Associació Guifi.net Sant Feliu de Codines

Configuració de QoS a la xarxa de Sant Feliu

A la xarxa guifi de Sant Feliu tenim definides, als dispositius d’enrutament Mikrotik, una serie de regles de QoS, per tal d’aprofitar al maxim l’ample de banda i poder donar una conexio de qualitat a tots els usuaris.

Marquem i assignem prioritats i velocitats al trafic, seguint el seguent esquema:

Interactive. Prioritat màxima (1), 30M. Tipus de tràfic: ping, TCP ACK, TCP SYN, DNS, VoIP.
Fast. Prioritat 2, 10M. Tipus de tràfic: SSH, Winbox, RDP.
Internet. Prioritat 3, 30M. Tipus de tràfic: Proxy, VPN, tincVPN.
Guifi. Prioritat 4, 40M. Tipus de tràfic: Other (tràfic que no es de cap de les altres categories).
Bulk. Prioritat 7, 10M. Tipus de tràfic: FTP, P2P.

Les regles implementades son aquestes:

/ip firewall mangle
add action=mark-packet chain=postrouting comment="wlan2 - FTP" \
connection-type=ftp new-packet-mark=wlan2-bulk out-interface=wlan2 \
passthrough=no protocol=tcp
add action=mark-packet chain=postrouting comment="wlan4 - FTP" \
connection-type=ftp new-packet-mark=wlan4-bulk out-interface=wlan4 \
passthrough=no protocol=tcp
add action=mark-packet chain=postrouting comment="wlan2 - P2P" \
new-packet-mark=wlan2-bulk out-interface=wlan2 p2p=all-p2p passthrough=no
add action=mark-packet chain=postrouting comment="wlan4 - P2P" \
new-packet-mark=wlan4-bulk out-interface=wlan4 p2p=all-p2p passthrough=no
add action=mark-packet chain=postrouting comment="wlan2 - Proxy" \
new-packet-mark=wlan2-internet out-interface=wlan2 passthrough=no \
protocol=tcp src-port=3128
add action=mark-packet chain=postrouting comment="wlan4 - Proxy" \
new-packet-mark=wlan4-internet out-interface=wlan4 passthrough=no \
protocol=tcp src-port=3128
add action=mark-packet chain=postrouting comment="wlan4 - OpenVPN" \
new-packet-mark=wlan4-internet out-interface=wlan4 passthrough=no \
protocol=tcp src-port=1194-1196
add action=mark-packet chain=postrouting comment="wlan2 - tincVPN" \
new-packet-mark=wlan2-internet out-interface=wlan2 passthrough=no \
protocol=tcp src-port=655
add action=mark-packet chain=postrouting comment="wlan4 - tincVPN" \
new-packet-mark=wlan4-internet out-interface=wlan4 passthrough=no \
protocol=tcp src-port=655
add action=mark-packet chain=postrouting comment="wlan2 - ping" \
new-packet-mark=wlan2-interactive out-interface=wlan2 passthrough=no \
protocol=icmp
add action=mark-packet chain=postrouting comment="wlan4 - ping" \
new-packet-mark=wlan4-interactive out-interface=wlan4 passthrough=no \
protocol=icmp
add action=mark-packet chain=postrouting comment="wlan2 - TCP ACK" \
new-packet-mark=wlan2-interactive out-interface=wlan2 passthrough=no \
protocol=tcp tcp-flags=ack
add action=mark-packet chain=postrouting comment="wlan4 - TCP ACK" \
new-packet-mark=wlan4-interactive out-interface=wlan4 passthrough=no \
protocol=tcp tcp-flags=ack
add action=mark-packet chain=postrouting comment="wlan2 - TCP SYN" \
new-packet-mark=wlan2-interactive out-interface=wlan2 passthrough=no \
protocol=tcp tcp-flags=syn
add action=mark-packet chain=postrouting comment="wlan4 - TCP SYN" \
new-packet-mark=wlan4-interactive out-interface=wlan4 passthrough=no \
protocol=tcp tcp-flags=syn
add action=mark-packet chain=postrouting comment="wlan2 - DNS" \
new-packet-mark=wlan2-interactive out-interface=wlan2 passthrough=no \
protocol=udp src-port=53
add action=mark-packet chain=postrouting comment="wlan4 - DNS" \
new-packet-mark=wlan4-interactive out-interface=wlan4 passthrough=no \
protocol=udp src-port=53
add action=mark-packet chain=postrouting comment="wlan2 - SSH (out)" \
new-packet-mark=wlan2-fast out-interface=wlan2 passthrough=no protocol=\
tcp src-port=22
add action=mark-packet chain=postrouting comment="wlan4 - SSH (out)" \
new-packet-mark=wlan4-fast out-interface=wlan4 passthrough=no protocol=\
tcp src-port=22
add action=mark-packet chain=postrouting comment="wlan2 - SSH (in)" dst-port=\
22 new-packet-mark=wlan2-fast out-interface=wlan2 passthrough=no \
protocol=tcp
add action=mark-packet chain=postrouting comment="wlan4 - SSH (in)" dst-port=\
22 new-packet-mark=wlan4-fast out-interface=wlan4 passthrough=no \
protocol=tcp
add action=mark-packet chain=postrouting comment="wlan2 - WINBOX (out)" \
new-packet-mark=wlan2-fast out-interface=wlan2 passthrough=no protocol=\
tcp src-port=8291
add action=mark-packet chain=postrouting comment="wlan4 - WINBOX (out)" \
new-packet-mark=wlan4-fast out-interface=wlan4 passthrough=no protocol=\
tcp src-port=8291
add action=mark-packet chain=postrouting comment="wlan2 - WINBOX (in)" \
dst-port=8291 new-packet-mark=wlan2-fast out-interface=wlan2 passthrough=\
no protocol=tcp
add action=mark-packet chain=postrouting comment="wlan4 - WINBOX (in)" \
dst-port=8291 new-packet-mark=wlan4-fast out-interface=wlan4 passthrough=\
no protocol=tcp
add action=mark-packet chain=postrouting comment="wlan2 - RDP (in)" dst-port=\
3389 new-packet-mark=wlan2-fast out-interface=wlan2 passthrough=no \
protocol=tcp
add action=mark-packet chain=postrouting comment="wlan4 - RDP (in)" dst-port=\
3389 new-packet-mark=wlan4-fast out-interface=wlan4 passthrough=no \
protocol=tcp
add action=mark-packet chain=postrouting comment="wlan2 - VoIP (in)" \
dst-port=5060 new-packet-mark=wlan2-interactive out-interface=wlan2 \
passthrough=no protocol=udp
add action=mark-packet chain=postrouting comment="wlan4 - VoIP (in)" \
dst-port=5060 new-packet-mark=wlan4-interactive out-interface=wlan4 \
passthrough=no protocol=udp
add action=mark-packet chain=postrouting comment="wlan2 - VoIP (out)" \
new-packet-mark=wlan2-interactive out-interface=wlan2 passthrough=no \
protocol=udp src-port=5060
add action=mark-packet chain=postrouting comment="wlan4 - VoIP (out)" \
new-packet-mark=wlan4-interactive out-interface=wlan4 passthrough=no \
protocol=udp src-port=5060
add action=mark-packet chain=postrouting comment="wlan2 - RDP (out)" \
new-packet-mark=wlan2-fast out-interface=wlan2 passthrough=no protocol=\
tcp src-port=3389
add action=mark-packet chain=postrouting comment="wlan4 - RDP (out)" \
new-packet-mark=wlan4-fast out-interface=wlan4 passthrough=no protocol=\
tcp src-port=3389
add action=mark-packet chain=postrouting comment="wlan2 - Other" \
new-packet-mark=wlan2-guifi out-interface=wlan2 passthrough=no
add action=mark-packet chain=postrouting comment="wlan4 - Other" \
new-packet-mark=wlan4-guifi out-interface=wlan4 passthrough=no

