Académique Documents
Professionnel Documents
Culture Documents
Module 7
2013-01-01
Simple queue
2013-01-01
Introduction
2013-01-01
Critical applications
Sensitive traffic such as voice and video streams
Introduction
Client upload
Client download
Client aggregate (download and upload)
2013-01-01
Target
An IP address
A subnet
An interface
2013-01-01
Destinations
2013-01-01
2013-01-01
Bursting
Bursting permits users to get, for a short time, more bandwidth than
allowed by "max-limit" parameter.
Useful to boost traffic that doesn't use bandwidth too often. For
example, HTTP. Get a quick page download, than read it for a few
seconds.
2013-01-01
Bursting
Definitions.
2013-01-01
Bursting
How it works.
2013-01-01
10
Bursting
2013-01-01
11
Bursting
2013-01-01
12
Syntax
A simple queue
2013-01-01
13
Tip
You may have noticed that queue icons change color according to
usage. Color has a meaning.
2013-01-01
14
2013-01-01
15
2013-01-01
16
Pcq-rate configuration
The parameter pcq-rate limits the queue type's allowed data rate.
Classifier is what the router checks to see how it will apply this
limitation. It can be on source or destination address, or source or
destination port. You could thus limit user traffic or application traffic
(HTTP for example).
2013-01-01
17
Pcq-limit configuration
Will bring about a TCP window size adjustment, telling the source to reduce
the transmission rate
2013-01-01
18
Pcq-limit configuration
Fast interfaces (like Gig) require smaller queues as they reduce delays
2013-01-01
19
PCQ, an example
Lets suppose that we have users sharing a limited WAN link. We'll
give them the following data rates:
Download : 2Mbps
Upload : 1Mbps
WAN is on ether1
LAN subnet is 192.168.3.0/24
2013-01-01
20
PCQ, an example
/ip firewall mangle
add action=mark-packet chain=forward new-packet-mark=client_upload \
out-interface=ether1 src-address=192.168.3.0/24
add action=mark-packet chain=forward dst-address=192.168.3.0/24 \
in-interface=ether1 new-packet-mark=client_download
/queue type
add kind=pcq name=PCQ_download pcq-classifier=dst-address pcq-rate=2M
add kind=pcq name=PCQ_upload pcq-classifier=src-address pcq-rate=1M
/queue tree
add name=queue_upload packet-mark=client_upload parent=global queue=\
PCQ_upload
add name=queue_download packet-mark=client_download parent=global queue=\
PCQ_download
2013-01-01
21
Mangle : We are telling the router to mark packets with the "client_upload" or "client_download" mark,
depending on if
Packets are coming from the LAN and are leaving from ether1 (upload) or,
Packets are entering from ether1 and going to the LAN (download).
Queue types : We're defining the data rates and classifiers to use to differentiate sub-streams (source or
destination)
Queue tree : The combinations that are checked to see if packets qualify for traffic shaping and what to apply.
For example, in the case of uploaded traffic, we check input and output interfaces (global) for packets with the
"client_upload" mark and apply the "PCQ_upload" queue type.
2013-01-01
22
Monitoring
2013-01-01
23
Example
/tool traffic-monitor
add interface=ether1 name=TrafficMon1 on-event=script1 threshold=1500000 \
traffic=received
/system script
add name=script1 policy=ftp,read,test,winbox,api source="/tool e-mail send to=\"\
YOU@DOMAIN.CA\" subject=([/system identity get name] . \" Log \
\" . [/system clock get date]) body=\"Hello World. You're going too fast!\""
2013-01-01
24
Torch
2013-01-01
25
Torch, CLI
[admin@Pod3] /tool> torch interface=ether2 port=winbox
SRC-PORT
DST-PORT
53217
8291 (winbox)
TX
12.0kbps
12.0kbps
RX TX-PACKETS RX-PACKETS
4.7kbps
4.7kbps
7
7
6
6
DST-PORT
53217
8291 (winbox)
62414
53 (dns)
53538
80 (http)
62437
53 (dns)
53540
TX
RX TX-PACKETS RX-PACK
15.2kbps
5.1kbps
728bps
600bps
92.8kbps
5.3kbps
12
744bps
616bps
80 (http)
182.2kbps
8.4kbps
18
53541
80 (http)
191.1kbps
8.6kbps
19
59150
53 (dns)
760bps
632bps
53542
80 (http)
112.9kbps
7.0kbps
12
53543
443 (https)
34.8kbps
6.3kbps
53544
80 (http)
860.4kbps
20.0kbps
73
53545
80 (http)
4.5kbps
5.6kbps
53546
80 (http)
122.0kbps
6.3kbps
12
53547
80 (http)
122.0kbps
5.8kbps
12
65144
53 (dns)
1064bps
608bps
53548
80 (http)
1392bps
5.7kbps
1743.1kbps
87.0kbps
3
182
2013-01-01
26
Torch, Winbox
2013-01-01
27
Graphs
2013-01-01
28
Graphs
First steps.
[admin@Pod3] /tool graphing> set store-every=5min page-refresh=300
[admin@Pod3] /tool graphing> print
store-every: 5min
page-refresh: 300
[admin@Pod3] /tool graphing>
2013-01-01
29
Graphs
2013-01-01
30
SNMP
2013-01-01
31
SNMP
First steps.
[admin@Pod3] /snmp> set enabled=yes
[admin@Pod3] /snmp> set contact=YOU
[admin@Pod3] /snmp> set location=OFFICE
[admin@Pod3] /snmp> print
enabled: yes
contact: YOU
location: OFFICE
engine-id:
trap-target:
trap-community: (unknown)
trap-version: 1
trap-generators:
[admin@Pod3] /snmp>
2013-01-01
32
SNMP
2013-01-01
33
SNMP
2013-01-01
34
End of module 7
2013-01-01
35
Laboratory
2013-01-01
36
Laboratory : Setup
2013-01-01
37
Laboratory : step 1
2013-01-01
38
Laboratory : step 2
Test throughput using a speed testing web site. Note the results.
Configure a simple queue (call it "lab7") that will limit your entire
LAN to 4Mbps download and 2Mbps upload.
Ask a fellow student to plug into your router and repeat the speed test.
What do you get? Does your fellow student get the same results when
you connect to his router?
2013-01-01
39
Laboratory : step 3
2013-01-01
40
Laboratory : step 4
Create a PCQ based system so that all computers on the same LAN
have a limit of 4Mbps for downloads and 2Mbps for uploads.
Make sure that the names that you use are meaningful!
Test throughput using a speed testing web site. Note the results.
Ask a fellow student to plug into your router and repeat the speed test.
What do you get? Does your fellow student get the same results when
you connect to his router?
2013-01-01
41
Laboratory : step 5
Configure traffic monitoring in such a way that it will send you an email if inbound traffic exceeds 3Mbps on your wireless interface.
2013-01-01
42
Laboratory : step 6
Use the torch tool in such a way that you can see the source address of
nodes doing any IP traffic on any port through the wireless interface.
2013-01-01
43
Laboratory : step 7
Enable graphs on :
Wireless interface
Hardware resources
2013-01-01
44
Laboratory : step 8
Using a MIB Browser, walk through your router's MIBs. Can you see
your name and location?
2013-01-01
45
Laboratory : step 9
2013-01-01
46
End of Laboratory 7
2013-01-01
47