bandwidth_management_manual.pdf

Bandwidth Control

Document revision 1.6 (Wed Dec 08 12:40:17 GMT 2004)

This document applies to MikroTik RouterOS V2.8

Table of Contents

Summary

Specifications

Related Documents

•

Package Management

•

IP Addresses and ARP

•

Firewall Filters

Description

Clasless Queues

There are four types of simple queues implemented in RouterOS: PFIFO, BFIFO, SFQ and RED.

With Bytes First-In First-Out (BFIFO) and Packets First-In First-Out (PFIFO) packets are served in

the same order as they are received. The only difference between BFIFO and PFIFO is that PFIFO

has a length measured in packets, BFIFO in bytes. Generally, you do not want to use BFIFO or

PFIFO as traffic shapers. It's better to use them just for statistics as they are pretty fast. The only

exception is when you are running out of resources with RED and/or with complicated queue tree.

Stochastic Fair Queuing (SFQ) cannot limit traffic at all. Its main idea is to equalize sessions (not

computer traffic, but session traffic, it is sometimes mentioned as SFQ drawback) when your link is

completely full. It works in round-robin fashion, giving each session a chance to send sfq-allot

bytes. Its algorithm can distinguish only 1024 sessions, and that is why several sessions can be

treated as one. Each sfq-perturb seconds it drops internal table mixing all the connections and

creates a new table. As it is very fast, you may want to use it as a child queue.

To address the imperfectness of SFQ, PCQ was created. PCQ is an advanced SFQ implementation

without its stochastic nature - it is more precise, lets you choose classifiers and put a limit (it is

called pcq-rate) on each subqueue it has (limits are applied on each subqueue simultaneously, you

can not make different limits on particular subqueues). It degrades into a precise version of SFQ if

Page 2 of 16

you put no limit and choose all classifiers at once. PCQ type is used for limiting data rate for each

connection. These connections can be classified by the pcq-classifier :

•

src-address - source address

•

dst-address - destination address

•

src-port - source port

•

dst-port - destination port

You can use multiple parameters in the pcq-classifier . The pcq-limit is number of packets which

can hold a single PCQ queue. Data rate for each connection is limited by the pcq-rate parameter(in

bytes per second).

The combination of src-address, src-port, dst-address, dst-port (also known as tuple) uniquely

identifies a connection (i.e., there can not be two different connections with the same tuple).

Note: for using PCQ you have to use queue tree.

Note: to equalize not each particular user (by IP address), but each particular connection, specify all

pcq-classifiers at once.

The normal behavior of queues is called tail-drop. Tail-drop works by queuing up to a certain

amount, then dropping all traffic that 'spills over'. Random Early Detection (RED is also known as

Random Early Drop because it actually works that way) statistically drops packets from flows

before it reaches its hard limit. This causes a congested backbone link to slow more gracefully. It

starts dropping packets when threshold reaches red-min-threshold mark randomly with increasing

probability as threshold rising. Maximum probability is used when traffic reaches

red-max-threshold mark. Then packets are simply thrown away. burst parameter is the number of

packets allowed to burst through the interface when the link is empty (generally value of

( red-min-threshold+red-min-threshold+red-max-threshold )/3 works fine). The minimum value

that can be used here is equal to the value of red-min-threshold .

Classful Queues

Classful queues are very useful if you have different kinds of traffic which should have different

treatment. Generally, we can set only one queue on the interface, but in RouterOS even simple

queues (known as classless queues) are attached to the main (attached to the root, which represent

real interface) Hierarchical Token Bucket (HTB) and thus have some properties derived from that

parent queue. With classful queues it is possible to deploy hierarchical queue trees. For example,

we can set a maximum data rate for a workgroup and then distribute that amount of traffic between

the members of that group as we can do with simple queues attached to the main HTB, but with

upper limit.

Each queue represents a virtual interface with the allowed data rate. It can be borrowed from sibling

queues (queues that are children of one queue) when max-limit is greater than limit-at . If so, the

queue would use over the allocated data rate whenever possible. Only when other queues are getting

too long and a connection is not to be satisfied, then the borrowing queues would be limited at their

allocated data rate.

When a parent is allowed to send some amount of traffic, it asks its inner queues in order of

priority (priorities are processed one after another, from 1 to 8, where 1 means the highest priority).

When a queue reaches its limit-at value, its priority is not to be taken in account, such a queue will

Page 3 of 16

be less-prioritative than the ones not reached this limit.

