Beruflich Dokumente
Kultur Dokumente
In order to create the system that is a little bit more complex, we must start from the simple things. Although this a
simple do not think that it does not mean anything. I am sure the understanding of a simple things will help us to
improve it into a more complex system that has never been seen before. Regardless of any shortcomings that exist
in this blog, there are a negative comments and dislike in the video that I get, the passion in the new exploration is
become the soul of agratitudesign want to brings a little solve for the knowledge through the case study using the
experience and experiment.
In this article I will show you about the implementation QoS ROS V6 in building a simple hotspot network, how we
can manage of the bandwidth management. As probably you know QoS ROS Version 6 is the improvements of all
the shortcomings during along the review of the previous versions. Also i want to show you the initial configuration
in building a network using your favorite router. As an example in this case I will build a simple hotspot network
using QoS V6. You can see in detail the entire configuration process through this following video!
1. Setup and Configuring Mikrotik to build a Simple Hotspot
In order to build a simple hotspot system you see the schematic picture above! Using the internet connection to the
hotspot network system. I am using a modem that that will shared through 1 unit computer server connected win
lan cable leading to the interface ether1 of the interface Mikrotik router RB 750. The internet will be distribute via
ether2 interface to the hotspot network that will be routed through the wireless TP-Link as the access point where
the client by using wifi terminal connected to the access point at first.
For that you have to do some configuration to your access point that is adjusted to the ip address of the router
network configuration. You can use another access point if you don't have wireless router terminal on mikrotik router.
If your router already have wireless terminal you can directly configure the router network that allow the client that
is connected to your network.
http://agratitudesign.blogspot.com/2015/03/implementing-qos-ros-v6-in-building.html
The above pictures are an example of the configuration of wireless TP-Link as an access point of your router if the
router don't have any wireless terminal for the access point. If you are using wireless TP-Link, please adjust the IP
configuration to your network Mikrotik interfaces that you are using. The access points must use router gateway. In
this case I do not use dhcp server of the access point, because the final I want to do much configuration using dhcp
server from Mikrotik router centrally!
Assuming that you've done in configuring of your access point , and has connected to the router that has the Internet
gateway, then we will do the mikrotik configuration using Winbox from the client that is connected to the access
point. You need to set up the IP address as you have planned for the final configuration as the schematic plan above.
We have not done anything on the mikrotik configuration, we can only access the Winbox from the client using mac
address as shown like the picture above. Once we enterd to Winbox, we do not use the default configuration of the
router. Click on the Remove Configuration, we will do some configuration manually according to the schematic
plan.
http://agratitudesign.blogspot.com/2015/03/implementing-qos-ros-v6-in-building.html
Give the name of your interface list, adjust it depends on where the interface router that you put with, in this case
I have use ether1 and ether2, if it is not so clear, let you see the video tutorial
ether1=wan | Ip Network =192.168.137.2/24 (public interface)
ether2=hotspot | Ip Network =192.168.1.1/24 (local interface)
Then for more quickly you enter this following scripts to the new terminal winbox!
/ip address
add address=192.168.137.2/24 interface=wan
add address=192.168.1.1/24 interface=hotspot
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packetsize=512 servers=8.8.8.8,8.8.4.4
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.137.1
/ip firewall nat
add action=masquerade chain=srcnat out-interface=wan src-address=192.168.1.0/24
disabled=no comment="Masquerade Public Traffic"
Make sure your network interfaces and the gateway has been reachable, see on the Route List of your router as the
left picture above, then you can setup your dhcp server for your clients. And now you can restart the router and
reconnect your wireless access point to get a new ip address as a client from the dhcp server router. After this you
can access the winbox using ip address 192.168.1.1 as the gateway of your router. Untill this step your internet
access has been occurred.
http://agratitudesign.blogspot.com/2015/03/implementing-qos-ros-v6-in-building.html
2. Setup Mangle and Queue tree rules as the QoS implementation in version 6
In this case we are not using hotspot to manage the bandwidth for each client logins, I will talk about this next
time. For now just enough in using general QoS to manage your clients bandwidth that connected to dhcp server
so you can see about the QoS works in version 6. Ok we start by defining the configuration in Layer 7 Protocols,
for more quickly, please insert the script below as usually you do in version 5!
/ip firewall layer7-protocol
add comment="download" name=high regexp="^.*get.+\\.(exe|rar|iso|zip|7zip|0[0-9][19]|flv|mkv|avi|mp4|3gp|rmvb|mp3|img|dat|mov).*\$"
add comment="download" name=document
regexp="^.*get.+\\.(pdf|doc|docx|xlsx|xls|rtf|ppt|ppt).*\$"
add comment="video" name=youtube
regexp="^.*get.+\\.(c.youtube.com|cdn.dailymotion.com|metacafe.com|mccont.com).*\$"
add comment="video" name=streaming regexp="videoplayback|video"
add comment="video" name=youtube_matcher regexp="(GET \\/videoplayback\\\?|GET
\\/crossdomain\\.xml)"
You can add any definition else to create the kind of connection packets that you need as the QoS of your router.
Now how can we mark the connection packets in version 6, look at the mangle scripts below!
/ip firewall mangle
add action=mark-connection chain=forward disabled=no in-interface=wan new-connectionmark=all-outconn passthrough=yes comment="DOWNSTEAM CONNECTION"
add action=mark-packet chain=forward connection-mark=all-outconn disabled=no newpacket-mark=all-outpkt passthrough=yes comment="DOWNSTEAM"
/ip firewall mangle
add action=mark-packet chain=forward layer7-protocol=high new-packet-mark=dpkt packetmark=all-outpkt passthrough=no comment="CLIENT DOWNLOAD FILES"
add action=mark-packet chain=forward layer7-protocol=document new-packet-mark=dpkt
packet-mark=all-outpkt passthrough=no comment=""
/ip firewall mangle
add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=spkt
packet-mark=all-outpkt passthrough=no comment="CLIENT VIDEO STREAMING"
add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=spkt
packet-mark=all-outpkt passthrough=no comment=""
add action=mark-packet chain=forward layer7-protocol=youtube_matcher new-packetmark=spkt packet-mark=all-outpkt passthrough=no comment=""
/ip firewall mangle
add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443
passthrough=no new-packet-mark=bpkt packet-mark=all-outpkt protocol=tcp
comment="CLIENT BROWSING"
We just need to create the mangle rules using chain=forward with in-interface=wan (public interface) then
we will separate into the kind of connection packet else, how long can you defining the connection packets, you
can expand this rules as your requirements!
And second you can create the mangle rules using chain=postrouting with out-interface=hotspot (local
interface) as you can see on the scripts below!
/ip firewall mangle
add action=mark-connection chain=postrouting disabled=no out-interface=hotspot newconnection-mark=all-outconn passthrough=yes comment="DOWNSTEAM CONNECTION"
add action=mark-packet chain=postrouting connection-mark=all-outconn disabled=no newpacket-mark=all-outpkt passthrough=yes comment="DOWNSTEAM"
http://agratitudesign.blogspot.com/2015/03/implementing-qos-ros-v6-in-building.html
http://agratitudesign.blogspot.com/2015/03/implementing-qos-ros-v6-in-building.html