In manlge we have several options to filter traffic.

Example:
;;; http (browsing) conn. mrk
chain=prerouting action=mark-connection new-connection-mark=normal-traffic passthrough=yes protocol=tcp dst-port=80
;;; All normal` marked con. traffic get packet mark "MED"
chain=prerouting action=mark-packet new-packet-mark=MED passthrough=no connection-mark=normal-traffic

As we see I only use one connection marker.

But I see some examples and in router exists "connection state" as well. How, and when to use these?
Should I mark a connection first with "Connection state=new" and then have a second filter just looking to existing connections with "Connection state=established"?

Any advices on this with explanation why please?

[my QoS works fine at this moment I believe but to avoid future problems due growth of traffic flow I want to optimize my QoS as much as possible]

if you use connection-state=new it means that connection mark is assigned only once at the time when first packet arrives. If you don't have connection-state=new then connection mark is rewritten every time when packet arrives belonging to particular connection.
Obviously first method uses less resources.

OK,

So my example should then read:

;;; http (browsing) conn. mrk
chain=prerouting action=mark-connection new-connection-mark=normal-traffic passthrough=yes connection-state=new protocol=tcp dst-port=80

;;; All normal` marked con. traffic get packet mark "MED"
chain=prerouting action=mark-packet new-packet-mark=MED passthrough=no connection-mark=normal-traffic

As long as this connection exists in conn tracker all packages belonging to this connection get the mark "MED"

For what purpose is now the "established" option of conn. state? I mean, as long as the connection is there it already gets marked? Is there any need for this "established" option?

if you use connection-state=new it means that connection mark is assigned only once at the time when first packet arrives. If you don't have connection-state=new then connection mark is rewritten every time when packet arrives belonging to particular connection.
Obviously first method uses less resources.

For what purpose is now the "established" option of conn. state? I mean, as long as the connection is there it already gets marked? Is there any need for this "established" option?

Usually not in marking/mangling packets. It's useful in other situations, such as statefully permitting packets through firewall filters.

Ok fewi, many thanks. You are worth your karma.

Have you seen my other topic: http://forum.mikrotik.com/viewtopic.php?f=2&t=47218 ?
I got no replies to it. Is my question too complicated or too stupid to get any replies?

I am trying to discover all finesses of mangle and QoS but I need some confirmation or other opinions at times to se if my thinking is in the right direction. Please comment.