Creating queue for rules

Xtreme512 · July 13, 2017, 7:59pm

Hey, I just edited some of the mangle rules posted in this forum in order to suit my gaming needs. Below, I’m marking steam, origin UDP traffic and other things.

/ip firewall mangle
###############################################################################

# DNS requests. Mark in two places because DNS is sent out by the router (itself) too.
add chain=prerouting  action=mark-connection protocol=udp   port=53 connection-state=new new-connection-mark="DNS"  comment="DNS"
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="DNS"        new-packet-mark="DNS"
add chain=postrouting action=mark-connection protocol=udp   port=53 connection-state=new new-connection-mark="DNS"
add chain=postrouting action=mark-packet     passthrough=no connection-mark="DNS"        new-packet-mark="DNS"

# Mark all VoIP traffic. We've set all our equiptment to use SIP 5060,5061 and RTP 10000-20000.
add chain=prerouting  action=mark-connection protocol=udp   port=3844,3846,5060,5061,5223,5228,5243,9785,16393-16402 new-connection-mark="VOIP" comment="VOIP"
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="VOIP"       new-packet-mark="VOIP"

# Mark all STEAM traffic. 
add chain=prerouting  action=mark-connection protocol=udp   port=3478,4379,4380,28960,27000-27030   new-connection-mark="STEAM" comment="STEAM"
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="STEAM"       new-packet-mark="STEAM"

# Mark all ORIGIN traffic. 
add chain=prerouting  action=mark-connection protocol=udp   port=3659,14000-14016,22990-23006,25200-25300   new-connection-mark="ORIGIN" comment="ORIGIN"
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="ORIGIN"       new-packet-mark="ORIGIN"

# Mark all UDP traffic. Mark different UDP streams if you want more granularity.
add chain=prerouting  action=mark-connection protocol=udp   connection-state=new         new-connection-mark="UDP" comment="UDP"
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="UDP"        new-packet-mark="UDP"

# Ping replies. Mark in two places because ICMP is sent out by the router (itself) too.
add chain=prerouting  action=mark-connection protocol=icmp  connection-state=new         new-connection-mark="ICMP" comment="ICMP"
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="ICMP"       new-packet-mark="ICMP"
add chain=postrouting action=mark-connection protocol=icmp  connection-state=new         new-connection-mark="ICMP"
add chain=postrouting action=mark-packet     passthrough=no connection-mark="ICMP"       new-packet-mark="ICMP"

# ACK traffic. Based on viewtopic.php?f=2&t=67965
add chain=postrouting action=mark-packet passthrough=no protocol=tcp tcp-flags=ack packet-size=0-123 new-packet-mark="ACK" comment="ACK"
add chain=prerouting  action=mark-packet passthrough=no protocol=tcp tcp-flags=ack packet-size=0-123 new-packet-mark="ACK"

# Mark all new HTTP(s) connections with "HTTP" if they have not previously been marked as "HTTP_BIG".
# If the current mark of "HTTP" tranfers more than 5MB and at a rate of 200k+ then mark it as "HTTP_BIG" for the duration of the TCP session.
add chain=prerouting  action=mark-connection protocol=tcp   connection-mark=!"HTTP_BIG"  new-connection-mark="HTTP"     connection-state=new      port=80,443,8080  comment="HTTP"
add chain=prerouting  action=mark-connection protocol=tcp   connection-mark="HTTP"       new-connection-mark="HTTP_BIG" connection-bytes=500000-0 connection-rate=200k-100M
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="HTTP_BIG"   new-packet-mark="HTTP_BIG"     
add chain=prerouting  action=mark-packet     passthrough=no connection-mark="HTTP"       new-packet-mark="HTTP"

# Mark everything else that has no mark applied.
add chain=prerouting action=mark-connection  connection-mark=no-mark                     new-connection-mark="OTHER" comment="OTHER"
add chain=prerouting action=mark-packet      passthrough=no connection-mark="OTHER"      new-packet-mark="OTHER"

I need a queue tree for this that can make ping times optimal when someone is downloading. I have 16/8Mbps connection. My other queue tree is not working, upload speeds are not refreshing.

Can someone please help me? Thanks!

Xtreme512 · July 13, 2017, 10:42pm

This is my current queue tree. Is it properly set? I tested it but couldn’t confirm yet if it helps with pings.

