This is a short reference for how to control bandwidth for different IP blocks.
Here,
192.168.1.0/24 is given 2mbps and
192.168.2.0/24 is given 4mbps bandwidth
I have set the Youtube IPs as Local, alternatively you can use Layer-7 for Youtube streaming.
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address-list=Local new-connection-mark=youtube_2mbps passthrough=no src-address=192.168.1.0/24
add action=mark-packet chain=postrouting connection-mark=youtube_2mbps new-packet-mark=youtube_2mbps passthrough=no
add action=mark-connection chain=prerouting dst-address-list=Local new-connection-mark=youtube_4mbps passthrough=no src-address=192.168.2.0/24
add action=mark-packet chain=postrouting connection-mark=youtube_4mbps new-packet-mark=youtube_4mbps passthrough=no
/queue type
add kind=pcq name=youtube_2mbps pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-rate=2M pcq-src-address6-mask=64
add kind=pcq name=youtube_4mbps pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-rate=4M pcq-src-address6-mask=64
/queue tree
add name=youtube_2mbps packet-mark=youtube_2mbps parent=global-out queue=youtube_2mbps
add name=youtube_4mbps packet-mark=youtube_4mbps parent=global-out queue=youtube_4mbps
Saturday, January 2, 2016
Tuesday, August 5, 2014
Mikrotik Webproxy and Unlimited speed for cache contents
This is my configuration for Mikrotik Webproxy and Unlimited Speed for cache contents to the clients.
/ip proxy
set always-from-cache=yes cache-administrator="ACE Network Pvt. Ltd." \
cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=5242880KiB \
max-client-connections=1000 max-fresh-time=3d max-server-connections=1000 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=9090 serialize-connections=\
no src-address=0.0.0.0
/ip firewall mangle
add action=mark-packet chain=output comment=Cache disabled=no dscp=4 \
new-packet-mark=cache-hits passthrough=no
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="proxy cache" packet-mark=\
cache-hits parent=global-out priority=8 queue=default
/ip proxy
set always-from-cache=yes cache-administrator="ACE Network Pvt. Ltd." \
cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=5242880KiB \
max-client-connections=1000 max-fresh-time=3d max-server-connections=1000 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=9090 serialize-connections=\
no src-address=0.0.0.0
/ip firewall mangle
add action=mark-packet chain=output comment=Cache disabled=no dscp=4 \
new-packet-mark=cache-hits passthrough=no
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="proxy cache" packet-mark=\
cache-hits parent=global-out priority=8 queue=default
Monday, August 4, 2014
Youtube Limit/Full Access Mikrotik
/ip firewall layer7-protocol
add name=streaming regexp=videoplayback|video
/ip firewall mangle
add action=mark-connection chain=prerouting comment="Youtube_ Client" \
disabled=no layer7-protocol=streaming new-connection-mark=youtube \
passthrough=no src-address-list=256kbps+
add action=mark-packet chain=output connection-mark=youtube disabled=no \
new-packet-mark=youtube passthrough=no protocol=tcp
/queue type
add kind=pcq name=PCQ_Upload pcq-burst-rate=0 pcq-burst-threshold=0 \
pcq-burst-time=10s pcq-classifier=src-address pcq-dst-address-mask=32 \
pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=1024k \
pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000
I have set 1024kbps for Youtube, for limitation set 1024k to 1k or so.
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=Youtube_Up packet-mark=youtube parent=global-out \
priority=8 queue=PCQ_Upload
Mikrotik Dual WAN PCC with Hotspot and Webproxy (PPPoE Client)
Hello all,
This is my configuration for Mikrotik Dual WAN PCC with hotspot and Webproxy. It may be helpful for someone.
/interface pppoe-client
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \
dial-on-demand=no disabled=no interface=WLINK-B max-mru=1480 max-mtu=1480 \
mrru=disabled name=WLINK password=yourpassword profile=default service-name=\
"" use-peer-dns=no user=youruser
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \
dial-on-demand=no disabled=no interface=TMN-B max-mru=1480 max-mtu=1480 \
mrru=disabled name=TMN password=yourpassword profile=default service-name="" \
use-peer-dns=no user=youruser
/interface pppoe-server server
add authentication=pap,chap,mschap1,mschap2 default-profile=PPPoE disabled=no \
interface=LAN keepalive-timeout=60 max-mru=1480 max-mtu=1480 \
max-sessions=0 mrru=disabled one-session-per-host=yes service-name=\
"your service"
/ip route
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
WLINK routing-mark=to_WLINK scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
TMN routing-mark=to_TMN scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=WLINK scope=30 \
target-scope=10
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
TMN scope=30 target-scope=10
/ip firewall nat
add action=redirect chain=dstnat disabled=no dst-address=!10.55.15.1 \
dst-address-type=!local dst-port=80 hotspot=auth in-interface=LAN \
protocol=tcp src-address-list=LAN to-ports=9090
add action=redirect chain=dstnat disabled=no dst-address=!10.55.15.1 \
dst-address-type="" dst-port=80 hotspot="" protocol=tcp src-address-list=\
LAN to-ports=9090
add action=accept chain=pre-hotspot disabled=no dst-address-type=!local \
hotspot=auth in-interface=LAN
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no out-interface=WLINK src-address=10.55.0.0/16 to-addresses=\
0.0.0.0
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no out-interface=TMN src-address=10.55.0.0/16 to-addresses=\
0.0.0.0
add action=masquerade chain=srcnat comment="masquerade ppp network" disabled=\
