RouterOS V6 QOS (終極版)
[i=s] 本帖最後由 167pk 於 2020-6-30 13:11 編輯 [/i]:P TCP connection handshake (ACK, SYN, FIN, RST) 全優化
[attach]4531[/attach]
My setup the ACK, SYN and ICMP packets are used to improve the game smoothness
[attach]4537[/attach][code]
/ip firewall mangle
add action=jump chain=prerouting comment="CONNECTION mark in" connection-mark=no-mark in-interface-list=WAN jump-target=CM-ALL
add action=jump chain=prerouting comment="TCP FLAG mark in" in-interface-list=WAN jump-target=TF-IN protocol=tcp tcp-flags=!psh
add action=jump chain=prerouting comment="PACKET mark in" connection-mark=!no-mark in-interface-list=WAN jump-target=PM-IN
add action=jump chain=postrouting comment="CONNECTION mark out" connection-mark=no-mark jump-target=CM-ALL out-interface-list=WAN
add action=jump chain=postrouting comment="TCP FLAG mark out" jump-target=TF-OUT out-interface-list=WAN protocol=tcp tcp-flags=!psh
add action=jump chain=postrouting comment="PACKET mark out" connection-mark=!no-mark jump-target=PM-OUT out-interface-list=WAN
add action=mark-connection chain=CM-ALL comment="DNS tcp" dst-port=53,853 new-connection-mark=CM-DNS passthrough=yes protocol=tcp
add action=mark-connection chain=CM-ALL comment="DNS udp" dst-port=53,853 new-connection-mark=CM-DNS passthrough=yes protocol=udp
add action=mark-connection chain=CM-ALL comment="VOIP dscp 26" dscp=26 new-connection-mark=CM-VOIP passthrough=yes
add action=mark-connection chain=CM-ALL comment="VOIP dscp 46" dscp=46 new-connection-mark=CM-VOIP passthrough=yes
add action=mark-connection chain=CM-ALL comment="VOIP udp" dst-port=3478-3479,5060-5061,8801-8802 new-connection-mark=CM-VOIP passthrough=yes protocol=udp
add action=mark-connection chain=CM-ALL comment=ICMP new-connection-mark=CM-ICMP passthrough=yes protocol=icmp
add action=mark-connection chain=CM-ALL comment="VPN tcp" dst-port=1723 new-connection-mark=CM-VPN passthrough=yes protocol=tcp
add action=mark-connection chain=CM-ALL comment="VPN upd" dst-port=500,1194,1701,4500 new-connection-mark=CM-VPN passthrough=yes protocol=udp
add action=mark-connection chain=CM-ALL comment="VPN gre" new-connection-mark=CM-VPN passthrough=yes protocol=gre
add action=mark-connection chain=CM-ALL comment="VPN ipsec-esp" new-connection-mark=CM-VPN passthrough=yes protocol=ipsec-esp
add action=mark-connection chain=CM-ALL comment="VPN ipsec-ah" new-connection-mark=CM-VPN passthrough=yes protocol=ipsec-ah
add action=mark-connection chain=CM-ALL comment="EMAIL tcp" dst-port=25,110,143,465,587,993,995 new-connection-mark=CM-EMAIL passthrough=yes protocol=tcp
add action=mark-connection chain=CM-ALL comment="HTTP tcp" dst-port=80,443,8080,8443 new-connection-mark=CM-HTTP passthrough=yes protocol=tcp
add action=mark-connection chain=CM-ALL comment="QUIC udp" dst-port=80,443 new-connection-mark=CM-QUIC passthrough=yes protocol=udp
add action=mark-connection chain=CM-ALL comment=OTHER connection-mark=no-mark new-connection-mark=CM-OTHER passthrough=yes
add action=return chain=CM-ALL comment="CM-ALL return"
