Now I'd like to add some addtional mangles for QOS. Would these (2nd list) interefer with the above dual WAN by changing packet marking?
Does rule order matter? Should QOS be before or after the dual WAN?
Code: Select all
/ip firewall mangle
add action=accept chain=prerouting comment=ATT-ISP1 dst-address=x.x.x.x/29 in-interface-list=\
LAN-att
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type="" \
in-interface=eth1-AT&T new-connection-mark=ISP1-conn passthrough=yes
add action=mark-connection chain=prerouting comment="DSCP-Force-WISP-to-ATT 042620" \
connection-state=new disabled=yes dscp=46 dst-address-type=!local log=yes log-prefix=\
"/mangle/ - bypass Cox to ATT by DSCP" new-connection-mark=ISP1-conn passthrough=no
add action=mark-connection chain=prerouting comment=Force-WISP-IP-to-ATT connection-state=new \
dst-address-type=!local log=yes log-prefix="/mangle/ - bypass Cox to ATT" new-connection-mark=\
ISP1-conn passthrough=no src-address-list=Force-WISP-out-ATT
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-list=!RFC1918 \
dst-address-type=!local in-interface-list=LAN-att new-connection-mark=ISP1-conn passthrough=yes
add action=mark-routing chain=prerouting connection-mark=ISP1-conn in-interface-list=LAN-att \
new-routing-mark=to-ISP1 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP1-conn dst-address-type="" new-routing-mark=\
to-ISP1 passthrough=yes
add action=accept chain=prerouting comment=Cox-ISP2 dst-address=y.y.y.y/27 in-interface-list=\
LAN-cox
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type="" \
in-interface=eth2-cox new-connection-mark=ISP2-conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-list=!RFC1918 \
dst-address-type=!local in-interface-list=LAN-cox new-connection-mark=ISP2-conn passthrough=yes
add action=mark-routing chain=prerouting connection-mark=ISP2-conn in-interface-list=LAN-cox \Now I'd like to add some addtional mangles for QOS. Would these below interefer with the above dual WAN by changing packet marking?
Code: Select all
/ip firewall mangle
add action=mark-connection chain=prerouting comment=VOIP disabled=yes dscp=46 new-connection-mark=\
VOIP passthrough=yes
add action=mark-connection chain=prerouting disabled=yes dscp=26 new-connection-mark=VOIP \
passthrough=yes
add action=mark-packet chain=prerouting connection-mark=VOIP disabled=yes new-packet-mark=VOIP \
passthrough=no
add action=mark-connection chain=prerouting comment=DNS connection-state=new disabled=yes \
new-connection-mark=DNS passthrough=yes port=53 protocol=udp
add action=mark-packet chain=prerouting connection-mark=DNS disabled=yes new-packet-mark=DNS \
passthrough=no
add action=mark-connection chain=postrouting connection-state=new disabled=yes new-connection-m
DNS passthrough=yes port=53 protocol=udp
add action=mark-packet chain=postrouting connection-mark=DNS disabled=yes new-packet-mark=DNS \
passthrough=no
add action=mark-connection chain=prerouting comment=QUIC connection-state=new disabled=yes \
new-connection-mark=QUIC passthrough=yes port=80,443 protocol=udp
add action=mark-packet chain=prerouting connection-mark=QUIC disabled=yes new-packet-mark=QUIC
passthrough=no
add action=mark-connection chain=prerouting comment=ICMP connection-state=new disabled=yes \
new-connection-mark=ICMP passthrough=yes protocol=icmp
add action=mark-packet chain=prerouting connection-mark=ICMP disabled=yes new-packet-mark=ICMP
passthrough=no
add action=mark-connection chain=postrouting connection-state=new disabled=yes new-connection-m
ICMP passthrough=yes protocol=icmp
add action=mark-packet chain=postrouting connection-mark=ICMP disabled=yes new-packet-mark=ICMP
passthrough=no
add action=mark-packet chain=postrouting comment=ACK disabled=yes new-packet-mark=ACK packet-si
0-123 passthrough=no protocol=tcp tcp-flags=ack
add action=mark-packet chain=prerouting disabled=yes new-packet-mark=ACK packet-size=0-123 \
passthrough=no protocol=tcp tcp-flags=ack
