Okay another attempt /queue simple add comment="guest to yb network is max" dst=10.0.0.0/8 name=guestYB target=10.172.202.0/24 add comment="YBGuest to internet" max-limit=10M/10M name=guestInternet target=10.172.202.0/24 no other rules, remove the mangle rules the bottom works, everything gets limited. The top one is meant to capture guest to internal ip addresses but it doesn't seem to work. A -----Original Message----- From: Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 11:47 AM To: public@talk.mikrotik.com.au Subject: simple queue Hi Trying to limit up / down from 10.172.202.0/24 to the internet http://wiki.mikrotik.com/wiki/Manual:Queue#Queue_Types http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle /queue simple remove [ find where ! dynamic ] add comment="ratelimit for yboGuest network and only for marked packets" max-limit=10M/10M name=guestToInternet packet-marks=guestInternet target=10.172.202.0/24 /ip firewall mangle remove [ find where ! dynamic ] add action=mark-packet chain=forward new-packet-mark=guestInternet dst-address=10.172.202.0/24 src-address=!10.0.0.0 place-before=0 comment="Internet to guest" add action=mark-packet chain=forward dst-address=!10.0.0.0 src-address=10.172.202.0/24 new-packet-mark=guestInternet place-before=0 comment="Guest to internet" I can see packets matching the mangle rules but not in the queue. Also I am using fastconnect which is why I have the pattern matching mangle rules above the fastconnect rules ... if that matters ! Do I have to turn of fast connect or what am I doing wrong !!! A
Hi Alex, You have not specified any data limits for the first rule - add some value (e.g. max-limit=10G/10G) then it will start firing! :-) Cheers, Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:12 PM To: public@talk.mikrotik.com.au Subject: Re: [MT-AU Public] simple queue
Okay another attempt
/queue simple add comment="guest to yb network is max" dst=10.0.0.0/8 name=guestYB target=10.172.202.0/24 add comment="YBGuest to internet" max-limit=10M/10M name=guestInternet target=10.172.202.0/24
no other rules, remove the mangle rules
the bottom works, everything gets limited.
The top one is meant to capture guest to internal ip addresses but it doesn't seem to work.
A
-----Original Message----- From: Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 11:47 AM To: public@talk.mikrotik.com.au Subject: simple queue
Hi
Trying to limit up / down from 10.172.202.0/24 to the internet
http://wiki.mikrotik.com/wiki/Manual:Queue#Queue_Types http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle
/queue simple remove [ find where ! dynamic ] add comment="ratelimit for yboGuest network and only for marked packets" max-limit=10M/10M name=guestToInternet packet-marks=guestInternet target=10.172.202.0/24
/ip firewall mangle remove [ find where ! dynamic ]
add action=mark-packet chain=forward new-packet-mark=guestInternet dst- address=10.172.202.0/24 src-address=!10.0.0.0 place-before=0 comment="Internet to guest" add action=mark-packet chain=forward dst-address=!10.0.0.0 src- address=10.172.202.0/24 new-packet-mark=guestInternet place-before=0 comment="Guest to internet"
I can see packets matching the mangle rules but not in the queue.
Also I am using fastconnect which is why I have the pattern matching mangle rules above the fastconnect rules ... if that matters !
Do I have to turn of fast connect or what am I doing wrong !!!
A
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
I used the line from the wiki page /queue simple> add name=server target=10.1.1.1/32 max-limit=0/0 max-limit =0/0 doesn't show up on export [admin@ybortr1] /queue simple> print Flags: X - disabled, I - invalid, D - dynamic 0 ;;; guest to yb network is max name="guestYB" target=10.0.0.0/8 dst=10.0.0.0/8 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 1 ;;; YBGuest to internet name="guestInternet" target=10.172.202.0/24 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=10M/10M burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Mike Everest Sent: Tuesday, 17 May 2016 2:21 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue Hi Alex, You have not specified any data limits for the first rule - add some value (e.g. max-limit=10G/10G) then it will start firing! :-) Cheers, Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:12 PM To: public@talk.mikrotik.com.au Subject: Re: [MT-AU Public] simple queue
Okay another attempt
/queue simple add comment="guest to yb network is max" dst=10.0.0.0/8 name=guestYB target=10.172.202.0/24 add comment="YBGuest to internet" max-limit=10M/10M name=guestInternet target=10.172.202.0/24
no other rules, remove the mangle rules
the bottom works, everything gets limited.
