Syed Jahanzaib Personal Blog to Share Knowledge !

December 7, 2011

Mikrotik Howto give PiNG / iCMP high Priority

Filed under: Mikrotik Related — Tags: , , , — Syed Jahanzaib / Pinochio~:) @ 3:20 PM

caution-you-ping-me-i-blow-your-head[1]
Mikrotik Queuing is heuristic , means every packet leaving mikrotik destined to your IP is capped, even ICMP too.

So when you do browsing or downloading any data , there will be less or no bandwidth available for PING/ ICMP packets and ping form client to mikrotik OR to internet will face frequent timeout and high latency in case of full usage of allocated bandwidth.

As shown in the image below …

highi_ping

 

NOTE:

It is recommended to limit (DONOT BLOCK ICMP IT IS REQUIRED BY MANY ASPECTS) the ICMP/PING protocol on every network to avoid flooding and unwanted queries from the client end. (You can exempt your admin pc or other from this restriction via source address list)

Simply mark icmp packets and and create a queue that allows more bandwidth to icmp marked packets.


 

1- EXAMPLE OF PING/ICMP QUEUE USING SIMPLE QUEUE [overall capping]

###########################################
# PING/ICMP Priority Script for Mikrotik to avoid timeout on user standard queue being used full
# Syed Jahanzaib / aacable @ hotmail . com
# https://aacable.wordpress.com
###########################################

# Connection PACKET marking for ICMP, for 6.x ROS versions
/ip firewall mangle
add action=mark-packet chain=forward new-packet-mark=icmp_pkts passthrough=no protocol=icmp
add action=mark-packet chain=input new-packet-mark=icmp_pkts passthrough=no protocol=icmp
add action=mark-packet chain=prerouting new-packet-mark=icmp_pkts passthrough=no protocol=icmp
add action=mark-packet chain=postrouting new-packet-mark=icmp_pkts passthrough=no protocol=icmp
add action=mark-packet chain=output new-packet-mark=icmp_pkts passthrough=no protocol=icmp
/queue simple
add max-limit=5M/5M name=ICMP_Priority packet-marks=icmp-pkts target=""

Result after implementing above code.

ping ok


2- SECOND EXAMPLE OF PING/ICMP QUEUE USING PCQ TREE | (FOR PER USER DISTRIBUTION)

The following script will mark icmp packets and will allow 32k per user for icmp traffic via PCQ / QUEUE TREE

/ip firewall mangle
add action=mark-packet chain=prerouting comment="Mark ICMP I / zaib" new-packet-mark=ping_pkts_i protocol=icmp
add action=mark-packet chain=postrouting comment="Mark ICMP O / zaib" new-packet-mark=ping_pkts_o protocol=icmp

/queue type
add kind=pcq name="ping_pkts_i_32K" pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-rate=32k pcq-src-address6-mask=64
add kind=pcq name="ping_pkts_o_32K" pcq-classifier=src-address pcq-dst-address6-mask=64 pcq-rate=32k pcq-src-address6-mask=64


/queue tree
add name=ping_pkts_i packet-mark=ping_pkts_i parent=global-out queue="ping_pkts_i_32K / zaib"
add name=ping_pkts_o packet-mark=ping_pkts_o parent=global-out queue="ping_pkts_o_32K / zaib"

 

TIP: You can also use PRIORITY base queuing to give priority to ICMP packets from user own queue over other protocols.

 

Regard’s
Syed Jahanzaib

%d bloggers like this: