Packet Priority

JangoMunkie · Tue Apr 14, 2020 5:22 pm

Hi.
I'm inexperienced with configuring my router so I'm looking for some advice.
While I'm playing on-line games and my wife's streaming Amazon Prime on an Apple TV4k, I get some packet loss, not all the time but it can peak around 7% according to the onscreen info in the game. I've turned off FastTrack and created some queues which doesn't seem to totally improved the packet loss. Below are the queues, 0, 3 & 4 are disabled and were ones I have tried in the past for other reasons:

Flags: X - disabled, I - invalid, D - dynamic 
0 XI  name="All" target=192.168.1.0/32 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=17M/69M burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 
      bucket-size=0.1/0.1 

 1    name="PS4 Priority" parent=none packet-marks=PS4_Packet priority=1/1 queue=default-small/default-small limit-at=1M/1M max-limit=10M/10M burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 
      bucket-size=0.1/0.1 

 2    name="Apple TVs" target=192.168.1.7/32,192.168.1.8/32 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=2M/25M burst-limit=5M/30M 
      burst-threshold=3M/27M burst-time=5s/1s bucket-size=0.1/0.1 

 3 XI  name="media" target=192.168.1.4/32 parent=none packet-marks=media priority=2/2 queue=default-small/default-small limit-at=0/0 max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 
      bucket-size=0.1/0.1 

 4 XI  name="Rob MBP" target=192.168.1.30/32 parent=none packet-marks="" priority=8/8 queue=default-small/default-small limit-at=0/0 max-limit=10M/10M burst-limit=0/0 burst-threshold=0/0 
      burst-time=0s/0s bucket-size=0.1/0.1

And these are the mangle rules, again 3,4 & 5 are old ones and disabled:

Flags: X - disabled, I - invalid, D - dynamic 
 0    ;;; PS4 Priority
      chain=forward action=mark-connection new-connection-mark=PS4_Connection passthrough=yes src-address=192.168.1.9 log=no log-prefix="" 

 1    ;;; PS4 Priority
      chain=forward action=mark-connection new-connection-mark=PS4_Connection passthrough=yes dst-address=192.168.1.9 log=no log-prefix="" 

 2    ;;; PS4 Priority
      chain=forward action=mark-packet new-packet-mark=PS4_Packet passthrough=yes connection-mark=PS4_Connection log=no log-prefix="" 

 3 X  chain=forward action=mark-packet new-packet-mark=media passthrough=yes src-address=192.168.1.1 log=no log-prefix="" 

 4 X  chain=forward action=mark-packet new-packet-mark=media passthrough=yes dst-address=192.168.1.1 log=no log-prefix="" 

 5 X  chain=forward action=mark-packet new-packet-mark=media passthrough=yes dst-address=192.168.1.4 log=no log-prefix=""

The queue for the Apple TV (we have 2 now) seems to work, the download speed is limited to 25Mbps and can burst upto 30Mbps but only really averages around 8Mbps. Gaming uses less than 9KBps and around 35pps up and down.

My broadband is around 18/70Mbps and the LAN is 1Gbps capable.

What am I doing wrong or could the packet loss reported buy the game be happening in the WAN?

pcunite · Tue Apr 14, 2020 6:21 pm

See my signature. Note that your hAP ac is under-powered for QoS tasks.

gazingbazooka · Fri Apr 17, 2020 6:04 am

I have no proof but I would guess that the packet loss is with your ISP and not with MikroTik. Unless there is something really funky in your config. Easier to see that with /export hide-sensitive than a print in each section.

JangoMunkie · Sun Aug 09, 2020 10:07 pm

Sorry for not getting back sooner, been otherwise occupied!

Below is the config for my router:

