Limiting bandwidth of

specific destination based

on address list
GLC webinar, 11 august 2016

Achmad
Mardiansyah
achmad@glcnetworks.com
GLC Networks, Indonesia
www.glcnetworks.com
Agenda

● Introduction
● Address-list
● Bandwidth management
● Demo
● Q&A

www.glcnetworks.com
What is GLC?

● Garda Lintas Cakrawala (www.glcnetworks.com)

● An Indonesian company
● Located in Bandung
● Areas: Training, IT Consulting
● Mikrotik Certified Training Partner
● Mikrotik Certified Consultant
● Mikrotik distributor

3
www.glcnetworks.com
Trainer Introduction

● Name: Achmad Mardiansyah

● Base: bandung, Indonesia
● Linux user since ’99
● Certified Trainer (MTCNA/RE/WE/UME/INE/TCE)
● Mikrotik Certified Consultant
● Work: Telco engineer, Sysadmin, PHP programmer,
and Lecturer
● Personal website: http://achmad.glcnetworks.com
● More info:
http://au.linkedin.com/in/achmadmardiansyah

4
www.glcnetworks.com
Please introduce yourself

● Your name
● Your company/university?
● Your networking experience?
● Your mikrotik experience?
● Your expectation from this course?

5
www.glcnetworks.com
What is Mikrotik?

● Name of a company
● A brand
● A program (e.g. mikrotik academy)
● Headquarter: Riga, Latvia

6
www.glcnetworks.com
What are mikrotik products?

● Router OS
○ The OS. Specialized for networking
○ Website: www.mikrotik.com/download
● RouterBoard
○ The hardware
○ RouterOS installed
○ Website: www.routerboard.com

7
www.glcnetworks.com
What Router OS can do?

● Go to www.mikrotik.com
○ Download: what_is_routeros.pdf
○ Download: product catalog
○ Download: newsletter

8
www.glcnetworks.com
What are Mikrotik training & certifications?

Certificate validity is 3 years

9
www.glcnetworks.com
Address-list

www.glcnetworks.com
What is address-list?

● Address-list is a feature to create a group of IP addresses

● Usually is used in conjunction with firewall
● Used as firewall matchers. Can be:
○ Source address or destination address or
○ both
● Save your day -> no need to specify the complex address pattern on firewall
rules

with
address-list

Without
address-list

www.glcnetworks.com
 How to define an address-list?

● You just create an address-list name with the IP address on it

● Can be single IP address
● Can be a network

Network
Single IP
address
address

www.glcnetworks.com
 Dynamic address-list

● A new COOOL feature on version 6.36 (released august 2016)

● A new way to define an address list. No need to type IP addresses because
RouterOS will query the IP address automatically
● Very helpful for website with multiple IP address (youtube, facebook)

Type the
hostname

The result: RouterOS

will resolve the IP
www.glcnetworks.com address for you
Bandwidth Management
with address list

www.glcnetworks.com
Where the packets
are queued?

www.glcnetworks.com
considerations

● You should mark packet before its being queue

● And use the marked packet with QOS

www.glcnetworks.com
 Demo

www.glcnetworks.com
Example case

You are required to limit traffic from youtube ip address to 10.10.10.0/24 network.

● Create an address-list for youtube ip address:

/ip firewall address-list add address=youtube.com
list=youtube.com-ip-address
● Create firewall mangle rule:
/ip firewall mangle add action=mark-packet chain=forward
new-packet-mark=packet-from-youtube passthrough=no
src-address-list=youtube.com-ip-address
● Create a queue
/queue simple add max-limit=1M/5M name=limit-traffic-from-youtube
packet-marks=packet-from-youtube target=10.10.10.0/24

www.glcnetworks.com
 QA

www.glcnetworks.com
End of slides

● Thank you for your attention

● Please submit your feedback: http://bit.ly/glcfeedback
● Like our facebook page: “GLC networks”
● Stay tune with our schedule

www.glcnetworks.com