Welcome to the Identifying CRITICAL packets Quality of Service discussion topic.

First - TCP ACK packets must be sent out and not dropped, how to correctly mark them with mangle?

TCP ACK packets are the ones that tell the sending host, how much data the receiving host has gotten already and are integral part of adjusting the TCP Window therefore important QoS information that must be given some limit-at=enough.

Other important packets are ICMP and DNS but those are easily recognized and marked, but feel free to talk about them here in the topic.

Janis, Normis, Sergej, Uldis and the others, please enlighten us a little on the matter Thanks.

I am currently identifying them with but I'm not sure this is right. I found some info here: http://en.wikipedia.org/wiki/ACK_(TCP)

I think prerouting is better here , cause postrouting is the last stage of a packet when it leavs the router .. prerouting is the first stage before forward or input ..

I currently doing the following :

1- Mark dns,icmp and ack with mangle ,prerouting , giving them the same mark ..
2- a simple Q ,packet mark = ( above ) , with a specific limit at , always on top of other ( dynamic ) simple Q's ..
3- a script , making the previous simple Q always on top of Q list ..

so , its isolating these 3 types from other traffic ..

maybe just mark packets with connection-type=new? =)

Thank you Chupaka, you are very helpful.

I have this problem now:

This mangle rule matches all uTorrent upload:

add chain=postrouting action=accept tcp-flags=ack protocol=tcp

Why is all the upload 'ack' ?

I want to match all the packets that carry information about what has been already transferred. All real acknoledgments. What is going on here? Please help me, I'm lost.

How to catch to acks that are critical for letting the sender now what we already have? Are these critical acks the ones without payload? How to match them?

Just as I suspected:

http://doc.m0n0.ch/handbook/faq-ackprio.html..., IP packet length 0-80, TCP flags: ACK = set, everything else = don't care. It is not sufficient to classify packets into the high-priority queue based on the ACK flag only, because (big) upstream TCP data packets can have the ACK flag set as well. 0-80 is just an example to get you started....

WHAT IS THE CORRECT PACKET SIZE WE SHOULD MARK ?!

maybe just mark packets with connection-type=new? =)

This catches (ACK,FIN,PSH) as well. What are these? I will not prioritize these.