# aug/09/2020 19:25:55 by RouterOS 6.45.6
# software id = UU4L-UHZ7
#
# model = RouterBOARD 962UiGS-5HacT2HnT
# serial number = 830708361797
/interface bridge
add fast-forward=no name=Bridge-VLAN10
add admin-mac=CC:2D:E0:32:98:58 auto-mac=no comment=defconf name=bridge
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=ether2 ] name=ether2-master speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
set [ find default-name=sfp1 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 keepalive-timeout=60 name=pppoe-out1 use-peer-dns=yes user=bthomehub@btbroadband.com
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=3 band=2ghz-b/g/n channel-width=20/40mhz-Ce country="united kingdom" disabled=no distance=indoors frequency=2437 frequency-mode=regulatory-domain mode=\
    ap-bridge ssid=MikroTik-32985 wireless-protocol=802.11
set [ find default-name=wlan2 ] antenna-gain=2 band=5ghz-a/n/ac channel-width=20/40/80mhz-Ceee country="united kingdom" disabled=no distance=indoors frequency=5660 frequency-mode=regulatory-domain \
    mode=ap-bridge ssid=MikroTik-32985 wireless-protocol=802.11
/interface list
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
add name=WAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=dynamic-keys supplicant-identity=MikroTik
add authentication-types=wpa2-psk management-protection=allowed mode=dynamic-keys name=Guest supplicant-identity=MikroTik
/interface wireless
add disabled=no hide-ssid=yes keepalive-frames=disabled mac-address=CE:2D:E0:32:98:5E master-interface=wlan2 multicast-buffering=disabled name=WiFi-Guest security-profile=Guest ssid=Guest vlan-id=10 \
    vlan-mode=use-tag wds-cost-range=0-4294967295 wds-default-cost=0 wps-mode=disabled
/interface vlan
add interface=WiFi-Guest name=VLAN10 vlan-id=10
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=192.168.1.11-192.168.1.254
add name=vpn ranges=192.168.89.2-192.168.89.255
add name=dhcp_pool2 ranges=10.10.10.2-10.10.10.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge lease-time=23h name=defconf
add address-pool=dhcp_pool2 disabled=no interface=Bridge-VLAN10 name=dhcp1
/ppp profile
set *FFFFFFFE dns-server=192.168.1.254 local-address=192.168.89.1 remote-address=vpn
/queue simple
add max-limit=17M/69M name=All
add limit-at=4M/8M max-limit=20M/50M name="PS4 Priority" packet-marks=PS4_Packet parent=All priority=1/1 target=192.168.1.9/32
add burst-limit=5M/55M burst-threshold=3M/41M burst-time=5s/5s limit-at=1M/10M max-limit=2M/40M name="Apple TVs" packet-marks=AppleTVAll parent=All priority=2/2 target=192.168.1.7/32,192.168.1.8/32
add burst-limit=0/40M burst-threshold=0/27M burst-time=0s/10s max-limit=2M/25M name=SKY packet-marks=SKY_Packet parent=All
add disabled=yes name=media packet-marks=media priority=2/2 target=192.168.1.4/32
add disabled=yes max-limit=10M/10M name="Rob MBP" target=192.168.1.30/32
/interface bridge port
add bridge=bridge comment=defconf interface=ether2-master
add bridge=bridge comment=defconf hw=no interface=sfp1
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
add bridge=bridge interface=ether3
add bridge=bridge interface=ether4
add bridge=bridge interface=ether5
add bridge=Bridge-VLAN10 interface=WiFi-Guest
add bridge=Bridge-VLAN10 interface=VLAN10
/ip neighbor discovery-settings
set discover-interface-list=none
/ip settings
set rp-filter=strict
/interface l2tp-server server
set enabled=yes use-ipsec=yes
/interface list member
add interface=ether2-master list=discover
add interface=ether3 list=discover
add interface=ether4 list=discover
add interface=ether5 list=discover
add interface=sfp1 list=discover
add interface=wlan1 list=discover
add interface=wlan2 list=discover
add interface=bridge list=discover
add interface=pppoe-out1 list=discover
add interface=bridge list=mactel
add interface=bridge list=mac-winbox
add interface=pppoe-out1 list=WAN
/interface pptp-server server
set enabled=yes
/interface sstp-server server
set default-profile=default-encryption enabled=yes
/ip address
