INDRAWIRATAMA.co.id – Untuk pengguna MikroTik yang ingin melakukan management bandwidth baik di warnet, hotspot, kantor, kost-kostan atau di warung wifi, kali ini akan membagikan tutorial sederhana tentang limit bandwidth dengan mode Queue Tree di MikroTik routerOS.
Queue Tree yang dibuat ini system nya bagi sama rata bandwidth untuk semua pengguna tapi melakukan priority (prioritas) untuk browsing dan game. Sehingga pengguna yang sedang online game dan melakukan browsing tidak terganggu oleh aktifitas pengguna yang sedang download atau streaming youtube.
Daftar isi
Queue Tree MikroTik v6.x
Panduan Queue Tree yang kita bahas kali ini akan diterapkan pada MikroTik routerOS versi 6.X, pastikan anda sudah melakukan upgrade ke versi 6 sebelum mencoba script Queue Tree mikrotik ini.
Untuk topologi jaringan kira-kira seperti di atas, ether1 mikrotik ke Modem, dan ether2 ke HUB lalu ke PC.
Berikut script mangle untuk marking /menandai semua traffic yang nantinya di teruskan di queue tree :
/ip
firewall address-list
add address=192.168.0.0
/16
list=private_IPv4
add address=172.16.0.0
/12
list=private_IPv4
add address=10.0.0.0
/8
list=private_IPv4
/ip
firewall layer7-protocol
add name=EXE regexp=
"\\x4d\\x5a(\\x90\\x03|\\x50\\x02)\\x04"
add name=ZIP regexp=
"pk\\x03\\x04\\x14"
add name=MP4 regexp=
"\\x18\\x66\\x74\\x79\\x70"
add name=RAR regexp=
"Rar\\x21\\x1a\\x07"
add name=youtube regexp=
"r[0-9]+---[a-z]+-+[a-z0-9-]+\\.googlevideo\\.com"
/ip
firewall mangle
add action=accept chain=prerouting comment=
"Bypass Local Traffic"
dst-address-list=private_IPv4 src-address-list=private_IPv4
add action=accept chain=forward dst-address-list=private_IPv4 src-address-list=private_IPv4
add action=mark-connection chain=forward comment=
"Games Traffic"
dst-port=39190-39200 new-connection-mark=games passthrough=
yes
protocol=tcp src-address-list=private_IPv4
add action=mark-connection chain=forward dst-port=40000-40010 new-connection-mark=games passthrough=
yes
protocol=udp src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=games
in
-interface=
"ether1 - Wan"
new-packet-mark=games_down passthrough=no
add action=mark-packet chain=forward connection-mark=games
in
-interface=
"ether2 - Lan"
new-packet-mark=games_up passthrough=no
add action=mark-connection chain=forward comment=
"ICMP Traffic"
new-connection-mark=icmp passthrough=
yes
protocol=icmp src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=icmp
in
-interface=
"ether1 - Wan"
new-packet-mark=icmp_down passthrough=no protocol=icmp
add action=mark-packet chain=forward connection-mark=icmp
in
-interface=
"ether2 - Lan"
new-packet-mark=icmp_up passthrough=no protocol=icmp
add action=mark-connection chain=forward comment=
"DNS Traffic"
dst-port=53 new-connection-mark=dns passthrough=
yes
protocol=udp src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=dns
in
-interface=
"ether1 - Wan"
new-packet-mark=dns_down passthrough=no protocol=udp
add action=mark-packet chain=forward connection-mark=dns
in
-interface=
"ether2 - Lan"
new-packet-mark=dns_up passthrough=no protocol=udp
add action=mark-connection chain=forward comment=
"Remote Traffic"
dst-port=22,23,8291,5938,4899 new-connection-mark=remote passthrough=
yes
protocol=tcp src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=remote
in
-interface=
"ether1 - Wan"
new-packet-mark=remote_down passthrough=no
