Good afternoon. I'm trying to create Queue Tree rules in my hEX RB750r2 and I'm not getting it. I think it's because of the connection mark and package mark, even though it's something simple. The RouterOS version is 6.39. Also did not work in 6.38.5. I've created additional rules to make sure packages are marked, but they're not. I just want to mark http packages to limit downloads. Here are my rules:
[admin@MikroTik] /ip firewall mangle> print
Flags: X - disabled, I - invalid, D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=prerouting action=passthrough
1 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough
2 D ;;; special dummy rule to show fasttrack counters
chain=postrouting action=passthrough
3 chain=forward action=mark-connection new-connection-mark=http_con passthrough=yes tcp-flags="" protocol=tcp connection-mark=no-mark port=80 log=no log-prefix=""
4 chain=postrouting action=mark-connection new-connection-mark=http_con passthrough=yes tcp-flags="" protocol=tcp connection-mark=no-mark port=80 log=no log-prefix=""
5 chain=prerouting action=mark-connection new-connection-mark=http_con passthrough=yes tcp-flags="" connection-state="" protocol=tcp connection-mark=no-mark port=80 log=no log-prefix=""
6 chain=forward action=mark-packet new-packet-mark=http_pkg passthrough=no connection-mark=http_con packet-mark=no-mark log=no log-prefix=""
7 chain=postrouting action=mark-packet new-packet-mark=http_pkg passthrough=no connection-mark=http_con packet-mark=no-mark log=no log-prefix=""
8 chain=prerouting action=mark-packet new-packet-mark=http_pkg passthrough=no connection-mark=http_con packet-mark=no-mark log=no log-prefix=""
9 chain=prerouting action=mark-packet new-packet-mark=http_pkg passthrough=yes protocol=tcp packet-mark=no-mark port=80 log=no log-prefix=""
10 chain=forward action=mark-packet new-packet-mark=http_pkg passthrough=yes protocol=tcp packet-mark=no-mark port=80 log=no log-prefix=""
11 chain=postrouting action=mark-packet new-packet-mark=http_pkg passthrough=yes protocol=tcp packet-mark=no-mark port=80 log=no log-prefix=""
It turns out that in the firewall window, in the Mangle tab, the difference of Bytes and Packets that cross the three default rules and the rules that I created is very large. While the download of a file reaches 7MB / s, the number of connections marked is only a few KiBytes and marked packets is only a few hundred KiBytes.
Any solution?