It is the result of my experiment, using the full bandwidth management with parent queue tree, which was still a lot of connection packets that are out of rule. What happens if a lot of packets that are not undefined? There will be a barrier in intent and purpose of bandwidth management that we don't expected. To control bandwidth usage we have to classify the connection packets. After getting caught then we can control it. The connection packets turned out to be highly variable. And we do not define it explicitly. Separation of connection packets method is a method of approach. That something outside that we defined must be considered.
This method is the perfection of bandwidth management using parent queue tree rule, to handle the different connection packets such as online games portal, browsing, downloading the file extensions, video streams that still any leaks. If too many leaks would be a barrier for us to prioritize the connection packets that we have defined. Upload and Undefined packets will cover the most leakage of the parent queue tree, and at last is keep using the simple queue.
I will not explain in detail again about mangle and queue tree, you can see by yourself or just a reference with the scripts that I will give, and I hope you can expanding it by yourself. Surely you should know here, the name of your public and local interface of your own mikrotik routerboard. I have a lot of explaining about this.
The concept is connection-in will produce the upload Packets, connection-out will produces the download packets. Upload and download packets are divided into upload and download packets per client. Then download packets per client will be divided again into the online games, browsing, downloading extensions, and video streams packets. Those packets can not define all the variety of the internet connection usage perfectly. It is possible to find the leakage would still not unthinkable, therefore I will use an undefined connection packets.
When we are using the internet connection, even if we're downloading any extensions file, it also use small upload bytes. For that we must define the upload connection packets per client. We still can not guarantee 100% that alll already represents all the connection packets. I suggest you to keep using simple queue per client to cover all the usage of the internet connection of the clients that many variety. Ok let's get started.
The rule of the bandwidth management is under the parent of queue tree rules using the priority for each kind of the connection packets, as shown like the picture below!
This method is the perfection of bandwidth management using parent queue tree rule, to handle the different connection packets such as online games portal, browsing, downloading the file extensions, video streams that still any leaks. If too many leaks would be a barrier for us to prioritize the connection packets that we have defined. Upload and Undefined packets will cover the most leakage of the parent queue tree, and at last is keep using the simple queue.
I will not explain in detail again about mangle and queue tree, you can see by yourself or just a reference with the scripts that I will give, and I hope you can expanding it by yourself. Surely you should know here, the name of your public and local interface of your own mikrotik routerboard. I have a lot of explaining about this.
The concept is connection-in will produce the upload Packets, connection-out will produces the download packets. Upload and download packets are divided into upload and download packets per client. Then download packets per client will be divided again into the online games, browsing, downloading extensions, and video streams packets. Those packets can not define all the variety of the internet connection usage perfectly. It is possible to find the leakage would still not unthinkable, therefore I will use an undefined connection packets.
When we are using the internet connection, even if we're downloading any extensions file, it also use small upload bytes. For that we must define the upload connection packets per client. We still can not guarantee 100% that alll already represents all the connection packets. I suggest you to keep using simple queue per client to cover all the usage of the internet connection of the clients that many variety. Ok let's get started.
1. Mangle Rules for Total Upload & Download Connection
/ip firewall mangle add action=mark-connection chain=prerouting disabled=no in-interface=ether1 new-connection-mark=all-inconn passthrough=yes comment="CONNECTION-IN" add action=mark-packet chain=prerouting connection-mark=all-inconn disabled=no new-packet-mark=all-inpkt passthrough=yes comment="UPLOAD" add action=mark-connection chain=forward disabled=no in-interface=wlan1 new-connection-mark=all-outconn passthrough=yes comment="CONNECTION-OUT" add action=mark-packet chain=forward connection-mark=all-outconn disabled=no new-packet-mark=all-outpkt passthrough=yes comment="DOWNLOAD"
2. Mangle Rules Upload dan Download Connection Packets Per Client
/ip firewall mangle add action=mark-packet chain=prerouting src-address=192.168.1.17 packet-mark=all-inpkt new-packet-mark=client1-pktp passthrough=no comment="CLIENT1 UPSTREAM" add action=mark-packet chain=prerouting src-address=192.168.1.16 packet-mark=all-inpkt new-packet-mark=client2-pktp passthrough=no comment="CLIENT2 UPSTREAM" add action=mark-packet chain=prerouting src-address=192.168.1.15 packet-mark=all-inpkt new-packet-mark=client3-pktp passthrough=no comment="CLIENT3 UPSTREAM" add action=mark-packet chain=prerouting src-address=192.168.1.14 packet-mark=all-inpkt new-packet-mark=client4-pktp passthrough=no comment="CLIENT4 UPSTREAM" add action=mark-packet chain=prerouting src-address=192.168.1.20 packet-mark=all-inpkt new-packet-mark=client5-pktp passthrough=no comment="CLIENT5 UPSTREAM" add action=mark-packet chain=prerouting src-address=192.168.1.21 packet-mark=all-inpkt new-packet-mark=client6-pktp passthrough=no comment="CLIENT6 UPSTREAM" /ip firewall mangle add action=mark-packet chain=forward dst-address=192.168.1.17 packet-mark=all-outpkt new-packet-mark=client1-pktd passthrough=yes comment="CLIENT1 DOWNSTREAM" add action=mark-packet chain=forward dst-address=192.168.1.16 packet-mark=all-outpkt new-packet-mark=client2-pktd passthrough=yes comment="CLIENT2 DOWNSTREAM" add action=mark-packet chain=forward dst-address=192.168.1.15 packet-mark=all-outpkt new-packet-mark=client3-pktd passthrough=yes comment="CLIENT3 DOWNSTREAM" add action=mark-packet chain=forward dst-address=192.168.1.14 packet-mark=all-outpkt new-packet-mark=client4-pktd passthrough=yes comment="CLIENT4 DOWNSTREAM" add action=mark-packet chain=forward dst-address=192.168.1.20 packet-mark=all-outpkt new-packet-mark=client5-pktd passthrough=yes comment="CLIENT5 DOWNSTREAM" add action=mark-packet chain=forward dst-address=192.168.1.21 packet-mark=all-outpkt new-packet-mark=client6-pktd passthrough=yes comment="CLIENT6 DOWNSTREAM"
3. Layer7 Protocols and Mangle Rules of The Connection Packets of The Extensions Files and Video Streaming Per Client
