This was the original queue tree setup I was using. https://gregsowell.com/?p=4665
As you can see it was a monster, but it worked better than anything I'd used at the time except for HFSC in pfSense, that was more of a monster to configure. Now that CAKE has come along I'm achieving the same with less than half the number of mangle rules, and only two queues, one up and one down.
Doing up the new mangles for CAKE I threw out most of what was there, and started with connection marking, I've named the connection marks for the diffserve class I want applied. Then another set of rules with the mark DSCP action grabs the relevant connection mark.
Here is a map of DSCP name to value https://en.wikipedia.org/wiki/Different ... s_Selector
Description of what CAKE tin carries which DSCP names https://help.mikrotik.com/docs/display/ROS/CAKE thats most of the way down the page under the Diffserv RFC2474 and RFC2475 heading.
So a quick practical example is deprioritising large downloads.First mark any HTTP connection. Then remark once the connection bytes have gone over an amount. Then set DSCP value on HTTP_BIG connection packets so CAKE will throw it in a lower priority tin once it's set to Diffserv4. You only have to set DSCP values on packets you want somewhere else then the default tin.
diffserv4 - The "diffserv4" preset provides a general-purpose Diffserv implementation with four tins: Bulk: This tin corresponds to CS1 (Class Selector 1) or LE (Low Extra), and it has a threshold of 6.25%. Traffic in this tin typically has a low priority.
Best Effort: This tin is for general traffic that doesn't fall into any specific Diffserv class. It has a threshold of 100%, meaning it receives all remaining bandwidth.
Video: This tin encompasses AF4x, AF3x, CS3, AF2x, CS2, TOS4, and TOS1. It has a threshold of 50%, providing a moderate priority for video traffic.
Voice: This tin covers CS7, CS6, EF (Expedited Forwarding), VA (Voice Admit), CS5, and CS4. It has a threshold of 25%, giving high priority to voice traffic.
The specific class you use doesn't matter for CAKE, and your ISP most likely ignores it anyway so the specific differences between them all are moot.
So using our tins above, CS1 will be placed into the bulk tin, CS1 is a DSCP value of 8.
You then need to make a set of the connection marking mangles for outbound traffic. You don't need to dupicate the change dscp rules because they work regardless of the interface.
Here is my current mangle and queue config.
Code: Select all
/ip firewall mangle
add action=change-mss chain=forward disabled=yes new-mss=clamp-to-pmtu out-interface-list=WAN passthrough=yes protocol=tcp tcp-flags=syn
add action=mark-packet chain=forward in-interface=ether1 new-packet-mark=wan-in passthrough=yes
add action=mark-connection chain=forward comment=HTTP connection-mark=no-mark connection-state=new new-connection-mark=HTTP passthrough=yes port=80,443 protocol=tcp
add action=mark-connection chain=forward connection-bytes=5000000-0 connection-mark=HTTP new-connection-mark=HTTP_BIG passthrough=yes protocol=tcp
add action=mark-connection chain=forward comment="XBox Live AF21 Low Latency" connection-state=new new-connection-mark=AF21 passthrough=yes port=3074,27015-27030,27036-27037 \
protocol=tcp
add action=mark-connection chain=forward comment="XBox Live AF21 Low Latency" connection-state=new new-connection-mark=AF21 passthrough=yes port=\
88,500,3074,3544,4380,4500,27000-27031,27036 protocol=udp
add action=mark-connection chain=forward comment="DNS CS6 Min Latency" connection-state=new new-connection-mark=CS6 passthrough=yes port=53 protocol=udp
add action=mark-connection chain=output comment="DNS CS6 Min Latency" connection-state=new new-connection-mark=CS6 passthrough=yes port=53 protocol=udp
add action=mark-connection chain=forward comment="DNS CS6 Min Latency" connection-state=new new-connection-mark=CS6 passthrough=yes port=53 protocol=tcp
add action=mark-connection chain=output comment="DNS CS6 Min Latency" connection-state=new new-connection-mark=CS6 passthrough=yes port=53 protocol=tcp
add action=mark-connection chain=forward comment="SSH CS2 Interactive Shell" connection-state=new new-connection-mark=CS2 passthrough=yes port=22 protocol=tcp
add action=mark-connection chain=forward comment="OSPF CS7 Network Control" connection-state=new new-connection-mark=CS7 passthrough=yes protocol=ospf