add action=mark-packet chain=forward connection-mark=remote
in
-interface=
"ether2 - Lan"
new-packet-mark=remote_up passthrough=no
add action=mark-connection chain=forward comment=
"YouTube Traffic"
layer7-protocol=youtube new-connection-mark=youtube passthrough=
yes
src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=youtube
in
-interface=
"ether1 - Wan"
new-packet-mark=youtube_down passthrough=no
add action=mark-packet chain=forward connection-mark=youtube
in
-interface=
"ether2 - Lan"
new-packet-mark=youtube_up passthrough=no
add action=mark-connection chain=forward comment=
"Extension Layer7"
layer7-protocol=EXE new-connection-mark=extensi passthrough=
yes
add action=mark-connection chain=forward layer7-protocol=ZIP new-connection-mark=extensi passthrough=
yes
add action=mark-connection chain=forward layer7-protocol=MP3 new-connection-mark=extensi passthrough=
yes
add action=mark-connection chain=forward layer7-protocol=RAR new-connection-mark=extensi passthrough=
yes
add action=mark-packet chain=forward connection-mark=extensi
in
-interface=
"ether1 - Wan"
new-packet-mark=extensi_down passthrough=no
add action=mark-packet chain=forward connection-mark=extensi
in
-interface=
"ether2 - Lan"
new-packet-mark=extensi_up passthrough=no
add action=mark-connection chain=forward comment=
"Browsing Traffic"
connection-mark=!heavy_traffic new-connection-mark=browsing passthrough=
yes
src-address-list=private_IPv4
add action=mark-connection chain=forward comment=
"Heavy Traffic"
connection-bytes=1024000-0 connection-mark=browsing connection-rate=256k-102400k new-connection-mark=heavy_traffic passthrough=
yes
protocol=tcp
add action=mark-connection chain=forward connection-bytes=1024000-0 connection-mark=browsing connection-rate=256k-102400k new-connection-mark=heavy_traffic passthrough=
yes
protocol=udp
add action=mark-packet chain=forward connection-mark=heavy_traffic
in
-interface=
"ether1 - Wan"
new-packet-mark=heavy_browsing_down passthrough=no
add action=mark-packet chain=forward connection-mark=heavy_traffic
in
-interface=
"ether2 - Lan"
new-packet-mark=heavy_browsing_up passthrough=no
add action=mark-packet chain=forward connection-mark=browsing
in
-interface=
"ether1 - Wan"
new-packet-mark=small_browsing_down passthrough=no
add action=mark-packet chain=forward connection-mark=browsing
in
-interface=
"ether2 - Lan"
new-packet-mark=small_browsing_up passthrough=no
Silahkan copy semua script diatas kemudian anda paste terlebih dulu ke text editor seperti notepad++, kemudian sesuaikan nama interface nya.
ether1 – Wan = adalah nama interface ether1 mikrotik
ether2 – Lan = adalah nama interface ether2 mikrotik
Jika semua sudah di sesuaikan, silahkan copy semua kemudian paste ke terminal winbox.
Penjelasan Script Mangle Queue Tree
/ip
firewall address-list
add address=192.168.0.0
/16
list=private_IPv4
add address=172.16.0.0
/12
list=private_IPv4
add address=10.0.0.0
/8
list=private_IPv4
/ip
firewall layer7-protocol
add name=EXE regexp=
"\\x4d\\x5a(\\x90\\x03|\\x50\\x02)\\x04"
add name=ZIP regexp=
"pk\\x03\\x04\\x14"
add name=MP4 regexp=
"\\x18\\x66\\x74\\x79\\x70"
add name=RAR regexp=
"Rar\\x21\\x1a\\x07"
add name=youtube regexp=
"r[0-9]+---[a-z]+-+[a-z0-9-]+\\.googlevideo\\.com"
Memasukan Regex Layer7 Youtube dan Layer7 extensi EXE, ZIP, MP4, dan RAR.
Jika anda ingin menambah Layer7 untuk extensi yang lain, silahkan tinggal di input saja.
