shorewall - problems with traffic shaping

I'm shaping my traffic such that VoIP calls have highest priority, followed by, VPN, then general network surfing, and lastly, large downloads. [tcclasses] lw 1 200kbit full 1 tos=0x68/0xfc,tos=0xb8/0xfc lw 2 full/4 full 2 tcp-ack,tos-minimize-delay lw 3 full/6 full 3 default lw 4 full/12 full*8/10 4 [tcdevices] lw 0mbit 500mbit [mangle] MARK(4) 0.0.0.0/0 0.0.0.0/0 - - - - - - - 504857:5048570:B:B # general web browsing MARK(3) 0.0.0.0/0 0.0.0.0/0 tcp http,https # general UDP MARK(2) 0.0.0.0/0 0.0.0.0/0 udp MARK(2) 0.0.0.0/0 $WORK_VPN tcp https MARK(2) $WORK_VPN 0.0.0.0/0 tcp https # asterisk MARK(1) 0.0.0.0/0 0.0.0.0/0 udp $ASTERISK_RTP_PORTS # google voice (this effectively makes everything equal, only include Google servers here) MARK(1) 0.0.0.0/0 $GOOGLE_CIDR udp $GOOGLE_VOICE_UDP_PORTS MARK(1) 0.0.0.0/0 $GOOGLE_CIDR tcp $GOOGLE_VOICE_TCP_PORTS # tmobile wifi calling MARK(1) 0.0.0.0/0 $TMOBILE_UDP_CIDR udp $TMOBILE_UDP_PORTS MARK(1) 0.0.0.0/0 $TMOBILE_TCP_CIDR tcp $TMOBILE_TCP_PORTS # facetime MARK(1) 0.0.0.0/0 $APPLE_CIDR udp $APPLE_FACETIME_UDP MARK(1) 0.0.0.0/0 $APPLE_CIDR tcp $APPLE_FACETIME_TCP When I set the upload bandwidth to some insanely high value, I can notice the bandwidth I'm measuring is what I expect. If I put it to what it should be (50Mbps) the actual bandwidth I measure on speedtest sites is much, much lower (2-3Mbps). But, my tcclasses is showing that all traffic can make use of the fast connection when it is available as I have "full" in the configuration for all except *#4*. What am I missing? [EDIT] 1. I swapped interfaces to ensure that the driver / device I'm using supports BQL: https://www.bufferbloat.net/projects/bloat/wiki/BQL_enabled_drivers/