qos routeros v6

40
QoS RouterOS v6 Valens Riyadi (Citraweb) [email protected] MUMEU2013 @Zagreb, Croa8a

Upload: j0r9e

Post on 26-Dec-2015

150 views

Category:

Documents


11 download

DESCRIPTION

Presentación explicativa del flujo de datos en el mangle para calidad de servicio con el nuevo firmware de Mikrotik

TRANSCRIPT

Page 1: QoS RouterOS v6

QoS  

RouterOS  v6  

Valens  Riyadi  (Citraweb)  [email protected]  

MUM-­‐EU-­‐2013  @Zagreb,  Croa8a  

Page 2: QoS RouterOS v6

About  Me  

Valens  Riyadi,  Citraweb  (ID)  MikroTik  Cer8fied  Engineer  (MTCNA,  MTCWE,  MTCRE,  MTCTCE,  MTCUME,  MTCINE)  

MikroTik  Cer8fied  Trainer  &  Consultant  MikroTik  Academy  Coordinator  Citra.net.id  WISP  CEO  Manager  for  IDNIC  (Indonesia  Na8onal  Internet  Registry)  IT  Expert  on  Disaster  Relief  

2  Qos  pada  RouterOS  v6  

Page 3: QoS RouterOS v6

Qos  pada  RouterOS  v6   3  

distributor  www.mikro8k.co.id  

Page 4: QoS RouterOS v6

Qos  pada  RouterOS  v6   4  

Page 5: QoS RouterOS v6

MikroTik  Training  Center  •  The  first  MikroTik  Training  Center  in  Asia  Pasific,  has  taught  at  least  1600  par8cipants  (94  classes).  

•  Mikro8k  Academy  Coordinator.  

Qos  pada  RouterOS  v6   5  

Page 6: QoS RouterOS v6

RouterOS  v6  Full  Release  almost  ready!  

 now  v6rc11/12  

6  Qos  pada  RouterOS  v6  

Page 7: QoS RouterOS v6

QoS    

Some  fundamental  change    on  RoS  v6  

Qos  pada  RouterOS  v6   7  

Page 8: QoS RouterOS v6

QoS  di  v5  

•  Simple  Queue  – queue  will  be  done  in  global-­‐in,  global-­‐out  or  global-­‐total  

•  Queue  Tree  – queue  on  interface,  or  –  in  global-­‐in,  global-­‐out  or  global-­‐total  

Qos  pada  RouterOS  v6   8  

Page 9: QoS RouterOS v6

Packet  Flow!  

Qos  pada  RouterOS  v6   9  

CHAIN    INPUT  

CHAIN    OUTPUT  

CHAIN    FORWARD  

LOCAL  PROCESS   OUTPUT  INTERFACE  

INPUT  INTERFACE  

CHAIN    POSTROUTING  

CHAIN    PREROUTING  

Page 10: QoS RouterOS v6

Packet  Flow  and  QoS  v5  

Qos  pada  RouterOS  v6   10  

CHAIN    INPUT  

CHAIN    OUTPUT  

CHAIN    FORWARD  

LOCAL  PROCESS   OUTPUT  INTERFACE  

INPUT  INTERFACE  

CHAIN    POSTROUTING  

CHAIN    PREROUTING  

global  in   global  out  

HTB  interface  

Page 11: QoS RouterOS v6

QoS  Problem  in  RoS  v5  

•  No  specific  queue  for  traffic  to  the  router,  global-­‐in  will  process  the  traffic  into  the  router  and  the  traffic  through  the  router  

•  Two  8mes  queue  processing  (Global  in  and  global  out)  for  traffic  through  the  router.  

Qos  pada  RouterOS  v6   11  

Page 12: QoS RouterOS v6

QoS  Problem  in  RoS  v5  

•  Queue  tree  –  PCQ  on  parent  interface  -­‐  naged  network,  queue  for  uplink  traffic  does  not  work  perfectly,  because  PCQ  done  aher  src-­‐nat    – src-­‐address  already  changed  to  router  ip  address  in  src-­‐nat.  