The top one is meant to capture guest to internal ip addresses but it doesn't seem to work.
A
-----Original Message----- From: Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 11:47 AM To: public@talk.mikrotik.com.au Subject: simple queue
Hi
Trying to limit up / down from 10.172.202.0/24 to the internet
http://wiki.mikrotik.com/wiki/Manual:Queue#Queue_Types http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle
/queue simple remove [ find where ! dynamic ] add comment="ratelimit for yboGuest network and only for marked packets" max-limit=10M/10M name=guestToInternet packet-marks=guestInternet target=10.172.202.0/24
/ip firewall mangle remove [ find where ! dynamic ]
add action=mark-packet chain=forward new-packet-mark=guestInternet dst- address=10.172.202.0/24 src-address=!10.0.0.0 place-before=0 comment="Internet to guest" add action=mark-packet chain=forward dst-address=!10.0.0.0 src- address=10.172.202.0/24 new-packet-mark=guestInternet place-before=0 comment="Guest to internet"
I can see packets matching the mangle rules but not in the queue.
Also I am using fastconnect which is why I have the pattern matching mangle rules above the fastconnect rules ... if that matters !
Do I have to turn of fast connect or what am I doing wrong !!!
A
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
So,.... Try setting limit to a non-zero value ;) Cheers! Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:26 PM To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue
I used the line from the wiki page
/queue simple> add name=server target=10.1.1.1/32 max-limit=0/0
max-limit =0/0 doesn't show up on export
[admin@ybortr1] /queue simple> print Flags: X - disabled, I - invalid, D - dynamic 0 ;;; guest to yb network is max name="guestYB" target=10.0.0.0/8 dst=10.0.0.0/8 parent=none packet- marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max- limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s
1 ;;; YBGuest to internet name="guestInternet" target=10.172.202.0/24 parent=none packet- marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max- limit=10M/10M burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Mike Everest Sent: Tuesday, 17 May 2016 2:21 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue
Hi Alex,
You have not specified any data limits for the first rule - add some value (e.g. max-limit=10G/10G) then it will start firing! :-)
Cheers, Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:12 PM To: public@talk.mikrotik.com.au Subject: Re: [MT-AU Public] simple queue
Okay another attempt
/queue simple add comment="guest to yb network is max" dst=10.0.0.0/8 name=guestYB target=10.172.202.0/24 add comment="YBGuest to internet" max-limit=10M/10M name=guestInternet target=10.172.202.0/24
no other rules, remove the mangle rules
the bottom works, everything gets limited.
The top one is meant to capture guest to internal ip addresses but it doesn't seem to work.
A
-----Original Message----- From: Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 11:47 AM To: public@talk.mikrotik.com.au Subject: simple queue
Hi
Trying to limit up / down from 10.172.202.0/24 to the internet
http://wiki.mikrotik.com/wiki/Manual:Queue#Queue_Types http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle
/queue simple remove [ find where ! dynamic ] add comment="ratelimit for yboGuest network and only for marked packets" max-limit=10M/10M name=guestToInternet packet-marks=guestInternet target=10.172.202.0/24
/ip firewall mangle remove [ find where ! dynamic ]
add action=mark-packet chain=forward new-packet-mark=guestInternet dst- address=10.172.202.0/24 src-address=!10.0.0.0 place-before=0 comment="Internet to guest" add action=mark-packet chain=forward dst-address=!10.0.0.0 src- address=10.172.202.0/24 new-packet-mark=guestInternet place-before=0 comment="Guest to internet"
I can see packets matching the mangle rules but not in the queue.
