into packet mark Interactive" connection-mark=\ Interactive-Conn disabled=no new-packet-mark=Interactive passthrough=yes add action=mark-connection chain=postrouting comment="VOIP - Change DSCP 6 into Connection mark Voice-Conn" disabled=no dscp=6 new-connection-mark=Voice-Conn \ passthrough=yes add action=mark-packet chain=postrouting comment="VOIP - Change connection mark Voice-Conn to packet mark Voice" connection-mark=Voice-Conn disabled=no \ new-packet-mark=Voice passthrough=yes add action=mark-connection chain=postrouting comment="BULK - Change DSCP 0 into connection mark Bulk-Conn" disabled=no dscp=0 new-connection-mark=Bulk-Conn \ passthrough=yes add action=mark-packet chain=postrouting comment="BULK - Change connection mark Bulk-Conn into packet mark Bulk" connection-mark=Bulk-Conn disabled=no \ new-packet-mark=Bulk passthrough=yes add action=passthrough chain=postrouting comment="" disabled=no dscp=4 ipv4-options=any add action=set-priority chain=postrouting comment="" disabled=no new-priority=from-dscp passthrough=yes
