This thread seeks to be a conversation at the conceptual level. Understanding the underlying concepts is not for everyone. Let us begin by considering the minimal essence of the problem, rather than by trying to "work" the complexities of a particular solution. Let us start with the minimal essence of the situation: Multiple users want resources. They want their packets to be given high precedence. They want service levels such as low delay, high throughput, and high reliability. Essentially, they simply want all their packets routed right now. In this situation we want to share the router's resources. While it is possible to share unequally -- to say that some users are more important, or some traffic is more important -- let us begin with the simplest principle of sharing: fairly and equally, between the users. A NAT router can route perhaps 200 packets/second. Or it can manage (create, transform, remove) 200 connections/second, or it can update 400 connections/second. So, suppose we have 5 users who want -- Web-browsing, VOIP-calling, Youtube-Video, OS-upgrade-downloading, and Torrent-downloading. So long as what they all want does not exceed the total capacity, there is no problem. What happens when the total demand exceeds what is available? The first order principle of fairness, as applied to share the resource between the users, suggests: "Decrease the most demanding user's demand until total demand falls below supply." A second order principle might employ memory, giving precedence to those users who have used less than their fair share in the past. Resources should be allocated according to cost, not according to benefit. Thus, a torrenter who wastes 2,000 connections to transport 200 kbytes/second costs much more than a Youtuber who uses 1 connection to transport 200 kbytes/second. It is most important to realize that every user should get a fair and equal share of the available resources, not a proportion that reflects their demand. Thus, when a torrenter demands 2000 DNS requests/minute and a web browser demands 20, and only 202 can be serviced, the web browser should get all 20, and the torrenter should get 182. It would be wrong to say -- only 10% of the demand can be supplied, therefore give each 10%, i.e. give the web browser 2 and the torrenter 200. But this is exactly what the existing QOS does with DNS! A torrent's 2000 DNS requests get the same top priority as the single DNS for mother's 90th birthday Skype call. With the first order principle of fairness there would be no need to make value judgements such as "mother's skype call should get precedence over torrent". Instead. each user gets his fair share, unless there is spare capacity, in which case those who want more get more, so long as they do not deprive others of their fair share. Thus far, we are only talking about sharing between users, rather than sharing different processes for the same user. Sharing different classes of service for the sane user is more complex. But trying to share multiple classes for multiple users can become extremely difficult. We might ask: Why not start by making the simple task of sharing between the users work first? Imagine if there was a minimalist fair-share process that would simply give each users no more than their fair share of the available resource? There would be no need for complicated rules. One might ask: "Why is this not an option?" Let the conversation begin.