Information Rates and Contention Ratios

Quality of Service (QoS) means that router should prioritize and shape network traffic. QoS is not

so much about limiting, it is more about providing quality. The main terms used to describe the

level of QoS for network applications are:

•

CIR (Committed Information Rate) - the guaranteed data rate. It means that traffic not

exceeding this rate should always be delivered

•

MIR (Maximal Information Rate) - the maximal data rate router will provide

•

Contention Ratio - the ratio to which the defined data rate is shared between users (i.e., data

rate is allocated to a number of subscribers). For example, the contention ratio of 1:4 means

that the allocated data rate may be shared between no more than 4 users

•

Priority - the order of importance in what traffic will be processed. You can give priority to

some traffic in order it to be handeled before some other traffic.

MikroTik RouterOS may be used to provide CIR and MIR with some contention level and priority.

Here we will talk in terms of queues (which represent either real or virtual interface) and classes

(children of a queue; each class has an another queue attached to it):

•

limit-at property is used to specify CIR. If the queue will be able to provide that data rate, it

will (i.e, the parent queue (and the link the router is connected to) should be able to provide the

total data rate equal or greater that the sum of all CIRs the queue should satisfy in order to

quarantee these CIRs). CIRs will be satisfied in order of their priority .

•

max-limit property is used to specify MIR. If the queue has satisfied all the CIRs and it is able

to provide some additional data rate, it will try to distribute that additional data rate between all

its classes regardless of their priorities and not exceeding their MIRs.

•

Filters in RouterOS are very powerful and flexible. Providing Contention Ratio is only one

application of what they can do. Using firewall mangle you can mark some a number of hosts

with a flow-mark, so the data rate allocated for that mark will be shared between these hosts.

Virtual Interfaces

In addition to real interfaces, there are two vitrual interfaces you can attach tree queues to:

•

global-out - represents all the output interfaces in general. Queues attached to it applies before

the ones attached to a specific interface.

•

global-in - represents all the input interfaces in general (INGRESS queue). Please note that

queues attached to global-in applies to incomming traffic, not outgoing. global-in queueing is

taking place just after mangle and dst-nat .

Queue burst

A queue burst is a way to 'overcome' the queue limit for a certain amount of time and packets. A

queue with burst allows peaks of data rate up to burst-limit value, but if average data rate is higher

than burst-threshold for burst-time (in seconds) time, the queue is collapsed to the limit-at value.

The queue size is expanded back to burst-limit value when average data rate becomes lesser than

Page 4 of 16

burst-threshold .

This type of behaviour can be extremely useful for prioritizing small rapid packet sequences like

these coming from http www sessions.

For queues that limit traffic flow in both directions, total-burst-time , total-burst-limit and

total-burst-treshold properties can be used to apply bidirectional bursts.

Additional Documents

•

Home of Hierarchical Token Bucket (HTB)

•

Paper on Random Early Detection (RED)

•

More complete information on Traffic Cotrol

Queue Types

Home menu level: /queue type

Description

The queue types are used to specify some common argument values for queues. There are four

default built-in queue types: default , ethernet-default , wireless-default and synchronous-default .

The built-in queue types cannot be removed.

Property Description

bfifo-limit ( integer ; default: 15000 ) - BFIFO queue limit. Maximum byte count that queue can hold

kind ( pfifo | bfifo | red | sfq | pcq ; default: pfifo ) - kind of the queuing algorithm used:

• pfifo - Packets First-In First-Out

• bfifo - Bytes First-In First-Out

• red - Random Early Detection

• sfq - Stohastic Fair Queuing

• pcq - Per Connection Queuing

name ( name ) - name for the queue type

pcq-classifier ( multiple choice: dst-address , dst-port , src-address , src-port ; default: "" ) - the

classifier of grouping traffic flow

pcq-limit ( integer ; default: 50 ) - how many packets to hold in a PCQ

pcq-rate ( integer ; default: 0 ) - maximal data rate (in bits per second) assigned to one group

• 0 - do not limit data rate

pfifo-limit ( integer ; default: 10 ) - PFIFO queue limit. Maximum packet count that queue can hold

red-burst ( integer ; default: 20 ) - RED burst

red-limit ( integer ; default: 60 ) - RED queue limit

red-max-threshold ( integer ; default: 50 ) - RED maximum threshold

red-min-threshold ( integer ; default: 10 ) - RED minimum threshold

Page 5 of 16

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: