Free Palestine 🇵🇸✊
Ukraine ⚔️ Russia
Say NO To Censorship
Fri, Apr 26, 2024
Parent Category: Networking
Category: MikroTik

RB750/750G Quality of Service (QoS)

Documentation links:

From MikroTik:  http://wiki.mikrotik.com/wiki/Category:Manual#List_of_official_articles_sorted_by_categories (under Traffic control section)

From Users:
http://wiki.mikrotik.com/wiki/Category:QoS
http://wiki.mikrotik.com/wiki/Bandwidth_Managment_and_Queues

Again, as a non-technical person without Linux knowledge, I'm totally lost by reading those QoS wiki documentation!

I was reading this:  http://wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
At this moment, I just followed the example and concept using the following features to setup QoS:

  • Step 1 : Firewall mangle rule - setup both Prerouting (incoming) & Postrouting (outgoing) base on ports, then mark the traffic and assign queue name on it.
  • Step 2 : Queue Tree - setup both Global-in (incoming) & Global-out (outgoing) with max upload & download limit according to ISP bandwidth package, create & attach those incoming & outgoing queues (as child) under both Global-in & Global-out (as the parent) respectively, then set priority on it.

And I've created the following basic QoS queue name:
QoS_1 : top priority for browsing, DNS, ICMP, xbox live, etc
QoS_2 : second priority mostly for emails & ftp
QoS_3~6 : reserve
QoS_7 : TCP/UDP and all others remaining traffic
QoS_8 : Lowest priority, this is for the "all-p2p" features

The queue seem to work according to priority based on TCP/UDP ports assignment, but I 'm not too sure whether it work correctly, may still need to monitor and adjust accordingly.
The "all-p2p" feature in the WinBox seem not working, none of my uTorrent traffic fall under Q8, not sure what's wrong ....

 

I've changed the Max limit to 5.5M (both incoming & outgoing) and tested several hours with uTorrent running at full-speed, here are some print screens and result.

Noticed all uTorrent traffic is under Q7, mostly under UDP protocol, the standard "all-P2P" feature from MikroTik seem not capture any of it under Q8.  Suspect either my setup is wrong, or the P2P traffic are just getting smarter & smarter!

When run a SpeedTest, noticed web traffic is under priority Q1, thus can still get good ping rate, and the Q7 incoming traffic immediately scaled down when SpeedTest runs download test at Q1:

Q7 outgoing traffic scaled down when SpeedTest runs upload test on Q1:

The result shown I still can get the usual web browsing speed with usual VIP5 bandwidth even with uTorrent running at the background.  Noticed after around 1min, the uTorrent traffic back to normal full-speed again:

 

I also tested a while on xbox360 (where I put those xbox ports under Q1) online, it seem to work well like normal without uTorrent, will need to test further.

This is the best I can do at this junction, I believe this is just basic enough for me to start with, still not sure whether should I go for Layer-7 for more effective shaping & priority ......

Appreciate those MikroTik guru or anyone who is familiar in this aspect can advise/comment to further improve this article and help beginner like me, kindly email : This email address is being protected from spambots. You need JavaScript enabled to view it.
Credit will definitely go to whoever contribute to improve this article, many thanks in advance!

 

 

QoS Using Queue Tree

Before starting any new setting, ALWAYS backup the current good setting first, see here on how to backup.

Start with Firewall Mangle rules first, follow by Queue Tree

 

Open a New Terminal

Type "/ip firewall mangle" and enter

 

Go to the following codes section, Copy the mangle rule (one portion at a time) and Paste to the Terminal

 

Re-confirm the number of entries and make sure there is no error (in red colours)

Go to IP --> Firewall

Click on Mangle tab, re-confirm those mangle rules are added here

 

Continue to Copy & Paste the rest of mangle rules and re-check those entries:

 

Next is to create Queue Tree to set priority

Open a new Terminal, type "/queue tree" and hit enter:

 

Go to the following codes section, Copy the Queue codes and Paste to the Terminal

 

Go to Queue, at Queue Tree tab, re-confirm those entries are created correctly without error.

 

Basically the QoS has now been setup.

May need to adjust/fine-tune accordingly, for example:

  • Global-in (download) & Global-out (upload) max limit may need to change according to individual internet package
  • set bandwidth limit by queue, eg limit certain queue by either assigning max limit or transfer rate limit like this:

 

Queue colors in WinBox represent:

Green = 0~50% available traffic used
Yellow = 51~75% available traffic used
Red = 76~100% available traffic used

 

For firewall mangle rule, to add/change the port (either TCP or UDP), need to do it at both Prerouting (incoming) & Postrouting (outgoing) stages in order to mark the traffic properly.