add address=192.168.1.254/24 comment=defconf interface=ether2-master network=192.168.1.0
add address=10.10.10.1/24 interface=Bridge-VLAN10 network=10.10.10.0
add address=192.168.2.254/24 comment="Modem connection" interface=ether1 network=192.168.2.0
/ip arp
add address=192.168.1.1 comment=NAS interface=bridge mac-address=00:11:32:60:8C:91
add address=192.168.1.10 comment=Securix interface=bridge published=yes
add address=192.168.1.251 interface=bridge mac-address=F8:1E:DF:DC:C1:68
add
add address=192.168.2.254 comment="To access Modem" interface=ether1
add address=192.168.1.4 comment=Slice interface=bridge mac-address=B8:27:EB:2B:02:43
add address=192.168.1.2 comment=Humax interface=bridge mac-address=DC:D3:21:AB:86:36
add address=192.168.1.9 comment=PS4 interface=bridge mac-address=F8:46:1C:DA:DB:24
add address=192.168.1.5 comment=Mac-Mini interface=bridge mac-address=40:6C:8F:35:F5:F7
add address=192.168.1.7 comment="Apple TV4K" interface=bridge mac-address=90:DD:5D:C0:4C:A6
add address=192.168.1.8 comment="Apple TV" interface=bridge mac-address=2C:B4:3A:1D:A0:3A
add address=192.168.1.3 comment=SkyQ interface=bridge mac-address=90:02:18:E8:4D:41
add address=192.168.1.12 comment="TP Link Garage" interface=bridge mac-address=D8:47:32:D1:CA:34
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server lease
add address=192.168.1.2 client-id=1:dc:d3:21:ab:86:36 comment=Humax mac-address=DC:D3:21:AB:86:36 server=defconf
add address=192.168.1.5 client-id=1:40:6c:8f:35:f5:f7 mac-address=40:6C:8F:35:F5:F7 server=defconf
add address=192.168.1.12 client-id=1:d8:47:32:d1:ca:34 mac-address=D8:47:32:D1:CA:34 server=defconf
/ip dhcp-server network
add address=10.10.10.0/24 gateway=10.10.10.1
add address=192.168.1.0/24 comment=defconf gateway=192.168.1.254 netmask=24
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router
/ip firewall address-list
add address=830708361797.sn.mynetname.net list="MikroTik WAN IP"
add address=robscreaton.no-ip.org list="no-ip WAN IP"
/ip firewall filter
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related disabled=yes
add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related disabled=yes
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface=ether1
add action=accept chain=input protocol=icmp
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
add action=accept chain=input comment="allow IPsec NAT" dst-port=4500 protocol=udp
add action=accept chain=input comment="allow IKE" dst-port=500 protocol=udp
add action=accept chain=input comment="allow l2tp" dst-port=1701 protocol=udp
add action=accept chain=input comment="allow pptp" dst-port=1723 protocol=tcp
add action=accept chain=input comment="allow sstp" dst-port=443 protocol=tcp
add action=drop chain=input in-interface=pppoe-out1
add action=reject chain=input comment="Bedroom Airport Mikrotik drop" disabled=yes in-interface=all-wireless reject-with=icmp-network-unreachable src-mac-address=00:21:E9:F7:73:A9
add action=drop chain=forward in-interface=Bridge-VLAN10 out-interface=bridge
/ip firewall mangle
add action=mark-connection chain=forward comment="PS4 Priority" new-connection-mark=PS4_Connection passthrough=yes src-address=192.168.1.9
add action=mark-connection chain=forward comment="PS4 Priority" dst-address=192.168.1.9 new-connection-mark=PS4_Connection passthrough=yes
add action=mark-packet chain=forward comment="PS4 Priority" connection-mark=PS4_Connection new-packet-mark=PS4_Packet passthrough=yes
add action=mark-connection chain=forward comment=AppleTV4k new-connection-mark=AppleTV4k passthrough=yes src-address=192.168.1.7
add action=mark-connection chain=forward comment=AppleTV4k dst-address=192.168.1.7 new-connection-mark=AppleTV4k passthrough=yes
add action=mark-packet chain=forward comment=AppleTV4kAll connection-mark=AppleTV4k new-packet-mark=AppleTVAll passthrough=yes
add action=mark-connection chain=forward comment=AppleTV new-connection-mark=AppleTV passthrough=yes src-address=192.168.1.8