/queue tree
add max-limit=40M name=wlan2-qdisc parent=wlan2 queue=wireless-default
add limit-at=3M max-limit=30M name=wlan2-interactive packet-mark=\
wlan2-interactive parent=wlan2-qdisc priority=1 queue=default
add limit-at=1M max-limit=10M name=wlan2-fast packet-mark=wlan2-fast parent=\
wlan2-qdisc priority=2 queue=default
add limit-at=3M max-limit=30M name=wlan2-internet packet-mark=wlan2-internet \
parent=wlan2-qdisc priority=3 queue=default
add limit-at=5M max-limit=40M name=wlan2-guifi packet-mark=wlan2-guifi \
parent=wlan2-qdisc priority=4 queue=default
add limit-at=1M max-limit=10M name=wlan2-bulk packet-mark=wlan2-bulk parent=\
wlan2-qdisc priority=7 queue=default
add max-limit=40M name=wlan4-qdisc parent=wlan4 queue=wireless-default
add limit-at=1M max-limit=10M name=wlan4-bulk packet-mark=wlan4-bulk parent=\
wlan4-qdisc priority=7 queue=default
add limit-at=1M max-limit=10M name=wlan4-fast packet-mark=wlan4-fast parent=\
wlan4-qdisc priority=2 queue=default
add limit-at=5M max-limit=40M name=wlan4-guifi packet-mark=wlan4-guifi \
parent=wlan4-qdisc priority=4 queue=default
add limit-at=3M max-limit=30M name=wlan4-interactive packet-mark=\
wlan4-interactive parent=wlan4-qdisc priority=1 queue=default
add limit-at=3M max-limit=30M name=wlan4-internet packet-mark=wlan4-internet \
parent=wlan4-qdisc priority=3 queue=default

Deixa un comentari

L'adreça electrònica no es publicarà. Els camps necessaris estan marcats amb *

Post Navigation