subject:"Re\: \[AusNOG\] CPU \- when to upgrade"

Re: [AusNOG] CPU - when to upgrade

2018-04-05 Thread Mike Everest

Tip for all: use http://talk.mikrotik.com.au for this kind of topic :-}

> -Original Message-
> From: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] On Behalf Of Rhys
> Cuff (Latrobe I.T)
> Sent: Friday, 6 April 2018 1:00 PM
> To: ausnog@lists.ausnog.net
> Subject: Re: [AusNOG] CPU - when to upgrade
> 
> O  setting a rule at the top to fasttrack established connections made a
> huge difference.
> Thanks for the tip
> 
> 
> 
> -Original Message-
> From: Mike Everest [mailto:m...@duxtel.com]
> Sent: Friday, April 6, 2018 12:31 PM
> To: Rhys Cuff (Latrobe I.T); ausnog@lists.ausnog.net
> Subject: RE: [AusNOG] CPU - when to upgrade
> 
> Hi Rys,
> 
> With routerOS, throughput limitation due to cpu really only happens when it
> completely runs out (i.e. 100% utilisation) - when you hit 100, router can't
> keep up with incoming packets and so some packets begin to be dropped.
> That can have a follow-on effect that TCP stream initiators will start to pare
> back the transmit rate accordingly so if your router is CLOSE to 100% but not
> quite, it can still indicate a throughput limit.  But 70% - 80% is not 
> usually a
> problem for throughput.
> 
> Other actions as already suggested, like fastpath and/or review of firewall
> rule order can make a huge difference - even adding a 'permit established' at
> the top of the forward chain can make a massive difference if you don’t
> already have it ;)
> 
> Cheers!
> 
> Mike.
> 
> > -Original Message-
> > From: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] On Behalf Of
> > Rhys Cuff (Latrobe I.T)
> > Sent: Friday, 6 April 2018 11:44 AM
> > To: ausnog@lists.ausnog.net
> > Subject: Re: [AusNOG] CPU - when to upgrade
> >
> > Hi Guys
> >
> > Thanks very much for the responses.
> > We are a very small wireless ISP (around 2000 customers) and run
> > MikroTik router kit (I know I know...) I can see its normally firewall
> > and routing process's that use most.
> > Running around 300mbps on the routers in question.
> > I can certainly upgrade, just wasn’t sure if it was worth it.
> > MikroTik don’t have much kit that is small and runs 24v.
> >
> > Thanks again
> >
> > Rhys
> >
> >
> >
> >
> > -Original Message-
> > From: Graeme Allen [mailto:m...@graemeallen.com]
> > Sent: Friday, April 6, 2018 11:22 AM
> > To: Rhys Cuff (Latrobe I.T)
> > Cc: ausnog@lists.ausnog.net
> > Subject: Re: [AusNOG] CPU - when to upgrade
> >
> > Hi Rhys,
> >
> > If you are looking at an MRTG style graph, then as Jim points out you
> > are probably looking at a 5 minute rolling average, and the peaks will
> > very likely be much higher and yes possibly impacting performance.
> >
> > For a more instant view of the CPU, do a "show proc cpu history", this
> > will show you the spikes (assuming csco).
> >
> > Assuming the box you are using is not just under-powered, you need to
> > look at what is hitting the cpu and see if you can control/remove it.
> >
> > Chasing "links that don't seem to go as hard as they should", oh man,
> > that's such a can of subjective worms..
> >
> >
> > On Fri, April 6, 2018 10:51 am, Jim Woodward wrote:
> > > On 06-04-2018 10:21, Rhys Cuff (Latrobe I.T) wrote:
> > >
> > >
> > > Hi Rhys,
> > >
> > >
> > > If it's a Cisco I have found that once you start hitting 70% you'll
> > > start to see Latency creep up, this in turn will likely to have an
> > > overall effect on achievable speeds.
> > >
> > > If the 70% figure is an average then peaks may be quite a bit
> > > higher, I would consider working on a plan to upgrade the device(s)
> > > or do the usual process of looking at your configuration to see if
> > > you have any misconfigured/redundant ACL's or or routing policies
> > > that may be eating into your CPU performance.
> > >
> > > Kind Regards,
> > >
> > >
> > > Jim.
> > >
> > >
> > >> FROM: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] ON BEHALF
> OF
> > >> Rhys Cuff (Latrobe I.T)
> > >> SENT: Friday, April 6, 2018 10:19 AM
> > >> TO: ausnog@lists.ausnog.net
> > >> SUBJECT: [AusNOG] CPU - when to upfrade
> > >>
> > >>
> > >> Hi Guys
> > >>
> > >>
> > >> When you have a router and cpu is hitting about 60 - 70% with
> > >> traffic load would that impact speeds?
> > >>
> > >> I've got a few links that don't seem to go as hard as they should,
> > >> but I can't find the
> > >> reason.___
> > >>
> > > AusNOG mailing list
> > > AusNOG@lists.ausnog.net
> > > http://lists.ausnog.net/mailman/listinfo/ausnog
> > >
> > >
> >
> >
> > ___
> > AusNOG mailing list
> > AusNOG@lists.ausnog.net
> > http://lists.ausnog.net/mailman/listinfo/ausnog
> 
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] CPU - when to upgrade