add action=mark-connection chain=CM-BIG comment="HTTP BIG" connection-bytes=500000-0 connection-mark=CM-HTTP connection-rate=!0-8k new-connection-mark=CM-HTTP-B passthrough=yes protocol=tcp
add action=mark-connection chain=CM-BIG comment="OTHER BIG" connection-mark=CM-OTHER new-connection-mark=CM-OTHER-B packet-size=!0-400 passthrough=yes
add action=return chain=CM-BIG comment="CM-BIG return"
add action=mark-packet chain=TF-IN comment="ACK in" new-packet-mark=TCPFLAG-I packet-size=0-64 passthrough=no protocol=tcp tcp-flags=ack,!fin,!syn,!rst,!urg,!ece,!cwr
add action=mark-packet chain=TF-IN comment="SYN in" new-packet-mark=TCPFLAG-I packet-size=0-64 passthrough=no protocol=tcp tcp-flags=syn
add action=return chain=TF-IN comment="TF-IN return"
add action=jump chain=PM-IN comment="CONNECTION BIG mark in" jump-target=CM-BIG
add action=mark-packet chain=PM-IN comment="DNS in" connection-mark=CM-DNS new-packet-mark=DNS-I passthrough=no
add action=mark-packet chain=PM-IN comment="VOIP in" connection-mark=CM-VOIP new-packet-mark=VOIP-I passthrough=no
add action=mark-packet chain=PM-IN comment="ICMP in" connection-mark=CM-ICMP new-packet-mark=ICMP-I passthrough=no
add action=mark-packet chain=PM-IN comment="VPN in" connection-mark=CM-VPN new-packet-mark=VPN-I passthrough=no
add action=mark-packet chain=PM-IN comment="EMAIL in" connection-mark=CM-EMAIL new-packet-mark=EMAIL-I passthrough=no
add action=mark-packet chain=PM-IN comment="HTTP in" connection-mark=CM-HTTP new-packet-mark=HTTP-I passthrough=no
add action=mark-packet chain=PM-IN comment="HTTP BIG in" connection-mark=CM-HTTP-B new-packet-mark=HTTP-B-I passthrough=no
add action=mark-packet chain=PM-IN comment="QUIC in" connection-mark=CM-QUIC new-packet-mark=QUIC-I passthrough=no
add action=mark-packet chain=PM-IN comment="OTHER in" connection-mark=CM-OTHER new-packet-mark=OTHER-I passthrough=no
add action=mark-packet chain=PM-IN comment="OTHER BIG in" connection-mark=CM-OTHER-B new-packet-mark=OTHER-B-I passthrough=no
add action=return chain=PM-IN comment="PM-IN return"
add action=mark-packet chain=TF-OUT comment="ACK out" new-packet-mark=TCPFLAG-O packet-size=0-64 passthrough=no protocol=tcp tcp-flags=ack,!fin,!syn,!rst,!urg,!ece,!cwr
add action=mark-packet chain=TF-OUT comment="SYN out" new-packet-mark=TCPFLAG-O packet-size=0-64 passthrough=no protocol=tcp tcp-flags=syn
add action=return chain=TF-OUT comment="TF-OUT return"
add action=jump chain=PM-OUT comment="CONNECTION BIG mark out" jump-target=CM-BIG
add action=mark-packet chain=PM-OUT comment="DNS out" connection-mark=CM-DNS new-packet-mark=DNS-O passthrough=no
add action=mark-packet chain=PM-OUT comment="VOIP out" connection-mark=CM-VOIP new-packet-mark=VOIP-O passthrough=no
add action=mark-packet chain=PM-OUT comment="ICMP out" connection-mark=CM-ICMP new-packet-mark=ICMP-O passthrough=no
add action=mark-packet chain=PM-OUT comment="VPN out" connection-mark=CM-VPN new-packet-mark=VPN-O passthrough=no
add action=mark-packet chain=PM-OUT comment="EMAIL out" connection-mark=CM-EMAIL new-packet-mark=EMAIL-O passthrough=no
add action=mark-packet chain=PM-OUT comment="HTTP out" connection-mark=CM-HTTP new-packet-mark=HTTP-O passthrough=no
