Queue Tree UPSTREAM klienta

[mephcz]

Zdravím,

Mám na RB750UP udělaný skript který mi vytvoří Queue Tree kde mám omezení na Stream, Download a Browsing

Muj cíl je abych u každého klienta měl i položku UPLOAD kde mu můžu stanovit rychlost. Momentálně se mi rychlost UP řídí stejnými podmínkami jako DOWN což není příliš žádoucí.

Jsem mikrotiky začátečník tak se momentálně rozkoukávám

fw skript:

/ip firewall mangle
add action=mark-connection chain=prerouting comment="CONNECTION-IN" disabled=no dst-address-list=!MikroTik in-interface=WAN new-connection-mark=All-Inconn passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=All-Inconn disabled=no new-packet-mark=All-inpkt passthrough=yes
add action=mark-connection chain=forward comment="CONNECTION-OUT" disabled=no new-connection-mark=All-Outconn out-interface=HOST passthrough=yes
add action=mark-packet chain=forward comment="" connection-mark=All-Outconn disabled=no new-packet-mark=All-Outpkt passthrough=yes

/queue tree
add name=All-Bandwidth parent=global-out packet-mark=All-Outpkt queue=default priority=1 max-limit=6M


/ip firewall mangle

add action=mark-connection chain=forward comment="Client1" disabled=no dst-address=10.0.1.39 new-connection-mark=Client1-conn passthrough=yes connection-mark=All-Outconn
add action=mark-packet chain=forward comment="" new-packet-mark=Client1-pkt passthrough=yes connection-mark=Client1-conn
add action=mark-connection chain=forward comment="Client2" disabled=no dst-address=10.0.1.40 new-connection-mark=Client2-conn passthrough=yes connection-mark=All-Outconn
add action=mark-packet chain=forward comment="" new-packet-mark=Client2-pkt passthrough=yes connection-mark=Client2-conn


/queue tree

add name=Client1 parent=All-Bandwidth packet-mark=Client1-pkt queue=default priority=1 limit-at=1500k max-limit=1750k burst-limit=2000k burst-threshold=192k burst-time=2s
add name=Client2 parent=All-Bandwidth packet-mark=Client2-pkt queue=default priority=1 limit-at=1500k max-limit=1750k burst-limit=2000k burst-threshold=192k burst-time=2s



/ip firewall layer7-protocol
add comment="" name=download regexp="^.*get.+\\.(exe|rar|iso|zip|7zip|flv|mkv|avi|mp4|3gp|rmvb|mp3|img|dat|mov).*\$"

/ip firewall mangle
add comment=Client1-Down chain=forward layer7-protocol=download action=mark-packet new-packet-mark=client1-dpkt passthrough=no connection-mark=Client1-conn
add comment=Client2-Down chain=forward layer7-protocol=download action=mark-packet new-packet-mark=client2-dpkt passthrough=no connection-mark=Client2-conn


/queue tree
add name=Client1-Down parent=Client1 packet-mark=client1-dpkt queue=default priority=6 limit-at=1500k max-limit=1600k burst-limit=1600k burst-threshold=135k burst-time=2s
add name=Client2-Down parent=Client2 packet-mark=client2-dpkt queue=default priority=6 limit-at=1500k max-limit=1600k burst-limit=1600k burst-threshold=135k burst-time=2s



/ip firewall layer7-protocol
add comment="" name=streaming regexp="^.*get.+\\.(youtube.com|cdn.dailymotion.com|metacafe.com|mccont.com).*\$"
/ip firewall layer7-protocol
add comment="" name=streaming regexp="videoplayback|video"


/ip firewall mangle
add comment=Client1-Streams chain=forward layer7-protocol=streaming action=mark-packet new-packet-mark=client1-spkt passthrough=no connection-mark=Client1-conn
add comment=Client2-Streams chain=forward layer7-protocol=streaming action=mark-packet new-packet-mark=client2-spkt passthrough=no connection-mark=Client2-conn


/queue tree
add name=Client1-Streams parent=Client1 packet-mark=client1-spkt queue=default priority=8 limit-at=600k max-limit=800k burst-limit=1000k burst-threshold=165k burst-time=2s
add name=Client2-Streams parent=Client2 packet-mark=client2-spkt queue=default priority=8 limit-at=600k max-limit=800k burst-limit=1000k burst-threshold=165k burst-time=2s



/ip firewall mangle
add action=mark-connection chain=forward comment="CLIENT1-BROWSING-CONN" connection-bytes=0-1000000 dst-port=80,443 passthrough=no protocol=tcp new-connection-mark=Client1-bconn connection-mark=Client1-conn
add action=mark-packet chain=forward comment="" new-packet-mark=client1-bpkt packet-mark=!client1-spkt,client1-dpkt passthrough=no connection-mark=Client1-conn
add action=mark-connection chain=forward comment="CLIENT2-BROWSING-CONN" connection-bytes=0-1000000 dst-port=80,443 passthrough=no protocol=tcp new-connection-mark=Client2-bconn connection-mark=Client2-conn
add action=mark-packet chain=forward comment="" new-packet-mark=client2-bpkt packet-mark=!client2-spkt,client2-dpkt passthrough=no connection-mark=Client2-conn


/queue tree
add name="Client1-Browsing" parent=Client1 packet-mark=client1-bpkt queue=default priority=2 limit-at=1500k max-limit=1650k burst-limit=1700k burst-threshold=192k burst-time=2s
add name="Client2-Browsing" parent=Client2 packet-mark=client2-bpkt queue=default priority=2 limit-at=1500k max-limit=1650k burst-limit=1700k burst-threshold=192k burst-time=2s

[frito]

Docela složité řízení ale to je na tobě.
Stahování ošetříš markováním Dst-adr=x.x.x.x to tam máš stejná pravidla vytvoříš pro upload jen tam místo dst-adr dáš scr-adr = x.x.x.x a omarkuješ to například client1_upload
A pak si v Que-tree vytvoříš stejný strom jako máš teď pokud budeš chtít řídit provoz stejně
Pokud ti bude jedno co uploaduje tak to můžeš značně zjednodušit.