Why Packet Loss ?.
There are many reasons for getting packet loss, But here we will be talking about How you
can avoid packet loss due to the high bandwidth consumption. and we will
configure a bandwidth reservation for our ICMP traffic when there is congestion on the link
or so-called over-utilized link. So basically we are talking about how you can deal
with the ICMP traffic when there is full usage of allocated bandwidth.!!
Let’s say you have given 2Mbps bandwidth to a customer and that customer is downloading a movie from the internet and the bandwidth is being fully utilized, so once the bandwidth will be over-utilized then allocated bandwidth(2 Mb) then the Mikrotik will start dropping every Packet of that user because there is no more bandwidth available, in simple, it will allow only 2 Mb and rest of the exceed traffic will be dropped by default. So here, we can define that which types of traffic we want to drop at the type of congestion and what types of traffic we want to have a reserved bandwidth. in our case when already the bandwidth is being fully utilized the user is pinging to a destination server and ping is the ICMP traffic, In that case, the ping packet also will be lost and customers will be observed frequent timeout and high latency as well.
Another Example of ICMP Importance in Network Mgmt, let’s say you have a site or branch office and that site is connected from your head office over a 100Mb MPLS L2 and you have a Mikrotik router in that site, let’s say that link is being fully utilized and you are monitoring that Mikrotik through NMS and ICMP is the protocol you are using for monitoring, So obviously there would be packet loss sometimes and high latency because the bandwidth is choked on the link, so In that case, if there will be frequent packet loss or high latency to your branch office Mikrotik from your NMS which resides in your head office, in that case, your NMS alarm will sound continuous..!! So ICMP is important to get priority in the network in terms of mgmt, Monitoring, etc..!..So the solution is that you can limit the ICMP traffic but you should not block it because blocking the ICMP will put you in lots of problems when you are monitoring, troubleshooting, and managing the network.
There are 2 ways to configure the ICMP Priority.
1-You can reserve some amount of bandwidth for all of your ICMP traffic in the network.
2-You can use PCQ for giving a specific amount of ICMP bandwidth to every user equally.
//First Example///
/ip firewall mangle
add action=mark-packet chain=forward new-packet-mark=ICMP passthrough=no protocol=icmp
add action=mark-packet chain=input new-packet-mark=ICMP passthrough=no protocol=icmp
add action=mark-packet chain=prerouting new-packet-mark=ICMP passthrough=no protocol=icmp
add action=mark-packet chain=postrouting new-packet-mark=ICMP passthrough=no protocol=icmp
add action=mark-packet chain=output new-packet-mark=ICMP passthrough=no protocol=icmp
/queue simple
add max-limit=10M/10M name=ICMP-10MB packet-marks=ICMP target=""In the above rule, you can see, that I have reserved 10Mb bandwidth for all my ICMP traffic in the network. so If my bandwidth got fully utilized then my ICMP traffic will get the dedicated 10Mb bandwidth reservation at first, so there will be no packet loss. i go
//Second Example//
/ip firewall mangle
add action=mark-packet chain=prerouting new-packet-mark=ICMP protocol=icmp
/queue type
add kind=pcq name="ICMP-D" pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-rate=1M pcq-src-address6-mask=64
add kind=pcq name="ICMP-U" pcq-classifier=src-address pcq-dst-address6-mask=64 pcq-rate=1M pcq-src-address6-mask=64
/queue simple
add comment=ICMP-TRAFFIC name=ICMP packet-marks=ICMP queue=ICMP-D/ICMP-UIn the above rule, you can see, that I have configured 1Mb bandwidth in PCQ so it will allow 1 Mb for ICMP traffic per user.
Note:-Once you will configure these rules, Then make sure you should keep these queues on top of the queue list.