The mangle rules will be marking the connection packet of download files that use by the client/ip firewall layer7-protocol add comment="download" name=high regexp="^.*get.+\\.(exe|rar|iso|zip|7zip|0[0-9][1-9]|flv|mkv|avi|mp4|3gp|rmvb|mp3|img|dat|mov).*\$" add comment="download" name=document regexp="^.*get.+\\.(pdf|doc|docx|xlsx|xls|rtf|ppt|ppt).*\$" add comment="video" name=youtube regexp="^.*get.+\\.(c.youtube.com|cdn.dailymotion.com|metacafe.com|mccont.com).*\$" add comment="video" name=streaming regexp="videoplayback|video" /ip firewall mangle add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=billing-dpkt packet-mark=billing-pktd passthrough=no comment="BILLING DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=billing-dpkt packet-mark=billing-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=billing-dpkt packet-mark=billing-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client1-dpkt packet-mark=client1-pktd passthrough=no comment="CLIENT1 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client1-dpkt packet-mark=client1-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client1-dpkt packet-mark=client1-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client2-dpkt packet-mark=client2-pktd passthrough=no comment="CLIENT2 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client2-dpkt packet-mark=client2-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client2-dpkt packet-mark=client2-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client3-dpkt packet-mark=client3-pktd passthrough=no comment="CLIENT3 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client3-dpkt packet-mark=client3-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client3-dpkt packet-mark=client3-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client4-dpkt packet-mark=client4-pktd passthrough=no comment="CLIENT4 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client4-dpkt packet-mark=client4-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client4-dpkt packet-mark=client4-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client5-dpkt packet-mark=client5-pktd passthrough=no comment="CLIENT5 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client5-dpkt packet-mark=client5-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client5-dpkt packet-mark=client5-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client6-dpkt packet-mark=client6-pktd passthrough=no comment="CLIENT6 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client6-dpkt packet-mark=client6-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client6-dpkt packet-mark=client6-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=master-dpkt packet-mark=master-pktd passthrough=no comment="MASTER DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=master-dpkt packet-mark=master-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=master-dpkt packet-mark=master-pktd protocol=tcp comment="" /ip firewall mangle add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=billing-spkt packet-mark=billing-pktd passthrough=no comment="BILLING VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=billing-spkt packet-mark=billing-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client1-spkt packet-mark=client1-pktd passthrough=no comment="CLIENT1 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client1-spkt packet-mark=client1-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client2-spkt packet-mark=client2-pktd passthrough=no comment="CLIENT2 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client2-spkt packet-mark=client2-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client3-spkt packet-mark=client3-pktd passthrough=no comment="CLIENT3 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client3-spkt packet-mark=client3-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client4-spkt packet-mark=client4-pktd passthrough=no comment="CLIENT4 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client4-spkt packet-mark=client4-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client5-spkt packet-mark=client5-pktd passthrough=no comment="CLIENT5 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client5-spkt packet-mark=client5-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client6-spkt packet-mark=client6-pktd passthrough=no comment="CLIENT6 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client6-spkt packet-mark=client6-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=master-spkt packet-mark=master-pktd passthrough=no comment="MASTER VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=master-spkt packet-mark=master-pktd passthrough=no comment=""
4. Mangle Rules Marking Online Games Connection per client
/ip firewall mangle add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=tcp dst-port=5340-5352,6000-6152,10001-10011,14009-14030,18901-18909 comment="Online Game Portal" add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=tcp dst-port=39190,27780,29000,22100,10009,4300,15001,15002,7341,7451 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=tcp dst-port=40000,9300,9400,9700,7342,8005-8010,37466,36567,8822 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=tcp dst-port=47611,16666,20000,5105,29000,18901-18909,9015 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=udp dst-port=27005,27015 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=udp dst-port=27005-27020,13055,7800-7900,12060-12070 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=udp dst-port=8005-8010,9068,1293,1479,9401,9600,30000 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=udp dst-port=14009-14030,42051-42052,40000-40050,13000-13080 /ip firewall mangle add action=mark-packet chain=forward src-address=192.168.1.11 packet-mark=all-gpkt new-packet-mark=billing-gpkt passthrough=no comment="BILLING GAMES" add action=mark-packet chain=forward src-address=192.168.1.17 packet-mark=all-gpkt new-packet-mark=client1-gpkt passthrough=no comment="CLIENT1 GAMES" add action=mark-packet chain=forward src-address=192.168.1.16 packet-mark=all-gpkt new-packet-mark=client2-gpkt passthrough=no comment="CLIENT2 GAMES" add action=mark-packet chain=forward src-address=192.168.1.15 packet-mark=all-gpkt new-packet-mark=client3-gpkt passthrough=no comment="CLIENT3 GAMES" add action=mark-packet chain=forward src-address=192.168.1.14 packet-mark=all-gpkt new-packet-mark=client4-gpkt passthrough=no comment="CLIENT4 GAMES" add action=mark-packet chain=forward src-address=192.168.1.20 packet-mark=all-gpkt new-packet-mark=client5-gpkt passthrough=no comment="CLIENT5 GAMES" add action=mark-packet chain=forward src-address=192.168.1.21 packet-mark=all-gpkt new-packet-mark=client6-gpkt passthrough=no comment="CLIENT6 GAMES" add action=mark-packet chain=forward src-address=192.168.1.8 packet-mark=all-gpkt new-packet-mark=master-gpkt passthrough=no comment="MASTER GAMES"
5. Mangle Rules Marking Browsing Connection Per Client
/ip firewall mangle add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=billing-bpkt packet-mark=billing-pktd protocol=tcp comment="BILLING BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client1-bpkt packet-mark=client1-pktd protocol=tcp comment="CLIENT1 BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client2-bpkt packet-mark=client2-pktd protocol=tcp comment="CLIENT2 BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client3-bpkt packet-mark=client3-pktd protocol=tcp comment="CLIENT3 BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client4-bpkt packet-mark=client4-pktd protocol=tcp comment="CLIENT4 BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client5-bpkt packet-mark=client5-pktd protocol=tcp comment="CLIENT5 BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client6-bpkt packet-mark=client6-pktd protocol=tcp comment="CLIENT6 BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=master-bpkt packet-mark=master-pktd protocol=tcp comment="MASTER BROWSING"
6. Queue Tree Capturing The Marking Connection Packets Mangle Rules
