Yeah, the cpu hits about 55% on the Hex and I get ~280 Mbits/sec on the iperf test. Thats from a VM server the last 8 ports of the vlan’ed switch out to a banana pi board at the end of a fiber link. So basically all gigabit. It’s not a busy router either.
Just default routing or connected, no vlan or anything special on the Hex other than the NAT. It has of some forward firewall rules to allow local subnets access to the servers then established/related and finally drop everything else. Default packet size for iperf is 8KB for TCP and 1470 bytes for UDP. -- Terri Kelley On August 22, 2017 at 9:30:42 AM, Tiernan OToole ([email protected]) wrote: Interesting... looks like a nice little box alright... In its sepc (https://i.mt.lv/routerboard/files/hEX-161103103915.pdf), it mentions that the bridging and routing speed for small packets (64 bytes) is about 530mb/s... its only larger packet sizes that is higher (nearly 2gb a sec). You mention iperf... wondering what the size of the packets are there. Second, is it routing that is being done? Are there firewall rules? Could you do a full export of the firewall part? I am in the process of upgrading my network from a Mikrotik Cloud Router (vm on a machine) to a physical one (possibly a CCR1016-12G) and want to get line rate between the ports, even though they will be separate vlans too... Thanks. --Tiernan -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Grand Avenue Broadband Sent: Tuesday 22 August 2017 14:14 To: Mikrotik discussions <[email protected]> Subject: Re: [Mikrotik] vlan switch and 750Gr3 speeds 750Gr3 is the Hex. Product comparison <https://mikrotik.com/products/compare/RB750G+RB750Gr3>. Has 2-3x speed <https://mikrotik.com/product/RB750Gr3>. > On Aug 21, 2017, at 10:42 PM, Tiernan OToole <[email protected]> > wrote: > > Not sure if it's the same product (can't find a 750gs3) but the 750g says it > has a max speed of 580mbs if using larger packets: > > https://i.mt.lv/routerboard/files/rb750g.pdf > > > Get Outlook for iOS<https://aka.ms/o0ukef> > > > > On Tue, Aug 22, 2017 at 1:40 AM +0100, "Terri Kelley" > <[email protected]<mailto:[email protected]>> wrote: > > It will be going through the 750 to get from one side or the other of the > switch or out to the network. I'll check the CPU in the 750 but didn't think > it would be that bad. > > -- > Terri Kelley > Network Engineer > 254-697-6710 > Farm to Market Broadband > > > On August 21, 2017 at 12:12:20 PM, Tiernan OToole > ([email protected]<mailto:[email protected]>) wrote: > > It sounds like the vlan to vlan rules are going though the cpu, not the > switch. Essentially, if I got this right, if going through the switch at > layer 2, you get full line speed (as seen going from server to server). But > when traversing vlans (essentially layer 3), you need to go though the cpu, > which would be limited speed. Faster mikrotik router may help... > > -Tiernan > > Get Outlook for iOS<https://aka.ms/o0ukef> > > > > On Mon, Aug 21, 2017 at 5:55 PM +0100, "Terri Kelley" > <[email protected]<mailto:[email protected]>> wrote: > > > So I have a speed mystery with a Netgear 16port switch and a 750Gr3. > The switch I have vlan'ed the first 8 ports in one and the second 8 in > another, untagged. > I have a 750Gr3 where the wan port has several public IPs 6.x.1.x/27 > assigned. > Port2 has an office 192.x.x.x/24 subnet NAT'ed and is plugged in to one of > the first 8 switch ports. > Port 3 has a server 10.x.x.x/24 subnet Nat'ed and is plugged in to one of the > last 8 switch ports. > First rule in the firewall nat is add action=masquerade chain=srcnat > disabled=yes out-interface=ether1 \ > to-addresses=0.0.0.0 (left over from the initial config I did a long time > ago). > The second rule is add action=src-nat chain=srcnat > src-address=192.168.x.x/24 to-addresses=\ 6.x.1.2. > The rest of the rules are src-nat and dat-nat rules for a 6.x.1.x and a > corresponding 10.x.x.x address for servers. > > If I iperf from one of the last 8 switch ports to a server I get gig speeds. > If I iperf from one of the first 8 switch ports to a server I get around 250 > megs speed. The same if I iperf from elsewhere on the network. > > Any ideas why I have the slow down? > > Thanks > > -- > Terri Kelley > > -------------- next part -------------- An HTML attachment was > scrubbed... > URL: > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > RouterOS > > -- > This message has been scanned for viruses and dangerous content by > E.F.A. Project, and is believed to be clean. > > Click here to report this message as spam. > http://mail.tiernanotoole.net/cgi-bin/learn-msg.cgi?id=DB6F21213F7.A11 > D0&token=794c9a7f0fbd5d83e247f51bb4b88a1d > > > > -------------- next part -------------- An HTML attachment was > scrubbed... > URL: > <http://mail.butchevans.com/pipermail/mikrotik/attachments/20170821/e7 > 745391/attachment.html> > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > RouterOS > > -------------- next part -------------- An HTML attachment was > scrubbed... > URL: > <http://mail.butchevans.com/pipermail/mikrotik/attachments/20170822/c1 > b35aad/attachment.html> > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > RouterOS -- Grand Avenue Broadband -- Wireless Internet Service Circle City to Wickenburg and surrounding areas http://grandavebb.com -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20170822/91b86e04/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20170822/14dbb6bd/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
