Hi everyone,

apologies if this is a silly question, I'm an autodidact.

I run a network with 24 APs, a mix of NETGEAR WNAP210 and MikroTik RB951G-HnD units, connected to a gateway Draytek Vigor 300B load-balancing over 3 WANs (to be upgraded to a pfSense device or MikroTik router).

Is it possible to do layer 7 filtering and mark the packets on the APs, and then use the markings on the gateway to route them to a particular WAN or give them priority? My thinking is that because layer 7 filtering is fairly CPU intensive, it would make sense to do it on the AP, rather than on the gateway. This is for purposes of traffic shaping, and making sure Skype traffic stays on a particular WAN.

Mikrotik marking is internal only ... the "tags" do not leave router .... but ...
You can do packet classification at AP level or at any device and then pass the trafic to particular VLAN inside this device and then shape particular VLAN's traffic at the router .... just an idea ...

You could also set the DSCP marking on a per packet basis from the APs then the main router would be able to interpret this since these markings are part of the IP header and so they can travel the whole network with routers being aware of them.

Enviado desde mi MotoE2(4G-LTE) mediante Tapatalk

Thank you for your suggestions, both!

I'm fairly comfortable with VLANs, so I'll look into this first. Part of my network is already divided into VLANs, so I suppose I could divide it further and have a separate VoIP/video VLAN, for example.
I'll look into DSCP, looks like my Draytek WAN balancer supports that, too.