Page 1 of 1

QOS Prioritization on PPPoE Server

Posted: Fri Feb 14, 2014 4:07 pm
by sparrow
Hi guys,
I'm developing some qos rules (using HTB) to install on PPPoE server to give our clients the best experience about internet surfing.
First one is this:
/ip firewall mangle
add action=mark-connection chain=prerouting comment=HTTP-DOWNLOAD \
    connection-bytes=500000-0 dst-port=80 new-connection-mark=Priority-4 \
    protocol=tcp
add action=mark-packet chain=prerouting comment=ServicePriority-4 \
    connection-mark=Priority-4 new-packet-mark=ServicePriority-4 passthrough=\
    no
add action=mark-connection chain=prerouting comment=HTTP-Request \
    connection-bytes=0-500000 dst-port=80 new-connection-mark=Priority-1 \
    protocol=tcp
add action=mark-connection chain=prerouting comment=HTTPS dst-port=443 \
    new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting comment=DNS dst-port=53 \
    new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=53 new-connection-mark=\
    Priority-1 protocol=udp
add action=mark-connection chain=prerouting comment=ICMP new-connection-mark=\
    Priority-1 protocol=icmp
add action=mark-connection chain=prerouting comment=GAMING-PSN dst-port=465 \
    new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=883 new-connection-mark=\
    Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=5223 \
    new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=10070-10080 \
    new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=3478-3479 \
    new-connection-mark=Priority-1 protocol=udp
add action=mark-connection chain=prerouting dst-port=3658 \
    new-connection-mark=Priority-1 protocol=udp
add action=mark-connection chain=prerouting dst-port=10070 \
    new-connection-mark=Priority-1 protocol=udp
add action=mark-connection chain=prerouting comment=GAMING-XBOX dst-port=1863 \
    new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=1863 \
    new-connection-mark=Priority-1 protocol=udp
add action=mark-connection chain=prerouting dst-port=3074 \
    new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=3074 \
    new-connection-mark=Priority-1 protocol=udp
add action=mark-packet chain=prerouting comment=ServicePriority-1 \
    connection-mark=Priority-1 new-packet-mark=ServicePriority-1 passthrough=\
    no
add action=mark-connection chain=prerouting comment=VOIP dst-port=5060-5080 \
    new-connection-mark=Priority-2 protocol=udp
add action=mark-connection chain=prerouting comment=RTP dst-port=16384-16482 \
    new-connection-mark=Priority-2 protocol=udp
add action=mark-connection chain=prerouting comment=VPN new-connection-mark=\
    Priority-2 protocol=ipencap
add action=mark-connection chain=prerouting new-connection-mark=Priority-2 \
    protocol=ipsec-esp
add action=mark-connection chain=prerouting new-connection-mark=Priority-2 \
    protocol=ipsec-ah
add action=mark-connection chain=prerouting new-connection-mark=Priority-2 \
    protocol=gre
add action=mark-connection chain=prerouting new-connection-mark=Priority-2 \
    protocol=ipip
add action=mark-packet chain=prerouting comment=ServicePriority-2 \
    connection-mark=Priority-2 new-packet-mark=ServicePriority-2 passthrough=\
    no
add action=mark-connection chain=prerouting comment=SMTP dst-port=25 \
    new-connection-mark=Priority-3 protocol=tcp
