mangle and queue tree

mps01k · May 1, 2007, 8:33pm

here is what i am doing

i have a server running 2.9.42
we are running hotspot and userman.

every time a client logs in they get a set bandwith thru simple queues, but i would like to give priority to http and voip and https.

i am doing that thru mangle and Queue tree. is that correct? does the traffic go thru queue tree first before simple queue? And i need a rule in the mangle that will mark all other trafic that is not already marked. I have tried to do it via several ways but it ends up marking all traffic even what has already been marked.

/ ip firewall mangle
add chain=forward p2p=all-p2p action=mark-connection
new-connection-mark=p2p_conn passthrough=yes comment=“” disabled=no
add chain=forward connection-mark=p2p_conn action=mark-packet
new-packet-mark=p2p passthrough=yes comment=“” disabled=no
add chain=forward protocol=udp src-port=5060 action=mark-connection
new-connection-mark=voip_conn passthrough=yes comment=“” disabled=no
add chain=forward protocol=udp dst-port=5060-5062 action=mark-connection
new-connection-mark=voip_conn passthrough=yes comment=“” disabled=no
add chain=forward connection-mark=voip_conn action=mark-packet
new-packet-mark=voip passthrough=yes comment=“” disabled=no
add chain=forward protocol=tcp src-port=80 action=mark-connection
new-connection-mark=http_conn passthrough=yes comment=“” disabled=no
add chain=forward protocol=tcp dst-port=80 action=mark-connection
new-connection-mark=http_conn passthrough=yes comment=“” disabled=no
add chain=forward connection-mark=http_conn action=mark-packet
new-packet-mark=http passthrough=yes comment=“” disabled=no
add chain=forward protocol=tcp dst-port=5050 action=mark-connection
new-connection-mark=yahoo_conn passthrough=yes comment=“” disabled=no
add chain=forward connection-mark=yahoo_conn action=mark-packet
new-packet-mark=yahoo passthrough=yes comment=“” disabled=no
add chain=forward connection-mark=!p2p_conn action=mark-packet
new-packet-mark=other passthrough=yes comment=“” disabled=yes
add chain=forward connection-mark=!voip_conn action=mark-packet
new-packet-mark=other passthrough=yes comment=“” disabled=yes
add chain=forward protocol=tcp dst-port=443 action=mark-connection
new-connection-mark=https_conn passthrough=yes comment=“” disabled=no
add chain=forward connection-mark=https_conn action=mark-packet
new-packet-mark=https passthrough=yes comment=“” disabled=no
add chain=forward protocol=tcp dst-port=1863 action=mark-connection
new-connection-mark=msn_conn passthrough=yes comment=“” disabled=no
add chain=forward connection-mark=msn_conn action=mark-packet
new-packet-mark=msn passthrough=yes comment=“” disabled=no

and the queue tree

/ queue tree
add name=“queue1” parent=ether1 packet-mark=p2p limit-at=4000 queue=default
priority=8 max-limit=32000 burst-limit=32000 burst-threshold=16000
burst-time=10s disabled=no
add name=“queue2” parent=ether2 packet-mark=p2p limit-at=4000 queue=default
priority=8 max-limit=32000 burst-limit=32000 burst-threshold=16000
burst-time=10s disabled=no
add name=“queue6” parent=ether1 packet-mark=http limit-at=2048000 queue=default
priority=3 max-limit=2048000 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no
add name=“queue5” parent=ether2 packet-mark=http limit-at=2048000 queue=default
priority=3 max-limit=2048000 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no
add name=“queue4” parent=ether2 packet-mark=voip limit-at=25000 queue=default
priority=1 max-limit=32000 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no
add name=“queue3” parent=ether1 packet-mark=voip limit-at=25000 queue=default
priority=1 max-limit=32000 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no
add name=“queue7” parent=ether1 packet-mark=msn limit-at=0 queue=default
priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no
add name=“queue9” parent=ether2 packet-mark=msn limit-at=0 queue=default
priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no
add name=“queue8” parent=ether1 packet-mark=yahoo limit-at=0 queue=default
priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no
add name=“queue10” parent=ether2 packet-mark=yahoo limit-at=0 queue=default
priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no
add name=“queue11” parent=ether1 packet-mark=other limit-at=0 queue=default
priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no
add name=“queue12” parent=ether2 packet-mark=other limit-at=0 queue=default
priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no

here are the simple Queues static

/ queue simple
add name=“cybercafe servisec” target-addresses=10.10.2.22/32
dst-address=0.0.0.0/0 interface=all parent=none direction=both priority=1
queue=hotspot-default/hotspot-default limit-at=0/0 max-limit=256000/512000
burst-limit=256000/2000000 burst-threshold=256000/512000 burst-time=30s/30s
total-queue=hotspot-default time=0s-1d,sun,mon,tue,wed,thu,fri,sat
disabled=no
add name=“lenin pc” target-addresses=10.10.2.68/32 dst-address=0.0.0.0/0
interface=all parent=none direction=both priority=1
queue=default-small/default-small limit-at=0/0 max-limit=0/0
total-queue=default-small disabled=no

the dynamic simple queues cant be exsported

any help much apreciated.

ptsip · May 2, 2007, 2:21pm

For me, it is better using dynamic simple queue based on hotspot and/or user/group for ul/dl.
I ever did as you meant, hotspot environment is different, if you make /queue tree for priority where maybe work and will burden your M/T ROS. So, forget it. Let’s it be as Mikrotik RouterOS doing.