-
1 Anexo(s)
Coloquei assim da uma olhada vê se tem alguma coisa errada !
Segue abaixo as regras:
/ip firewall mangle
add action=mark-connection chain=postrouting comment=\
"MARCA\C7\C3O COM E SEM ( TOS )" disabled=no dscp=12 new-connection-mark=\
n-cache passthrough=yes protocol=tcp src-port=3128
add action=mark-connection chain=postrouting comment="" disabled=no dscp=!12 \
new-connection-mark=s-cache passthrough=yes protocol=tcp src-port=3128
add action=mark-packet chain=postrouting comment="CACHE FULL (( MK-AUTH ))" \
connection-mark=n-cache disabled=no new-packet-mark=Cache-Packet \
passthrough=no
add action=mark-connection chain=prerouting comment="QoS - Http" disabled=no \
dst-port=80 new-connection-mark=conexao-http passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=\
conexao-http disabled=no new-packet-mark=pacotes-http passthrough=yes
add action=mark-connection chain=prerouting comment="QoS - MSN" disabled=no \
dst-port=1863 new-connection-mark=Messenger-Conexao passthrough=yes \
protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=\
1863 new-connection-mark=Messenger-Conexao passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=\
6891-6901 new-connection-mark=Messenger-Conexao passthrough=yes protocol=\
tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=\
6891-6901 new-connection-mark=Messenger-Conexao passthrough=yes protocol=\
udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=\
5190 new-connection-mark=Messenger-Conexao passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=\
Messenger-Conexao disabled=no new-packet-mark=Messenger-Pacotes \
passthrough=no
add action=change-mss chain=forward comment="Alterar MSS do MSN para 1440" \
disabled=no dst-port=1863 new-mss=1440 protocol=tcp tcp-flags=syn \
tcp-mss=1441-65535
Agora só falta eu montar o queue Tree
Anexo 8523
-
1 Anexo(s)
Montei um queue tree aqui vê se esta certo ! ?
Anexo 8524
-
Pronto.. As suas configurações estão corretas!
Seguem as configurações da minha queue tree dos pacotes de HTTP e MSN:
name="QoS - 1" parent=global-total packet-mark="" limit-at=0 priority=1
max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
name="1-Messenger" parent=QoS - 1 packet-mark=Messenger-Pacotes limit-at=>
queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
name="7-Http-Geral" parent=QoS - 1 packet-mark=pacotes-http limit-at=0
queue=default priority=7 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
-
Beleza Se pode posta ai qual foi a marcação que vc fez. no Mangle do QOS ! porque para mim montar esse queue tree preciso da marcação do qos no mangle ! como segue ai nas suas regras !
-
1 Anexo(s)
Segue o passo-a-passo detalhado:
:: QOS HTTP
1º - Marca os pacotes HTTP porta 80:
/ ip firewall mangle
add chain=prerouting protocol=tcp dst-port=80 action=mark-connection \
new-connection-mark=http_conn passthrough=yes comment="MARCA PACOTES HTTP" \
disabled=no
add chain=prerouting connection-mark=http_conn action=mark-packet \
new-packet-mark=http passthrough=yes comment="" disabled=no
2º - Cria a queue tree com reserva de banda desejada e prioriza em 1 ou 2:
/ queue tree
add name="HTTP_down" parent=global-in packet-mark=http limit-at=100000 queue=default priority=2 max-limit=256000 \
burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
:: QOS MSN
ip firewall mangle
add chain=prerouting protocol=tcp src-port=1863 action=mark-packet new-packet-mark=msn-out passthrough=yes comment="MSN" \
disabled=no
add chain=prerouting protocol=tcp dst-port=1863 action=mark-packet new-packet-mark=msn-in passthrough=yes comment="" \
disabled=no
add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=1360 comment="" disabled=no
-------------
queues tree
add name="msn-in" parent=global-in packet-mark=msn-in limit-at=256000 queue=default priority=1 max-limit=256000 \
burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
add name="msn-out" parent=global-out packet-mark=msn-out limit-at=300000 queue=default priority=1 max-limit=300000 \
burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
:: QOS VOIP
/ ip firewall mangle
new-connection-mark=teste passthrough=yes comment="PORTAS ALTAS - VOIP" \
disabled=no
add chain=prerouting connection-mark=teste action=mark-packet \
new-packet-mark=teste2 passthrough=yes comment="" disabled=no
add chain=prerouting protocol=udp src-port=1571 action=mark-connection \
new-connection-mark=voip_out passthrough=yes comment="VOIP-OUT" \
disabled=no
add chain=prerouting connection-mark=voip_out action=mark-packet \
new-packet-mark=VOIP_OUT passthrough=yes comment="" disabled=no
add chain=prerouting protocol=udp src-port=5060 action=mark-connection \
new-connection-mark=voip_in passthrough=yes comment="VOIP-IN" disabled=no
add chain=prerouting connection-mark=voip_in action=mark-packet \
new-packet-mark=VOIP_IN passthrough=yes comment="" disabled=no
add chain=postrouting protocol=udp dst-port=1571 action=mark-connection \
new-connection-mark=voip3 passthrough=yes comment="VOIP \(PORTA EXTERNA DA \
VONO\)" disabled=no
add chain=postrouting connection-mark=voip3 action=mark-packet \
new-packet-mark=voip3 passthrough=yes comment="" disabled=no
add chain=output connection-state=new action=mark-connection \
new-connection-mark=teste passthrough=yes comment="" disabled=no
Ae colocas estas no queue tree:
/ queue tree
add name="voip_in" parent=global-in packet-mark=VOIP_IN limit-at=200000 \
queue=default priority=1 max-limit=200000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name="voip_out" parent=global-out packet-mark=VOIP_OUT limit-at=128000 \
queue=default priority=1 max-limit=128000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name="voip_in2" parent=global-out packet-mark=VOIP_IN limit-at=200000 \
queue=default priority=1 max-limit=200000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name="voip_out2" parent=global-in packet-mark=VOIP_OUT limit-at=128000 \
queue=default priority=1 max-limit=128000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name="queue1" parent=global-in packet-mark=teste2 limit-at=200000 \
:: Anexo segue o QOS utilizando Layer-7