View
233
Download
0
Category
Preview:
Citation preview
8/3/2019 QoS on Wireless Links
1/21
Prepared by: Renato Bernardi
Medi@net S.r.L - Italy
www.medianetitalia.com
8/3/2019 QoS on Wireless Links
2/21
Introduction Renato Bernardirenato.bernardi@medianetitalia.net
Network Admin - MTCNA - MTCWE
Company Medi@net S.r.L WISP (AS43364)
South - West Sardinia
Italy
2QoS on Wireless Links - by Renato Bernardi
mailto:renato.bernardi@medianetitalia.netmailto:renato.bernardi@medianetitalia.net8/3/2019 QoS on Wireless Links
3/21
Outline Overview of the Example Network
Problematics
Setting up a Wireless Link with Nstreme
Briefly setting up a Border QoS
Preparing the Link QoS
Testing the current load limit of the link
Setting up the Ping Script
Test it
3QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
4/21
Overview of the Example Network
4QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
5/21
Problematics Wireless links might degrade for various reasons. Interferences
Cards damaged
Antennas moved Bad weather (Wind moving the antennas)
5QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
6/21
Problematics WMM is not possible on Nstreme links Wi-Fi Multimedia (WMM) provides basic Quality of Service (QoS) features to
802.11 networks. WMM prioritizes traffic according to four Access Categories (AC) -
voice, video, best effort, and background. From Normunds post on forum.mikrotik.com:
for Nstreme to achieve it's high speeds, it has to ignore a lot of stuff, including
WMM priorities. If you want WMM to work with it, it will not be fast anymore, so it
will have no purpose. Nstreme is so fast because it doesn't listen to anything
6QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
7/21
Problematics Setting up a complete QoS on every link is not always
possible (and it has an expensive management) A complete QoS needs a lot of resources to ensure a deep packet inspection (L7
Mangle) If you have a complete QoS on every link, any modification has to be made on each
link
7QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
8/21
Problematics Sometimes the AP cannot handle the QoS too, We will Limit only the Client Download traffic on this Lesson
8QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
9/21
Setting Up a Wireless Link with Nstreme Finding a good Spot Planning a wireless link with Radio Mobile software does the 90% of the work
before putting it on production.
If Radio Mobile is correctly configured, you can find which signal level you shouldexpect on that link and aim for it.
LOS (Line of Sight) and a free Fresnel are mandatory!
9QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
10/21
Setting Up a Wireless Link with NstremeBridge Configuration Station Configuration
/interface wireless set wlan1 country=italy
frequency-mode=regulatory-domain adaptive-
noise-immunity=ap-and-client-mode band=5ghz
disabled=no hide-ssid=yes ssid=BridgeNstremehw-retries=4 mode=bridge radio-
name=BridgeAlpha
/interface wireless nstreme set wlan1 enable-
nstreme=yes enable-polling=yes framer-
policy=exact-size framer-limit=3200
/ip address add address=10.254.254.1/30
interface=wlan1/mpls ldp set enabled=yes loop-detect=no lsr-
id=10.254.254.1 transport-address=10.254.254.1
/interface vpls add disabled=no name=vpls1 remote-
peer=10.254.254.2 vpls-id=5:5
/interface wireless set wlan1 country=italy
frequency-mode=regulatory-domain adaptive-
noise-immunity=ap-and-client-mode band=5ghz
disabled=no hide-ssid=yes ssid=BridgeNstremehw-retries=4 mode=station radio-
name=StationAlpha
/interface wireless nstreme set wlan1 enable-
nstreme=yes enable-polling=yes framer-
policy=exact-size framer-limit=3200
/ip address add address=10.254.254.2/30
interface=wlan1/mpls ldp set enabled=yes loop-detect=no lsr-
id=10.254.254.2 transport-address=10.254.254.2
/interface vpls add disabled=no name=vpls1 remote-
peer=10.254.254.1 vpls-id=5:5
10QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
11/21
Setting Up a Wireless Link with Nstreme Creating a Transparent Bridging /interface bridge add disabled=no name=bridge1
/interface bridge port add bridge=bridge1 interface=ether1
/interface bridge port add bridge=bridge1 interface=vpls1
/interface bridge settings set use-ip-firewall=yes
11QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
12/21
Briefly setting up a Border QoS I will not cover the explanation of setting up the QoS,
There are a lot of examples of a good QoS by Janis M. and
other users in the wiki.mikrotik.com http://mum.mikrotik.com/presentations/CZ09/QoS_Megis.pdf
http://wiki.mikrotik.com/wiki/Traffic_Priortization,_RouterOS_QoS_Implemetation
12QoS on Wireless Links - by Renato Bernardi
http://mum.mikrotik.com/presentations/CZ09/QoS_Megis.pdfhttp://wiki.mikrotik.com/wiki/Traffic_Priortization,_RouterOS_QoS_Implemetationhttp://wiki.mikrotik.com/wiki/Traffic_Priortization,_RouterOS_QoS_Implemetationhttp://mum.mikrotik.com/presentations/CZ09/QoS_Megis.pdf8/3/2019 QoS on Wireless Links
13/21
Briefly setting up a Border QoS On Forward add the mangling of the DSCP (TOS) for all the
rules before. /ip firewall mangle
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=Internal
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=PING
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=SPEED
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=4 packet-mark=IP2P
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=4 packet-mark=P2P
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=12VOIP
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=4 packet-mark=OTHER
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=DNS
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=ESP
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=FTP
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=GRE
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=H323
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=HAMACHI add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=HTTP
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=HTTPD
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=HTTPS
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=IMAP4
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=IMAP4-SSL
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=IPSEC-IKE
13QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
14/21
Briefly setting up a Border QoS Use DSCP (TOS) from 1 to 4 for the priorities that will be used on the
links. add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=IPSEC-NATT
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=MOTST
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=MSN
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=NTP
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=PES2009 add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=POP3
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=POP3-SSL
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=PPTP
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=PS3
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=QUAKE
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=RDP
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=RFoM
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=SIP
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=SIP-RDP add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=SKYPE
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=SMTP
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=SMTP-SECURE
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=SNMP
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=SSH
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=TEAMSPEAK
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=TELNET
add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=TFTP
14QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
15/21
Preparing the QoS on the Link Mangle connections with the DSCP (TOS) we used.
