View
198
Download
0
Category
Tags:
Preview:
DESCRIPTION
mikrotik
Citation preview
QoS
RouterOS v6
Valens Riyadi (Citraweb) info@mikro8k.co.id
MUM-‐EU-‐2013 @Zagreb, Croa8a
About Me
Valens Riyadi, Citraweb (ID) MikroTik Cer8fied Engineer (MTCNA, MTCWE, MTCRE, MTCTCE, MTCUME, MTCINE)
MikroTik Cer8fied Trainer & Consultant MikroTik Academy Coordinator Citra.net.id WISP CEO Manager for IDNIC (Indonesia Na8onal Internet Registry) IT Expert on Disaster Relief
2 Qos pada RouterOS v6
Qos pada RouterOS v6 3
distributor www.mikro8k.co.id
Qos pada RouterOS v6 4
MikroTik Training Center • The first MikroTik Training Center in Asia Pasific, has taught at least 1600 par8cipants (94 classes).
• Mikro8k Academy Coordinator.
Qos pada RouterOS v6 5
RouterOS v6 Full Release almost ready!
now v6rc11/12
6 Qos pada RouterOS v6
QoS
Some fundamental change on RoS v6
Qos pada RouterOS v6 7
QoS di v5
• Simple Queue – queue will be done in global-‐in, global-‐out or global-‐total
• Queue Tree – queue on interface, or – in global-‐in, global-‐out or global-‐total
Qos pada RouterOS v6 8
Packet Flow!
Qos pada RouterOS v6 9
CHAIN INPUT
CHAIN OUTPUT
CHAIN FORWARD
LOCAL PROCESS OUTPUT INTERFACE
INPUT INTERFACE
CHAIN POSTROUTING
CHAIN PREROUTING
Packet Flow and QoS v5
Qos pada RouterOS v6 10
CHAIN INPUT
CHAIN OUTPUT
CHAIN FORWARD
LOCAL PROCESS OUTPUT INTERFACE
INPUT INTERFACE
CHAIN POSTROUTING
CHAIN PREROUTING
global in global out
HTB interface
QoS Problem in RoS v5
• No specific queue for traffic to the router, global-‐in will process the traffic into the router and the traffic through the router
• Two 8mes queue processing (Global in and global out) for traffic through the router.
Qos pada RouterOS v6 11
QoS Problem in RoS v5
• Queue tree – PCQ on parent interface -‐ naged network, queue for uplink traffic does not work perfectly, because PCQ done aher src-‐nat – src-‐address already changed to router ip address in src-‐nat.
– pcq see only one src-‐address
Qos pada RouterOS v6 12
QoS RoS v6
No more global-‐in and global-‐out, replaced by a "global" located aher the "input" and at global-‐out posi8on. Simple queue is a specific process, located aher “global”.
Qos pada RouterOS v6 13
Packet Flow and QoS v6
Qos pada RouterOS v6 14
CHAIN INPUT
CHAIN OUTPUT
CHAIN FORWARD
LOCAL PROCESS OUTPUT INTERFACE
INPUT INTERFACE
CHAIN POSTROUTING
CHAIN PREROUTING
global HTB
global HTB
HTB interface
simple queue
simple queue
Queue Tree v5 dan v6
Qos pada RouterOS v6 15
RoS v5 RoS v6
Simple Packet Flow v5
Qos pada RouterOS v6 16
INPUT INTERFACE
OUTPUT INTERFACE
MANGLE PREROUTING
MANGLE POSTROUTING
QUEUE GLOBAL-‐IN
QUEUE GLOBAL-‐OUT
MANGLE FORWARD
MANGLE OUTPUT
MANGLE INPUT
HTB INTERFACE
ROUTING DECISION
ROUTING DECISION
FILTER OUTPUT
LOCAL PROCESS
FILTER FORWARD
ROUTING ADJUSMENT
FILTER INPUT
DST-‐NAT
SRC-‐NAT
INPUT
PRE ROUTING OUTPUT
FORWARD
POST ROUTING
CONNECTION TRACKING
CONNECTION TRACKING
Simple Packet Flow v6
Qos pada RouterOS v6 17
INPUT INTERFACE
OUTPUT INTERFACE
MANGLE PREROUTING
MANGLE POSTROUTING
MANGLE FORWARD
MANGLE OUTPUT
MANGLE INPUT
HTB INTERFACE
ROUTING DECISION
ROUTING DECISION
FILTER OUTPUT
LOCAL PROCESS
FILTER FORWARD
ROUTING ADJUSMENT
DST-‐NAT
INPUT
PRE ROUTING
OUTPUT
FORWARD
POST ROUTING
CONNECTION TRACKING
CONNECTION TRACKING
SIMPLE QUEUE
GLOBAL HTB
SRC-‐NAT FILTER INPUT
GLOBAL HTB SIMPLE QUEUE
Mangle – Queue RoSv6
• Traffic to the router – we can do mangle (packet-‐mark) specifically on chain=input
– queue tree with parent=global and packet mark
• Contoh /ip firewall mangle add src-‐address=10.1.1.1 chain=input ac8on=mark-‐packet mark-‐packet=p1 /queue tree add packet-‐mark=p1 parent=global max-‐limit=1m
Qos pada RouterOS v6 18
Traffic to the router
Qos pada RouterOS v6 19
INPUT INTERFACE
OUTPUT INTERFACE
MANGLE PREROUTING
MANGLE POSTROUTING
MANGLE FORWARD
MANGLE OUTPUT
MANGLE INPUT
HTB INTERFACE
ROUTING DECISION
ROUTING DECISION
FILTER OUTPUT
LOCAL PROCESS
FILTER FORWARD
ROUTING ADJUSMENT
DST-‐NAT
INPUT
PRE ROUTING
OUTPUT