add action=mark-packet chain=PM-OUT comment="HTTP BIG out" connection-mark=CM-HTTP-B new-packet-mark=HTTP-B-O passthrough=no
add action=mark-packet chain=PM-OUT comment="QUIC out" connection-mark=CM-QUIC new-packet-mark=QUIC-O passthrough=no
add action=mark-packet chain=PM-OUT comment="OTHER out" connection-mark=CM-OTHER new-packet-mark=OTHER-O passthrough=no
add action=mark-packet chain=PM-OUT comment="OTHER BIG out" connection-mark=CM-OTHER-B new-packet-mark=OTHER-B-O passthrough=no
add action=return chain=PM-OUT comment="PM-OUT return"
[/code] [i=s] 本帖最後由 167pk 於 2020-6-30 12:50 編輯 [/i]
;P 請自行根據上網速度,分別修改下面的第5,6行之max-limit值
第5行max-limit = download speed (default : 1Gigabit Speed)
第6行max-limit = upload speed (default : 1Gigabit Speed)
Without setting the max-limit properly, the Queue Tree will not drop enough low-priority packets, so the bandwidth control would be lost. In order to have Control - we must set the max-limit to a lower value - 99.99% to 85% of the tested throughput of the bottleneck
[attach]4536[/attach]
P.S.: 圖中ME係用i-cable 所以...{:5_251:} 200M(in), 10M(out)[code]
/queue type
add kind=sfq name=sfq-default
/queue tree
add bucket-size=0.01 name=INTERNET parent=global queue=default
add bucket-size=0.01 max-limit=1G name=IN parent=INTERNET queue=default
add bucket-size=0.01 max-limit=1G name=OUT parent=INTERNET queue=default
add name=DNS_IN packet-mark=DNS-I parent=IN priority=1 queue=default
add name=NETWORK_IN packet-mark=ICMP-I,TCPFLAG-I parent=IN priority=3 queue=default
add name=VOIP_IN packet-mark=VOIP-I parent=IN priority=2 queue=default
add name=OTHER_IN packet-mark=OTHER-I,VPN-I parent=IN priority=4 queue=default
add name=DNS_OUT packet-mark=DNS-O parent=OUT priority=1 queue=default
add name=NETWORK_OUT packet-mark=ICMP-O,TCPFLAG-O parent=OUT priority=3 queue=default
add name=VOIP_OUT packet-mark=VOIP-O parent=OUT priority=2 queue=default
add name=OTHER_OUT packet-mark=OTHER-O,VPN-O parent=OUT priority=4 queue=default
add name=HTTP_IN packet-mark=HTTP-I,EMAIL-I parent=IN priority=5 queue=sfq-default
add name=HTTP_BIG_IN packet-mark=HTTP-B-I parent=IN priority=6 queue=sfq-default
add name=QUIC_IN packet-mark=QUIC-I parent=IN priority=7 queue=sfq-default
add name=OTHER_BIG_IN packet-mark=OTHER-B-I parent=IN queue=sfq-default
add name=HTTP_OUT packet-mark=HTTP-O,EMAIL-O parent=OUT priority=5 queue=sfq-default
add name=HTTP_BIG_OUT packet-mark=HTTP-B-O parent=OUT priority=6 queue=sfq-default
add name=QUIC_OUT packet-mark=QUIC-O parent=OUT priority=7 queue=sfq-default
add name=OTHER_BIG_OUT packet-mark=OTHER-B-O parent=OUT queue=sfq-default
[/code] [i=s] 本帖最後由 167pk 於 2020-6-18 11:25 編輯 [/i]
[b][color=Red][size=5];P 緊記要關掉 fasttrack 功能[/size][/color][/b]
[attach]4527[/attach] [b]回復 [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47935&ptid=7814]2#[/url] [i]167pk[/i] [/b]
What happened? [i=s] 本帖最後由 167pk 於 2020-6-18 11:36 編輯 [/i]
[b]回復 [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=47938&ptid=7814]5#[/url] [i]vpn-learner[/i] [/b]
:P
不需手動過瀘內聯網之流量
如圖會自動不標記
[attach]4530[/attach]
頁:
[1]