qos on wireless links

8/3/2019 QoS on Wireless Links

1/21

Prepared by: Renato Bernardi

Medi@net S.r.L - Italy

www.medianetitalia.com


2/21

Introduction Renato [email protected]

Network Admin - MTCNA - MTCWE

Company Medi@net S.r.L WISP (AS43364)

South - West Sardinia

Italy

2QoS on Wireless Links - by Renato Bernardi
mailto:[email protected]:[email protected]


3/21

Outline Overview of the Example Network

Problematics

Setting up a Wireless Link with Nstreme

Briefly setting up a Border QoS

Preparing the Link QoS

Testing the current load limit of the link

Setting up the Ping Script

Test it



4/21

Overview of the Example Network



5/21

Problematics Wireless links might degrade for various reasons. Interferences

Cards damaged

Antennas moved Bad weather (Wind moving the antennas)



6/21

Problematics WMM is not possible on Nstreme links Wi-Fi Multimedia (WMM) provides basic Quality of Service (QoS) features to

802.11 networks. WMM prioritizes traffic according to four Access Categories (AC) -

voice, video, best effort, and background. From Normunds post on forum.mikrotik.com:

for Nstreme to achieve it's high speeds, it has to ignore a lot of stuff, including

WMM priorities. If you want WMM to work with it, it will not be fast anymore, so it

will have no purpose. Nstreme is so fast because it doesn't listen to anything



7/21

Problematics Setting up a complete QoS on every link is not always

possible (and it has an expensive management) A complete QoS needs a lot of resources to ensure a deep packet inspection (L7

Mangle) If you have a complete QoS on every link, any modification has to be made on each

link



8/21

Problematics Sometimes the AP cannot handle the QoS too, We will Limit only the Client Download traffic on this Lesson



9/21

Setting Up a Wireless Link with Nstreme Finding a good Spot Planning a wireless link with Radio Mobile software does the 90% of the work

before putting it on production.

If Radio Mobile is correctly configured, you can find which signal level you shouldexpect on that link and aim for it.

LOS (Line of Sight) and a free Fresnel are mandatory!



10/21

Setting Up a Wireless Link with NstremeBridge Configuration Station Configuration

/interface wireless set wlan1 country=italy

frequency-mode=regulatory-domain adaptive-

noise-immunity=ap-and-client-mode band=5ghz

disabled=no hide-ssid=yes ssid=BridgeNstremehw-retries=4 mode=bridge radio-

name=BridgeAlpha

/interface wireless nstreme set wlan1 enable-

nstreme=yes enable-polling=yes framer-

policy=exact-size framer-limit=3200

/ip address add address=10.254.254.1/30

interface=wlan1/mpls ldp set enabled=yes loop-detect=no lsr-

id=10.254.254.1 transport-address=10.254.254.1

/interface vpls add disabled=no name=vpls1 remote-

peer=10.254.254.2 vpls-id=5:5

/interface wireless set wlan1 country=italy

frequency-mode=regulatory-domain adaptive-

noise-immunity=ap-and-client-mode band=5ghz

disabled=no hide-ssid=yes ssid=BridgeNstremehw-retries=4 mode=station radio-

name=StationAlpha

/interface wireless nstreme set wlan1 enable-

nstreme=yes enable-polling=yes framer-

policy=exact-size framer-limit=3200

/ip address add address=10.254.254.2/30

interface=wlan1/mpls ldp set enabled=yes loop-detect=no lsr-

id=10.254.254.2 transport-address=10.254.254.2

/interface vpls add disabled=no name=vpls1 remote-

peer=10.254.254.1 vpls-id=5:5



11/21

Setting Up a Wireless Link with Nstreme Creating a Transparent Bridging /interface bridge add disabled=no name=bridge1

/interface bridge port add bridge=bridge1 interface=ether1

/interface bridge port add bridge=bridge1 interface=vpls1

/interface bridge settings set use-ip-firewall=yes



12/21

Briefly setting up a Border QoS I will not cover the explanation of setting up the QoS,

There are a lot of examples of a good QoS by Janis M. and

other users in the wiki.mikrotik.com http://mum.mikrotik.com/presentations/CZ09/QoS_Megis.pdf

http://wiki.mikrotik.com/wiki/Traffic_Priortization,_RouterOS_QoS_Implemetation

http://mum.mikrotik.com/presentations/CZ09/QoS_Megis.pdfhttp://wiki.mikrotik.com/wiki/Traffic_Priortization,_RouterOS_QoS_Implemetationhttp://wiki.mikrotik.com/wiki/Traffic_Priortization,_RouterOS_QoS_Implemetationhttp://mum.mikrotik.com/presentations/CZ09/QoS_Megis.pdf


