I have noticed a strange mangle situation that messes my whole Queue Tree, where downloads appear into uploads. To investigate this i disabled every single mangle rule except the 4 basic that split Donwload - Upload.
My setup is:
Hardware: RB962
Software: 6.44.3 ( stable )
WAN = Eth1 = PPPOE
LAN = Eth2, Eth3, Eth4, Eth5 and the 2 WIFI radios all Bridged
Not at my pc at the moment, but below with you doing some reading on wiki should get you there.
You should not specify interfaces in mangle rules, then in queue tree config, specify the interface / queue as required, i.e. Bridge interface for download and PPPoE interface for upload
Either im doing something wrong or i hit into a mangle bug. I have read the wiki numerous times and try to read anything more i could find but here i am.
As for the specification of interfaces i think you are wrong and this isnt my problem. There is no way to specify interfaces in Queue trees as it seems..
.
I will appreciate it if anyone else have any pointers or directions.
As a plus info, i also tried for the upload instead of marking connections and packets based on out interface to mark based on in interface which is “bridge”
Again i tried to download a HTTP file and again ! the download marked as upload… I was pulling my hairs off .. Restarted the router without any other modification started the HTTP download again, this time is marked as correctly as Download.
Its a total mess maybe the router isnt taking the changes without reboot or there is a bug that marks the packets wrong randomly, i cant really say.. This have become a total jeopardy..
As a debugging tool, I would suggest you check “log” and add meaningful log prefixes. You may get a hint as to which mangle rules are used (and when) and you’ll see which interfaces are used also.
To compare, I went about it the easy (and bad) way of only doing packet marking (no prior connection marking) and it works for me.
You have made a “global” queue instead of attaching it to an interface.
This sometimes has an application but usually it is not the best way.
Check the “parent” of the topmost item in each queue tree (Upload and Download in your example).
Yeap i tried what you said and i think i found a way to fix this. Or at least it didn’t messed my setup yet.
What i changed in my configuration and seems to identify and mark the flow right as download and upload is that instead of going “full bad” and mark straight only packets and no connections i just put the same interface info in packet marking as well.
So long this did the trick, but i had the assumption that what ever you put into Connection marking follows the Packet marking if you use “Connection marking” as input ?
This had me fighting for a very long time and i hope it help others as well. Also this proves that almost every Tutorial out there is “Wrong” and the setups are working based on randomness and luck.
Maybe someone with the know-how can explain us why is this happening.
Oooor! Just dawned on me. Try checking passthrough for the connection marking rule. Can’t remember if the mark connection action allows for further processing.
Isn’t connection considered one as a whole regardless the direction of packet flow? Meaning that any connection initiated from LAN will be marked as upload because initial packet will be flowing from LAN towards WAN. Likewise connections initiated by some internet hosts will be marked as downlink.
The bulk amount of data transferred in each direction doesn’t define the direction of the connection.
It is possible to use separate connection marks for upload and download based on incoming interface, but it is important that the matching rule includes the check for no-mark, so the mark is assigned only once (on the first match for the connection) and not overwritten later.
The above example fails to do that.
This plain simple doesn’t work at all. I tried it over and over again, if you check for “no mark” connection mark it captures almost nothing. In theory should work but it doesnt.
I really debating myself if what i read understood was right or wrong or actually RouterOS is doing its things …
Anyway, below an example, please note NO “Interfaces” in the Mangle rules (see mkx’s explanation in post above) and “Interfaces” in the Queue Tree config"
The subject here and my problem was to Categorize “ALL INTERNET DOWNLOAD” and “ALL INTERNET UPLOAD” as i had downloads marked as uploads and ofcource then everything else in the queue tree wasn’t working as it should.
**Your example cant work in my setup-situation because if i traffic shape based on interfaces i will slow down even local traffic as my router acting also as a bridge + switch. This is though another story and irrelevant to my problem.
*** Also what exactly is your mangle rule does ? Marking every new connection that isn’t marked before as video-con ? I dont get how this is going to work
Ok this way of marking separates incoming and outgoing connections, but that is not what you need.
You should stop marking connections as “upload” or “download”, that does not make sense. Mark connections to prioritize some over others.
To separate upload and download (as a traffic direction), use the queue tree parent.
I’m also confused. How can CZFan’s example work? The mangle uses src-address-list, meaning “Download” traffic from a bunch of IPs. How can those packet marks be used in Queue trees for uploads?
the mangle uses src-address-list, for the device starting the connection, in this case it was a pc that was used for monitoring security cctv cameras.
This connection and packets are marked, for both up and down traffic.
Then in queue tree config is where you apply the shaping/limits for relevant directions, i.e. The leaving interface will determine the direction, bridge for download traffic and ether1 (WAN) for upload traffic
I have solved my problem and marked my answer as solved, so we are a bit out of subject but out of curiosity :
How in the world are you going to specify flow direction in the “Queue Tree” ? The Flow Direction is done in mangle with packer marking and then used as an input in the “Queue Tree”.
I think that all this time you are speaking about “Simple Queues”… where you can input interfaces but this is a non efficient way of Queuing as every packet is checked in every Queue rule which can soon become a CPU hog.
I already told you that above: you should set the parent of the topmost items in the queue tree to the interfaces where you want the queue to operate.
The queue tree only operates in the sending direction. So you attach the Upload queue tree to your internet interface, and the Download queue tree to your LAN interface.
Now you have set them to “global” and then there is no concept of direction unless it is present in the packet marks.