The something new here is the parent queue tree for the queue tree upload per client and the unification of undefined, extension file, and video streams of downsteam connection packets has the single of parent queue tree rule. So if the clients play any video streams the limit speed will be depending on the queue tree rules./queue tree add name=All-Bandwidth parent=global-out packet-mark=all-inpkt,all-outpkt queue=default priority=8 max-limit=2M /queue tree add name=Billing parent=All-Bandwidth packet-mark=no-mark queue=default priority=8 add name=Client1 parent=All-Bandwidth packet-mark=no-mark queue=default priority=8 add name=Client2 parent=All-Bandwidth packet-mark=no-mark queue=default priority=8 add name=Client3 parent=All-Bandwidth packet-mark=no-mark queue=default priority=8 add name=Client4 parent=All-Bandwidth packet-mark=no-mark queue=default priority=8 add name=Client5 parent=All-Bandwidth packet-mark=no-mark queue=default priority=8 add name=Client6 parent=All-Bandwidth packet-mark=no-mark queue=default priority=8 add name=Master parent=All-Bandwidth packet-mark=no-mark queue=default priority=8 /queue tree add name=aBilling-Games parent=Billing packet-mark=billing-gpkt queue=default priority=1 max-limit=256k add name=aClient1-Games parent=Client1 packet-mark=client1-gpkt queue=default priority=1 max-limit=256k add name=aClient2-Games parent=Client2 packet-mark=client2-gpkt queue=default priority=1 max-limit=256k add name=aClient3-Games parent=Client3 packet-mark=client3-gpkt queue=default priority=1 max-limit=256k add name=aClient4-Games parent=Client4 packet-mark=client4-gpkt queue=default priority=1 max-limit=256k add name=aClient5-Games parent=Client5 packet-mark=client5-gpkt queue=default priority=1 max-limit=256k add name=aClient6-Games parent=Client6 packet-mark=client6-gpkt queue=default priority=1 max-limit=256k add name=aMaster-Games parent=Master packet-mark=master-gpkt queue=default priority=1 max-limit=256k /queue tree add name=bBilling-Browsing parent=Billing packet-mark=billing-bpkt queue=default priority=2 max-limit=256k add name=bClient1-Browsing parent=Client1 packet-mark=client1-bpkt queue=default priority=2 max-limit=256k add name=bClient2-Browsing parent=Client2 packet-mark=client2-bpkt queue=default priority=2 max-limit=256k add name=bClient3-Browsing parent=Client3 packet-mark=client3-bpkt queue=default priority=2 max-limit=256k add name=bClient4-Browsing parent=Client4 packet-mark=client4-bpkt queue=default priority=2 max-limit=256k add name=bClient5-Browsing parent=Client5 packet-mark=client5-bpkt queue=default priority=2 max-limit=256k add name=bClient6-Browsing parent=Client6 packet-mark=client6-bpkt queue=default priority=2 max-limit=256k add name=bMaster-Browsing parent=Master packet-mark=master-bpkt queue=default priority=2 max-limit=256k /queue tree add name=cBilling-Upload parent=Billing packet-mark=billing-pktp queue=default priority=3 max-limit=200k add name=cClient1-Upload parent=Client1 packet-mark=client1-pktp queue=default priority=3 max-limit=200k add name=cClient2-Upload parent=Client2 packet-mark=client2-pktp queue=default priority=3 max-limit=200k add name=cClient3-Upload parent=Client3 packet-mark=client3-pktp queue=default priority=3 max-limit=200k add name=cClient4-Upload parent=Client4 packet-mark=client4-pktp queue=default priority=3 max-limit=200k add name=cClient5-Upload parent=Client5 packet-mark=client5-pktp queue=default priority=3 max-limit=200k add name=cClient6-Upload parent=Client6 packet-mark=client6-pktp queue=default priority=3 max-limit=200k add name=cMaster-Upload parent=Master packet-mark=master-pktp queue=default priority=3 max-limit=200k /queue tree add name=dBilling-Download parent=Billing packet-mark=no-mark queue=default priority=6 max-limit=220k add name=dClient1-Download parent=Client1 packet-mark=no-mark queue=default priority=6 max-limit=220k add name=dClient2-Download parent=Client2 packet-mark=no-mark queue=default priority=6 max-limit=220k add name=dClient3-Download parent=Client3 packet-mark=no-mark queue=default priority=6 max-limit=220k add name=dClient4-Download parent=Client4 packet-mark=no-mark queue=default priority=6 max-limit=220k add name=dClient5-Download parent=Client5 packet-mark=no-mark queue=default priority=6 max-limit=220k add name=dClient6-Download parent=Client6 packet-mark=no-mark queue=default priority=6 max-limit=220k add name=dMaster-Download parent=Master packet-mark=no-mark queue=default priority=6 max-limit=220k /queue tree add name=eBilling-DownUdf parent=dBilling-Download packet-mark=billing-pktd queue=default priority=6 add name=eClient1-DownUdf parent=dClient1-Download packet-mark=client1-pktd queue=default priority=6 add name=eClient2-DownUdf parent=dClient2-Download packet-mark=client2-pktd queue=default priority=6 add name=eClient3-DownUdf parent=dClient3-Download packet-mark=client3-pktd queue=default priority=6 add name=eClient4-DownUdf parent=dClient4-Download packet-mark=client4-pktd queue=default priority=6 add name=eClient5-DownUdf parent=dClient5-Download packet-mark=client5-pktd queue=default priority=6 add name=eClient6-DownUdf parent=dClient6-Download packet-mark=client6-pktd queue=default priority=6 add name=eMaster-DownUdf parent=dMaster-Download packet-mark=master-pktd queue=default priority=6 /queue tree add name=fBilling-DownExt parent=dBilling-Download packet-mark=billing-dpkt queue=default priority=7 add name=fClient1-DownExt parent=dClient1-Download packet-mark=client1-dpkt queue=default priority=7 add name=fClient2-DownExt parent=dClient2-Download packet-mark=client2-dpkt queue=default priority=7 add name=fClient3-DownExt parent=dClient3-Download packet-mark=client3-dpkt queue=default priority=7 add name=fClient4-DownExt parent=dClient4-Download packet-mark=client4-dpkt queue=default priority=7 add name=fClient5-DownExt parent=dClient5-Download packet-mark=client5-dpkt queue=default priority=7 add name=fClient6-DownExt parent=dClient6-Download packet-mark=client6-dpkt queue=default priority=7 add name=fMaster-DownExt parent=dMaster-Download packet-mark=master-dpkt queue=default priority=7 /queue tree add name=gBilling-DownVid parent=dBilling-Download packet-mark=billing-spkt queue=default priority=8 add name=gClient1-DownVid parent=dClient1-Download packet-mark=client1-spkt queue=default priority=8 add name=gClient2-DownVid parent=dClient2-Download packet-mark=client2-spkt queue=default priority=8 add name=gClient3-DownVid parent=dClient3-Download packet-mark=client3-spkt queue=default priority=8 add name=gClient4-DownVid parent=dClient4-Download packet-mark=client4-spkt queue=default priority=8 add name=gClient5-DownVid parent=dClient5-Download packet-mark=client5-spkt queue=default priority=8 add name=gClient6-DownVid parent=dClient6-Download packet-mark=client6-spkt queue=default priority=8 add name=gMaster-DownVid parent=dMaster-Download packet-mark=master-spkt queue=default priority=8
The rule of the bandwidth management is under the parent of queue tree rules using the priority for each kind of the connection packets, as shown like the picture below!
7. Connection Limit Firewall Filter to The Kind Connection Packets
If you want to limit the client speed by the connection, you can add this rule on the firewall filter using the following scripts. You can change the value of connection limit as you will./ip firewall filter add action=drop chain=forward comment="DOWNLOAD HIGH" connection-limit=6,32 disabled=no layer7-protocol=high protocol=tcp add action=drop chain=forward comment="YOUTUBE" connection-limit=6,32 disabled=no layer7-protocol=youtube protocol=tcp add action=drop chain=forward comment="STREAMING" connection-limit=6,32 disabled=no layer7-protocol=streaming protocol=tcp
8. Scripts to create Automatic Simple Queue for each IP address Clients
to avoid the connection packets that could not defined yet, something that we can not expected. This script will help to create simple queue rules by IP client automatically!/queue simple
:for i from=1 to=24 do={
add name=("Client $i") target-addresses=("192.168.1.$i") \
dst-address=0.0.0.0/0 interface=all limit-at=0/0 max-limit=200000/200000 disabled=no
}
Change the range of the clients IP address that you have and define the max-limit on the simple queue rule. This is the way that I have applied in my internet network, in order to maintain the satisfaction of the clients that have a variety of interests in usage of the internet connection. If you need to see how the above scripts works, let's see on this article video above! good luck!Perfection II
This is the perfection queue tree that I have made as a reference for you to implement QoS in Version 5 as you wish, you can modify this method as you like!
and this is the complete method of this experiment!
