设为首页收藏本站
切换到窄版

 找回密码
 注册

QQ登录

只需一步,快速开始

搜索
自由的生活_软路由»交流 ::技术区:: RouterOS 求双线DSCP排除服务器限速
返回列表 发新帖
查看: 7607|回复: 7

[策略设置] 求双线DSCP排除服务器限速

[复制链接]
qkhh
发表于 2012-10-13 21:07:25 | 显示全部楼层 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有账号?注册

×
双线ADSL线路,用的是DSCP标记。排除服务器不成功

add action=change-dscp chain=prerouting comment=server disabled=no dscp=0 \
    new-dscp=1 passthrough=yes src-address=192.168.1.251
add action=accept chain=prerouting comment=server disabled=no dscp=1 \
    src-address-type=!local
add action=accept chain=postrouting comment=server disabled=no dscp=1 \
    src-address-list=server-ip

这个我的排除服务器脚本
routeros
回复

使用道具 举报

qkhh
 楼主| 发表于 2012-10-13 21:12:24 | 显示全部楼层
本帖最后由 qkhh 于 2012-10-13 21:16 编辑

未命名.jpg
用DSCP标记为accept 服务器还是跟客户机一样的限速
如果用mark connection标记连接再标记包也不行。(服务器连网页都打不开)
routeros
回复

使用道具 举报

qkhh
 楼主| 发表于 2012-10-14 13:02:19 | 显示全部楼层
谁能帮帮忙。搞来搞去就是不行。单线可以排除服务器。双线就不行了。
routeros
回复

使用道具 举报

qkhh
 楼主| 发表于 2012-10-14 13:59:22 | 显示全部楼层
全部脚本贴出来当然没问题,又不是什么高级的东西。

我用DSCP标记是因为双线用链接标记的话有问题,不能正常工作。也许是我不会搞。单线用链接标记可以正常工作我会。
因为用DSCP标记在双线下可以正常使用QOS限速,端口及大小包都可以区分开来,游戏网页什么的也正常。所以才用DSCP标记。
routeros
回复

使用道具 举报

qkhh
 楼主| 发表于 2012-10-14 14:02:22 | 显示全部楼层
bobwalker 发表于 2012-10-14 13:44

                               
登录/注册后可看大图

脚本不全,所以没人回答。

不用担心别人用你的脚本,你全贴出来,也没人用。因为在ROS中,使用DSCP做Q ...

