RB850GX2 have problems with the network speed
The network environment: 300 m / 100 m
PCQ use simple queue 6 rules
No PCQ:
Have the PCQ:
Is this normal?
Is there any way to improve..
Thanks 
Could you share your config and also a profile screenshot?
Can, but I don’t know which ones to share.
Can you tell me about it?
Your firewall is using too much cpu.
- /ip firewall mangle
add action=mark-connection chain=prerouting connection-mark=!heavy_traffic
new-connection-mark=all_conn
add action=mark-connection chain=postrouting connection-mark=!heavy_traffic
new-connection-mark=all_conn
add action=mark-connection chain=prerouting connection-bytes=500000-0
connection-mark=all_conn connection-rate=200k-100M new-connection-mark=
https_traffic port=23,80,443 protocol=tcp
add action=mark-connection chain=postrouting connection-bytes=500000-0
connection-mark=all_conn connection-rate=200k-100M new-connection-mark=
https_traffic port=23,80,443 protocol=tcp
add action=mark-connection chain=prerouting connection-bytes=500000-0
connection-mark=all_conn connection-rate=200k-100M new-connection-mark=
https_traffic port=23,80,443 protocol=udp
add action=mark-connection chain=postrouting connection-bytes=500000-0
connection-mark=all_conn connection-rate=200k-100M new-connection-mark=
https_traffic port=23,80,443 protocol=udp
add action=mark-connection chain=prerouting connection-bytes=500000-0
connection-mark=all_conn connection-rate=200k-100M new-connection-mark=
heavy_traffic port=!23,80,443 protocol=tcp
add action=mark-connection chain=postrouting connection-bytes=500000-0
connection-mark=all_conn connection-rate=200k-100M new-connection-mark=
heavy_traffic port=!23,80,443 protocol=tcp
add action=mark-connection chain=prerouting connection-bytes=500000-0
connection-mark=all_conn connection-rate=200k-100M new-connection-mark=
heavy_traffic port=!23,80,443 protocol=udp
add action=mark-connection chain=postrouting connection-bytes=500000-0
connection-mark=all_conn connection-rate=200k-100M new-connection-mark=
heavy_traffic port=!23,80,443 protocol=udp
add action=mark-packet chain=prerouting connection-mark=https_traffic
new-packet-mark=https passthrough=no
add action=mark-packet chain=postrouting connection-mark=https_traffic
new-packet-mark=https passthrough=no
add action=mark-packet chain=prerouting connection-mark=heavy_traffic
new-packet-mark=heavy passthrough=no
add action=mark-packet chain=postrouting connection-mark=heavy_traffic
new-packet-mark=heavy passthrough=no
add action=mark-packet chain=prerouting connection-mark=all_conn
new-packet-mark=other passthrough=no
add action=mark-packet chain=postrouting connection-mark=all_conn
new-packet-mark=other passthrough=no
I do QOS with these rules.
Then the rules of firewall is the default.
Maybe it’s my rule is not good enough?
I would start by putting the passthrough=no rules immediately following the rules which create the connections marks they look for. I think you will spend less time comparing traffic for each possible condition before short circuiting out of the loop.
Then, look for the set of rules which see the most traffic in the bytes or packets counters. Make sure the highest traffic conditions are matched earliest in the rule order. That will permit the passthrough=no rules for the highest volume condition to short circuit evaluation of all following rules as quickly as possible saving the most possible CPU time.
Sort you rules and add pass through no where possible is a great start. Also i would look into the rules too, you have some with byte count, I would guess that this too adds cpu.
Thanks to the guidance of the two, I will try to optimize rules to the best. 