I don't think it will work, it won't do anything, in my tests I have found anything under 64k limit really does nothing most of the time. Regards Paul -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:26 PM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] simple queue I used the line from the wiki page /queue simple> add name=server target=10.1.1.1/32 max-limit=0/0 max-limit =0/0 doesn't show up on export [admin@ybortr1] /queue simple> print Flags: X - disabled, I - invalid, D - dynamic 0 ;;; guest to yb network is max name="guestYB" target=10.0.0.0/8 dst=10.0.0.0/8 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 1 ;;; YBGuest to internet name="guestInternet" target=10.172.202.0/24 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=10M/10M burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Mike Everest Sent: Tuesday, 17 May 2016 2:21 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue Hi Alex, You have not specified any data limits for the first rule - add some value (e.g. max-limit=10G/10G) then it will start firing! :-) Cheers, Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:12 PM To: public@talk.mikrotik.com.au Subject: Re: [MT-AU Public] simple queue
Okay another attempt
/queue simple add comment="guest to yb network is max" dst=10.0.0.0/8 name=guestYB target=10.172.202.0/24 add comment="YBGuest to internet" max-limit=10M/10M name=guestInternet target=10.172.202.0/24
no other rules, remove the mangle rules
the bottom works, everything gets limited.
The top one is meant to capture guest to internal ip addresses but it doesn't seem to work.
A
-----Original Message----- From: Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 11:47 AM To: public@talk.mikrotik.com.au Subject: simple queue
Hi
Trying to limit up / down from 10.172.202.0/24 to the internet
http://wiki.mikrotik.com/wiki/Manual:Queue#Queue_Types http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle
/queue simple remove [ find where ! dynamic ] add comment="ratelimit for yboGuest network and only for marked packets" max-limit=10M/10M name=guestToInternet packet-marks=guestInternet target=10.172.202.0/24
/ip firewall mangle remove [ find where ! dynamic ]
add action=mark-packet chain=forward new-packet-mark=guestInternet dst- address=10.172.202.0/24 src-address=!10.0.0.0 place-before=0 comment="Internet to guest" add action=mark-packet chain=forward dst-address=!10.0.0.0 src- address=10.172.202.0/24 new-packet-mark=guestInternet place-before=0 comment="Guest to internet"
I can see packets matching the mangle rules but not in the queue.
Also I am using fastconnect which is why I have the pattern matching mangle rules above the fastconnect rules ... if that matters !
Do I have to turn of fast connect or what am I doing wrong !!!
A
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au