 

Please note the above is just basic, individual user may still need to monitor, add/change, fine-tuning further.

 

Codes

Note:

  • both In & Out going interface is "UniFi-Internet"
  • I set 5300k limit global-in & global-out base on my VIP5 package
  • definitely still need to monitor/adjust/fine-tune further according to requirement!

 

Enter "/ip firewall mangle" at Terminal window before copy & paste the following codes:

add action=mark-packet chain=prerouting in-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_1_In src-port=80,53,443,3074,1863 protocol=tcp comment=QoS_1
add action=mark-packet chain=postrouting out-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_1_Out dst-port=80,53,443,3074,1863 protocol=tcp
add action=mark-packet chain=prerouting in-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_1_In src-port=53,88,3074,1863 protocol=udp
add action=mark-packet chain=postrouting out-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_1_Out dst-port=53,88,3074,1863 protocol=udp
add action=mark-packet chain=prerouting in-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_1_In protocol=icmp
add action=mark-packet chain=postrouting out-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_1_Out protocol=icmp

add action=mark-packet chain=prerouting in-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_2_In src-port=110,25,995,465,587,21,113 protocol=tcp comment=QoS_2
add action=mark-packet chain=postrouting out-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_2_Out dst-port=110,25,995,465,587,21,113 protocol=tcp
add action=mark-packet chain=prerouting in-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_2_In src-port=123,113 protocol=udp
add action=mark-packet chain=postrouting out-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_2_Out dst-port=123,113 protocol=udp

add action=mark-packet chain=prerouting in-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_7_In protocol=tcp comment=QoS_7
add action=mark-packet chain=postrouting out-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_7_Out protocol=tcp
add action=mark-packet chain=prerouting in-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_7_In protocol=udp
add action=mark-packet chain=postrouting out-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_7_Out protocol=udp
add action=mark-packet chain=prerouting in-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_7_In
add action=mark-packet chain=postrouting out-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_7_Out

add action=mark-packet chain=prerouting in-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_8_In p2p=all-p2p comment=QoS_8
add action=mark-packet chain=postrouting out-interface=UniFi-Internet passthrough=no new-packet-mark=QoS_8_Out p2p=all-p2p

 

Enter "/queue tree" at Terminal window before copy & paste the following codes


add max-limit=5300k name=QoS_UniFi-Internet_In parent=global-in
add name=QoS_1_In packet-mark=QoS_1_In parent=QoS_UniFi-Internet_In priority=1
add name=QoS_2_In packet-mark=QoS_2_In parent=QoS_UniFi-Internet_In priority=2
add name=QoS_7_In packet-mark=QoS_7_In parent=QoS_UniFi-Internet_In priority=7
add name=QoS_8_In packet-mark=QoS_8_In parent=QoS_UniFi-Internet_In priority=8
add max-limit=5300k name=QoS_UniFi-Internet_Out parent=global-out
add name=QoS_1_Out packet-mark=QoS_1_Out parent=QoS_UniFi-Internet_Out priority=1
add name=QoS_2_Out packet-mark=QoS_2_Out parent=QoS_UniFi-Internet_Out priority=2
add name=QoS_7_Out packet-mark=QoS_7_Out parent=QoS_UniFi-Internet_Out priority=7
add name=QoS_8_Out packet-mark=QoS_8_Out parent=QoS_UniFi-Internet_Out priority=8

 

12Nov'11 update

QoS Using Simple Queue

After using the above QoS setup by Queue Tree for quite some time, I've decided to R&D, revised a bit and comes out the following QoS setup by Simple Queue.

The Simple Queue still maintain the same QoS outcome as expected, the processing & queue time also seem to improve slightly faster, CPU load is hovering around 18~38%.
While the Queue Tree setup is powerful for complex QoS & bandwidth management requirement, I think the Simple Queue setup should be good enough and simpler setup for home user, we may just need some traffic prioritisation by services ports for fewer computers/laptops/devices environment setup. Smile


The following QoS is similar to the above Queue Tree setup, I've included ports range 50000~59999, which should be assigned on the PC/laptop's torrent client for P2P traffic which is placed to the lowers priority 8.