– pcq  see  only  one  src-­‐address    

Qos  pada  RouterOS  v6   12  

Page 13: QoS RouterOS v6

QoS  RoS  v6  

No  more  global-­‐in  and  global-­‐out,  replaced  by  a  "global"  located  aher  the  "input"  and  at  global-­‐out  posi8on.    Simple  queue  is  a  specific  process,  located  aher  “global”.  

Qos  pada  RouterOS  v6   13  

Page 14: QoS RouterOS v6

Packet  Flow  and  QoS  v6  

Qos  pada  RouterOS  v6   14  

CHAIN    INPUT  

CHAIN    OUTPUT  

CHAIN    FORWARD  

LOCAL  PROCESS   OUTPUT  INTERFACE  

INPUT  INTERFACE  

CHAIN    POSTROUTING  

CHAIN    PREROUTING  

global  HTB  

global  HTB  

HTB  interface  

simple  queue  

simple  queue  

Page 15: QoS RouterOS v6

Queue  Tree  v5  dan  v6  

Qos  pada  RouterOS  v6   15  

RoS  v5   RoS  v6  

Page 16: QoS RouterOS v6

Simple  Packet  Flow  v5  

Qos  pada  RouterOS  v6   16  

                   

                   

                   

                   

                   

INPUT    INTERFACE  

OUTPUT    INTERFACE  

MANGLE  PREROUTING  

MANGLE  POSTROUTING  

QUEUE  GLOBAL-­‐IN  

QUEUE  GLOBAL-­‐OUT  

MANGLE  FORWARD  

MANGLE  OUTPUT  

MANGLE  INPUT  

HTB  INTERFACE  

ROUTING  DECISION  

ROUTING  DECISION  

FILTER  OUTPUT  

LOCAL    PROCESS  

FILTER  FORWARD  

ROUTING  ADJUSMENT  

FILTER  INPUT  

DST-­‐NAT  

SRC-­‐NAT  

INPUT

PRE ROUTING OUTPUT

FORWARD

POST ROUTING

CONNECTION  TRACKING  

CONNECTION  TRACKING  

Page 17: QoS RouterOS v6

Simple  Packet  Flow  v6  

Qos  pada  RouterOS  v6   17  

                   

                   

                   

                   

                   

INPUT    INTERFACE  

OUTPUT    INTERFACE  

MANGLE  PREROUTING  

MANGLE  POSTROUTING  

MANGLE  FORWARD  

MANGLE  OUTPUT  

MANGLE  INPUT  

HTB  INTERFACE  

ROUTING  DECISION  

ROUTING  DECISION  

FILTER  OUTPUT  

LOCAL    PROCESS  

FILTER  FORWARD  

ROUTING  ADJUSMENT  

DST-­‐NAT  

INPUT

PRE ROUTING

OUTPUT

FORWARD

POST ROUTING

CONNECTION  TRACKING  

CONNECTION  TRACKING  

SIMPLE  QUEUE  

GLOBAL  HTB  

SRC-­‐NAT  FILTER  INPUT  

GLOBAL  HTB  SIMPLE  QUEUE  

Page 18: QoS RouterOS v6

Mangle  –  Queue  RoSv6  

•  Traffic  to  the  router  – we  can  do  mangle  (packet-­‐mark)  specifically  on  chain=input  

–  queue  tree  with  parent=global  and  packet  mark  

•  Contoh  /ip  firewall  mangle  add  src-­‐address=10.1.1.1  chain=input  ac8on=mark-­‐packet  mark-­‐packet=p1  /queue  tree  add  packet-­‐mark=p1  parent=global  max-­‐limit=1m  

Qos  pada  RouterOS  v6   18  

Page 19: QoS RouterOS v6

Traffic  to  the  router  

Qos  pada  RouterOS  v6   19  

                   

                   

                   

                   

                   