add action=mark-connection chain=prerouting comment=POP3 dst-port=110 \
    new-connection-mark=Priority-3 protocol=tcp
add action=mark-connection chain=prerouting dst-port=113 new-connection-mark=\
    Priority-3 protocol=tcp
add action=mark-connection chain=prerouting comment=IMAP dst-port=143 \
    new-connection-mark=Priority-3 protocol=tcp
add action=mark-connection chain=prerouting comment=SMTP-SSL dst-port=465 \
    new-connection-mark=Priority-3 protocol=tcp
add action=mark-connection chain=prerouting comment=GMAIL dst-port=587 \
    new-connection-mark=Priority-3 protocol=tcp
add action=mark-connection chain=prerouting dst-port=993 new-connection-mark=\
    Priority-3 protocol=tcp
add action=mark-connection chain=prerouting dst-port=995 new-connection-mark=\
    Priority-3 protocol=tcp
add action=mark-packet chain=prerouting comment=ServicePriority-3 \
    connection-mark=Priority-3 new-packet-mark=ServicePriority-3 passthrough=\
    no
add action=mark-connection chain=prerouting comment=FTP dst-port=21 \
    new-connection-mark=Priority-5 protocol=tcp
add action=mark-connection chain=prerouting comment=SSH dst-port=22 \
    new-connection-mark=Priority-5 protocol=tcp
add action=mark-connection chain=prerouting comment=TELNET dst-port=23 \
    new-connection-mark=Priority-5 protocol=tcp
add action=mark-connection chain=prerouting comment=MICROSOFT-RDP dst-port=\
    3389 new-connection-mark=Priority-5 protocol=tcp
add action=mark-connection chain=prerouting comment=WINBOX dst-port=8291 \
    new-connection-mark=Priority-5 protocol=tcp
add action=mark-packet chain=prerouting comment=ServicePriority-5 \
    connection-mark=Priority-5 new-packet-mark=ServicePriority-5 passthrough=\
    no
add action=mark-connection chain=prerouting comment=ALL-P2P \
    new-connection-mark=Priority-8 p2p=all-p2p
add action=mark-connection chain=prerouting comment=L7-BIT-TORRENT \
    layer7-protocol=Bit-torrent new-connection-mark=Priority-8
add action=mark-connection chain=prerouting comment=L7-TORRENT-ANNOUNCE \
    layer7-protocol=torrent_announce new-connection-mark=Priority-8
add action=mark-connection chain=prerouting comment=L7-TORRENT-HTTP_REQUEST \
    layer7-protocol=Torrent-www new-connection-mark=Priority-8
add action=mark-packet chain=prerouting comment=ServicePriority-8 \
    connection-mark=Priority-8 new-packet-mark=ServicePriority-8 passthrough=\
    no
add action=mark-connection chain=prerouting comment=OTHER-TRAFFIC-TCP \
    new-connection-mark=Priority-7 protocol=tcp
add action=mark-connection chain=prerouting comment=OTHER-TRAFFIC-UDP \
    new-connection-mark=Priority-7 protocol=udp
add action=mark-packet chain=prerouting comment=ServicePriority-7 \
    connection-mark=Priority-7 new-packet-mark=ServicePriority-7 passthrough=\
    no
/queue tree
add name=QOS-RULE parent=global priority=1 queue=Queue-Tree
add name=Gaming-DNS-HTTP packet-mark=ServicePriority-1 parent=QOS-RULE \
    priority=1 queue=Queue-Tree
add name=VoIP-RTP+VPN packet-mark=ServicePriority-2 parent=QOS-RULE priority=\
    2 queue=Queue-Tree
add name=E-MAIL packet-mark=ServicePriority-3 parent=QOS-RULE priority=3 \
    queue=Queue-Tree
add name=HTTP-Download packet-mark=ServicePriority-4 parent=QOS-RULE \
    priority=4 queue=Queue-Tree
add name=Management packet-mark=ServicePriority-5 parent=QOS-RULE priority=5 \
    queue=Queue-Tree
add name=OtherTraffic packet-mark=ServicePriority-7 parent=QOS-RULE priority=\
    7 queue=Queue-other_conn
add name=P2P packet-mark=ServicePriority-8 parent=QOS-RULE queue=Queue-p2p
I've divided different service with different priorty marking connection and then marking packet using only prerouting chain on "all-ppp" in-interface

Second QoS rule:
/ip firewall mangle
add action=mark-packet chain=prerouting comment=HTTP-IN in-interface=ether1 \
    new-packet-mark=HTTP-IN passthrough=no protocol=tcp src-port=80
add action=mark-packet chain=postrouting comment=HTTP-OUT dst-port=80 \
    new-packet-mark=HTTP-OUT out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=prerouting comment=DNS-IN in-interface=ether1 \
    new-packet-mark=DNS-IN passthrough=no protocol=tcp src-port=53
add action=mark-packet chain=postrouting comment=DNS-OUT dst-port=53 \
    new-packet-mark=DNS-OUT out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=prerouting comment=HTTPS-IN in-interface=ether1 \
    new-packet-mark=HTTPS-IN passthrough=no protocol=tcp src-port=443
add action=mark-packet chain=postrouting comment=HTTPS-OUT dst-port=443 \
    new-packet-mark=HTTPS-OUT out-interface=ether1 passthrough=no protocol=\
    tcp
add action=mark-packet chain=prerouting comment=ICMP-IN in-interface=ether1 \
    new-packet-mark=ICMP-IN passthrough=no protocol=icmp
add action=mark-packet chain=postrouting comment=ICMP-OUT new-packet-mark=\
    ICMP-OUT out-interface=ether1 passthrough=no protocol=icmp
add action=mark-packet chain=prerouting comment=WINBOX-IN in-interface=ether1 \
    new-packet-mark=WINBOX-IN passthrough=no protocol=tcp src-port=8291
add action=mark-packet chain=postrouting comment=WINBOX-OUT dst-port=8291 \
    new-packet-mark=WINBOX-OUT out-interface=ether1 passthrough=no protocol=\
    tcp
add action=mark-packet chain=prerouting comment=GAMING-PSN-IN in-interface=\
    ether1 new-packet-mark=GAMING-PSN-IN passthrough=no protocol=tcp \
    src-port=465
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    GAMING-PSN-IN passthrough=no protocol=tcp src-port=883
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    GAMING-PSN-IN passthrough=no protocol=tcp src-port=5223
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    GAMING-PSN-IN passthrough=no protocol=tcp src-port=10070-10080
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    GAMING-PSN-IN passthrough=no protocol=udp src-port=3478-3479
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    GAMING-PSN-IN passthrough=no protocol=udp src-port=3658
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    GAMING-PSN-IN passthrough=no protocol=udp src-port=10070
add action=mark-packet chain=postrouting comment=GAMING-PSN-OUT dst-port=465 \
    new-packet-mark=GAMING-PSN-OUT out-interface=ether1 passthrough=no \
    protocol=tcp
add action=mark-packet chain=postrouting dst-port=883 new-packet-mark=\
    GAMING-PSN-OUT out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=postrouting dst-port=5223 new-packet-mark=\
    GAMING-PSN-OUT out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=postrouting dst-port=10070-10080 \
    new-packet-mark=GAMING-PSN-OUT out-interface=ether1 passthrough=no \