add action=mark-connection chain=forward comment=AppleTV dst-address=192.168.1.8 new-connection-mark=AppleTV passthrough=yes
add action=mark-packet chain=forward comment=AppleTVAll connection-mark=AppleTV new-packet-mark=AppleTVAll passthrough=yes
add action=mark-connection chain=forward comment=SKY new-connection-mark=SKY_Connection passthrough=yes src-address=192.168.1.3
add action=mark-connection chain=forward comment=SKY dst-address=192.168.1.3 new-connection-mark=SKY_Connection passthrough=yes
add action=mark-packet chain=forward comment=SKY connection-mark=SKY_Connection new-packet-mark=SKY_Packet passthrough=yes
add action=mark-packet chain=forward disabled=yes new-packet-mark=media passthrough=yes src-address=192.168.1.1
add action=mark-packet chain=forward disabled=yes dst-address=192.168.1.1 new-packet-mark=media passthrough=yes
add action=mark-packet chain=forward disabled=yes dst-address=192.168.1.4 new-packet-mark=media passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="DDNS NAT" dst-address=192.168.1.0/24 src-address=192.168.1.0/24
add action=masquerade chain=srcnat comment="Router to Modem" dst-address=192.168.2.0/24 out-interface=ether1 src-address=192.168.1.0/24
add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=pppoe-out1
add action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=192.168.89.0/24
add action=dst-nat chain=dstnat comment=Securix dst-address-list="MikroTik WAN IP" dst-port=8116 protocol=tcp to-addresses=192.168.1.10 to-ports=8116
add action=dst-nat chain=dstnat comment=Securix dst-address-list="MikroTik WAN IP" dst-port=8116 protocol=udp to-addresses=192.168.1.10 to-ports=8116
add action=dst-nat chain=dstnat comment=Securix dst-address-list="MikroTik WAN IP" dst-port=8016 protocol=tcp to-addresses=192.168.1.10 to-ports=8016
add action=dst-nat chain=dstnat comment=Securix dst-address-list="MikroTik WAN IP" dst-port=8016 protocol=udp to-addresses=192.168.1.10 to-ports=8016
add action=dst-nat chain=dstnat comment=Securix dst-address-list="MikroTik WAN IP" dst-port=8200 protocol=tcp to-addresses=192.168.1.10 to-ports=8200
add action=dst-nat chain=dstnat comment=Securix dst-address-list="MikroTik WAN IP" dst-port=8200 protocol=udp to-addresses=192.168.1.10 to-ports=8200
add action=dst-nat chain=dstnat comment=Securix dst-address-list="MikroTik WAN IP" dst-port=10019 protocol=tcp to-addresses=192.168.1.10 to-ports=10019
add action=dst-nat chain=dstnat comment=Securix dst-address-list="MikroTik WAN IP" dst-port=10019 protocol=udp to-addresses=192.168.1.10 to-ports=10019
add action=dst-nat chain=dstnat comment=Securix dst-address-list="MikroTik WAN IP" dst-port=12088 protocol=tcp to-addresses=192.168.1.10 to-ports=12088
add action=dst-nat chain=dstnat comment=Securix dst-address-list="MikroTik WAN IP" dst-port=12088 protocol=udp to-addresses=192.168.1.10 to-ports=12088
add action=dst-nat chain=dstnat comment="NAS Web" dst-address-list="MikroTik WAN IP" dst-port=5000 protocol=tcp to-addresses=192.168.1.1 to-ports=5000
add action=dst-nat chain=dstnat comment="NAS Web" dst-address-list="MikroTik WAN IP" dst-port=5001 protocol=tcp to-addresses=192.168.1.1 to-ports=5001
add action=dst-nat chain=dstnat comment="NAS AudioStation" dst-address-list="MikroTik WAN IP" dst-port=1900 protocol=udp to-addresses=192.168.1.1 to-ports=1900
add action=dst-nat chain=dstnat comment="NAS AudioStation" dst-address-list="MikroTik WAN IP" dst-port=5353 protocol=tcp to-addresses=192.168.1.1 to-ports=5353
add action=dst-nat chain=dstnat comment="NAS AudioStation" dst-address-list="MikroTik WAN IP" dst-port=6001-6010 protocol=tcp to-addresses=192.168.1.1 to-ports=6001-6010
add action=dst-nat chain=dstnat comment="NAS CloudStation" dst-address-list="MikroTik WAN IP" dst-port=6690 protocol=tcp to-addresses=192.168.1.1 to-ports=6690
add action=dst-nat chain=dstnat comment="NAS PhotoStation - destination changed to 5000 for audio station testing" dst-address-list="MikroTik WAN IP" dst-port=80 protocol=tcp to-addresses=192.168.1.1 \