Also I am using fastconnect which is why I have the pattern matching mangle rules above the fastconnect rules ... if that matters !
Do I have to turn of fast connect or what am I doing wrong !!!
A
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
I don't think it will work, it won't do anything, in my tests I have found anything under 64k limit really does nothing most of the time. Regards Paul -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:26 PM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] simple queue I used the line from the wiki page /queue simple> add name=server target=10.1.1.1/32 max-limit=0/0 max-limit =0/0 doesn't show up on export [admin@ybortr1] /queue simple> print Flags: X - disabled, I - invalid, D - dynamic 0 ;;; guest to yb network is max name="guestYB" target=10.0.0.0/8 dst=10.0.0.0/8 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 1 ;;; YBGuest to internet name="guestInternet" target=10.172.202.0/24 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=10M/10M burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Mike Everest Sent: Tuesday, 17 May 2016 2:21 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue Hi Alex, You have not specified any data limits for the first rule - add some value (e.g. max-limit=10G/10G) then it will start firing! :-) Cheers, Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:12 PM To: public@talk.mikrotik.com.au Subject: Re: [MT-AU Public] simple queue
Okay another attempt
/queue simple add comment="guest to yb network is max" dst=10.0.0.0/8 name=guestYB target=10.172.202.0/24 add comment="YBGuest to internet" max-limit=10M/10M name=guestInternet target=10.172.202.0/24
no other rules, remove the mangle rules
the bottom works, everything gets limited.
The top one is meant to capture guest to internal ip addresses but it doesn't seem to work.
A
-----Original Message----- From: Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 11:47 AM To: public@talk.mikrotik.com.au Subject: simple queue
Hi
Trying to limit up / down from 10.172.202.0/24 to the internet
http://wiki.mikrotik.com/wiki/Manual:Queue#Queue_Types http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle
/queue simple remove [ find where ! dynamic ] add comment="ratelimit for yboGuest network and only for marked packets" max-limit=10M/10M name=guestToInternet packet-marks=guestInternet target=10.172.202.0/24
/ip firewall mangle remove [ find where ! dynamic ]
add action=mark-packet chain=forward new-packet-mark=guestInternet dst- address=10.172.202.0/24 src-address=!10.0.0.0 place-before=0 comment="Internet to guest" add action=mark-packet chain=forward dst-address=!10.0.0.0 src- address=10.172.202.0/24 new-packet-mark=guestInternet place-before=0 comment="Guest to internet"
I can see packets matching the mangle rules but not in the queue.
Also I am using fastconnect which is why I have the pattern matching mangle rules above the fastconnect rules ... if that matters !
Do I have to turn of fast connect or what am I doing wrong !!!
A
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
Okay lets forget about the limit bit I can always set to a large number When I watch it with print stats int=1 I see no packet registered against it. A -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Paul Julian Sent: Tuesday, 17 May 2016 2:39 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue I don't think it will work, it won't do anything, in my tests I have found anything under 64k limit really does nothing most of the time. Regards Paul -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:26 PM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] simple queue I used the line from the wiki page /queue simple> add name=server target=10.1.1.1/32 max-limit=0/0 max-limit =0/0 doesn't show up on export [admin@ybortr1] /queue simple> print Flags: X - disabled, I - invalid, D - dynamic 0 ;;; guest to yb network is max name="guestYB" target=10.0.0.0/8 dst=10.0.0.0/8 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 1 ;;; YBGuest to internet name="guestInternet" target=10.172.202.0/24 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=10M/10M burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Mike Everest Sent: Tuesday, 17 May 2016 2:21 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue Hi Alex, You have not specified any data limits for the first rule - add some value (e.g. max-limit=10G/10G) then it will start firing! :-) Cheers, Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:12 PM To: public@talk.mikrotik.com.au Subject: Re: [MT-AU Public] simple queue
Okay another attempt
/queue simple add comment="guest to yb network is max" dst=10.0.0.0/8 name=guestYB target=10.172.202.0/24 add comment="YBGuest to internet" max-limit=10M/10M name=guestInternet target=10.172.202.0/24
no other rules, remove the mangle rules
the bottom works, everything gets limited.