    protocol=tcp
add action=mark-packet chain=postrouting dst-port=3478-3479 new-packet-mark=\
    GAMING-PSN-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=postrouting dst-port=3658 new-packet-mark=\
    GAMING-PSN-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=postrouting dst-port=10070 new-packet-mark=\
    GAMING-PSN-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=prerouting comment=GAMING-XBOX-IN in-interface=\
    ether1 new-packet-mark=GAMING-XBOX-IN passthrough=no protocol=tcp \
    src-port=1863
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    GAMING-XBOX-IN passthrough=no protocol=udp src-port=1863
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    GAMING-XBOX-IN passthrough=no protocol=tcp src-port=3074
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    GAMING-XBOX-IN passthrough=no protocol=udp src-port=3074
add action=mark-packet chain=postrouting comment=GAMING-XBOX-OUT dst-port=\
    1863 new-packet-mark=GAMING-XBOX-OUT out-interface=ether1 passthrough=no \
    protocol=tcp
add action=mark-packet chain=postrouting dst-port=1863 new-packet-mark=\
    GAMING-XBOX-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=postrouting dst-port=3074 new-packet-mark=\
    GAMING-XBOX-OUT out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=postrouting dst-port=3074 new-packet-mark=\
    GAMING-XBOX-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=prerouting comment=SKYPE-IN in-interface=ether1 \
    layer7-protocol=skypetoskype new-packet-mark=SKYPE-TO-SKYPE-IN \
    passthrough=no
add action=mark-packet chain=postrouting comment=SKYPE-OUT layer7-protocol=\
    skypetoskype new-packet-mark=SKYPE-TO-SKYPE-OUT out-interface=ether1 \
    passthrough=no
add action=mark-packet chain=prerouting comment=SIP-IN in-interface=ether1 \
    new-packet-mark=SIP-IN passthrough=no protocol=udp src-port=5060-5080
add action=mark-packet chain=postrouting comment=SIP-OUT dst-port=5060-5080 \
    new-packet-mark=SIP-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=prerouting comment=RTP-IN in-interface=ether1 \
    new-packet-mark=SIP-IN passthrough=no protocol=udp src-port=16384-16482
add action=mark-packet chain=postrouting comment=RTP-OUT dst-port=16384-16482 \
    new-packet-mark=SIP-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=prerouting comment=VPN-IN in-interface=ether1 \
    new-packet-mark=VPN-IN passthrough=no protocol=ipencap
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    VPN-IN passthrough=no protocol=ipsec-esp
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    VPN-IN passthrough=no protocol=ipsec-ah
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    VPN-IN passthrough=no protocol=gre
add action=mark-packet chain=postrouting comment=VPN-OUT new-packet-mark=\
    VPN-OUT out-interface=ether1 passthrough=no protocol=ipencap
add action=mark-packet chain=postrouting new-packet-mark=VPN-OUT \
    out-interface=ether1 passthrough=no protocol=ipsec-esp
add action=mark-packet chain=postrouting new-packet-mark=VPN-OUT \
    out-interface=ether1 passthrough=no protocol=ipsec-ah
add action=mark-packet chain=postrouting new-packet-mark=VPN-OUT \
    out-interface=ether1 passthrough=no protocol=gre
add action=mark-packet chain=prerouting comment=SMTP-IN in-interface=ether1 \