/ip firewall mangle
add action=change-mss chain=forward disabled=no new-mss=1440 passthrough=yes \
    protocol=tcp tcp-flags=syn
add action=mark-connection chain=prerouting connection-state=new disabled=no \
    in-interface=Lan new-connection-mark=con1 nth=2,1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=con1 disabled=no \
    in-interface=Lan new-routing-mark=to-con1 passthrough=yes
add action=mark-connection chain=prerouting connection-state=new disabled=no \
    in-interface=Lan new-connection-mark=con2 nth=2,2 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=con2 disabled=no \
    in-interface=Lan new-routing-mark=to-con2 passthrough=yes
add action=add-src-to-address-list address-list=neiwang-ip \
    address-list-timeout=5m chain=prerouting comment=\
    "\C4\DA\CD\F8\B5\D8\D6\B7\C1\D0\B1\EDlan" disabled=no in-interface=Lan \
    src-address=192.168.1.2-192.168.1.250
add action=change-dscp chain=prerouting comment=server disabled=no dscp=0 \
    new-dscp=1 passthrough=yes src-address=192.168.1.251
add action=accept chain=prerouting comment=server disabled=no dscp=1 \
    src-address-type=!local
add action=accept chain=postrouting comment=server disabled=no dscp=1 \
    src-address-list=server-ip
add action=change-dscp chain=prerouting comment=icmp disabled=no dscp=0 \
    new-dscp=3 passthrough=yes protocol=icmp
add action=change-dscp chain=prerouting comment=web disabled=no dscp=0 \
    new-dscp=4 passthrough=yes port=80,8080 protocol=tcp
add action=mark-packet chain=prerouting disabled=no dscp=4 in-interface=\
    pppoe-out1 new-packet-mark=web-down passthrough=no src-address-type=\
    !local
add action=mark-packet chain=postrouting disabled=no dscp=4 new-packet-mark=\
    web-up out-interface=pppoe-out1 passthrough=no src-address-list=\
    neiwang-ip
add action=mark-packet chain=prerouting disabled=no dscp=4 in-interface=\
    pppoe-out2 new-packet-mark=web-down2 passthrough=no src-address-type=\
    !local
add action=mark-packet chain=postrouting disabled=no dscp=4 new-packet-mark=\
    web-up2 out-interface=pppoe-out2 passthrough=no src-address-list=\
    neiwang-ip
add action=change-dscp chain=prerouting comment="\B4\F3\B0\FC" disabled=no \
    dscp=0 new-dscp=2 packet-size=512-65535 passthrough=yes
add action=mark-packet chain=prerouting disabled=no dscp=2 in-interface=\
    pppoe-out1 new-packet-mark=dabao-down passthrough=no src-address-type=\
    !local
add action=mark-packet chain=postrouting disabled=no dscp=2 new-packet-mark=\
    dabao-up out-interface=pppoe-out1 passthrough=no src-address-list=\
    neiwang-ip
add action=mark-packet chain=prerouting disabled=no dscp=2 in-interface=\
    pppoe-out2 new-packet-mark=dabao-down2 passthrough=no src-address-type=\
    !local
add action=mark-packet chain=postrouting disabled=no dscp=2 new-packet-mark=\
    dabao-up2 out-interface=pppoe-out2 passthrough=no src-address-list=\
    neiwang-ip
add action=change-dscp chain=prerouting comment=\
    "\B5\D8\CF\C2\B3\C7\D3\C2\CA\BF" disabled=no dscp=0 new-dscp=3 \
    passthrough=yes port=10001-10070,7101-7106 protocol=tcp
add action=change-dscp chain=prerouting disabled=no dscp=0 new-dscp=3 \
    passthrough=yes port=5063 protocol=udp
add action=change-dscp chain=prerouting comment="\B4\A9\D4\BD\BB\F0\CF\DF" \
    disabled=no dscp=0 new-dscp=3 passthrough=yes port=12000-12175,2349 \
    protocol=udp
add action=change-dscp chain=prerouting disabled=no dscp=0 new-dscp=3 \
    passthrough=yes port=7101-7106,10008,28012 protocol=tcp
add action=mark-packet chain=prerouting disabled=no dscp=3 in-interface=\
    pppoe-out1 new-packet-mark=youxi-down passthrough=no src-address-type=\
    !local
add action=mark-packet chain=postrouting disabled=no dscp=3 new-packet-mark=\
    youxi-up out-interface=pppoe-out1 passthrough=no src-address-list=\
    neiwang-ip
add action=mark-packet chain=prerouting disabled=no dscp=3 in-interface=\
    pppoe-out2 new-packet-mark=youxi-down2 passthrough=no src-address-type=\
    !local
add action=mark-packet chain=postrouting disabled=no dscp=3 new-packet-mark=\
    youxi-up2 out-interface=pppoe-out2 passthrough=no src-address-list=\
    neiwang-ip
add action=change-dscp chain=prerouting comment="\C6\E4\CB\FC\B0\FC" \
    disabled=no dscp=0 new-dscp=9 passthrough=yes
add action=mark-packet chain=prerouting disabled=no dscp=9 in-interface=\
    pppoe-out1 new-packet-mark=qitabao-down passthrough=no src-address-type=\
    !local
add action=mark-packet chain=postrouting disabled=no dscp=9 new-packet-mark=\
    qitabao-up out-interface=pppoe-out1 passthrough=no src-address-list=\
    neiwang-ip
add action=mark-packet chain=prerouting disabled=no dscp=9 in-interface=\
    pppoe-out2 new-packet-mark=qitabao-down2 passthrough=no src-address-type=\
    !local
add action=mark-packet chain=postrouting disabled=no dscp=9 new-packet-mark=\
    qitabao-up2 out-interface=pppoe-out2 passthrough=no src-address-list=\
    neiwang-ip
routeros
回复

使用道具 举报

qkhh
 楼主| 发表于 2012-10-14 15:07:59 | 显示全部楼层
bobwalker 发表于 2012-10-14 14:17

                               
登录/注册后可看大图

下面第一条规则,你把上行我包dscp改为1,但下行包dscp没有变。其他不用我说了吧。

非常感谢指点。我确实是一知半解。看来得再研究研究双线链接标记了。之前用connection标记双线游戏总是很难进房间。
routeros
回复

使用道具 举报

发表于 2012-10-14 15:24:08 | 显示全部楼层
bobwalker 发表于 2012-10-14 13:44

                               
登录/注册后可看大图

脚本不全,所以没人回答。

不用担心别人用你的脚本,你全贴出来,也没人用。因为在ROS中,使用DSCP做Q ...

除了DSCP,还有啥更高效率的方法?
routeros
回复

使用道具 举报

发表于 2013-2-18 15:17:58 | 显示全部楼层
学习了,顶上云
routeros
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

QQ|Archiver|手机版|小黑屋|软路由 ( 渝ICP备15001194号-1|渝公网安备 50011602500124号 )

GMT+8, 2024-11-22 01:56 , Processed in 0.135647 second(s), 8 queries , Gzip On, Redis On.

Powered by Discuz! X3.5 Licensed

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表