INPUT    INTERFACE  

OUTPUT    INTERFACE  

MANGLE  PREROUTING  

MANGLE  POSTROUTING  

MANGLE  FORWARD  

MANGLE  OUTPUT  

MANGLE  INPUT  

HTB  INTERFACE  

ROUTING  DECISION  

ROUTING  DECISION  

FILTER  OUTPUT  

LOCAL    PROCESS  

FILTER  FORWARD  

ROUTING  ADJUSMENT  

DST-­‐NAT  

INPUT

PRE ROUTING

OUTPUT

FORWARD

POST ROUTING

CONNECTION  TRACKING  

CONNECTION  TRACKING  

SIMPLE  QUEUE  

GLOBAL  HTB  

SRC-­‐NAT  FILTER  INPUT  

GLOBAL  HTB  SIMPLE  QUEUE  

Page 20: QoS RouterOS v6

Mangle  -­‐  Queue  

•  Traffic  from  the  router  – same  as  previous  version  

•  Traffic  through  the  router  – mangle  can  be  done  specifically  at  chain=forward    

Qos  pada  RouterOS  v6   20  

Page 21: QoS RouterOS v6

Traffic  through  the  router  

Qos  pada  RouterOS  v6   21  

                   

                   

                   

                   

                   

INPUT    INTERFACE  

OUTPUT    INTERFACE  

MANGLE  PREROUTING  

MANGLE  POSTROUTING  

MANGLE  FORWARD  

MANGLE  OUTPUT  

MANGLE  INPUT  

HTB  INTERFACE  

ROUTING  DECISION  

ROUTING  DECISION  

FILTER  OUTPUT  

LOCAL    PROCESS  

FILTER  FORWARD  

ROUTING  ADJUSMENT  

DST-­‐NAT  

INPUT

PRE ROUTING

OUTPUT

FORWARD

POST ROUTING

CONNECTION  TRACKING  

CONNECTION  TRACKING  

SIMPLE  QUEUE  

GLOBAL  HTB  

SRC-­‐NAT  FILTER  INPUT  

GLOBAL  HTB  SIMPLE  QUEUE  

Page 22: QoS RouterOS v6

Simple  Queue  di  RoSv5  

Qos  pada  RouterOS  v6   22  

Page 23: QoS RouterOS v6

Simple  Queue  RoSv5  

•  There  are  2  type  of  target:  target  address  and  interface  

•  Des8na8on  use  only  IP  address  (not  interface)  •  Same  priority  parameter  for  downlink  and  uplink  

Qos  pada  RouterOS  v6   23  

Page 24: QoS RouterOS v6

Simple  Queue  at  RoSv6  

Qos  pada  RouterOS  v6   24  

Page 25: QoS RouterOS v6

Simple  Queue  v6  

•  Target  address  and  interface  combined  to  “target”  

•  dst-­‐address  changed  to  “dst”,  can  take  IP  address  and  also  interface  

Qos  pada  RouterOS  v6   25  

Page 26: QoS RouterOS v6

Simple  Queue  in  ROSv6  

•  Completely  new  algorithm,  build  in  kernel,  faster  

•  S8ll  in  sequen8al  processing  •  Target  parameter  is  mandatory  •  If  target=0/0  in  the  first  rule,  no  traffic  for  others  queue  

Qos  pada  RouterOS  v6   26  

Page 27: QoS RouterOS v6

0  simple  queue,  100  mbps,  RB750G  v5.21  

Qos  pada  RouterOS  v6   27  

Page 28: QoS RouterOS v6

1000  simple  queue,  100  mbps,  RB750G  v5.21  

Qos  pada  RouterOS  v6   28  

Page 29: QoS RouterOS v6

1000  simple  queue,  100  mbps,  RB750G  v6rc2  

Qos  pada  RouterOS  v6   29  

Page 30: QoS RouterOS v6

Faster  at  ROS  6.0rc12  

Simple  queue  on  mul8ple  processors  router  will  9  8mes  faster  if  there  are  at  least  32  simple  queue  parents.  

