Hello!
Here's what I'm struggling with. I have OpenVPN server at 192.168.0.99. Also I have video surveillance device (NVR) at 192.168.0.153. And of course the whole network at 192.168.0.0/24. My goal is set the highest priority for 0.153 traffic, then go VPN clients (0.99's port is forwarded outside) and the last priority have all other network participants. So whenever someone in the network starts to download something, his downloading won't affect the speed of NVR and total speed (max-limit) of VPN clients.
/queue simple
add dst=ether1-wan max-limit=100M/100M name=QoS-simple priority=1/1 target="" total-queue=ethernet-default
add queue=pcq-upload-default/pcq-download-default limit-at=50M/50M parent=QoS-simple priority=1/1 max-limit=100M/100M name =NVR target=192.168.0.153/32
add queue=pcq-upload-default/pcq-download-default limit-at=40M/40M parent=QoS-simple priority=2/2 max-limit=60M/60M name=VPN target=192.168.0.99/32
add queue=pcq-upload-default/pcq-download-default parent=QoS-simple priority=8/8 name=LAN target=192.168.0.0/24
According to most guides, I should not set dst for my queue. But if I don't do it, I see zeroes in the statistics of the queue and child queues, which tells me that queues don't work at all. Only after I set my WAN interface (connection type - static address) as dst something starts to work. The way I test my setup is using iperf for VPN client and browser downloading as regular network's participant. NVR is using nearly 50M/s itself, so I just track is it affected or not. Long story short: 0.153 and 0.99 ARE affected when someone in the network starts his download UNTIL I set up a Queue Tree in addition to my Simple Queues:
/queue tree
add limit-at=100M max-limit=100M name=QoS-tree packet-mark=no-mark parent=global priority=1 queue=default
Now 0.153 stays mostly unaffected with somebody's download, but as VPN client I get significantly speed reduce. Maybe I wrongly treat VPN client's traffic as 0.99's traffic, because when I open Connections I see VPN traffic like: Source - <client's white IP>, Destination - <Mikrotik white IP>:<port where 0.99 if forwarded to>. But when I look to the queue statistics for 0.99 I see exactly the same amount of traffic which iperf generates. So I don't get how should look my queues in this case.
Please, help me to set up traffic prioritization for this setup.