最後更新: 2016-10-30
介紹
Queue 只能應用在 Input 及 Postrouting
行完 TreeQueue 會再行 SimpleQueue, 亦即是會 Queue 兩次
# 一條規則接著一條規則運行
/queue simple
# 平行式處理
/queue tree
Simple Queue
ie. 針對 local subnet 設定 upload: 256kps, download: 512kps
/queue simple> add name=Local_PC target=10.1.1.0/24 max-limit=256K/512K dst=ether2
target
defining the source IP addresses to which the queue rule will be applied.
max-limit
upload/download
dst
from target address to this destination address
ie.
/queue simple> add name=server target=10.1.1.1/32 max-limit=0/0 interface=ether2
interface
identifies interface the target is connected to.
Useful when it is not possible to specify targets addresses.
設定
# Using "mangle" rule and "queue trees"
# "mangle" rule /ip firewall mangle add chain=prerouting action=mark-packet \ in-interface=ether2-LAN new-packet-mark=client_upload /ip firewall mangle add chain=prerouting action=mark-packet \ in-interface=ether1-WAN new-packet-mark=client_download # queue trees /queue type add name="PCQ_download" kind=pcq pcq-rate=64000 pcq-classifier=dst-address /queue type add name="PCQ_upload" kind=pcq pcq-rate=32000 pcq-classifier=src-address /queue tree add parent=global-in queue=PCQ_download packet-mark=client_download /queue tree add parent=global-out queue=PCQ_upload packet-mark=client_upload
# Using "simple queues"
/queue simple add target-addresses=192.168.0.0/24 queue=PCQ_upload/PCQ_download # exclude the server(10.1.1.1) from being limited /queue simple> add name=server target=10.1.1.1/32 max-limit=0/0 \ interface=ether2
PCQ (Per Connection Queue)
PCQ also allows to use different size IPv4 and IPv6 networks as sub-stream identifiers . Before it was locked to single IP address.
PCQ parameters:
pcq-classifier (dst-address | dst-port | src-address | src-port; default: "") : selection of sub-stream identifiers
pcq-rate (number) : maximal available data rate of each sub-steam
pcq-limit (number) : queue size of single sub-stream (in KiB)
pcq-total-limit (number) : maximum amount of queued data in all sub-streams (in KiB)
PCQ parameters:
pcq-burst-rate (number) : maximal upload/download data rate which can be reached while the burst for substream is allowed
pcq-burst-threshold (number) : this is value of burst on/off switch
pcq-burst-time (time) : period of time, in seconds, over which the average data rate is calculated.
(This is NOT the time of actual burst)
average-rate (read-only) : Every 1/16 part of the burst-time, the router calculates the average data rate of each class over the last burst-time seconds
actual-rate (read-only) : actual traffic transfer rate of the queue
Flow Identifiers
target (multiple choice: IP address/netmask) :
list of IP address ranges that will be limited by this queue.
dst-address (IP address/netmask) : allows to select only specific stream (from target address to this destination address) for limitation explain what is target and what is dst and what is upload and what not
only-hardware-queue
leaves interface with only hw transmit descriptor ring buffer which acts as a queue in itself. Usually at least 100 packets can be queued for transmit in transmit descriptor ring buffer. Transmit descriptor ring buffer size and the amount of packets that can be queued in it varies for different types of ethernet MACs.
Having no software queue is especially beneficial on SMP systems because it removes the requirement to synchronize access to it from different cpus/cores which is expensive.
Queue Size
main option that decide should the package be dropped or scheduled for later time.
100% Shaper => Queue-size=0
100% Scheduler => Queue-size=unlimited
queue type (info: Upload Queued Packets)
Default-small (queue size of 10)
Default (queue size of 50)
Uplad Avg. Rate. 當前速度
limit-at (NUMBER) : normal data rate that is guaranteed to a target
My Example
/ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic 0 D chain=forward action=change-mss new-mss=1440 tcp-flags=syn protocol=tcp out-interface=all-ppp tcp-mss=1441-65535 1 D chain=forward action=change-mss new-mss=1440 tcp-flags=syn protocol=tcp in-interface=all-ppp tcp-mss=1441-65535 2 chain=forward action=mark-connection new-connection-mark=users-con passthrough=yes src-address=192.168.1.0/24 log=no log-prefix="" 3 chain=forward action=mark-packet new-packet-mark=users passthrough=yes connection-mark=users-con log=no log-prefix=""
/queue tree print
Flags: X - disabled, I - invalid 0 name="Upload" parent=pppoe-out1 packet-mark="" limit-at=0 queue=default-small priority=8 max-limit=600k burst-limit=0 burst-threshold=0 burst-time=0s bucket-size=0.1 1 name="queue1" parent=Upload packet-mark=users limit-at=0 queue=DSL-upload priority=8 max-limit=450k burst-limit=0 burst-threshold=0 burst-time=0s bucket-size=0.1 2 name="Download" parent=bridge packet-mark="" limit-at=0 queue=default-small priority=8 max-limit=5M burst-limit=0 burst-threshold=0 burst-time=0s bucket-size=0.1 3 name="queue2" parent=Download packet-mark=users limit-at=0 queue=DSL-download priority=8 max-limit=4900k burst-limit=0 burst-threshold=0 burst-time=0s bucket-size=0.1
Doc