The top one is meant to capture guest to internal ip addresses but it doesn't seem to work.
A
-----Original Message----- From: Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 11:47 AM To: public@talk.mikrotik.com.au Subject: simple queue
Hi
Trying to limit up / down from 10.172.202.0/24 to the internet
http://wiki.mikrotik.com/wiki/Manual:Queue#Queue_Types http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle
/queue simple remove [ find where ! dynamic ] add comment="ratelimit for yboGuest network and only for marked packets" max-limit=10M/10M name=guestToInternet packet-marks=guestInternet target=10.172.202.0/24
/ip firewall mangle remove [ find where ! dynamic ]
add action=mark-packet chain=forward new-packet-mark=guestInternet dst- address=10.172.202.0/24 src-address=!10.0.0.0 place-before=0 comment="Internet to guest" add action=mark-packet chain=forward dst-address=!10.0.0.0 src- address=10.172.202.0/24 new-packet-mark=guestInternet place-before=0 comment="Guest to internet"
I can see packets matching the mangle rules but not in the queue.
Also I am using fastconnect which is why I have the pattern matching mangle rules above the fastconnect rules ... if that matters !
Do I have to turn of fast connect or what am I doing wrong !!!
A
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
Alex, I think you will find that it won't do anything unless there is a limit in there, perhaps try setting it to 1M or something and see if you get packets matching ? Regards Paul -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:53 PM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] simple queue Okay lets forget about the limit bit I can always set to a large number When I watch it with print stats int=1 I see no packet registered against it. A -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Paul Julian Sent: Tuesday, 17 May 2016 2:39 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue I don't think it will work, it won't do anything, in my tests I have found anything under 64k limit really does nothing most of the time. Regards Paul -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:26 PM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] simple queue I used the line from the wiki page /queue simple> add name=server target=10.1.1.1/32 max-limit=0/0 max-limit =0/0 doesn't show up on export [admin@ybortr1] /queue simple> print Flags: X - disabled, I - invalid, D - dynamic 0 ;;; guest to yb network is max name="guestYB" target=10.0.0.0/8 dst=10.0.0.0/8 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 1 ;;; YBGuest to internet name="guestInternet" target=10.172.202.0/24 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=10M/10M burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Mike Everest Sent: Tuesday, 17 May 2016 2:21 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue Hi Alex, You have not specified any data limits for the first rule - add some value (e.g. max-limit=10G/10G) then it will start firing! :-) Cheers, Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:12 PM To: public@talk.mikrotik.com.au Subject: Re: [MT-AU Public] simple queue
Okay another attempt
/queue simple add comment="guest to yb network is max" dst=10.0.0.0/8 name=guestYB target=10.172.202.0/24 add comment="YBGuest to internet" max-limit=10M/10M name=guestInternet target=10.172.202.0/24
no other rules, remove the mangle rules
the bottom works, everything gets limited.
The top one is meant to capture guest to internal ip addresses but it doesn't seem to work.
A
-----Original Message----- From: Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 11:47 AM To: public@talk.mikrotik.com.au Subject: simple queue
Hi
Trying to limit up / down from 10.172.202.0/24 to the internet
http://wiki.mikrotik.com/wiki/Manual:Queue#Queue_Types http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle
/queue simple remove [ find where ! dynamic ] add comment="ratelimit for yboGuest network and only for marked packets" max-limit=10M/10M name=guestToInternet packet-marks=guestInternet target=10.172.202.0/24
/ip firewall mangle remove [ find where ! dynamic ]
add action=mark-packet chain=forward new-packet-mark=guestInternet dst- address=10.172.202.0/24 src-address=!10.0.0.0 place-before=0 comment="Internet to guest" add action=mark-packet chain=forward dst-address=!10.0.0.0 src- address=10.172.202.0/24 new-packet-mark=guestInternet place-before=0 comment="Guest to internet"
I can see packets matching the mangle rules but not in the queue.
Also I am using fastconnect which is why I have the pattern matching mangle rules above the fastconnect rules ... if that matters !
Do I have to turn of fast connect or what am I doing wrong !!!
A
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
Oh I see, -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Paul Julian Sent: Tuesday, 17 May 2016 2:57 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue Alex, I think you will find that it won't do anything unless there is a limit in there, perhaps try setting it to 1M or something and see if you get packets matching ? Regards Paul -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:53 PM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] simple queue Okay lets forget about the limit bit I can always set to a large number When I watch it with print stats int=1 I see no packet registered against it. A -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Paul Julian Sent: Tuesday, 17 May 2016 2:39 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue I don't think it will work, it won't do anything, in my tests I have found anything under 64k limit really does nothing most of the time. Regards Paul -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:26 PM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] simple queue I used the line from the wiki page /queue simple> add name=server target=10.1.1.1/32 max-limit=0/0 max-limit =0/0 doesn't show up on export [admin@ybortr1] /queue simple> print Flags: X - disabled, I - invalid, D - dynamic 0 ;;; guest to yb network is max name="guestYB" target=10.0.0.0/8 dst=10.0.0.0/8 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 1 ;;; YBGuest to internet name="guestInternet" target=10.172.202.0/24 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=10M/10M burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Mike Everest Sent: Tuesday, 17 May 2016 2:21 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] simple queue Hi Alex, You have not specified any data limits for the first rule - add some value (e.g. max-limit=10G/10G) then it will start firing! :-) Cheers, Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 2:12 PM To: public@talk.mikrotik.com.au Subject: Re: [MT-AU Public] simple queue
Okay another attempt
/queue simple add comment="guest to yb network is max" dst=10.0.0.0/8 name=guestYB target=10.172.202.0/24 add comment="YBGuest to internet" max-limit=10M/10M name=guestInternet target=10.172.202.0/24
no other rules, remove the mangle rules
the bottom works, everything gets limited.
The top one is meant to capture guest to internal ip addresses but it doesn't seem to work.
A
-----Original Message----- From: Alex Samad - Yieldbroker Sent: Tuesday, 17 May 2016 11:47 AM To: public@talk.mikrotik.com.au Subject: simple queue
Hi
Trying to limit up / down from 10.172.202.0/24 to the internet
http://wiki.mikrotik.com/wiki/Manual:Queue#Queue_Types http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle
/queue simple remove [ find where ! dynamic ] add comment="ratelimit for yboGuest network and only for marked packets" max-limit=10M/10M name=guestToInternet packet-marks=guestInternet target=10.172.202.0/24
/ip firewall mangle remove [ find where ! dynamic ]
add action=mark-packet chain=forward new-packet-mark=guestInternet dst- address=10.172.202.0/24 src-address=!10.0.0.0 place-before=0 comment="Internet to guest" add action=mark-packet chain=forward dst-address=!10.0.0.0 src- address=10.172.202.0/24 new-packet-mark=guestInternet place-before=0 comment="Guest to internet"
I can see packets matching the mangle rules but not in the queue.
Also I am using fastconnect which is why I have the pattern matching mangle rules above the fastconnect rules ... if that matters !
Do I have to turn of fast connect or what am I doing wrong !!!
A
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
participants (3)
-
Alex Samad - Yieldbroker
-
Mike Everest
-
Paul Julian