    new-packet-mark=E-MAIL-IN passthrough=no protocol=tcp src-port=25
add action=mark-packet chain=postrouting comment=SMTP-OUT dst-port=25 \
    new-packet-mark=E-MAIL-OUT out-interface=ether1 passthrough=no protocol=\
    tcp
add action=mark-packet chain=prerouting comment=E-MAIL-IN in-interface=ether1 \
    new-packet-mark=E-MAIL-IN passthrough=no protocol=tcp src-port=\
    110,113,143,465,587,993,995
add action=mark-packet chain=postrouting comment=E-MAIL-OUT dst-port=\
    110,113,143,465,587,993,995 new-packet-mark=E-MAIL-OUT out-interface=\
    ether1 passthrough=no protocol=tcp
add action=mark-packet chain=prerouting comment=FTP-IN in-interface=ether1 \
    new-packet-mark=MANAGEMENT-OUT passthrough=no protocol=tcp src-port=21
add action=mark-packet chain=postrouting comment=FTP-OUT dst-port=21 \
    new-packet-mark=MANAGEMENT-IN out-interface=ether1 passthrough=no \
    protocol=tcp
add action=mark-packet chain=prerouting comment=SSH-IN in-interface=ether1 \
    new-packet-mark=MANAGEMENT-IN passthrough=no protocol=tcp src-port=22
add action=mark-packet chain=postrouting comment=SSH-OUT dst-port=22 \
    new-packet-mark=MANAGEMENT-IN out-interface=ether1 passthrough=no \
    protocol=tcp
add action=mark-packet chain=prerouting comment=TELNET-IN in-interface=ether1 \
    new-packet-mark=MANAGEMENT-IN passthrough=no protocol=tcp src-port=23
add action=mark-packet chain=postrouting comment=TELNET-OUT dst-port=23 \
    new-packet-mark=MANAGEMENT-IN out-interface=ether1 passthrough=no \
    protocol=tcp
add action=mark-packet chain=prerouting comment=RDP-IN in-interface=ether1 \
    new-packet-mark=MANAGEMENT-IN passthrough=no protocol=tcp src-port=3389
add action=mark-packet chain=postrouting comment=RDP-OUT dst-port=3389 \
    new-packet-mark=MANAGEMENT-IN out-interface=ether1 passthrough=no \
    protocol=tcp
add action=jump chain=prerouting comment=P2P-TORRENT-IN in-interface=ether1 \
    jump-target=MatchTorrent layer7-protocol=Bit-torrent
add action=jump chain=prerouting in-interface=ether1 jump-target=MatchTorrent \
    layer7-protocol=torrent_announce
add action=mark-connection chain=MatchTorrent new-connection-mark=\
    Torrent-Match
add action=mark-packet chain=MatchTorrent connection-mark=Torrent-Match \
    new-packet-mark=P2P-TORRENT-IN passthrough=no
add action=jump chain=postrouting comment=P2P-TORRENT-OUT jump-target=\
    MatchTorrent-pstr layer7-protocol=Bit-torrent out-interface=ether1
add action=jump chain=postrouting jump-target=MatchTorrent-pstr \
    layer7-protocol=torrent_announce out-interface=ether1
add action=mark-connection chain=MatchTorrent-pstr new-connection-mark=\
    Torrent-Match-out
add action=mark-packet chain=MatchTorrent-pstr connection-mark=\
    Torrent-Match-out new-packet-mark=P2P-TORRENT-OUT passthrough=no
add action=mark-packet chain=prerouting comment="REGEXP CODE-P2P" \
    in-interface=ether1 layer7-protocol=Torrent-www new-packet-mark=\
    P2P-PACKET-REG-IN passthrough=no
add action=mark-packet chain=postrouting layer7-protocol=Torrent-www \
    new-packet-mark=P2P-PACKET-REG-OUT out-interface=ether1 passthrough=no
add action=mark-packet chain=prerouting comment="REGEXP CODE-P2P-DNS" \
    in-interface=ether1 layer7-protocol=Torrent-DNS new-packet-mark=\
    P2P-PACKET-REG-DNS-IN passthrough=no protocol=udp src-port=53
add action=mark-packet chain=postrouting dst-port=53 layer7-protocol=\
    Torrent-DNS new-packet-mark=P2P-PACKET-REG-DNS-OUT out-interface=ether1 \
    passthrough=no protocol=udp
add action=mark-packet chain=prerouting comment=P2P in-interface=ether1 \
    new-packet-mark=P2P-PACKET-IN p2p=all-p2p passthrough=no
add action=mark-packet chain=postrouting new-packet-mark=P2P-PACKET-OUT \
    out-interface=ether1 p2p=all-p2p passthrough=no
add action=mark-packet chain=prerouting comment=OTHER-PACKET in-interface=\
    ether1 new-packet-mark=OTHER-IN passthrough=no protocol=tcp
add action=mark-packet chain=postrouting new-packet-mark=OTHER-OUT \
    out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
    OTHER-IN passthrough=no protocol=udp
add action=mark-packet chain=postrouting new-packet-mark=OTHER-OUT \
    out-interface=ether1 passthrough=no protocol=udp
/queue type
add kind=pfifo name=QUEUE-P1 pfifo-limit=460
add kind=pfifo name=QUEUE-P2 pfifo-limit=260
add kind=pfifo name=QUEUE-P3 pfifo-limit=260
add kind=pfifo name=QUEUE-P4 pfifo-limit=360
add kind=pfifo name=QUEUE-P5 pfifo-limit=160
add kind=pfifo name=QUEUE-P7 pfifo-limit=800
add kind=pfifo name=QUEUE-P8 pfifo-limit=960
/queue tree
add name=QOS-Rule-IN-P1 parent=global priority=1 queue=QUEUE-P1
add name=HTTP packet-mark=HTTP-IN parent=QOS-Rule-IN-P1 priority=1 queue=\
    QUEUE-P1
add name=DNS packet-mark=DNS-IN parent=QOS-Rule-IN-P1 priority=1 queue=\
    QUEUE-P1
add name=HTTPS packet-mark=HTTPS-IN parent=QOS-Rule-IN-P1 priority=1 queue=\
    QUEUE-P1
add name=ICMP packet-mark=ICMP-IN parent=QOS-Rule-IN-P1 priority=1 queue=\
    QUEUE-P1
add name=GAME-PSN packet-mark=GAMING-PSN-IN parent=QOS-Rule-IN-P1 priority=1 \
    queue=QUEUE-P1
add name=GAME-XBOX packet-mark=GAMING-XBOX-IN parent=QOS-Rule-IN-P1 priority=\
    1 queue=QUEUE-P1
add name=QOS-Rule-IN-P2 parent=global priority=2 queue=QUEUE-P2
add name=VOIP packet-mark=SIP-IN parent=QOS-Rule-IN-P2 priority=2 queue=\
    QUEUE-P2
add name=SKYPE packet-mark=SKYPE-TO-SKYPE-IN parent=QOS-Rule-IN-P2 priority=2 \
    queue=QUEUE-P2
add name=QOS-Rule-IN-P3 parent=global priority=3 queue=QUEUE-P3
add name=VPN packet-mark=VPN-IN parent=QOS-Rule-IN-P3 priority=3 queue=\
    QUEUE-P3
add name=QOS-Rule-IN-P4 parent=global priority=4 queue=QUEUE-P4
add name=E-MAIL parent=QOS-Rule-IN-P4 priority=4 queue=QUEUE-P4
add name=WINBOX packet-mark=WINBOX-IN parent=QOS-Rule-IN-P1 priority=1 queue=\
    QUEUE-P1
add name=QOS-Rule-IN-P5 parent=global priority=5 queue=QUEUE-P5
add name=MANAGEMENT packet-mark=MANAGEMENT-IN parent=QOS-Rule-IN-P5 priority=\
    5 queue=QUEUE-P5
add name=QOS-Rule-IN-P7 parent=global priority=7 queue=QUEUE-P7
add name=OTHER-CONNECTION packet-mark=OTHER-IN parent=QOS-Rule-IN-P7 \
    priority=7 queue=QUEUE-P7
add name=QOS-Rule-IN-P8 parent=global queue=QUEUE-P8
add name=TORRENT packet-mark=P2P-TORRENT-IN parent=QOS-Rule-IN-P8 queue=\
    QUEUE-P8
add name=TORRENT-REG packet-mark=P2P-PACKET-REG-IN parent=QOS-Rule-IN-P8 \
    queue=QUEUE-P8
add name=TORRENT-REG-DNS packet-mark=P2P-PACKET-REG-DNS-IN parent=\
    QOS-Rule-IN-P8 queue=QUEUE-P8
add name=ALL-P2P packet-mark=P2P-PACKET-IN parent=QOS-Rule-IN-P8 queue=\
    QUEUE-P8
add name=QOS-Rule-OUT-P1 parent=global priority=1 queue=QUEUE-P1
