Understood, thank you so much... lets try this, THANKS! :D > From: chup...@gmail.com > Date: Wed, 30 May 2012 21:24:18 +0300 > To: mikrotik@mail.butchevans.com > Subject: Re: [Mikrotik] Policy routing based on DSCP > > Connection is bidirectional, it matches both outgoing and incoming packets, > so you're routing packets from the Internet back to the Internet. Add > 'in-interface=Local' to your routing marking rule. > > Or, as I already said, mark routing directly, without connection-mark. > > > > 2012/5/30 William Esteves <stevens...@hotmail.com> > > > > > Sadly, this didnt work. When I do all the marks (mark connection, then > > mark routing), the traffic STOPS, and I dont know why. I looked all my > > rules (to make sure that I'm not marking to the wrong way), I created a log > > to this connection > > /ip firewall mangle add chain=prerouting dscp=56 action=log log-prefix=dscp > > this is what appers on my log:Code:10:23:12 firewall,info dscp prerouting: > > in:eth3/Interno out:(none), src-mac 00:13:72:65:71:72, proto TCP (ACK), > > 172.1.1.2:48668->74.125.214.83:80, len 64 10:23:12 firewall,info dscp > > prerouting: in:eth3/Interno out:(none), src-mac 00:13:72:65:71:72, proto > > TCP (ACK), 172.1.1.2:19251->173.194.29.200:80, len 80 10:23:12 > > firewall,info dscp prerouting: in:eth3/Interno out:(none), src-mac > > 00:13:72:65:71:72, proto TCP (ACK), 172.1.1.2:37568->173.194.60.116:80, > > len 72 10:23:12 firewall,info dscp prerouting: in:eth3/Interno out:(none), > > src-mac 00:13:72:65:71:72, proto TCP (ACK), 172.1.1.2:19135-> > > 173.194.29.86:80, len 80 > > Until thats its OK, seens like is working does marks(DSCP56). So I decide > > to take this connections and redirect to another gateway that I have(and Im > > not using this gateway in defaults).So I make another ruleCode:/ip firewall > > mangle add action=mark-connection chain=prerouting comment="DSCP 56" > > disabled=no dscp=56 new-connection-mark=dscp56_conn passthrough=yesadd > > action=mark-routing chain=prerouting connection-mark=dscp56_conn > > disabled=no new-routing-mark=link3 passthrough=noAnd when I do that the > > traffic simple stops. So I thought thats the problem whas the rule, so I > > make the rule to my computer that is in the same network. But I add the > > rule to create a DSCP to my connnections change my DSCP=56, and its works.I > > tried differnt ways to do that, but its simply dont work. I losing my hopes > > to make this happen. But I believe thats someone has much more knowledge > > than me can do such thing.So anyone know how to make this work? > > By the way Im not using this to VoIP, its in my Speedr videos cache (its > > like squid, but do all dynamic cache). And they mark in DSCP=56 files that > > are MISS to the internet. And Looks that Im doing the right mark, but the > > download stop. Please help me on this. > > thanks. > > > > > From: but...@butchevans.com > > > To: mikrotik@mail.butchevans.com > > > Date: Sat, 26 May 2012 11:35:43 -0500 > > > Subject: Re: [Mikrotik] Policy routing based on DSCP > > > > > > On Sat, 2012-05-26 at 10:27 +0300, Chupaka wrote: > > > > Why do you mark connection if you need routing? Just mark routing > > directly > > > > :) > > > > > > This would work if you only need to route ONE DIRECTION for the traffic. > > > In other words, inside traffic going toward the internet via a specific > > > upstream. Downstream is likely to NOT need policy routing. The trouble > > > with this approach, and WHY he may need to be using connection tracking > > > (connection mark) is due to the fact that once it hits "the internet", > > > the dscp bits are very likely to be reset. Using connection mark gives > > > the ability to maintain the routing in both directions using policy > > > routes. This is just a guess. > > > > > > -- > > > ******************************************************************** > > > * Butch Evans * Professional Network Consultation * > > > * http://www.butchevans.com/ * Network Engineering * > > > * http://store.wispgear.net/ * Wired or Wireless Networks * > > > * http://blog.butchevans.com/ * ImageStream, Mikrotik and MORE! * > > > * NOTE THE NEW PHONE NUMBER: 702-537-0979 * > > > ******************************************************************** > > > > > > > > > > > > _______________________________________________ > > > Mikrotik mailing list > > > Mikrotik@mail.butchevans.com > > > http://www.butchevans.com/mailman/listinfo/mikrotik > > > > > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > RouterOS > > > > -------------- next part -------------- > > An HTML attachment was scrubbed... > > URL: < > > http://www.butchevans.com/pipermail/mikrotik/attachments/20120530/cbb4fc96/attachment.html > > > > > _______________________________________________ > > Mikrotik mailing list > > Mikrotik@mail.butchevans.com > > http://www.butchevans.com/mailman/listinfo/mikrotik > > > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > RouterOS > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > <http://www.butchevans.com/pipermail/mikrotik/attachments/20120530/23b0b65c/attachment.html> > _______________________________________________ > Mikrotik mailing list > Mikrotik@mail.butchevans.com > http://www.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.butchevans.com/pipermail/mikrotik/attachments/20120530/e79e3204/attachment.html> _______________________________________________ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