FORWARD
POST ROUTING
CONNECTION TRACKING
CONNECTION TRACKING
SIMPLE QUEUE
GLOBAL HTB
SRC-‐NAT FILTER INPUT
GLOBAL HTB SIMPLE QUEUE
Mangle -‐ Queue
• Traffic from the router – same as previous version
• Traffic through the router – mangle can be done specifically at chain=forward
Qos pada RouterOS v6 20
Traffic through the router
Qos pada RouterOS v6 21
INPUT INTERFACE
OUTPUT INTERFACE
MANGLE PREROUTING
MANGLE POSTROUTING
MANGLE FORWARD
MANGLE OUTPUT
MANGLE INPUT
HTB INTERFACE
ROUTING DECISION
ROUTING DECISION
FILTER OUTPUT
LOCAL PROCESS
FILTER FORWARD
ROUTING ADJUSMENT
DST-‐NAT
INPUT
PRE ROUTING
OUTPUT
FORWARD
POST ROUTING
CONNECTION TRACKING
CONNECTION TRACKING
SIMPLE QUEUE
GLOBAL HTB
SRC-‐NAT FILTER INPUT
GLOBAL HTB SIMPLE QUEUE
Simple Queue di RoSv5
Qos pada RouterOS v6 22
Simple Queue RoSv5
• There are 2 type of target: target address and interface
• Des8na8on use only IP address (not interface) • Same priority parameter for downlink and uplink
Qos pada RouterOS v6 23
Simple Queue at RoSv6
Qos pada RouterOS v6 24
Simple Queue v6
• Target address and interface combined to “target”
• dst-‐address changed to “dst”, can take IP address and also interface
Qos pada RouterOS v6 25
Simple Queue in ROSv6
• Completely new algorithm, build in kernel, faster
• S8ll in sequen8al processing • Target parameter is mandatory • If target=0/0 in the first rule, no traffic for others queue
Qos pada RouterOS v6 26
0 simple queue, 100 mbps, RB750G v5.21
Qos pada RouterOS v6 27
1000 simple queue, 100 mbps, RB750G v5.21
Qos pada RouterOS v6 28
1000 simple queue, 100 mbps, RB750G v6rc2
Qos pada RouterOS v6 29
Faster at ROS 6.0rc12
Simple queue on mul8ple processors router will 9 8mes faster if there are at least 32 simple queue parents.
Qos pada RouterOS v6 30
Upgrade from RoSv5
Qos pada RouterOS v6 31
Queue tree with global-‐in, global-‐out, and global-‐total as parent at RoS v5.
Upgrade from RoSv5
Qos pada RouterOS v6 32
Queue tree with global-‐in, global-‐out, and global-‐total as parent at RoS v5 become invalid at Rosv6.
Simple queue upgrade
Qos pada RouterOS v6 33
Simple queue upgrade
Qos pada RouterOS v6 34
(Rosv5) Means: traffic for src-‐address 192.168.0.1 AND on interface bridge-‐local
Simple queue upgrade
Qos pada RouterOS v6 35
(Rosv6) Means: traffic for src-‐address 192.168.0.1 OR on interface bridge-‐local
PCQ
• PCQ was introduced to op8mize massive QoS systems, where most of the queues are exactly the same for different sub-‐streams.
Qos pada RouterOS v6 36
Qos pada RouterOS v6 37
PCQ
MTCTCE -‐ Sys-‐DataCom -‐ Citraweb 37
Flow 1
Flow 2
Flow 3
Flow 4
pcq-clasifier src-address
Algoritma Round Robin
to interface
sub-queue SRC-ADDRESS=10.0.0.1
SRC-ADDRESS=10.0.0.2
SRC-ADDRESS=10.0.0.3
SRC-ADDRESS=10.0.0.4
SRC-ADDRESS=10.0.0.5
SRC-ADDRESS=10.0.0.6
SRC-ADDRESS=10.0.0.7
PCQ in ROS v6
• Take sub-‐stream parameter from Connec8on Tracking data.
• It is strongly advised to enable Connec8on Tracking.
• If connec8on tracking disabled, PCQ will calculate sub-‐stream in old way
Qos pada RouterOS v6 38
• Is QoS method to do priori8za8on and client limita8on in 1 ROS hgp://mum.mikro8k.com/presenta8ons/CZ09/QoS_Megis.pdf
• On RoS v6, we can not do double QoS with (both) queue tree any more.
• But, we s8ll can do: – priori8za8on : queue tree & mangle forward – client limita8on : simple queue with target ip address
Qos pada RouterOS v6 39
Double QoS
Thank you
• Comments and sugges8ons: – Valens Riyadi (valens@mikro8k.co.id)
This presenta8on was developed and sourced from RouterOSv6 Presenta8on by Janis Megis (MUM-‐USA-‐2012).
Qos pada RouterOS v6 40
This license lets others remix, tweak, and build upon your work even for commercial purposes, as long as they credit you and license their new crea8ons under the iden8cal terms. This license is ohen compared to “copyleh” free and open source sohware licenses. All new works based on yours will carry the same license, so any deriva8ves will also allow commercial use.
Recommended