|
|
发表于 2010-11-7 11:45:26
|
显示全部楼层
http://forum.mikrotik.com/viewtopic.php?f=8&t=10458
Well, that was the kind of question, which bothered me too. Not sure if related to NAT (masquarading), but generally I think that you mark your connection just because of it. Then MT tracks the connection for you (correct me, if I am wrong, please
If you can see, your marked packets are just equal to your marked connections, so marking packets does not add anything for you. The thing is, when you look at queue definition, you can add your "packet mark", not "connection mark".
So, my understanding is, that marking connecion is just helper to be able to properly mark packets.
One guy told me, that it would be easier to do shaping without masquarading, and insert one other router in front of your router, doing only masquarading. Can anyone confirm, that NAT is generally complicating our situation here?
Thanks,
Petr
if you mark a packet with a connection mark, connection tracking will remember the mark whenever the return/consecutive packet(s) in the stream come along. You mark a stream/connection once and connection marking will remember it until the stream/connection is gone from the connections table.
A packet mark is forgotten as soon as the packet exits the router.
The reason there is two different ones is that you might want to apply different policies to packets that belong to the same stream/connection.
udp is connectionless but is considered a connection when udp packets flow through the router and a return packet of that exact host/port combination is returned. same goes for ip but there is no port combination.
Thus you must mark peer2peer connections with a connection mark and then a packet mark based on the connection mark to apply queueing. Otherwise you would just apply queueing to a single packet in the stream/connection (and that wouldnt make for very good peer2peer shaping!)
_________________
Repetition leads to inefficiency.
Inefficiency leads to failure.
Failure is suffering.
我不怎么看的懂,同问 |
|
|Archiver|手机版|小黑屋|软路由
( 渝ICP备15001194号-1|
渝公网安备 50011602500124号 )
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