Limiting Download Files Queue Tree per Client
Limiting Browsing Queue Tree per Client
Limiting Video Streaming Queue Tree per Client
Limiting Upload Per Client
Mangle All | Change Your Interface Name ======================================= local interface : hotspot local interface : wan /ip firewall mangle add action=mark-connection chain=prerouting disabled=no in-interface=hotspot new-connection-mark=all-inconn passthrough=yes comment="UPSTEAM CONNECTION" add action=mark-packet chain=prerouting connection-mark=all-inconn disabled=no new-packet-mark=all-inpkt passthrough=yes comment="UPSTEAM" add action=mark-connection chain=forward disabled=no in-interface=wan new-connection-mark=all-outconn passthrough=yes comment="DOWNSTEAM CONNECTION" add action=mark-packet chain=forward connection-mark=all-outconn disabled=no new-packet-mark=all-outpkt passthrough=yes comment="DOWNSTEAM" Layer 7 All | Add your regexp +++++++++++++++++++++++++++++ /ip firewall layer7-protocol add comment="download" name=high regexp="^.*get.+\\.(exe|rar|iso|zip|7zip|0[0-9][1-9]|flv|mkv|avi|mp4|3gp|rmvb|mp3|img|dat|mov).*\$" add comment="download" name=document regexp="^.*get.+\\.(pdf|doc|docx|xlsx|xls|rtf|ppt|ppt).*\$" add comment="video" name=youtube regexp="^.*get.+\\.(c.youtube.com|cdn.dailymotion.com|metacafe.com|mccont.com).*\$" add comment="video" name=streaming regexp="videoplayback|video" add comment="video" name=youtube_matcher regexp="(GET \\/videoplayback\\\?|GET \\/crossdomain\\.xml)" Mangle per client +++++++++++++++++ /ip firewall mangle add action=mark-packet chain=prerouting src-address=192.168.1.17 packet-mark=all-inpkt new-packet-mark=client1-pktp passthrough=no comment="CLIENT1 UPSTREAM" add action=mark-packet chain=prerouting src-address=192.168.1.16 packet-mark=all-inpkt new-packet-mark=client2-pktp passthrough=no comment="CLIENT2 UPSTREAM" add action=mark-packet chain=prerouting src-address=192.168.1.15 packet-mark=all-inpkt new-packet-mark=client3-pktp passthrough=no comment="CLIENT3 UPSTREAM" add action=mark-packet chain=prerouting src-address=192.168.1.14 packet-mark=all-inpkt new-packet-mark=client4-pktp passthrough=no comment="CLIENT4 UPSTREAM" add action=mark-packet chain=prerouting src-address=192.168.1.20 packet-mark=all-inpkt new-packet-mark=client5-pktp passthrough=no comment="CLIENT5 UPSTREAM" add action=mark-packet chain=prerouting src-address=192.168.1.21 packet-mark=all-inpkt new-packet-mark=client6-pktp passthrough=no comment="CLIENT6 UPSTREAM" /ip firewall mangle add action=mark-packet chain=forward dst-address=192.168.1.17 packet-mark=all-outpkt new-packet-mark=client1-pktd passthrough=yes comment="CLIENT1 DOWNSTREAM" add action=mark-packet chain=forward dst-address=192.168.1.16 packet-mark=all-outpkt new-packet-mark=client2-pktd passthrough=yes comment="CLIENT2 DOWNSTREAM" add action=mark-packet chain=forward dst-address=192.168.1.15 packet-mark=all-outpkt new-packet-mark=client3-pktd passthrough=yes comment="CLIENT3 DOWNSTREAM" add action=mark-packet chain=forward dst-address=192.168.1.14 packet-mark=all-outpkt new-packet-mark=client4-pktd passthrough=yes comment="CLIENT4 DOWNSTREAM" add action=mark-packet chain=forward dst-address=192.168.1.20 packet-mark=all-outpkt new-packet-mark=client5-pktd passthrough=yes comment="CLIENT5 DOWNSTREAM" add action=mark-packet chain=forward dst-address=192.168.1.21 packet-mark=all-outpkt new-packet-mark=client6-pktd passthrough=yes comment="CLIENT6 DOWNSTREAM" Download Per Client +++++++++++++++++++++ /ip firewall mangle add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client1-dpkt packet-mark=client1-pktd passthrough=no comment="CLIENT1 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client1-dpkt packet-mark=client1-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client1-dpkt packet-mark=client1-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client2-dpkt packet-mark=client2-pktd passthrough=no comment="CLIENT2 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client2-dpkt packet-mark=client2-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client2-dpkt packet-mark=client2-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client3-dpkt packet-mark=client3-pktd passthrough=no comment="CLIENT3 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client3-dpkt packet-mark=client3-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client3-dpkt packet-mark=client3-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client4-dpkt packet-mark=client4-pktd passthrough=no comment="CLIENT4 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client4-dpkt packet-mark=client4-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client4-dpkt packet-mark=client4-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client5-dpkt packet-mark=client5-pktd passthrough=no comment="CLIENT5 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client5-dpkt packet-mark=client5-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client5-dpkt packet-mark=client5-pktd protocol=tcp comment="" add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=client6-dpkt packet-mark=client6-pktd passthrough=no comment="CLIENT6 DOWNLOAD" add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=client6-dpkt packet-mark=client6-pktd passthrough=no comment="" add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443 passthrough=yes new-packet-mark=client6-dpkt packet-mark=client6-pktd protocol=tcp comment="" Streaming Per Client ++++++++++++++++++++++++ /ip firewall mangle add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client1-spkt packet-mark=client1-pktd passthrough=no comment="CLIENT1 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client1-spkt packet-mark=client1-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube_matcher new-packet-mark=client1-spkt packet-mark=client1-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client2-spkt packet-mark=client2-pktd passthrough=no comment="CLIENT2 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client2-spkt packet-mark=client2-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube_matcher new-packet-mark=client2-spkt packet-mark=client1-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client3-spkt packet-mark=client3-pktd passthrough=no comment="CLIENT3 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client3-spkt packet-mark=client3-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube_matcher new-packet-mark=client3-spkt packet-mark=client1-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client4-spkt packet-mark=client4-pktd passthrough=no comment="CLIENT4 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client4-spkt packet-mark=client4-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube_matcher new-packet-mark=client4-spkt packet-mark=client1-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client5-spkt packet-mark=client5-pktd passthrough=no comment="CLIENT5 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client5-spkt packet-mark=client5-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube_matcher new-packet-mark=client5-spkt packet-mark=client1-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=client6-spkt packet-mark=client6-pktd passthrough=no comment="CLIENT6 VIDEO" add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=client6-spkt packet-mark=client6-pktd passthrough=no comment="" add action=mark-packet chain=forward layer7-protocol=youtube_matcher new-packet-mark=client6-spkt packet-mark=client1-pktd passthrough=no comment="" Browsing Per Client ++++++++++++++++++++++++ /ip firewall mangle add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client1-bpkt packet-mark=client1-pktd protocol=tcp comment="CLIENT1 BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client2-bpkt packet-mark=client2-pktd protocol=tcp comment="CLIENT2 BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client3-bpkt packet-mark=client3-pktd protocol=tcp comment="CLIENT3 BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client4-bpkt packet-mark=client4-pktd protocol=tcp comment="CLIENT4 BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client5-bpkt packet-mark=client5-pktd protocol=tcp comment="CLIENT5 BROWSING" add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443 passthrough=no new-packet-mark=client6-bpkt packet-mark=client6-pktd protocol=tcp comment="CLIENT6 BROWSING" Unification The Kind Online Game Downsteam | add the port game here! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ /ip firewall mangle add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=tcp dst-port=5340-5352,6000-6152,10001-10011,14009-14030,18901-18909 comment="Online Game Portal" add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=tcp dst-port=39190,27780,29000,22100,10009,4300,15001,15002,7341,7451 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=tcp dst-port=40000,9300,9400,9700,7342,8005-8010,37466,36567,8822 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=tcp dst-port=47611,16666,20000,5105,29000,18901-18909,9015 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=udp dst-port=27005,27015 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=udp dst-port=27005-27020,13055,7800-7900,12060-12070 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=udp dst-port=8005-8010,9068,1293,1479,9401,9600,30000 add action=mark-packet chain=forward packet-mark=all-outpkt new-packet-mark=all-gpkt passthrough=yes protocol=udp dst-port=14009-14030,42051-42052,40000-40050,13000-13080 Separating All Kind Online Game Per Client ++++++++++++++++++++++++++++++++++++++++++++++++ /ip firewall mangle add action=mark-packet chain=forward src-address=192.168.1.17 packet-mark=all-gpkt new-packet-mark=client1-gpkt passthrough=no comment="CLIENT1 GAMES" add action=mark-packet chain=forward src-address=192.168.1.16 packet-mark=all-gpkt new-packet-mark=client2-gpkt passthrough=no comment="CLIENT2 GAMES" add action=mark-packet chain=forward src-address=192.168.1.15 packet-mark=all-gpkt new-packet-mark=client3-gpkt passthrough=no comment="CLIENT3 GAMES" add action=mark-packet chain=forward src-address=192.168.1.14 packet-mark=all-gpkt new-packet-mark=client4-gpkt passthrough=no comment="CLIENT4 GAMES" add action=mark-packet chain=forward src-address=192.168.1.20 packet-mark=all-gpkt new-packet-mark=client5-gpkt passthrough=no comment="CLIENT5 GAMES" add action=mark-packet chain=forward src-address=192.168.1.21 packet-mark=all-gpkt new-packet-mark=client6-gpkt passthrough=no comment="CLIENT6 GAMES" Parenting Queue Tree ++++++++++++++++++++++++++++++++++++++++++++++++ /queue tree add name=All-Upload parent=global-in packet-mark=all-inpkt queue=default priority=8 max-limit=2M add name=All-Download parent=global-out packet-mark=all-outpkt queue=default priority=8 max-limit=2M /queue tree add name=Client1Up parent=All-Upload packet-mark=client1-pktp queue=default priority=3 max-limit=200k add name=Client2Up parent=All-Upload packet-mark=client2-pktp queue=default priority=3 max-limit=200k add name=Client3Up parent=All-Upload packet-mark=client3-pktp queue=default priority=3 max-limit=200k add name=Client4Up parent=All-Upload packet-mark=client4-pktp queue=default priority=3 max-limit=200k add name=Client5Up parent=All-Upload packet-mark=client5-pktp queue=default priority=3 max-limit=200k add name=Client6Up parent=All-Upload packet-mark=client6-pktp queue=default priority=3 max-limit=200k /queue tree add name=Client1 parent=All-Download packet-mark=client1-pktd queue=default priority=8 add name=Client2 parent=All-Download packet-mark=client2-pktd queue=default priority=8 add name=Client3 parent=All-Download packet-mark=client3-pktd queue=default priority=8 add name=Client4 parent=All-Download packet-mark=client4-pktd queue=default priority=8 add name=Client5 parent=All-Download packet-mark=client5-pktd queue=default priority=8 add name=Client6 parent=All-Download packet-mark=client6-pktd queue=default priority=8 Connection Packet Queue Tree Per Client ++++++++++++++++++++++++++++++++++++++++++++++++ /queue tree add name=aClient1-Games parent=Client1 packet-mark=client1-gpkt queue=default priority=1 max-limit=256k add name=aClient2-Games parent=Client2 packet-mark=client2-gpkt queue=default priority=1 max-limit=256k add name=aClient3-Games parent=Client3 packet-mark=client3-gpkt queue=default priority=1 max-limit=256k add name=aClient4-Games parent=Client4 packet-mark=client4-gpkt queue=default priority=1 max-limit=256k add name=aClient5-Games parent=Client5 packet-mark=client5-gpkt queue=default priority=1 max-limit=256k add name=aClient6-Games parent=Client6 packet-mark=client6-gpkt queue=default priority=1 max-limit=256k /queue tree add name=bClient1-Browsing parent=Client1 packet-mark=client1-bpkt queue=default priority=2 max-limit=256k add name=bClient2-Browsing parent=Client2 packet-mark=client2-bpkt queue=default priority=2 max-limit=256k add name=bClient3-Browsing parent=Client3 packet-mark=client3-bpkt queue=default priority=2 max-limit=256k add name=bClient4-Browsing parent=Client4 packet-mark=client4-bpkt queue=default priority=2 max-limit=256k add name=bClient5-Browsing parent=Client5 packet-mark=client5-bpkt queue=default priority=2 max-limit=256k add name=bClient6-Browsing parent=Client6 packet-mark=client6-bpkt queue=default priority=2 max-limit=256k /queue tree add name=cClient1-DownExt parent=Client1 packet-mark=client1-dpkt queue=default priority=4 max-limit=220k add name=cClient2-DownExt parent=Client2 packet-mark=client2-dpkt queue=default priority=4 max-limit=220k add name=cClient3-DownExt parent=Client3 packet-mark=client3-dpkt queue=default priority=4 max-limit=220k add name=cClient4-DownExt parent=Client4 packet-mark=client4-dpkt queue=default priority=4 max-limit=220k add name=cClient5-DownExt parent=Client5 packet-mark=client5-dpkt queue=default priority=4 max-limit=220k add name=cClient6-DownExt parent=Client6 packet-mark=client6-dpkt queue=default priority=4 max-limit=220k /queue tree add name=dClient1-DownVid parent=Client1 packet-mark=client1-spkt queue=default priority=5 max-limit=220k add name=dClient2-DownVid parent=Client2 packet-mark=client2-spkt queue=default priority=5 max-limit=220k add name=dClient3-DownVid parent=Client3 packet-mark=client3-spkt queue=default priority=5 max-limit=220k add name=dClient4-DownVid parent=Client4 packet-mark=client4-spkt queue=default priority=5 max-limit=220k add name=dClient5-DownVid parent=Client5 packet-mark=client5-spkt queue=default priority=5 max-limit=220k add name=dClient6-DownVid parent=Client6 packet-mark=client6-spkt queue=default priority=5 max-limit=220k
Related Articles
"MASTER DOWNSTREAM" itu apa yahh Om,, maaf saya baru belajar tentang Mikrotik
ReplyDeleteUntuk menandai total packets rx atau packets yang diterima, dalam hal ini download untuk client dengan nama master.
Deletemau tanya lagi Om Agus ,, Ip ini 192.168.1.8 Masud nya dari mana yah Om , ??
DeleteItu IP yang digunakan oleh client dalam Local Area Network, terserah mau diberi nama apa! ini hanya sebuah contoh dalam pengaplikasiannya dalam clients yang menggunakan static IP
DeleteGood day sir can you fix this script
Delete/ip firewall mangle
:for i from=250 to=254 \
do={ \
{add action=mark-packet chain=forward layer7-protocol=high new-packet-mark="client$i-dpkt" \
packet-mark="client$i-pktd" passthrough=no comment="CLIENT$i DOWNLOAD" }, \
{add action=mark-packet chain=forward layer7-protocol=document new-packet-mark="client$i-dpkt" \
packet-mark="client$i-pktd" passthrough=no }\
}
Ok Thank's Om atas Penjelasan nya,, sebelum nya maaf nih Om itu text nya ada yg bahasa Indonesia ga yah,,??
ReplyDeleteJangan menyerah sama bahasa inggris ya! saya juga sambil belajar :)
Deletehehehe,,, iya makasih Om
DeleteHello I tried to copy and paste the script but Queue Tree is not moving
ReplyDeletethere is an error in the Parent = global-out has only global
I think your routerboard with QOS ROSv6, have you tried to change global-out just with global?
Deleteand P2P? What would be the rule? since all the bandwidth is consumed.
ReplyDeleteVery well, first I just want to know from you, why are you concerned with P2P? is this about torrent sites with the applications or tools ?
Deleteares, torrent, atube catcher and other
DeleteHow is the rule to limit p2p? Are considered? Download?
DeleteThis rule most likely would be handled by download undefined. If you think it is most important, you must create a new mangle and queue tree for that.
DeleteI'll be write how to implement it, make more perfection again this method and no need queue simple at all based on my experiment. be patient!
