I put dns, email (ports 25, 110, 143, 465, 587, 993, 995) and voip (sip, h323, skype) at the top or maybe email just below voip and dns; web ssl and uncategorized in the middle of the range; and p2p at the bottom.
Greg On Feb 13, 2009, at 11:09 PM, RickG wrote: > Since we're on the subject, and RouterOS, what priorities do you put > on your traffic? Web, pop3, smtp, dns, icmp, ssl, ftp, snmp, etc... > -RickG > > On Fri, Feb 13, 2009 at 10:35 AM, Dennis Burgess > <dmburg...@linktechs.net> wrote: >> RouterOS can identify Skype at layer 7 as well. . >> >> * ----------------------------------------------------------- >> Dennis Burgess, CCNA, A+, Mikrotik Certified Trainer >> WISPA Board Member - wispa.org <http://www.wispa.org/> >> Link Technologies, Inc -- Mikrotik & WISP Support Services >> WISPA Vendor Member* >> *Office*: 314-735-0270 *Website*: http://www.linktechs.net >> <http://www.linktechs.net/> >> */LIVE On-Line Mikrotik Training/* >> <http://www.linktechs.net/onlinetraining.asp> >> >> The information transmitted (including attachments) is covered by >> the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is >> intended only for the person(s) or entity/entities to which >> it is addressed and may contain confidential and/or privileged >> material. Any review, retransmission, dissemination or other use >> of, or taking of any action in reliance upon, this information by >> persons or entities other than the intended recipient(s) is >> prohibited, If you >> received this in error, please contact the sender and delete the >> material from any computer. >> >> >> >> >> >> os10ru...@gmail.com wrote: >>> The problem I'm having is Skype is not impossible to detect, but >>> it is >>> difficult and some QoS mechanisms miss it because it's designed to >>> be >>> hard to detect and stop so it can slip out networks where the admin >>> tries to block IM apps. The better network security devices and >>> detect >>> and filter or QoS it. But Skype doesn't use TOS or other QoS >>> prioritizing bits and it greatly varies the ports it uses in an >>> effort >>> to not reveal itself. It's really quite amazing, if you have an >>> internet connection but you have a DNS issue (no DNS info being >>> propagated by DHCP for example) it will still find it's way out and >>> connect. It's one quick indication of a good network with bad DNS. >>> >>> Another problem is the newer P2P apps do likewise (random ports, >>> nondescript packets/data) in an effort to prevent ISP operators from >>> blocking or limiting it. So it's a continual game of cat and mouse >>> between the program authors and the net admin folks trying to detect >>> and control these things. >>> >>> Greg >>> >>> On Feb 13, 2009, at 9:59 AM, Eric Rogers wrote: >>> >>> >>>> Have you done any packet captures? If it is a small site, you >>>> might >>>> be >>>> able to look at the TOS bit and prioritize accordingly. If you >>>> see a >>>> DSCP (TOS) of 46, I assume it is VoIP and tag it for queues. In >>>> Mikrotik, there is a "connection type" option, and SIP is one of >>>> the >>>> options. I also tag that one and set it to VoIP for the QoS rules. >>>> >>>> It gets most traffic, but don't know about Skype. >>>> >>>> Eric >>>> >>>> >>>> -----Original Message----- >>>> From: wireless-boun...@wispa.org [mailto:wireless- >>>> boun...@wispa.org] >>>> On >>>> Behalf Of os10ru...@gmail.com >>>> Sent: Friday, February 13, 2009 8:18 AM >>>> To: WISPA General List >>>> Subject: [WISPA] RouterOS x86 for Skype QoS? >>>> >>>> Does anyone have experience using RouterOS (on RouterBoard or >>>> x86) for >>>> doing Skype QoS? I've been trying many different Linux based >>>> servers >>>> (ZeroShell, pfsense, Endian, ClarkConnect specifically for >>>> achieving >>>> good QoS with Skype - more specifically to keep the P2P stuff from >>>> killing Skype - and so far nothing is performing as well as little >>>> router with Tomato firmware and it's QoS. The problem is having the >>>> layer 7 sniffer properly detect and categorize Skype and >>>> uTorrent. I'm >>>> getting ready to try RouterOS (x86) and Wolverine. >>>> >>>> Does anyone have any success stories? >>>> >>>> Thanks! >>>> Greg >>>> >>>> >>>> ------------------------------------------------------------------------ >>>> -------- >>>> WISPA Wants You! Join today! >>>> http://signup.wispa.org/ >>>> ------------------------------------------------------------------------ >>>> -------- >>>> >>>> WISPA Wireless List: wireless@wispa.org >>>> >>>> Subscribe/Unsubscribe: >>>> http://lists.wispa.org/mailman/listinfo/wireless >>>> >>>> Archives: http://lists.wispa.org/pipermail/wireless/ >>>> >>>> >>>> -------------------------------------------------------------------------------- >>>> WISPA Wants You! Join today! >>>> http://signup.wispa.org/ >>>> -------------------------------------------------------------------------------- >>>> >>>> WISPA Wireless List: wireless@wispa.org >>>> >>>> Subscribe/Unsubscribe: >>>> http://lists.wispa.org/mailman/listinfo/wireless >>>> >>>> Archives: http://lists.wispa.org/pipermail/wireless/ >>>> >>> >>> >>> >>> -------------------------------------------------------------------------------- >>> WISPA Wants You! Join today! >>> http://signup.wispa.org/ >>> -------------------------------------------------------------------------------- >>> >>> WISPA Wireless List: wireless@wispa.org >>> >>> Subscribe/Unsubscribe: >>> http://lists.wispa.org/mailman/listinfo/wireless >>> >>> Archives: http://lists.wispa.org/pipermail/wireless/ >>> >> >> >> -------------------------------------------------------------------------------- >> WISPA Wants You! Join today! >> http://signup.wispa.org/ >> -------------------------------------------------------------------------------- >> >> WISPA Wireless List: wireless@wispa.org >> >> Subscribe/Unsubscribe: >> http://lists.wispa.org/mailman/listinfo/wireless >> >> Archives: http://lists.wispa.org/pipermail/wireless/ >> > > > -------------------------------------------------------------------------------- > WISPA Wants You! Join today! > http://signup.wispa.org/ > -------------------------------------------------------------------------------- > > WISPA Wireless List: wireless@wispa.org > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/ -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
