Would really need to see the Pipe, Queues and Rules - with Advanced Mode toggled - themselves. Something is certainly not matching on the upload rules, possibly Queue mask is wrong/not set, or Rule direction wrong or not set.However, FQ - Fair Queue, or Flow Queue - is not really meant for doing 'multitier' on 1 connection - it's for 'fair' sharing, all traffic, amongst all flows, on 1 pipe.With 2 pipes, 150/150 and 30/15, the firewall expects the total bandwidth available to be 180/165 - i.e there is no overlap and/or subtracting the 30 guest from the 150 total limit.Whilst it's true that it is possible to restrict the Guest to 30/15, if you're running your main pipe at capacity (150 download, 30 on the guest, simultaneously) it's going to be over saturated.
P.S. There is no source/destination subnet set on the guest rules, also cannot see 'direction' there as well, nor mask on Queue.
I think the first question(s) that should be answered:Do you really need to limit the guest network? Do you have guests that often, that heavily use your bandwidth? Do you have 'things' in your Home network that would really be that impacted by a guest downloading something - even if total bandwidth was 50/50 shared?
I would suggest the following approach:- Get everything working, i.e shaped, with 2 pipes, 2 queues, 2 rules, impacting everything- Rules applying to just 1 interface, i.e WAN.- Then, if you really want to, duplicate the above and modify the rules so that the source/destinations match for the home/guest subnets using FQ Codel (not weighted). Again, just on WAN interface.- Whilst there is nothing stopping you from having 150/150 and 30/15 pipe, at the point of the link/connection being saturated the firewall thinks you have more bandwidth than you do unless you:
Spoiled brat kids who come over with one iPad each tend to sit and update every app in existence, all simultaneously so I'd rather they didn't have access to the full 150.