DeleteLook at on this article friend! http://agratitudesign.blogspot.com/2013/12/complete-queue-tree-without-queue_25.html
Deletewhat if am using DHCP not static ip for the client.. as hotspot or broadband .. ?
ReplyDeleteThat means you must create the type of queue tree rules for all clients, I just can imagine to use pcq to do that on the queue tree rules
DeleteOk I have found the new way, be patient! i'll be write for you! thank you for the questions that inspire me!
DeleteLook at on this link! http://agratitudesign.blogspot.com/2013/12/complete-queue-tree-for-dynamic-and.html
Deleteeactivating the queues were disabled transparent proxy, these are the rules that I added:
ReplyDeletefirewall - nat --- enable transparent proxy.
active web proxy cache but only to block websites.
that the queues do not work?
have you already make a new rule on NAT to redirect Traffic for web proxy?
Deleteyes,in NAT
DeleteI added a rule that redirects traffic from port 80 to port 8080, but now the queues do not work
The rules that i have made still only use direct connection to internet server. It must be added the rule for connection via proxy i think
DeleteAfter I observed using Transparent proxy, we can only use in download queue tree. so it is very difficult to divide them into various kinds of connection packets download.
Deletenice post bro
ReplyDeletebli buat tutorial mengenai load balancing dan pemisah antara browsing dan game mengnakan 2 isp
global out itu apakah bisa diganti dengan ether yang menghubungkan ke local jaringan?
ReplyDeletetopoogi jaringan saya, ether 9 digunakan isp, ether 7 digunakan untuk menghubungkan ke local?
can it used for mikrotik userman USERS OR NOT
ReplyDeleteI try the script for adding the IP´s but doesnt work there is and error...
ReplyDeleteI am using v6.11
pak minta solusi untuk melimit download dri FTP. krn selama ini kl ada client download dri web FTP meskipun L7 sdh ada limit extensi exe tetap tidak ke limit krn dari FTP. mohon solusinya...
ReplyDeleteaku bingung manggil apa, aku panggil Bapak saja deh karna lebih tua. mau comment tentang script ini. aku sudah coba di routerku sendiri. hasilnya cukup memuaskan. namun muncul pertanyaan saat loading game yang cukup lama meskipun sudah kucoba untuk membuat BW full untuk koneksi game tersebut. setelah mencari tahu aku dapat info bahwa sebaiknya untuk port game di prerouting saja agar tidak ribet didalam router. dan hasilnya game loading sangat oke. tapi overall makasih sekali atas share scriptnya ya pak. good luck and i always waiting for your new configuration about mikrotik.
ReplyDeleteKakak .. maaf mau tanya. Bandwith Speedy sy 4mb dgn jumlah unit sebanyak 20 + 2 unit. Idealnya pembagian masing" bandwith brp ya ?
ReplyDeleteMksh kakak
hello sir can you help me with this
ReplyDelete/ip firewall mangle
add action=mark-connection chain=prerouting disabled=no in-interface=ether2-master-local new-connection-mark=all-inconn passthrough=yes comment="CONNECTION-IN"
add action=mark-packet chain=prerouting connection-mark=all-inconn disabled=no new-packet-mark=all-inpkt passthrough=yes comment="UPLOAD"
add action=mark-connection chain=forward disabled=no out-interface=ether1-gateway new-connection-mark=all-outconn passthrough=yes comment="CONNECTION-OUT"
add action=mark-packet chain=forward connection-mark=all-outconn disabled=no new-packet-mark=all-outpkt passthrough=yes comment="DOWNLOAD"
the upload is not working.... im using rosv6.13
I am sorry I little bit busy for a few days, now is galungan celebration here! ok you can try this
Deleteether2-master-local connected to lan
ether1-gateway connected to internet source
/ip firewall mangle
add action=mark-connection chain=prerouting disabled=no in-interface=ether2-master-local new-connection-mark=all-inconn passthrough=yes comment="CONNECTION-IN"
add action=mark-packet chain=prerouting connection-mark=all-inconn disabled=no new-packet-mark=all-inpkt passthrough=yes comment="UPLOAD"
add action=mark-connection chain=forward disabled=no in-interface=ether1-gateway new-connection-mark=all-outconn passthrough=yes comment="CONNECTION-OUT"
add action=mark-packet chain=forward connection-mark=all-outconn disabled=no new-packet-mark=all-outpkt passthrough=yes comment="DOWNLOAD"
thanks sir but still not working
DeleteSomething went wrong for me ! i rewrite the script like this " http://d-h.st/57c "
ReplyDeleteand Mikrotik show like this " http://s29.postimg.org/hd1zkwkfr/11111.png "
Why only the Upload is working ! Other Games , Browsing aren't working well .
Please Ans me
Hi everyone I want suggestion. I want to use some isp billing system. I want to know what is the best isp billing system.
ReplyDeleteMohon pencerahannya pak,
ReplyDeletekenapa Game dan Upload nya tidak jalan yah?
Terimakasih Pak Agus atas sharingnya, luar biasa sekali..
ReplyDeleteSaya ada pertanyaan pak. Kondisi saya memakai ISP Speedy 5Mbps dengan Upload 1Mbps. (kecepatan di speedtest.net bisa mencapai 6Mbps utk DL, dan 1Mbps utk UL).Saya ada 13 Client + 1 Billing. Saya uda ikuti settingan bapak di artikel ini yg tentunya sudah saya sesuaikan sedikit dengan settingan IP address, dst di saya. Tetapi saat saya bermain Point Blank sambil browsing Facebook dan Youtube, masih berkurang ping nya dan masih lag. Mohon bantuannya Pak. Terimakasih banyak
halo om agus... sebelumnya saya menggunakan mikrotik 751 dengan os4.12 dan saya mengganti mikrotik dengan tipe 951 os6.18
ReplyDeletedan saya menggunakan script dari om dan diedit sesuai dengan kebutuhan saya.
selama menggunakan mikrotik yang lama 751 os4.12 tidak ada masalah tetapi setelah beralih ke mikrotik 951 os6.18 selalu ada warning message :
"dhcp,critical,error dhcp-client on internet lost IP address XXX.XXX.XXX.XXX received NAK from dhcp server 0.0.0.0"
dan
"dhcp,critical,error dhcp-client on internet lost IP address XXX.XXX.XXX.XXX - lease expired"
mohon pencerahaannya om
Terima kasih Om" Tutorialnya "WORK" dan sangat bermanfaat.
ReplyDeleteSUKSES SELALU buat blog "agratitudesign impression"
Thanks so much..! mas Fahrul atas supportnya tetap memberikan semangat yang sempat vacum untuk membagun blog ini kembali, semoga catatan dalam blog ini bisa memberikan manfaat dan inspirasi, meski tidak sempurna mudah2an agratitudesign bisa menjadi jembatan untuk memunculkan ide baru untuk kita bersama! Salam!
Delete/ip firewall mangle
ReplyDeleteadd action=mark-connection chain=prerouting disabled=no in-interface=ether1 new-connection-mark=all-inconn passthrough=yes comment="CONNECTION-IN"
add action=mark-connection chain=forward disabled=no in-interface=wlan1 new-connection-mark=all-outconn passthrough=yes comment="CONNECTION-OUT"
Mas agus untuk interface CONNECTION-IN dan CONNECTION-OUT sama-sama memakai "in-interface" ya
iya tetapi ingat upload dan download disini menggunakan chain yang berbeda
DeleteBli Saya Pake Limit yang ini Uploadnya saja yang G jalan mohon pencerahan biasanya permasalahan ada dimana???
