On Sat, 2018-02-03 at 13:43 +1100, Mike Everest wrote:
if the interface is configured as a bridge port, then define the bridge as the interface for queue not the physical port.
Thanks - but still no go. The bridge has three interfaces in it - ether2, wlan1, wlan2. ether3 and ether4 are slaved to ether2. ether5 has been split off as a management port, nothing on it for these tests. The network on the bridge (actually on ether2) is 192.168.100.0/24. The bridge settings are: use-ip-firewall: yes use-ip-firewall-for-vlan: no use-ip-firewall-for-pppoe: no allow-fast-path: yes bridge-fast-path-active: no bridge-fast-path-packets: 0 bridge-fast-path-bytes: 0 bridge-fast-forward-packets: 0 bridge-fast-forward-bytes: 0 My queue looks like this (formatting edits only): Flags: X - disabled, I - invalid, D - dynamic 0 name="test" target=bridge parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=10k/10k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s bucket-size=0.1/0.1 With target=ether1, nothing moves. With target=bridge, the queue has no effect at all. With target=192.168.100.0/24, the queue seems to slow down interactive access to the router dramatically (leading to unfounded optimism), but a file transfer in Firefox scoots up to 100 kiloBYTES per second average over a 50 megabyte download. The thing is, without the queue the transfer happens at 1.2 megabytes per second, so clearly the queue is doing something! Just not remotely like what I am expecting. In desperation I set max-limit to 1000/1000 and things almost stopped :-) Interaction with the router CLI involved multi-minute delays. The browser was rendered unusable, so could not see whether the download was any slower. What am I missing? This seems like a totally simple thing to want, it must be a common requirement, how come it is so danged hard to achieve? "That link there - allow no more than X bps inbound and Y bps outbound". Regards, K.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Karl Auer Sent: Friday, 2 February 2018 11:21 PM To: MikroTik Public <public@talk.mikrotik.com.au> Subject: [MT-AU Public] queue noob
I bought an HAP ac lite, intending to use it as a throttle between a bunch of evil leeching wifi users and a client's tender defenseless Internet router. I have had a test unit (an older 951 unit) in there and used the bandwidth command on the relevant ethernet port. That worked a treat.
Turns out none of the interfaces on the HPA ac line support the set bandwidth command :-(
So I have turned to queues. I cannot figure them out. This command should IMHO limit the total bandwidth coming IN to ether1 to 1 megabit, and the total bandwidth for traffic LEAVING ether1 to 500 kilobits:
/queue simple add target=ether1 queue=ethernet-default/ethernet-default max- limit=500K/1M
But when I do that, nothing moves over ether1 (which is the link between the HAP and the Internet router).
So I deleted that queue and tried this (192.168.100.0/24 is the network containing the leeches - wlan1, wlan2, ether2/3/4 bridged):
/queue simple add target=192.168.100.0/24 queue=ethernet-default/ethernet-default max- limit=500K/1M
Traffic flows over ether1, but this in no way limits the bandwidth to anything like those values. If I use 10K/10K instead and then download a file in Firefox, I see the transfer rate start at 12KB/s (kilobytes per second) and creep steadily up to around 100KB/s by the time the whole 50MB file has been downloaded. That's in stark contrast to the 1 or 2 megabytes per second I get without the queue, so *something* is happening, it just doesn't seem very predictable. Ideas would be very welcome... Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~ Karl Auer (kauer@nullarbor.com.au) work +61 2 64957435 http://www.nullarbor.com.au mobile +61 428 957160
GPG fingerprint: 8454 EE43 6215 B6DD 1B4D 9D8D 984D 7BA1 7378 A38D Old fingerprint: 58F8 09D4 97E4 D74A 0940 44BC 8D6D C28C 3BC9 B0CB
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.c om.au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com .au
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@nullarbor.com.au) work +61 2 64957435 http://www.nullarbor.com.au mobile +61 428 957160 GPG fingerprint: 8454 EE43 6215 B6DD 1B4D 9D8D 984D 7BA1 7378 A38D Old fingerprint: 58F8 09D4 97E4 D74A 0940 44BC 8D6D C28C 3BC9 B0CB