13/21

Briefly setting up a Border QoS On Forward add the mangling of the DSCP (TOS) for all the

rules before. /ip firewall mangle

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=Internal

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=PING

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=SPEED

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=4 packet-mark=IP2P

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=4 packet-mark=P2P

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=12VOIP

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=4 packet-mark=OTHER

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=DNS

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=ESP

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=FTP

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=GRE

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=H323

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=HAMACHI add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=HTTP

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=HTTPD

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=HTTPS

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=IMAP4

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=IMAP4-SSL

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=IPSEC-IKE



14/21

Briefly setting up a Border QoS Use DSCP (TOS) from 1 to 4 for the priorities that will be used on the

links. add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=IPSEC-NATT

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=MOTST

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=MSN

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=NTP

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=PES2009 add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=POP3

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=POP3-SSL

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=PPTP

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=PS3

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=QUAKE

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=RDP

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=RFoM

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=SIP

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=SIP-RDP add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=SKYPE

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=SMTP

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=3 packet-mark=SMTP-SECURE

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=SNMP

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=SSH

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=1 packet-mark=TEAMSPEAK

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=TELNET

add action=change-dscp chain=forward comment="" disabled=no in-interface=ether6 new-dscp=2 packet-mark=TFTP



15/21

Preparing the QoS on the Link Mangle connections with the DSCP (TOS) we used.

/ip firewall mangle

add action=mark-connection chain=forward comment="" disabled=no dscp=1 new-connection-mark=TOS1_conn passthrough=yes

add action=mark-packet chain=forward comment="" connection-mark=TOS1_conn disabled=no new-packet-mark=TOS1 passthrough=no









16/21

Preparing the QoS on the Link Mangle the internal connections that didnt pass

through the Border Router QoS

/ip firewall mangle

add action=mark-connection chain=forward comment="" disabled=no dst-address-list="IP

Medi@net" new-connection-mark=Interno_conn passthrough=yes src-address-list="IP

Medi@net"

add action=mark-connection chain=forward comment="" disabled=no new-connection-

mark=Altro_conn passthrough=yes add action=mark-packet chain=forward comment="" connection-mark=Altro_conn

disabled=no new-packet-mark=TOS0 passthrough=no



17/21

Preparing the QoS on the Link Set up the queue tree with the DSCP (TOS) marks on HTB Out

(Wireless side)

/queue tree

add max-limit=38M name=Output parent=vpls1 priority=1

add name=TOS1 packet-mark=TOS1 parent=Output priority=1

Add name=TOS2 packet-mark=TOS2 parent=Output priority=2




Add name=Interno packet-mark=Internal parent=Output priority=2



18/21

Testing the current load limit of the link Preferibly use external powerful machines to do a TCP

test

Increase traffic on the link gradually, until the latency

goes over 20ms



19/21

Setting up the Ping Script Ping Script :global limit 18000000;

:global otherside 10.254.254.2;

:local latency [ping $otherside interval=20ms count=100];

:local currentlimit [/queue tree get Output max-limit];

:global wait; :if ( $latency < 80) do={

/queue tree set Output max-limit=($currentlimit -1000000 );

:set wait 6;

:log info message="Lowered Limit to ($currentlimit -1000000)";

} else={

:if ($currentlimit < $limit && $wait=0) do={ /queue tree set Output max-limit=($currentlimit +

1000000)

:set wait 6;

} else={

:if ($wait > 0 ) do={

:set wait ($wait - 1)

}}}

Explanation Max limit of the link just calculated

Other side of the link

Counts how many pings over 100 arent more than 20ms

Gets the current limit set (Not the max limit we set)

Initializes the wait variable If the count of good pings is below 80..

Lowers the current max limit of the HTB queue (the vpls1interface) by 1mbit

Sets the wait to 6 times

Logs the action to the logging system. (It can be modifiedand sends mail alerts)

If the count of good pings is above 80

And the current limit is less than the max limit of the linkand the wait time is 0

Increases by 1mbit the currentlimit

Sets the wait to 6 times again

If any of the above conditions arent true

Decreases the wait time by 1

If it is greater than 0



20/21

Setting up the Ping Script Setup the scheduler

If needed decreases the max-limit every 10 minutes but

waits 1 hour to increase it back. This wait time avoids

fluctuations of the limit itself

/system scheduler add disabled=no interval=10m name=Ping on-event=Ping

policy=read,write,policy,test,sniff start-time=startup



21/21

Conclusion Q&A

Thank You, and everyone is

welcome in my Homeland


qos on wireless links

Documents