Simple Queue

University of Babylon, IT College
Information Network Dep., Third Class, Second Semester
MTCNA Course
MikroTik Certified Network Associate
2014-2015
By M.Sc. I.T Alaa A. Mahdi
Queue
• Simple Queue + LAB;
• target-address;
• max-limit and limit-at;
• dst-address;
• bursts;
Queues provide
Queues are used to limit and prioritize
traffic:
* Limit data rate for certain IP addresses,
subnets, protocols, ports, and other
parameters,
* Limit peer-to-peer traffic,
* Prioritize some packet flows over
others,
Queues provide
* Configure traffic bursts for faster web
browsing,
* Apply different limits based on time,
* Share available traffic among users
equally, or depending on the load of
the channel
There are two different ways how to configure
queues in RouterOS:
• /queue simple menu - designed to ease
configuration of simple, everyday queuing
tasks (such as single client upload/download
limitation, p2p traffic limitation, etc.).
• /queue tree menu - for implementing
advanced queuing tasks (such as global
prioritization policy, user group limitations).
Requires marked packet flows from /ip
firewall mangle facility.
Rate limitation principles
• Rate limiting is used to control the rate of
traffic flow sent or received on a network
interface. Traffic which rate that is less than
or equal to the specified rate is sent,
whereas traffic that exceeds the rate is
dropped or delayed.
• The queuing is performed for packets
leaving the router through an interface. It
means that the queues should always be
configured on the outgoing interface
regarding the traffic flow.
Rate limiting can be performed in
two ways:
• Discard all packets that exceed rate limit –
rate limiting (dropper or shaper)
• Delay packets that exceed specific rate
limit in queue and transmit its when it is
possible – rate equalizing (scheduler)
Next figure explains difference between rate limiting
and rate equalizing:
• As you can see in first case all traffic
exceeds specific rate is dropped.
• In other case, traffic exceeds specific rate is
delayed in queue and transmitted later when
it is possible, but note that packet can be
delayed only until queue is not full. If there
is not more space in queue buffer, packets
are dropped.
We can define two rate limits:
• CIR (Committed Information Rate) –
(limit-at in RouterOS) worst case scenario,
flow will get this amount of traffic rate
regardless of other traffic flows. At any
given time, the bandwidth should not fall
below this committed rate.
• MIR (Maximum Information Rate) – (maxlimit
in RouterOS) best case scenario,
maximum available data rate for flow, if
there is free any part of bandwidth.
Configuring Simple Queues
• Simple queues can be used to set up
bandwidth management for the whole
traffic leaving an interface, or for certain
source and/or destination addresses.
• The simplest way to limit data rate for
specific IP addresses and/or subnets, is to
use simple queues.
• To add simple queues, use the /queue
simple add command:


• interface - Interface which packet leaves.
Queues work only for packets leaving the
interface.
• limit-at - Maximum stream bandwidth
(bits/s). 0 means no limit (default for the
interface).
• priority - Flow priority (1..8)
• upload (from Client)- limit only traffic
from the target (to Router).
• download (to Client)- limit only traffic to
the target (from Router).
Configuration Example
• Assume we have network topology like Figure
below and we want to limited download and
upload for private network (upload - 256kbps,
and download – 512kbps).