/ip
firewall mangle
add action=accept chain=prerouting comment=
"Bypass Local Traffic"
dst-address-list=private_IPv4 src-address-list=private_IPv4
add action=accept chain=forward dst-address-list=private_IPv4 src-address-list=private_IPv4
add action=mark-connection chain=forward comment=
"Games Traffic"
dst-port=39190-39200 new-connection-mark=games passthrough=
yes
protocol=tcp src-address-list=private_IPv4
add action=mark-connection chain=forward dst-port=40000-40010 new-connection-mark=games passthrough=
yes
protocol=udp src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=games
in
-interface=
"ether1 - Wan"
new-packet-mark=games_down passthrough=no
add action=mark-packet chain=forward connection-mark=games
in
-interface=
"ether2 - Lan"
new-packet-mark=games_up passthrough=no
add action=mark-connection chain=forward comment=
"ICMP Traffic"
new-connection-mark=icmp passthrough=
yes
protocol=icmp src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=icmp
in
-interface=
"ether1 - Wan"
new-packet-mark=icmp_down passthrough=no protocol=icmp
add action=mark-packet chain=forward connection-mark=icmp
in
-interface=
"ether2 - Lan"
new-packet-mark=icmp_up passthrough=no protocol=icmp
add action=mark-connection chain=forward comment=
"DNS Traffic"
dst-port=53 new-connection-mark=dns passthrough=
yes
protocol=udp src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=dns
in
-interface=
"ether1 - Wan"
new-packet-mark=dns_down passthrough=no protocol=udp
add action=mark-packet chain=forward connection-mark=dns
in
-interface=
"ether2 - Lan"
new-packet-mark=dns_up passthrough=no protocol=udp
add action=mark-connection chain=forward comment=
"Remote Traffic"
dst-port=22,23,8291,5938,4899 new-connection-mark=remote passthrough=
yes
protocol=tcp src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=remote
in
-interface=
"ether1 - Wan"
new-packet-mark=remote_down passthrough=no
add action=mark-packet chain=forward connection-mark=remote
in
-interface=
"ether2 - Lan"
new-packet-mark=remote_up passthrough=no
add action=mark-connection chain=forward comment=
"YouTube Traffic"
layer7-protocol=youtube new-connection-mark=youtube passthrough=
yes
src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=youtube
in
-interface=
"ether1 - Wan"
new-packet-mark=youtube_down passthrough=no
add action=mark-packet chain=forward connection-mark=youtube
in
-interface=
"ether2 - Lan"
new-packet-mark=youtube_up passthrough=no
add action=mark-connection chain=forward comment=
"Extension Layer7"
layer7-protocol=EXE new-connection-mark=extensi passthrough=
yes
add action=mark-connection chain=forward layer7-protocol=ZIP new-connection-mark=extensi passthrough=
yes
add action=mark-connection chain=forward layer7-protocol=MP3 new-connection-mark=extensi passthrough=
yes
add action=mark-connection chain=forward layer7-protocol=RAR new-connection-mark=extensi passthrough=
yes
add action=mark-packet chain=forward connection-mark=extensi
in
-interface=
"ether1 - Wan"
new-packet-mark=extensi_down passthrough=no
add action=mark-packet chain=forward connection-mark=extensi
in
-interface=
"ether2 - Lan"
new-packet-mark=extensi_up passthrough=no
add action=mark-connection chain=forward comment=
"Browsing Traffic"
connection-mark=!heavy_traffic new-connection-mark=browsing passthrough=
yes
src-address-list=private_IPv4
add action=mark-connection chain=forward comment=
"Heavy Traffic"
connection-bytes=1024000-0 connection-mark=browsing connection-rate=256k-102400k new-connection-mark=heavy_traffic passthrough=
yes
protocol=tcp
add action=mark-connection chain=forward connection-bytes=1024000-0 connection-mark=browsing connection-rate=256k-102400k new-connection-mark=heavy_traffic passthrough=
yes
protocol=udp
add action=mark-packet chain=forward connection-mark=heavy_traffic
in
-interface=
"ether1 - Wan"
new-packet-mark=heavy_browsing_down passthrough=no
add action=mark-packet chain=forward connection-mark=heavy_traffic
in
-interface=
"ether2 - Lan"
new-packet-mark=heavy_browsing_up passthrough=no
add action=mark-packet chain=forward connection-mark=browsing
in
-interface=
"ether1 - Wan"
new-packet-mark=small_browsing_down passthrough=no
add action=mark-packet chain=forward connection-mark=browsing
in
-interface=
"ether2 - Lan"
new-packet-mark=small_browsing_up passthrough=no
Queue Tree HTB
/queue
type
add kind=pcq name=down_pcq pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-src-address6-mask=64
add kind=pcq name=up_pcq pcq-classifier=src-address pcq-dst-address6-mask=64 pcq-src-address6-mask=64
/queue
tree
add name=
"Global Traffic"
parent=global queue=default
add max-limit=3M name=Download parent=
"Global Traffic"
queue=default
add max-limit=1M name=Upload parent=
"Global Traffic"
add limit-at=512k max-limit=3M name=
"1. Game"
packet-mark=games_down parent=Download priority=1 queue=down_pcq
add limit-at=64k max-limit=3M name=
"2. Icmp"
packet-mark=icmp_down parent=Download priority=1 queue=down_pcq
add limit-at=64k max-limit=3M name=
"3. Dns"
packet-mark=dns_down parent=Download priority=1 queue=down_pcq
add max-limit=3M name=
"5. Download Traffic"
parent=Download queue=default
add max-limit=3M name=
"1. Small Browsing"
packet-mark=small_browsing_down parent=
"5. Download Traffic"
priority=5 queue=down_pcq
add max-limit=3M name=
"2. Heavy Browsing"
packet-mark=heavy_browsing_down parent=
"5. Download Traffic"
priority=7 queue=down_pcq
add limit-at=512k max-limit=3M name=
"4. Remote"
packet-mark=remote_down parent=Download priority=3 queue=down_pcq
add max-limit=3M name=
"3. YouTube"
packet-mark=youtube_down parent=
"5. Download Traffic"
priority=7 queue=down_pcq
add max-limit=3M name=
"4. Extensi"
packet-mark=extensi_down parent=
"5. Download Traffic"
queue=down_pcq
add limit-at=256k max-limit=1M name=
"1. game"
packet-mark=games_up parent=Upload priority=1 queue=up_pcq
add limit-at=32k max-limit=1M name=
"2. icmp"
packet-mark=icmp_up parent=Upload priority=1 queue=up_pcq
add limit-at=32k max-limit=1M name=
"3. dns"
packet-mark=dns_up parent=Upload priority=1 queue=up_pcq
add limit-at=256k max-limit=1M name=
"4. remote"
packet-mark=remote_up parent=Upload priority=3 queue=up_pcq
add max-limit=1M name=
"5. Upload Traffic"
parent=Upload queue=default
add max-limit=1M name=
"1. small browsing"
packet-mark=small_browsing_up parent=
"5. Upload Traffic"
priority=5 queue=up_pcq
add max-limit=1M name=
"2. heavy browsing"
packet-mark=heavy_browsing_up parent=
"5. Upload Traffic"
priority=7 queue=up_pcq
add max-limit=1M name=
"3. youtube"
packet-mark=youtube_up parent=
"5. Upload Traffic"
priority=7 queue=up_pcq
add max-limit=1M name=
"4. extensi"
packet-mark=extensi_up parent=
"5. Upload Traffic"
queue=up_pcq
Model Queue Tree di atas sangat membantu jika di terapkan pada jaringan seperti Warnet, Kantor, Cafe wifi, Warung wifi, yang konsep pembagiannya sama rata tapi tanpa mengganggu traffic game dan browsing oleh pemakai IDM atau youtube.
Pembagian Bandwidth Queue Tree di atas hanya contoh dan di ambil point penting nya saja.
Dengan menambah Priority di Queue Tree seperti di atas, kita bisa lihat dimana traffic game dan Browsing dipisah, dengan tujuan agar traffic tersebut mendapatkan jatah sesuai yang sudah kita prioritaskan.
Catatan!!
Contoh di atas kapasitas bandwidth saya adalah 3Mb Download dan 1Mb upload, jika kondisi real di tempat anda berbeda, silahkan anda sesuaikan.
Silahkan ukur kecepatan internet anda, ukur secara akurat dan jangan sampai bandwidth real anda dibawah settingan queue di atas.
Misal bandwidth real anda 10Mb, tapi anda setting 15Mb, cara tersebut tidak tepat, karena pembagian prioritasnya nanti kurang pas.
Semoga Tutorial MikroTik tentang Queue Tree kali ini bisa bermanfaat buat anda semua, Jangan lupa share tutorial ini jika bisa bermanfaat buat anda, dan silahkan tinggalkan komentar untuk permasalahan tutorial di atas.
Mohon saran dan kritikannya jika tutorial di atas ada yang salah dan perlu di bernarkan.
Salam MikroTiker..