no out-interface=WLINK src-address=45.19.0.0/16 to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="masquerade ppp network" disabled=\
no out-interface=TMN src-address=45.19.0.0/16 to-addresses=0.0.0.0
add action=redirect chain=dstnat disabled=no dst-port=53 protocol=udp \
to-ports=53
add action=redirect chain=dstnat disabled=no dst-port=53 protocol=tcp \
to-ports=53
/ip firewall mangle
add action=accept chain=prerouting comment="PCC with Webproxy" disabled=no \
dst-address-list=exempt-from-pcc
add action=accept chain=prerouting disabled=no in-interface=WLINK
add action=accept chain=prerouting disabled=no in-interface=TMN
add action=mark-connection chain=output disabled=no dst-address-type=!local \
hotspot="" new-connection-mark=WLINK passthrough=yes \
per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=output disabled=no dst-address-type=!local \
hotspot="" new-connection-mark=TMN passthrough=yes \
per-connection-classifier=both-addresses:2/1
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
!local hotspot="" new-connection-mark=WLINK passthrough=yes \
per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
!local hotspot="" new-connection-mark=TMN passthrough=yes \
per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=WLINK disabled=no \
new-routing-mark=to_WLINK passthrough=yes src-address-list=LAN
add action=mark-routing chain=prerouting connection-mark=TMN disabled=no \
new-routing-mark=to_TMN passthrough=yes src-address-list=LAN
/ip proxy
set always-from-cache=yes cache-administrator="ACE Network Pvt. Ltd." \
cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=5242880KiB \
max-client-connections=1000 max-fresh-time=3d max-server-connections=1000 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=9090 serialize-connections=\
no src-address=0.0.0.0
This is my configuration for Mikrotik Dual WAN PCC with hotspot and Webproxy. It may be helpful for someone.
/interface pppoe-client
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \
dial-on-demand=no disabled=no interface=WLINK-B max-mru=1480 max-mtu=1480 \
mrru=disabled name=WLINK password=yourpassword profile=default service-name=\
"" use-peer-dns=no user=youruser
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \
dial-on-demand=no disabled=no interface=TMN-B max-mru=1480 max-mtu=1480 \
mrru=disabled name=TMN password=yourpassword profile=default service-name="" \
use-peer-dns=no user=youruser
/interface pppoe-server server
add authentication=pap,chap,mschap1,mschap2 default-profile=PPPoE disabled=no \
interface=LAN keepalive-timeout=60 max-mru=1480 max-mtu=1480 \
max-sessions=0 mrru=disabled one-session-per-host=yes service-name=\
"your service"
/ip route
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
WLINK routing-mark=to_WLINK scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
TMN routing-mark=to_TMN scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=WLINK scope=30 \
target-scope=10
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
TMN scope=30 target-scope=10
/ip firewall nat
add action=redirect chain=dstnat disabled=no dst-address=!10.55.15.1 \
dst-address-type=!local dst-port=80 hotspot=auth in-interface=LAN \
protocol=tcp src-address-list=LAN to-ports=9090
add action=redirect chain=dstnat disabled=no dst-address=!10.55.15.1 \
dst-address-type="" dst-port=80 hotspot="" protocol=tcp src-address-list=\
LAN to-ports=9090
add action=accept chain=pre-hotspot disabled=no dst-address-type=!local \
hotspot=auth in-interface=LAN
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no out-interface=WLINK src-address=10.55.0.0/16 to-addresses=\
0.0.0.0
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no out-interface=TMN src-address=10.55.0.0/16 to-addresses=\
0.0.0.0
add action=masquerade chain=srcnat comment="masquerade ppp network" disabled=\
no out-interface=WLINK src-address=45.19.0.0/16 to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="masquerade ppp network" disabled=\
no out-interface=TMN src-address=45.19.0.0/16 to-addresses=0.0.0.0
add action=redirect chain=dstnat disabled=no dst-port=53 protocol=udp \
to-ports=53
add action=redirect chain=dstnat disabled=no dst-port=53 protocol=tcp \
to-ports=53
/ip firewall mangle
add action=accept chain=prerouting comment="PCC with Webproxy" disabled=no \
dst-address-list=exempt-from-pcc
add action=accept chain=prerouting disabled=no in-interface=WLINK
add action=accept chain=prerouting disabled=no in-interface=TMN
add action=mark-connection chain=output disabled=no dst-address-type=!local \
hotspot="" new-connection-mark=WLINK passthrough=yes \
per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=output disabled=no dst-address-type=!local \
hotspot="" new-connection-mark=TMN passthrough=yes \
per-connection-classifier=both-addresses:2/1
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
!local hotspot="" new-connection-mark=WLINK passthrough=yes \
per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
!local hotspot="" new-connection-mark=TMN passthrough=yes \
per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=WLINK disabled=no \
new-routing-mark=to_WLINK passthrough=yes src-address-list=LAN
add action=mark-routing chain=prerouting connection-mark=TMN disabled=no \
new-routing-mark=to_TMN passthrough=yes src-address-list=LAN
/ip proxy
set always-from-cache=yes cache-administrator="ACE Network Pvt. Ltd." \
cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=5242880KiB \
max-client-connections=1000 max-fresh-time=3d max-server-connections=1000 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=9090 serialize-connections=\
no src-address=0.0.0.0
Subscribe to:
Posts (Atom)