ReplyDeleteFirewall Mangel Untuk uploadnya jalan dan ada traffic nya Bli Ini SS nya
ReplyDeletehttp://prntscr.com/6cy3k5
Tapi untuk Queue treenya gak mau jalan sama sekali traffic nya Bli Ini SS nya
http://prntscr.com/6cy46r
Coba dipisah aja download dan uploadnnya :
Delete/queue tree
add name=All-Upload parent=global-in packet-mark=all-inpkt queue=default priority=8 max-limit=2M
add name=All-Download parent=global-out packet-mark=all-outpkt queue=default priority=8 max-limit=2M
yang lainnya menyesuaikan dari "all-download" ya, uploadnya jika ingin per client, dipisah2 aja per ip client
Brarti Perintah itu cma mengganti di queue tree tanpa harus meng hapus apapun di firewall mangle, Berarti Queue tree untuk Upload dan download nya di hapus saja ya Bli?
ReplyDeleteMaklum Masih Newbie, Baru anak SMK
Iya perubahan hanya di queue tree aja dik, Queue tree lainnya di modifikasi atau disesuaikan parentnya. Coba di orat-oret dulu di script editor, pasti lebih mudah dimengerti
DeleteOk dah Bli Terima Kasih yah, Mau saya Coba Implementasi kan Ke Router Saya...
DeleteBli Masih Tetep Upload G kelimit, Benar di Queue Tree Ada Traffic Tapi di Mangelnya G ada Traffic, Mohon Bantuannya dong ????
ReplyDeleteThanks Bli, Scrip dari Bli Work Tapi Agar Work g asal Copas Tapi Harus Dimengerti Tentang Upload Dan Download Rules nya Bli Punya Saya Dah Work smua tinggal Game Saja Yang Belum Saya Coba....
ReplyDeleteSalam Dari Anak SMK Lumajang Ini Screen Shoot nya
http://prntscr.com/6gnhf2
Coba disesuaikan port tcp maupun udp gamenya, karena setiap game memiliki port yang berbeda - beda, sangat beragam, apa lagi game facebook atau website2 tertentu, dia menggunakan port yang dinamis. Jika ada game online yang masih susah ditangkap portnya, mending fokus pada paket2 koneksi yang banyak memakan bandwidth seperti yang video streams, download, dan browsing jangan sampai ini membuat bandwidth yang terpakai habis karena ini akan berdampak pada nilai ping jika ingin menggabungkan penggunaan game online yang sangat sensitif dan masukkan sisanya yang belum terdifinisi dalam undefined. Ini tetap experimentkan untuk mencapai QoS yang ideal
DeleteIya Akan Saya Coba, tetapi saya mendapat masukan dari guru saya untuk game itu ada yang di drop jadi initinya semua web yang menyediakan game online dengan port tertentu akan di drop dan di alihkan ke port yang sudah disediakan,
DeleteUntuk Ping kan dapat di setabilkan dari mangel nya kan Bli, saya kalau menyetabilkan Ping Pernah coba dan Work
Untuk game online memang ping dan latency menjadi ukuran lag dan lancarnya game online. Latency adalah waktu yang diperlukan untuk mengirimkan paket data ke server, sedangkan Ping adalah waktu yang diperlukan untuk mengirimkan paket data ke server dan untuk kembali lagi kepada kita. Tapi ini tergantung ISPnya juga, kl karakter ping dari ISP sudah besar dan cepat melar ya mau apa lagi. Tapi dari pengalaman saya, kl koneksi internet dedicated lebih mudah menjaga pingnya. Selebihnya silahkan mencobanya!
DeleteBeli ini sudah saya coba di rb750. hampir semua work. kecuali download ext. kok tidak terlimit ya. saya pakai web proxy internal usb, apa itu berpengaruh?
ReplyDeleteBli Layer7 Mungkin minta update punya ku kemaren bisa tapi hari ini g nge traffic...
ReplyDeleteTolong di Update Bli
Hmmm gimana ya, sebentar dulu!
DeleteCoba di ulang lagi dari awal mangle sesuaikan nama interface yang digunakan untuk upsteam dan downsteam, sdh saya tambahkan pada bagian perfection II artikel ini.
DeleteBli, Yang Di atas Itu kan udah update yah, jadi seumpama mau ganti tinggal edit di firewall mangle download sama streaming kan, disesuaikan ke layer 7 nya apa aja namanya????
DeleteUntuk Game Saya Pake Firewall filter, saya masukkan port gamenya dan saya action add dst to address list, hasilnya work Bli, yang saya tanyakan gimana agar di firewall mangle dapat me limit per IP untuk Client Game, yang menggunakan Metode saya???
setahu saya firewall filter hanya untuk meloloskan atau tidak meloloskan paket2 koneksi, tidak untuk melakukan marking. Paket-mark hanya bisa dibuat di firewall mangle kemudian paket-mark ini yang di queue. Saya hanya bisa menyarankan firewall mangle untuk bisa melakukan proses antrean (queue) untuk paket2 koneksi!
DeleteSaya Menggunakan Firewall Filter hanya untuk mempaketkan dst-port dari port game untuk saya jadikan address list, setelah saya jadikan address list saya paketkan di firewall mangle yang berfungsi untuk memisah paket game, dan akan saya lanjutkan di queue tree, untuk config saya bisa dilihat di url ini agar Bli Mengerti apa yang saya maksudkan...
ReplyDeletehttp://www.tusfiles.net/un9weinkpmsd
Wah menarik sekali! most interesting!
Deletemaaf Rendika kl sharing link gambar langsung disini aja, biar temen-temen yg lain bisa langsung ngelihat. tusfiles banyak sekali buka popup link!
dengan format:
<img>url gambar.jpg</img>
ganti <> menjadi []
kalo ngririm script snippets gini aja biasanya kan gini
<pre>script snippets</pre>
ganti <> menjadi []
agar mudah dilihat ama yang lain, trims..!
contohnya:
[img]http://1.bp.blogspot.com/-LiZQrom5AnA/UqrS597sjtI/AAAAAAAAEhk/gzr0D2LpZ50/s1600/perfection+queue+tree.jpg[/img]
Bli Layer 7 nya gak salah kah ??? Koq Di Mikrotik saya tampil kayak gini, saat add layer 7 dan regexp nya enggak muncul ini SS nya
Deletehttp://prntscr.com/6iklmv
Bli Layer 7 Untuk Download Masih Belum aktif, tlong di update lagi, saya ini memakai layer 7 yang di atas itu tapi tetep ini SS nya
Deletehttp://prntscr.com/6ikpts
Iya bener harus di update regexpnya, ada perubahan syntax yang harus dilakukan, sejak kapan ini berubah?
DeleteLho Saya Ngambil Script itu dari Postingan Bli Di atas....
ReplyDeleteSudah saya perbaiki, coba dilihat kembali mudah2an ga ada salah ketik. Silahkan dikembangkan dan dimodifikasi sesuai keinginan!
Delete[img]http://1.bp.blogspot.com/-4oKiR0yS5zY/VQrVO_CfAyI/AAAAAAAAFCI/5MdBng-BmKQ/s1600/download-packet2.jpg[/img]
[img]http://2.bp.blogspot.com/-OGsfqlGITsQ/VQrVNtdrjxI/AAAAAAAAFB8/OLiAD0R4Oi4/s1600/download-packet.jpg[/img]
Yang Bli ganti cuma di Layer 7 sama mangle yang diarahkan ke layer 7 kan yang lainnya tetep kayak config yang dulu kan ???
ReplyDeleteSaya akan Mencoba config ini hari senin Bli soalnya sekolah masih libur saya mencobanya di sekolah, Terima Kasih Telah Di Update Bli, setelah saya Implementasikan akan saya upload hasilnya Bli, untuk imagenya Bli Upload dimana???
