Hi guys,
I’m playing around with mangle and queue trees and I was hoping you could help me understand a few things.
As you can see, my GAMING tree is set to queue packets marked as GAMING, however it seems to only record the connection packets marked as GAMING. Note how in mangle there are 193 connection packets and 329 packets generated from those connectons but in the queue tree it is only acknowledging 193. Even the bytes are very close to that of the connection only.
Also my HTTP packets aren’t being registered properly - you can see the packet count and bytes aren’t even close. In the case of HTTP_BIG it is hardly registering packets at all. I’ve included my mangle and queue rules - keep in mind they are a work in progress.
I’m also curious as to whether my queue tree is functioning as intended. When traffic in my HIGH_PRIO or LOW_PRIO trees exceed their limit-at thresholds, how does it interact with the gaming traffic? Would it be better to make the high_ and low_prio queues children of a master queue and add a queue to the master queue for gaming traffic - in this case reserving 3M.
Thanks in advance,
ZD
QUEUE TREE RULES
0 name="GAMING" parent=WAN - To Bell Router packet-mark=GAMING limit-at=0
queue=default priority=1 max-limit=15M burst-limit=0 burst-threshold=0
burst-time=0s
1 name="HIGH_PRIO" parent=WAN - To Bell Router packet-mark="" limit-at=2M
queue=default priority=8 max-limit=15M burst-limit=0 burst-threshold=0
burst-time=0s
2 name="LOW_PRIO" parent=WAN - To Bell Router packet-mark="" limit-at=10M
queue=default priority=8 max-limit=15M burst-limit=0 burst-threshold=0
burst-time=0s
3 name="ACK" parent=HIGH_PRIO packet-mark=ACK limit-at=0 queue=default
priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
4 name="DNS" parent=HIGH_PRIO packet-mark=DNS limit-at=0 queue=default
priority=2 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
5 name="SSH" parent=HIGH_PRIO packet-mark=SSH limit-at=0 queue=default
priority=3 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
6 name="ICMP" parent=HIGH_PRIO packet-mark=ICMP limit-at=0 queue=default
priority=4 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
7 name="HTTP" parent=LOW_PRIO packet-mark=HTTP limit-at=0 queue=default
priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
8 name="HTTP_BIG" parent=LOW_PRIO packet-mark=HTTP_BIG limit-at=0
queue=default priority=2 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
9 name="OTHER" parent=LOW_PRIO packet-mark=OTHER limit-at=0 queue=default
priority=3 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
10 name="RDP" parent=LOW_PRIO packet-mark=RDP limit-at=0 queue=default
priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
MANGLE RULES
0 ;;; GAMES
chain=prerouting action=mark-connection new-connection-mark=GAMING passthrough=yes dst-address-list=games log=no log-prefix=""
1 chain=prerouting action=mark-packet new-packet-mark=GAMING passthrough=no connection-mark=GAMING log=no log-prefix=""
2 chain=postrouting action=mark-packet new-packet-mark=GAMING passthrough=no connection-mark=GAMING log=no log-prefix=""
3 ;;; ACK traffic
chain=postrouting action=mark-packet new-packet-mark=ACK passthrough=no tcp-flags=ack protocol=tcp packet-size=0-123 log=no log-prefix=""
4 chain=prerouting action=mark-packet new-packet-mark=ACK passthrough=no tcp-flags=ack protocol=tcp packet-size=0-123 log=no log-prefix=""
5 ;;; DNS requests. Mark in two places because DNS is sent out by the router (itself) too.
chain=prerouting action=mark-connection new-connection-mark=DNS passthrough=yes connection-state=new protocol=udp port=53 log=no log-prefix=""
6 chain=prerouting action=mark-packet new-packet-mark=DNS passthrough=no connection-mark=DNS log=no log-prefix=""
7 chain=postrouting action=mark-connection new-connection-mark=DNS passthrough=yes connection-state=new protocol=udp port=53 log=no log-prefix=""
8 chain=postrouting action=mark-packet new-packet-mark=DNS passthrough=no connection-mark=DNS log=no log-prefix=""
9 ;;; SSH
chain=prerouting action=mark-connection new-connection-mark=SSH passthrough=yes connection-state=new protocol=tcp dst-port=22 log=no log-prefix=""
10 chain=prerouting action=mark-packet new-packet-mark=SSH passthrough=no connection-mark=SSH log=no log-prefix=""
11 ;;; Ping replies. Mark in two places because ICMP is sent out by the router (itself) too.
chain=prerouting action=mark-connection new-connection-mark=ICMP passthrough=yes connection-state=new protocol=icmp log=no log-prefix=""
12 chain=prerouting action=mark-packet new-packet-mark=ICMP passthrough=no connection-mark=ICMP log=no log-prefix=""
13 chain=postrouting action=mark-connection new-connection-mark=ICMP passthrough=yes connection-state=new protocol=icmp log=no log-prefix=""
14 chain=postrouting action=mark-packet new-packet-mark=ICMP passthrough=no connection-mark=ICMP log=no log-prefix=""
15 ;;; HTTP
chain=prerouting action=mark-connection new-connection-mark=HTTP passthrough=yes connection-state=new protocol=tcp port=80,443,8080 connection-mark=!HTTP_BIG log=no log-prefix=""
16 chain=prerouting action=mark-connection new-connection-mark=HTTP_BIG passthrough=yes protocol=tcp connection-mark=HTTP connection-bytes=1000000-0 connection-rate=300k-100M log=no log-prefix=""
17 chain=prerouting action=mark-packet new-packet-mark=HTTP passthrough=no connection-mark=HTTP log=no log-prefix=""
18 chain=prerouting action=mark-packet new-packet-mark=HTTP_BIG passthrough=no connection-mark=HTTP_BIG log=no log-prefix=""
19 ;;; RDP
chain=postrouting action=mark-connection new-connection-mark=RDP passthrough=yes connection-state=new protocol=tcp dst-port=3389 log=no log-prefix=""
20 chain=postrouting action=mark-packet new-packet-mark=RDP passthrough=no connection-mark=RDP log=no log-prefix=""
21 ;;; Winbox
chain=input action=mark-connection new-connection-mark=Winbox passthrough=yes connection-state=new protocol=tcp dst-address=10.0.0.1 dst-port=8291 log=no log-prefix=""
22 chain=input action=mark-packet new-packet-mark=Winbox passthrough=no connection-mark=Winbox log=no log-prefix=""
23 ;;; everything else that has no mark applied
chain=prerouting action=mark-connection new-connection-mark=OTHER passthrough=yes connection-mark=no-mark log=no log-prefix=""
24 chain=prerouting action=mark-packet new-packet-mark=OTHER passthrough=no connection-mark=OTHER log=no log-prefix=""