/ip firewall mangle
add action=mark-connection chain=forward comment="" disabled=no dscp=1 new-connection-mark=TOS1_conn passthrough=yes
add action=mark-packet chain=forward comment="" connection-mark=TOS1_conn disabled=no new-packet-mark=TOS1 passthrough=no
add action=mark-connection chain=forward comment="" disabled=no dscp=2 new-connection-mark=TOS2_conn passthrough=yes
add action=mark-packet chain=forward comment="" connection-mark=TOS2_conn disabled=no new-packet-mark=TOS2 passthrough=no
add action=mark-connection chain=forward comment="" disabled=no dscp=3 new-connection-mark=TOS3_conn passthrough=yes
add action=mark-packet chain=forward comment="" connection-mark=TOS3_conn disabled=no new-packet-mark=TOS3 passthrough=no
add action=mark-connection chain=forward comment="" disabled=no dscp=4 new-connection-mark=TOS4_conn passthrough=yes
add action=mark-packet chain=forward comment="" connection-mark=TOS4_conn disabled=no new-packet-mark=TOS4 passthrough=no
15QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
16/21
Preparing the QoS on the Link Mangle the internal connections that didnt pass
through the Border Router QoS
/ip firewall mangle
add action=mark-connection chain=forward comment="" disabled=no dst-address-list="IP
Medi@net" new-connection-mark=Interno_conn passthrough=yes src-address-list="IP
Medi@net"
add action=mark-connection chain=forward comment="" disabled=no new-connection-
mark=Altro_conn passthrough=yes add action=mark-packet chain=forward comment="" connection-mark=Altro_conn
disabled=no new-packet-mark=TOS0 passthrough=no
16QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
17/21
Preparing the QoS on the Link Set up the queue tree with the DSCP (TOS) marks on HTB Out
(Wireless side)
/queue tree
add max-limit=38M name=Output parent=vpls1 priority=1
add name=TOS1 packet-mark=TOS1 parent=Output priority=1
Add name=TOS2 packet-mark=TOS2 parent=Output priority=2
Add name=TOS3 packet-mark=TOS3 parent=Output priority=3
Add name=TOS4 packet-mark=TOS4 parent=Output priority=4
Add name=TOS0 packet-mark=TOS0 parent=Output priority=5
Add name=Interno packet-mark=Internal parent=Output priority=2
17QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
18/21
Testing the current load limit of the link Preferibly use external powerful machines to do a TCP
test
Increase traffic on the link gradually, until the latency
goes over 20ms
18QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
19/21
Setting up the Ping Script Ping Script :global limit 18000000;
:global otherside 10.254.254.2;
:local latency [ping $otherside interval=20ms count=100];
:local currentlimit [/queue tree get Output max-limit];
:global wait; :if ( $latency < 80) do={
/queue tree set Output max-limit=($currentlimit -1000000 );
:set wait 6;
:log info message="Lowered Limit to ($currentlimit -1000000)";
} else={
:if ($currentlimit < $limit && $wait=0) do={ /queue tree set Output max-limit=($currentlimit +
1000000)
:set wait 6;
} else={
:if ($wait > 0 ) do={
:set wait ($wait - 1)
}}}
Explanation Max limit of the link just calculated
Other side of the link
Counts how many pings over 100 arent more than 20ms
Gets the current limit set (Not the max limit we set)
Initializes the wait variable If the count of good pings is below 80..
Lowers the current max limit of the HTB queue (the vpls1interface) by 1mbit
Sets the wait to 6 times
Logs the action to the logging system. (It can be modifiedand sends mail alerts)
If the count of good pings is above 80
And the current limit is less than the max limit of the linkand the wait time is 0
Increases by 1mbit the currentlimit
Sets the wait to 6 times again
If any of the above conditions arent true
Decreases the wait time by 1
If it is greater than 0
19QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
20/21
Setting up the Ping Script Setup the scheduler
If needed decreases the max-limit every 10 minutes but
waits 1 hour to increase it back. This wait time avoids
fluctuations of the limit itself
/system scheduler add disabled=no interval=10m name=Ping on-event=Ping
policy=read,write,policy,test,sniff start-time=startup
20QoS on Wireless Links - by Renato Bernardi
8/3/2019 QoS on Wireless Links
21/21
Conclusion Q&A
Thank You, and everyone is
welcome in my Homeland
21QoS on Wireless Links - by Renato Bernardi
Recommended