    to-ports=80
add action=dst-nat chain=dstnat comment="NAS VideoStation" dst-address-list="MikroTik WAN IP" dst-port=1900 protocol=udp to-addresses=192.168.1.1 to-ports=1900
add action=dst-nat chain=dstnat comment="NAS VideoStation" dst-address-list="MikroTik WAN IP" dst-port=9025-9040 protocol=tcp to-addresses=192.168.1.1 to-ports=9025-9040
add action=dst-nat chain=dstnat comment=HumaxArchive dst-address-list="MikroTik WAN IP" dst-port=8082 protocol=tcp to-addresses=192.168.1.165 to-ports=80
add action=dst-nat chain=dstnat comment=Slice dst-address-list="MikroTik WAN IP" dst-port=8084 protocol=tcp to-addresses=192.168.1.4 to-ports=80
add action=dst-nat chain=dstnat comment="Mac-mini screen share" dst-address-list="MikroTik WAN IP" dst-port=5900 protocol=tcp to-addresses=192.168.1.5 to-ports=5900
add action=dst-nat chain=dstnat comment="Mac-mini screen share" dst-address-list="MikroTik WAN IP" dst-port=5900 protocol=udp to-addresses=192.168.1.5 to-ports=5900
add action=accept chain=dstnat disabled=yes dst-address=192.168.1.253 out-interface=pppoe-out1 src-address=192.168.1.0/24
add action=dst-nat chain=dstnat comment=Router connection-type="" disabled=yes dst-address-list="no-ip WAN IP" protocol=tcp src-address-list="no-ip WAN IP" src-port=8081 to-addresses=192.168.1.254
add action=dst-nat chain=dstnat comment="Audio Station https" disabled=yes dst-address-list="MikroTik WAN IP" dst-port=8800 protocol=tcp to-addresses=192.168.1.1 to-ports=5000
add action=dst-nat chain=dstnat comment="Audio Station https" disabled=yes dst-address-list="MikroTik WAN IP" dst-port=8801 protocol=tcp to-addresses=192.168.1.1 to-ports=5001
add action=dst-nat chain=dstnat comment="Synology https " dst-address-list="MikroTik WAN IP" dst-port=443 protocol=tcp to-addresses=192.168.1.1 to-ports=443
add action=dst-nat chain=dstnat comment=Modem dst-address-list="MikroTik WAN IP" dst-port=8443 protocol=tcp to-addresses=192.168.2.253 to-ports=8443
add action=accept chain=srcnat
add action=dst-nat chain=dstnat comment="WebDAV http" dst-address-list="MikroTik WAN IP" dst-port=5005 protocol=tcp to-addresses=192.168.1.1 to-ports=5005
add action=dst-nat chain=dstnat comment="WebDAV https" dst-address-list="MikroTik WAN IP" dst-port=5006 protocol=tcp to-addresses=192.168.1.1 to-ports=5006
add action=dst-nat chain=dstnat comment="Mikrotik https" dst-address-list="MikroTik WAN IP" dst-port=444 protocol=tcp to-addresses=192.168.1.254 to-ports=444
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh port=2200
set www-ssl certificate=Webfig disabled=no port=444
set winbox disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/ip upnp interfaces
add interface=bridge type=internal
add interface=pppoe-out1 type=external
/ppp secret
add name=vpn profile=default-encryption
/system clock
set time-zone-name=Europe/London
/system logging
add topics=dhcp,debug
/system ntp client
set enabled=yes server-dns-names=pool.ntp.org
/system scheduler
add disabled=yes interval=5m name=DDNS on-event=no-ip_ddns_update policy=read,write,test start-date=aug/08/2018 start-time=20:08:49
add comment="Update No-IP DDNS" disabled=yes interval=5m name=no-ip_ddns_update on-event=no-ip_ddns_update policy=read,write,test start-date=aug/08/2018 start-time=21:13:49
/tool graphing
set store-every=24hours
/tool graphing interface
add interface=pppoe-out1
add allow-address=192.168.1.0/24 interface=wlan1
add allow-address=192.168.1.0/24 interface=wlan2
add allow-address=192.168.1.0/24 interface=ether2-master
/tool mac-server
set allowed-interface-list=mactel
/tool mac-server mac-winbox
set allowed-interface-list=mac-winbox

When I look at the PS4 queue when the Apple TV4k is playing a show from Netflix, Prime or Disney+ and the game on the PS4 reports there is packet loss, it doesn't list any being dropped.

As soon as I stop the Apple TV4k the packet loss stops.

Packet Priority

Packet Priority

Re: Packet Priority

Re: Packet Priority

Re: Packet Priority

Who is online