• Add a simple queue rule, which will limit the
download traffic to 512kbps and upload to
256kbps for the network 10.1.1.0/24, served by
the interface Ether2:
• /queue simple> add name=private
• target-addresses=10.1.1.0/24
• max-limit=256K/512K
• interface=ether2
– In this case statement works right also if we
indicate only one of parameters: "targetaddresses="
or "interface=", because both of
these define where and for which traffic this
queue will be implemented.
• The max-limit parameter cuts down the
maximum available bandwidth. The value
max-limit=256k/512k means that clients
from private network will get maximum of
512kbps for download and 256kbps for
upload.
• The target-addresses allows to define the
source IP addresses to which the queue rule
will be applied.
It is important to note that simple queues
when used with multiple IP addresses or
networks do not create a separate queue,
instead all hosts defined by the target
address will share the queue.
The four settings, name, target address, max
limit upload and download are the only
setting required to have a full functioning
simple queue.
• Probably, you want to exclude the server
from being limited, if so, add a queue for it
without any limitation (max-limit=0/0
which means no limitation).
• Move this rule to the beginning of the list,
because items in /queue simple are executed
in order one by one if router finds rule that
satisfy certain packet next rules aren’t
compared:
/queue simple> add name=server targetaddresses=
10.1.1.1/32 max-limit=0/0
interface=ether2
Flow Identifiers
• target-addresses : list of IP address ranges
that will be limited by this queue.
• interface: identifies interface the target is
connected to. Useful when it is not possible
to specify targets addresses.
• Each of these two properties can be used to
determine which direction is target upload
and which is download.
• Be careful to configure both of these
options for the same queue - in case they
will point to opposite directions queue will
not work.
• If neither value of target-addresses nor of
interface is specified, the queue will not be
able to make difference between upload and
download, and will limit all traffic twice.
• Simple queues are configured by
referencing the target address of the device
you are trying to control bandwidth to and
then initiating a limit for upload and
download. This “device” referenced here is
typically a customer or client. These are the
only pieces of information that need to be
configured to have a working queuing
system.
dst-address
• Allows to select only specific stream from
target address to this destination address.
• Example:
Limit bandwidth to a specific web site
Bursting
• The term bursting is used to describe a
behavior of the bandwidth limitation system
where a destination is allowed to reach a
certain level of upload or download
bandwidth for some period of time and then
a lower limitation is applied for the duration
of the upload or download. By allowing
these short bursts of bandwidth, the overall
customer experience for browsing the web,
checking email and similar common
functions is enhanced, while large
downloads are throttled back. This controls
the average bandwidth usage of the client.
Bursts
Burst is a feature that allows to satisfy queue
requirement for additional bandwidth even
if required rate is bigger that MIR (maxlimit)
for a limited period of time.
Burst mechanism is simple - if burst is
allowed max-limit value is replaced by
burst-limit value. When burst is disallowed
max-limit value remains unchanged.

• burst-limit (NUMBER) : maximal
upload/download data rate which can be
reached while the burst is allowed.
• burst-threshold (NUMBER) : this is value
of burst on/off switch.
• burst-time (TIME) : period of time, in
seconds, over which the average data rate is
calculated. (This is NOT the time of actual
burst).
• Burst can occur only
if average-rate of the queue for the last
burst-time seconds is smaller than burstthreshold.
Burst will stop
if average-rate of the queue for the last
burst-time seconds is bigger or equal to
burst-threshold
Every 1/16 part of the burst-time, the router
calculates the average data rate over the last
burst-time seconds
• Let us consider that we have a setup, where
max-limit=256000, burst-time=8, burstthreshold=
192000 and burstlimit=
512000. When a user is starting to
download a file via HTTP, we can observe
such a situation:

At the beginning the average data rate over the last 8
seconds is 0bps because before applying the queue rule
no traffic was passed, using this rule. Since this average
data rate is less than burst-threshold (192kbps), burst is
allowed. After the first second, the average data rate is
(0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+512)/8=64kbps,
which is under burst-threshold. After the second, average data rate
is
(0+0+0+0+0+0+0+0+0+0+0+0+0+0+512+512)/8=128kbps.
After the third second comes the breakpoint when the
average data rate becomes larger than burst-threshold.
At this moment burst is disabled and the current data rate
falls down to max-limit (256kbps).
clock-burst-time =
burst-threshold * burst-time / burst-limit
or
burst-time =(clock-burst-time*burst-limit)/ burstthreshold
Burst Example
• Given:
We want to create a simple queue with a 256k maxlimit
and we want to burst to 512k for 5 seconds on the
clock.
– Therefore:
Burst-Threshold: 128k (half the max-limit as
recommended)
Burst-Time: 20s
• burst-time = (5s * 512k) / 128k = 20s