add name=DNS-OUT packet-mark=DNS-OUT parent=QOS-Rule-OUT-P1 priority=1 queue=\
    QUEUE-P1
add name=GAME-PSN-OUT packet-mark=GAMING-PSN-OUT parent=QOS-Rule-OUT-P1 \
    priority=1 queue=QUEUE-P1
add name=GAME-XBOX-OUT packet-mark=GAMING-XBOX-OUT parent=QOS-Rule-OUT-P1 \
    priority=1 queue=QUEUE-P1
add name=HTTP-OUT packet-mark=HTTP-OUT parent=QOS-Rule-OUT-P1 priority=1 \
    queue=QUEUE-P1
add name=HTTPS-OUT packet-mark=HTTPS-OUT parent=QOS-Rule-OUT-P1 priority=1 \
    queue=QUEUE-P1
add name=ICMP-OUT packet-mark=ICMP-OUT parent=QOS-Rule-OUT-P1 priority=1 \
    queue=QUEUE-P1
add name=WINBOX-OUT packet-mark=WINBOX-OUT parent=QOS-Rule-OUT-P1 priority=1 \
    queue=QUEUE-P1
add name=QOS-Rule-OUT-P2 parent=global priority=2 queue=QUEUE-P2
add name=VOIP-OUT packet-mark=SIP-OUT parent=QOS-Rule-OUT-P2 priority=2 \
    queue=QUEUE-P2
add name=SKYPE-OUT packet-mark=SKYPE-TO-SKYPE-OUT parent=QOS-Rule-OUT-P2 \
    priority=2 queue=QUEUE-P2
add name=QOS-Rule-OUT-P3 parent=global priority=3 queue=QUEUE-P3
add name=VPN-OUT packet-mark=VPN-OUT parent=QOS-Rule-OUT-P3 priority=3 queue=\
    QUEUE-P3
add name=QOS-Rule-OUT-P4 parent=global priority=4 queue=QUEUE-P4
add name=E-MAIL-OUT packet-mark=E-MAIL-OUT parent=QOS-Rule-OUT-P4 priority=4 \
    queue=QUEUE-P4
add name=QOS-Rule-OUT-P5 parent=global priority=5 queue=QUEUE-P5
add name=MANAGEMENT-OUT packet-mark=MANAGEMENT-OUT parent=QOS-Rule-OUT-P5 \
    priority=5 queue=QUEUE-P5
add name=QOS-Rule-OUT-P7 parent=global priority=7 queue=QUEUE-P7
add name=OTHER-CONNECTION-OUT packet-mark=OTHER-OUT parent=QOS-Rule-OUT-P7 \
    priority=7 queue=QUEUE-P7
add name=QOS-Rule-OUT-P8 parent=global queue=QUEUE-P8
add name=ALL-P2P-OUT packet-mark=P2P-PACKET-OUT parent=QOS-Rule-OUT-P8 queue=\
    QUEUE-P8
add name=TORRENT-OUT packet-mark=P2P-TORRENT-OUT parent=QOS-Rule-OUT-P8 \
    queue=QUEUE-P8
add name=TORRENT-REG-OUT packet-mark=P2P-PACKET-REG-OUT parent=\
    QOS-Rule-OUT-P8 queue=QUEUE-P8
add name=TORRENT-REG-DNS-OUT packet-mark=P2P-PACKET-REG-DNS-OUT parent=\
    QOS-Rule-OUT-P8 queue=QUEUE-P8
Here i've marked same service (without mark connection, only mark packet) but using prerouting and postrouting on wan connection.
In your experiences what is the best practice about it, and which of these is the best solution?
Thanks to all

Re: QOS Prioritization on PPPoE Server

Posted: Fri Feb 14, 2014 10:25 pm
by rickfrey
I usually start out using pre-routing, while I'm building it (Just habit, I don't have a good reason for it.) Then you have to take a step back and see how that affects everything as a whole. Things like marking the priority are going to be in pre-routing, which you did. You handled the in and out connections very well. Over all, this looks great. I didn't test it, I just read through it, but it looks like you are on the right track! :D

Re: QOS Prioritization on PPPoE Server

Posted: Mon Feb 17, 2014 10:38 am
by sparrow
Things like marking the priority are going to be in pre-routing, which you did. You handled the in and out connections very well. Over all, this looks great. I didn't test it, I just read through it, but it looks like you are on the right track
Hi, thanks for your reply.
So you think the best configuration that work well is the first I've posted??
Not the second where I've marked packet in prerouting and postrouting?