Qos  pada  RouterOS  v6   30  

Page 31: QoS RouterOS v6

Upgrade  from  RoSv5  

Qos  pada  RouterOS  v6   31  

Queue  tree  with  global-­‐in,  global-­‐out,  and  global-­‐total  as  parent  at  RoS  v5.  

Page 32: QoS RouterOS v6

Upgrade  from  RoSv5  

Qos  pada  RouterOS  v6   32  

Queue  tree  with  global-­‐in,  global-­‐out,  and  global-­‐total  as  parent  at  RoS  v5  become  invalid  at  Rosv6.  

Page 33: QoS RouterOS v6

Simple  queue  upgrade  

Qos  pada  RouterOS  v6   33  

Page 34: QoS RouterOS v6

Simple  queue  upgrade  

Qos  pada  RouterOS  v6   34  

(Rosv5)  Means:  traffic  for  src-­‐address  192.168.0.1  AND  on  interface  bridge-­‐local  

Page 35: QoS RouterOS v6

Simple  queue  upgrade  

Qos  pada  RouterOS  v6   35  

(Rosv6)  Means:  traffic  for  src-­‐address  192.168.0.1  OR  on  interface  bridge-­‐local  

Page 36: QoS RouterOS v6

PCQ  

•  PCQ  was  introduced  to  op8mize  massive  QoS  systems,  where  most  of  the  queues  are  exactly  the  same  for  different  sub-­‐streams.  

Qos  pada  RouterOS  v6   36  

Page 37: QoS RouterOS v6

Qos  pada  RouterOS  v6   37  

PCQ  

MTCTCE  -­‐  Sys-­‐DataCom  -­‐  Citraweb   37  

Flow 1

Flow 2

Flow 3

Flow 4

pcq-clasifier src-address

Algoritma Round Robin

to interface

sub-queue SRC-ADDRESS=10.0.0.1

SRC-ADDRESS=10.0.0.2

SRC-ADDRESS=10.0.0.3

SRC-ADDRESS=10.0.0.4

SRC-ADDRESS=10.0.0.5

SRC-ADDRESS=10.0.0.6

SRC-ADDRESS=10.0.0.7

Page 38: QoS RouterOS v6

PCQ  in  ROS  v6  

•  Take  sub-­‐stream  parameter  from  Connec8on  Tracking  data.  

•  It  is  strongly  advised  to  enable  Connec8on  Tracking.  

•  If  connec8on  tracking  disabled,  PCQ  will  calculate  sub-­‐stream  in  old  way  

Qos  pada  RouterOS  v6   38  

Page 39: QoS RouterOS v6

•  Is  QoS  method  to  do  priori8za8on  and  client  limita8on  in  1  ROS  hgp://mum.mikro8k.com/presenta8ons/CZ09/QoS_Megis.pdf  

•  On  RoS  v6,  we  can  not  do  double  QoS  with  (both)  queue  tree  any  more.  

•  But,  we  s8ll  can  do:  – priori8za8on  :  queue  tree  &  mangle  forward  – client  limita8on  :  simple  queue  with  target  ip  address    

Qos  pada  RouterOS  v6   39  

Double  QoS  

Page 40: QoS RouterOS v6

Thank  you  

•  Comments  and  sugges8ons:  – Valens  Riyadi  ([email protected])  

 This  presenta8on  was  developed  and  sourced  from  RouterOSv6  Presenta8on  by  Janis  Megis  (MUM-­‐USA-­‐2012).  

Qos  pada  RouterOS  v6   40  

This  license  lets  others  remix,  tweak,  and  build  upon  your  work  even  for  commercial  purposes,  as  long  as  they  credit  you  and  license  their  new  crea8ons  under  the  iden8cal  terms.  This  license  is  ohen  compared  to  “copyleh”  free  and  open  source  sohware  licenses.  All  new  works  based  on  yours  will  carry  the  same  license,  so  any  deriva8ves  will  also  allow  commercial  use.