Config an saya yang Memaketkan Semua Port game di firewall filter apa Bli terapkan Di Server Bli ??
Facebook Bli apa ???
ReplyDeleteSelamat Hari Raya Nyepi Bli... :D
ReplyDeleteTerima Kasih Bli Limitan saya Telah berjalan Semua, Game, Browsing, Download, Upload, Streaming, Ini SS nya Maaf gak bisa seperti contoh diatas soalnya saya gak tau harus upload dimana,
ReplyDeleteIni Untuk SS Streaming dan Download File Exe..
http://prntscr.com/6l328h
Ini Untuk Gamenya
http://prntscr.com/6l31qz
Bisa bisikin mangle gamenya bro, soalnya punya ane blom ketangkep nih , pusing pala ane hehehe....
Deletesalam kenal bg agus,
ReplyDeletemaaf saya mau nanya bg agus, itu script diatas saya terapkan di Mikrotik saya untuk game Online trafficnya gk nangkep, kira2 apa ya mas, saya pake RB750 mas, mohon masukan nya mas agus
Maaf sebelumnya buat temen-temen penggemar mikrotik belum bisa menjawab semua comment dan pertanyaan, karena keterbatasan kesibukan dan waktu yang saya miliki. Queue game disini manangkap paket koneksi melalui port yang digunakan game tersebut. Jika ga tertangkap sama sekali ada beberapa kemungkinan
ReplyDelete1. port game yang digunakan tidak ada di list port pada marking mangle game yang kita pakai. Harus tau port gamenya, lebih baik lagi jika rentang IP public yang digunakan servernya.
2. ada kesalahan difinisi paket upload dan download pada mangle paling atas sekali
3. ada kesalahan dalam pemisahan dengan paket2 koneksi lainnya. Cek src dan dstnya
terimakasih bg agus, uda kasi pencerahan nya...
DeleteIya Untuk Upload Bisanya Brada Di scr nya... Untuk itu coba lihat brada dimana upstream clientnnya
ReplyDeleteBli Cara agar Mikrotik bisa diremote dari jauh, dengan kondisi ether 1 yang connect ke modem selalu mendapat ip yang berubah-rubah itu bagai mana cara agar dapat diremote dari publick atau dari jarak jauh walaupun tidak connect ke area internetnya dari mikrotik tersebut....
ReplyDeletequestion:
ReplyDeletei have 1 client with 2 ip address using the same mac address(softxpand) , i try the setup above but the 2nd rules for the 2nd ip add is not working it passes/hits the 1st rule for the 1st ip add. i like to separate the rules for the 2 ip addresses. please help
Hello, in this configuration, how to adding rules squid3? .. In mangle first place?
ReplyDeletepak ketut kalo saya punya 3 jaringan Lan, buat queue nya seperti apa ya?
ReplyDeletesoalnya googling banyak nya menjelaskan dengan 1 lan saja.tks
This comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
ReplyDelete
ReplyDeletenice job ^_^
limit game di queue tree ga ad trafficny (Byte Packet masih 0)knp ya? port dari setiap game sudah di maukan ke mangel game? ada solusinya?
ReplyDeleteapakah ini kalo yang make cuma 1 client nanti otomatis dapat Full Bandwith dan bila 2 client otomatis terbagi 3, dst.
ReplyDeleteThis comment has been removed by the author.
ReplyDelete/ip firewall mangle
ReplyDeleteadd action=mark-connection chain=prerouting disabled=no in-interface=ether1 new-connection-mark=all-inconn passthrough=yes comment="CONNECTION-IN"
add action=mark-connection chain=forward disabled=no in-interface=wlan1 new-connection-mark=all-outconn passthrough=yes comment="CONNECTION-OUT"
Mas agus untuk interface CONNECTION-IN dan CONNECTION-OUT sama-sama memakai "in-interface" ya
ether1 = yang menuju ke modem? (biasa saya buat public)
wlan1 = yg ke jaringan lokal (hub) ya bli..maaf masih nubi habis
why sometimes i download some files it goes directly to streaming queue tree instead of Download queue?
ReplyDeleteplease help me about this one. i cant get it work in my hap lite 6.34.1
ReplyDeletethis is my facebook account dice4real_143@yahoo.com or Nikko Fernandez
Permisi Bli Masih Sering Blogger an Kah saya mau Tanya-tanya Bli Seputar Postingan Bli ini
ReplyDeletehello it seems i cant capture gaming packet using this script
ReplyDeleteDear Suardika, thanks for a nice solution ....it is working in v6 also after a slight change in "GLOBAL" instead of "GLOBAL-IN"
ReplyDeleteI need your suggestion on following points ------
- may i use a block like /24 or /22 instead of single IP?
amigão sou brasileiro gostaria de saber se vc tem alguma regra que usa o thundercache v2.2.0 ou se vc disponibiliza a fazer uma analize no meu sistema com os dados que tenho aqui e fizesse as configurações para mim direto no meu sistema e quanto vc cobra por isto?
ReplyDeleteHello sir, thanks for this very informative post and instruction.
ReplyDeleteIm only new in Mikrotik and doing small scale networks. I have a new Haplite 941 (i think), can i just use the scripts posted here and paste it in the terminal to configure my mikrotik modem like the one posted here . I only have 6 pc (client) no billing or master, and have a 10mbps connection.
do i have to configure each pc's IP or get their assigned IP by the modem/switch.
thanks and have a nice day.
This comment has been removed by the author.
ReplyDeletekenapa upload browsing dan upload game tdk di pisahkan,, lag dong..
ReplyDeleteTraffic mangle Game onlineya kok gak jalan yah mang ?
ReplyDeletemakasih bli ijin copas
ReplyDeletebli klo client download lewat IDM kok lolos ya, gak masuk ke parent download
ReplyDeletemin, mengubah limit per client 1-254 sekaligus gimana ya caranya? semisal kita sudah mempunyai limit 128k, lalu ingin diganti menjadi 256k, agar tidak repot-repot untuk merubah 1 persatu (sekalian). Mohon bantuannya min, thx sebelumnnya
ReplyDeleteThis comment has been removed by the author.
ReplyDeletethis rules is intended for router OS version 5, what version router OS you have used?
DeleteOnline Betting Fast-paced games
ReplyDeleteคาสิโนออนไลน์ New options for people interested in online gambling games that make all of them into fun activities that can play online games on our mobile easily. Gambling is one thing that will give you a good chance. Playing a good casino game It is an alternative way to make us have an extra income with it. Entertainment is not to be missed. It is a part that will increase the path to success of all of you as well. Have fun with us. We are glad to recommend good gambling games.
Meet all needs and new opportunities. The success of the best bet. No matter where you are It gives you a good chance. Get into online gambling games as often as needed. Can apply once. Players can collect money in the round, quickly withdrawn. It is suitable for all players to get into new forms. We have a true view of fun. Do not waste time traveling on the mobile, it is the easiest way to make money on the site. คาสิโนออนไลน์
Hi, Good Day,
ReplyDeleteI Have a question, in your first scipt, their is master and billing packets, what are those for? is ok to revome them?
Because in your final script i don't see those packets! the master and billing!
Im guessing its ok for me not to include it?
Am i right?
Thanks if you can answer my question!
i'm playing an online game that uses p2p on their server connection. meaning, port forwarding is not possible for that game. can you give me a script that can help me connect to this game with less traffic and less lag? thank you very much.
ReplyDeleteom saya pakai paket 20Mbps cara edit nya gimana
ReplyDelete