add action=change-dscp chain=forward comment="HTTP_BIG Background" connection-mark=HTTP_BIG new-dscp=8 passthrough=no
add action=change-dscp chain=forward comment="HTTP Best Effort" connection-mark=HTTP new-dscp=0 passthrough=no
add action=change-dscp chain=forward comment="XBox Live AF21 Low Latency" connection-mark=AF21 new-dscp=18 passthrough=no
add action=change-dscp chain=forward comment="DNS CS6 Min Latency" connection-mark=CS6 new-dscp=48 passthrough=no
add action=change-dscp chain=forward comment="SSH CS2 Interactive Shell" connection-mark=CS2 new-dscp=16 passthrough=no
add action=change-dscp chain=forward comment="OSPF CS7 Network Control" connection-mark=CS7 new-dscp=56 passthrough=no
add action=set-priority chain=postrouting new-priority=from-dscp passthrough=yes
/ipv6 firewall mangle
add action=change-mss chain=forward new-mss=clamp-to-pmtu out-interface-list=WAN passthrough=yes protocol=tcp tcp-flags=syn
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=wan-in passthrough=yes
add action=mark-connection chain=prerouting comment=HTTP connection-mark=no-mark connection-state=new new-connection-mark=HTTP passthrough=yes port=80,443 protocol=tcp
add action=mark-connection chain=prerouting connection-bytes=5000000-0 connection-mark=HTTP connection-rate=2M-100M new-connection-mark=HTTP_BIG passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="XBox Live AF21 Low Latency" connection-state=new new-connection-mark=AF21 passthrough=yes port=3074,27015-27030,27036-27037 \
protocol=tcp
add action=mark-connection chain=prerouting comment="XBox Live AF21 Low Latency" connection-state=new dst-prefix=::/0 new-connection-mark=AF21 passthrough=yes port=\
88,500,3074,3544,4380,4500,27000-27031,27036 protocol=udp src-prefix=::/0
add action=mark-connection chain=prerouting comment="RIST AF21 Low Latency" connection-state=new new-connection-mark=AF21 passthrough=yes port=5000 protocol=udp
add action=mark-connection chain=prerouting comment="DNS CS6 Min Latency" connection-state=new new-connection-mark=CS6 passthrough=yes port=53 protocol=udp
add action=mark-connection chain=prerouting comment="SSH CS2 Interactive Shell" connection-state=new new-connection-mark=CS2 passthrough=yes port=22 protocol=tcp
add action=mark-connection chain=prerouting comment="OSPF CS7 Network Control" connection-state=new new-connection-mark=CS7 passthrough=yes protocol=ospf
add action=change-dscp chain=prerouting comment="HTTP_BIG Background" connection-mark=HTTP_BIG dst-prefix=::/0 new-dscp=8 passthrough=no src-prefix=::/0
add action=change-dscp chain=prerouting comment="HTTP Best Effort" connection-mark=HTTP dst-prefix=::/0 new-dscp=0 passthrough=no src-prefix=::/0
add action=change-dscp chain=prerouting comment="XBox Live AF21 Low Latency" connection-mark=AF21 dst-prefix=::/0 new-dscp=18 passthrough=no src-prefix=::/0
add action=change-dscp chain=prerouting comment="DNS CS6 Min Latency" connection-mark=CS6 dst-prefix=::/0 new-dscp=48 passthrough=no src-prefix=::/0
add action=change-dscp chain=prerouting comment="SSH CS2 Interactive Shell" connection-mark=CS2 dst-prefix=::/0 new-dscp=16 passthrough=no src-prefix=::/0
add action=change-dscp chain=prerouting comment="OSPF CS7 Network Control" connection-mark=CS7 dst-prefix=::/0 new-dscp=56 passthrough=no src-prefix=::/0
add action=set-priority chain=postrouting new-priority=from-dscp passthrough=yes
/queue type
add cake-ack-filter=filter cake-atm=ptm cake-bandwidth=17.0Mbps cake-diffserv=diffserv4 cake-nat=yes cake-overhead=22 cake-overhead-scheme=bridged-ptm cake-rtt-scheme=internet kind=cake name=cake-up
add cake-atm=ptm cake-bandwidth=57.0Mbps cake-diffserv=diffserv4 cake-nat=yes cake-overhead=22 cake-overhead-scheme=bridged-ptm cake-rtt-scheme=internet kind=cake name=cake-down
add kind=fq-codel name=fqcodel
/queue interface
set ether1 queue=fqcodel
set ether2 queue=fqcodel
set ether3 queue=fqcodel
set ether4 queue=fqcodel
set ether5 queue=fqcodel
set wifi1 queue=fqcodel
set wifi2 queue=fqcodel
/queue tree
# CAKE type with bandwidth setting detected, configure traffic limits within queue itself
add bucket-size=0 name=WAN-Upload packet-mark=no-mark parent=ether1 queue=cake-up
# CAKE type with bandwidth setting detected, configure traffic limits within queue itself
add bucket-size=0 name=WAN-Download packet-mark=wan-in parent=bridge queue=cake-down