 

Codes

/ip firewall mangle
add action=mark-packet chain=prerouting comment=QoS_1 disabled=no in-interface=UniFi-Internet new-packet-mark=QoS_1 passthrough=no protocol=icmp
add action=mark-packet chain=postrouting disabled=no new-packet-mark=QoS_1 out-interface=UniFi-Internet passthrough=no protocol=icmp
add action=mark-packet chain=prerouting disabled=no in-interface=UniFi-Internet new-packet-mark=QoS_1 passthrough=no protocol=udp src-port=53,88,3074,1863
add action=mark-packet chain=postrouting disabled=no dst-port=53,88,3074,1863 new-packet-mark=QoS_1 out-interface=UniFi-Internet passthrough=no protocol=udp
add action=mark-packet chain=prerouting disabled=no in-interface=UniFi-Internet new-packet-mark=QoS_1 passthrough=no protocol=tcp src-port=80,53,443,3074,1863
add action=mark-packet chain=postrouting disabled=no dst-port=80,53,443,3074,1863 new-packet-mark=QoS_1 out-interface=UniFi-Internet passthrough=no protocol=tcp
add action=mark-packet chain=prerouting comment=QoS_2 disabled=no in-interface=UniFi-Internet new-packet-mark=QoS_2 passthrough=no protocol=tcp src-port=110,25,995,465,587,21,113
add action=mark-packet chain=postrouting disabled=no dst-port=110,25,995,465,587,21,113 new-packet-mark=QoS_2 out-interface=UniFi-Internet passthrough=no protocol=tcp
add action=mark-packet chain=prerouting disabled=no in-interface=UniFi-Internet new-packet-mark=QoS_2 passthrough=no protocol=udp src-port=123,113
add action=mark-packet chain=postrouting disabled=no dst-port=123,113 new-packet-mark=QoS_2 out-interface=UniFi-Internet passthrough=no protocol=udp
add action=mark-packet chain=prerouting comment=QoS_8 disabled=no in-interface=UniFi-Internet new-packet-mark=QoS_8 passthrough=no protocol=tcp src-port=50000-59999
add action=mark-packet chain=postrouting disabled=no dst-port=50000-59999 new-packet-mark=QoS_8 out-interface=UniFi-Internet passthrough=no protocol=tcp
add action=mark-packet chain=prerouting disabled=no in-interface=UniFi-Internet new-packet-mark=QoS_8 p2p=all-p2p passthrough=no
add action=mark-packet chain=postrouting disabled=no new-packet-mark=QoS_8 out-interface=UniFi-Internet p2p=all-p2p passthrough=no
add action=mark-packet chain=prerouting comment=QoS_7 disabled=no in-interface=UniFi-Internet new-packet-mark=QoS_7 passthrough=no protocol=tcp
add action=mark-packet chain=postrouting disabled=no new-packet-mark=QoS_7 out-interface=UniFi-Internet passthrough=no protocol=tcp
add action=mark-packet chain=prerouting disabled=no in-interface=UniFi-Internet new-packet-mark=QoS_7 passthrough=no protocol=udp
add action=mark-packet chain=postrouting disabled=no new-packet-mark=QoS_7 out-interface=UniFi-Internet passthrough=no protocol=udp
add action=mark-packet chain=prerouting disabled=no in-interface=UniFi-Internet new-packet-mark=QoS_7 p2p=!all-p2p passthrough=no
add action=mark-packet chain=postrouting disabled=no new-packet-mark=QoS_7 out-interface=UniFi-Internet p2p=!all-p2p passthrough=no


/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=UniFi-Internet limit-at=0/0 max-limit=5300k/5300k name=UniFi-Internet parent=none priority=8 queue=default/default total-queue=default
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=UniFi-Internet limit-at=0/0 max-limit=0/0 name=QoS_1 packet-marks=QoS_1 parent=UniFi-Internet priority=1 queue=default/default total-queue=default
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=UniFi-Internet limit-at=0/0 max-limit=0/0 name=QoS_2 packet-marks=QoS_2 parent=UniFi-Internet priority=2 queue=default/default total-queue=default
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=UniFi-Internet limit-at=0/0 max-limit=0/0 name=QoS_7 packet-marks=QoS_7 parent=UniFi-Internet priority=7 queue=default/default total-queue=default
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=UniFi-Internet limit-at=0/0 max-limit=0/0 name=QoS_8 packet-marks=QoS_8 parent=UniFi-Internet priority=8 queue=default/default total-queue=default