# jul/14/2017 01:40:29 by RouterOS 6.39.1
# software id = D97R-3UBL
#
/queue tree
add max-limit=8M name=LEVEL_A_UP parent=ether1 priority=1 queue=\
    pcq-upload-default
add max-limit=16M name=LEVEL_A_DOWN parent=bridge1 priority=1 queue=\
    pcq-download-default
add limit-at=3M max-limit=8M name=STEAM_U packet-mark=STEAM parent=LEVEL_A_UP \
    priority=1 queue=pcq-upload-default
add limit-at=4M max-limit=16M name=STEAM_D packet-mark=STEAM parent=\
    LEVEL_A_DOWN priority=1 queue=pcq-download-default
add limit-at=3M max-limit=8M name=ORIGIN_U packet-mark=ORIGIN parent=\
    LEVEL_A_UP priority=1 queue=pcq-upload-default
add limit-at=4M max-limit=16M name=ORIGIN_D packet-mark=ORIGIN parent=\
    LEVEL_A_DOWN priority=1 queue=pcq-download-default
add limit-at=4M max-limit=8M name=VOIP_U packet-mark=VOIP parent=LEVEL_A_UP \
    priority=2 queue=pcq-upload-default
add limit-at=4M max-limit=16M name=VOIP_D packet-mark=VOIP parent=\
    LEVEL_A_DOWN priority=2 queue=pcq-download-default
add limit-at=4M max-limit=8M name=DNS_U packet-mark=DNS parent=LEVEL_A_UP \
    priority=2 queue=pcq-upload-default
add limit-at=4M max-limit=16M name=DNS_D packet-mark=DNS parent=LEVEL_A_DOWN \
    priority=2 queue=pcq-download-default
add limit-at=4M max-limit=8M name=UDP_U packet-mark=UDP parent=LEVEL_A_UP \
    priority=3 queue=pcq-upload-default
add limit-at=4M max-limit=16M name=UDP_D packet-mark=UDP parent=LEVEL_A_DOWN \
    priority=3 queue=pcq-download-default
add limit-at=4M max-limit=8M name=ICMP_U packet-mark=ICMP parent=LEVEL_A_UP \
    priority=1 queue=pcq-upload-default
add limit-at=4M max-limit=16M name=ICMP_D packet-mark=ICMP parent=\
    LEVEL_A_DOWN priority=1 queue=pcq-download-default
add limit-at=4M max-limit=8M name=ACK_U packet-mark=ACK parent=LEVEL_A_UP \
    priority=3 queue=pcq-upload-default
add limit-at=4M max-limit=16M name=ACK_D packet-mark=ACK parent=LEVEL_A_DOWN \
    priority=3 queue=pcq-download-default
add limit-at=4M max-limit=8M name=HTTP_U packet-mark=HTTP parent=LEVEL_A_UP \
    priority=3 queue=pcq-upload-default
add limit-at=14M max-limit=16M name=HTTP_D packet-mark=HTTP parent=\
    LEVEL_A_DOWN priority=3 queue=pcq-download-default
add limit-at=4M max-limit=8M name=HTTP_BIG_U packet-mark=HTTP_BIG parent=\
    LEVEL_A_UP priority=4 queue=pcq-upload-default
add limit-at=14M max-limit=16M name=HTTP_BIG_D packet-mark=HTTP_BIG parent=\
    LEVEL_A_DOWN priority=4 queue=pcq-download-default
add limit-at=4M max-limit=8M name=OTHER_U packet-mark=OTHER parent=LEVEL_A_UP \
    queue=pcq-upload-default
add limit-at=14M max-limit=16M name=OTHER_D packet-mark=OTHER parent=\
    LEVEL_A_DOWN queue=pcq-download-default

Xtreme512 · July 16, 2017, 3:42pm

nevermind, I figured it out. discard the previous posts, now queue tree is changed completely and so the mangles. you just have to mark different packets for download and upload i.e. http_d, http_u with different mangle rules which marks packets going in to ether1 (wan) and coming from ether1 (wan) with pre-post routing chains.

for example (im not marking connections btw):

#marking all UDP traffic
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=UDP_D passthrough=no protocol=udp comment="UDP"
add action=mark-packet chain=postrouting new-packet-mark=UDP_U out-interface=ether1 passthrough=no protocol=udp