How to give ICMP high priority in Mikrotik

Router?
Posted on August 22, 2015 by srijit 9 Comments

Hello again.. Many of my friends using mikrotik devices in their network complains that
whenever users starts downloading anything ping to their gateway (Mikrotik NAS)
becomes unexceptionally high and gradually results in “Request timed out”.
After inspection I found that whenever users uses 100% of their allotted bandwidth, since
we have not assigned any QOS(Quality of Service) for ping (ICMP Protocol) the request
drops.
For this we need to create some mangle rules for marking connection and packet for
ICMP requests and ICMP reply separately and then assign a simple queue mentioning the
packet mark assigning a fixed bandwidth (say 512 kbps) for it. Then we can see even if
users download at full bandwidth, the ping will be <1 ms to 2 ms max.
But unfortunately, hotspot users still faces a problem as when they log in the ICMP queue
is moved below and thus reduces its priority. There is also a simple solution to it as we
can simply add a script in user profile which will move the ICMP queue to the
top(position 0) each time an user logs in.
Thanks a lot to Mr. Syed Jahanzaib for his valuable inputs.
Steps:
1. From IP -> Firewall -> Mangle Create a rule for Chain Prerouting, protocol ICMP.
(For ICMP Requests)
2. In Action we will mark the connection and give a name – icmp-con.

3. From IP -> Firewall -> Mangle Create a rule for Chain Postrouting, protocol
ICMP. (For ICMP Reply)

4. In Action we will mark the connection and give a name – icmp-con.

5. Then again we will create a mangle rule for marking packets based on previously
marked connections. First we will do it for prerouting chain.
6. Then we will mark packets and give a name icmp-pkt.

7. We will repeat the same for post routing chain.

8. We will also mark the postrouting packets with same name.

9. Check the order of the newly created rules. Make sure these rules are not blocked
by any other mangle rules. It’s better to write them at the beginning.

10. Create a queue with 512 kbps policy.

11. Select packet mark as icmp-pkt and also select limit-at bandwidth.
 12. Make sure queue is at the top of any other queue.

13. Create a script from System –> Scripts with the following source:
?
/queue simple move [find name="ICMP"] [:pick [find] 0]

14. Then goto IP –> Hotspot –> User Profile. Select the desired profile and under
scripts add the following:
?
/system script run moveICMP

That’s it! Your problem should be solved by now….

Happy Ping Pong!!!
Enjoyed this post? Share it!