2018-04-05 Thread Rhys Cuff (Latrobe I.T)

O  setting a rule at the top to fasttrack established connections made a 
huge difference.
Thanks for the tip



-Original Message-
From: Mike Everest [mailto:m...@duxtel.com] 
Sent: Friday, April 6, 2018 12:31 PM
To: Rhys Cuff (Latrobe I.T); ausnog@lists.ausnog.net
Subject: RE: [AusNOG] CPU - when to upgrade

Hi Rys,

With routerOS, throughput limitation due to cpu really only happens when it 
completely runs out (i.e. 100% utilisation) - when you hit 100, router can't 
keep up with incoming packets and so some packets begin to be dropped.  That 
can have a follow-on effect that TCP stream initiators will start to pare back 
the transmit rate accordingly so if your router is CLOSE to 100% but not quite, 
it can still indicate a throughput limit.  But 70% - 80% is not usually a 
problem for throughput.

Other actions as already suggested, like fastpath and/or review of firewall 
rule order can make a huge difference - even adding a 'permit established' at 
the top of the forward chain can make a massive difference if you don’t already 
have it ;)

Cheers!

Mike.

> -Original Message-
> From: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] On Behalf Of 
> Rhys Cuff (Latrobe I.T)
> Sent: Friday, 6 April 2018 11:44 AM
> To: ausnog@lists.ausnog.net
> Subject: Re: [AusNOG] CPU - when to upgrade
> 
> Hi Guys
> 
> Thanks very much for the responses.
> We are a very small wireless ISP (around 2000 customers) and run 
> MikroTik router kit (I know I know...) I can see its normally firewall 
> and routing process's that use most.
> Running around 300mbps on the routers in question.
> I can certainly upgrade, just wasn’t sure if it was worth it.
> MikroTik don’t have much kit that is small and runs 24v.
> 
> Thanks again
> 
> Rhys
> 
> 
> 
> 
> -Original Message-
> From: Graeme Allen [mailto:m...@graemeallen.com]
> Sent: Friday, April 6, 2018 11:22 AM
> To: Rhys Cuff (Latrobe I.T)
> Cc: ausnog@lists.ausnog.net
> Subject: Re: [AusNOG] CPU - when to upgrade
> 
> Hi Rhys,
> 
> If you are looking at an MRTG style graph, then as Jim points out you 
> are probably looking at a 5 minute rolling average, and the peaks will 
> very likely be much higher and yes possibly impacting performance.
> 
> For a more instant view of the CPU, do a "show proc cpu history", this 
> will show you the spikes (assuming csco).
> 
> Assuming the box you are using is not just under-powered, you need to 
> look at what is hitting the cpu and see if you can control/remove it.
> 
> Chasing "links that don't seem to go as hard as they should", oh man, 
> that's such a can of subjective worms..
> 
> 
> On Fri, April 6, 2018 10:51 am, Jim Woodward wrote:
> > On 06-04-2018 10:21, Rhys Cuff (Latrobe I.T) wrote:
> >
> >
> > Hi Rhys,
> >
> >
> > If it's a Cisco I have found that once you start hitting 70% you'll 
> > start to see Latency creep up, this in turn will likely to have an 
> > overall effect on achievable speeds.
> >
> > If the 70% figure is an average then peaks may be quite a bit 
> > higher, I would consider working on a plan to upgrade the device(s) 
> > or do the usual process of looking at your configuration to see if 
> > you have any misconfigured/redundant ACL's or or routing policies 
> > that may be eating into your CPU performance.
> >
> > Kind Regards,
> >
> >
> > Jim.
> >
> >
> >> FROM: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] ON BEHALF OF 
> >> Rhys Cuff (Latrobe I.T)
> >> SENT: Friday, April 6, 2018 10:19 AM
> >> TO: ausnog@lists.ausnog.net
> >> SUBJECT: [AusNOG] CPU - when to upfrade
> >>
> >>
> >> Hi Guys
> >>
> >>
> >> When you have a router and cpu is hitting about 60 - 70% with 
> >> traffic load would that impact speeds?
> >>
> >> I've got a few links that don't seem to go as hard as they should, 
> >> but I can't find the 
> >> reason.___
> >>
> > AusNOG mailing list
> > AusNOG@lists.ausnog.net
> > http://lists.ausnog.net/mailman/listinfo/ausnog
> >
> >
> 
> 
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] CPU - when to upgrade

2018-04-05 Thread Rhys Cuff (Latrobe I.T)

Hello

No fastpath, I'll have a look at that.

Thanks

-Original Message-
From: Andrew Oakeley [mailto:and...@oakeley.com.au] 
Sent: Friday, April 6, 2018 11:58 AM
To: Rhys Cuff (Latrobe I.T)
Subject: RE: [AusNOG] CPU - when to upgrade

> We are a very small wireless ISP (around 2000 customers) and run MikroTik 
> router kit (I know I know...) I can see its normally firewall and routing 
> process's that use most.

I have some mikrotik routers constantly running 100% CPU on encryption, this 
does not seem to be affecting any other traffic going through the routers. But 
as most of your CPU is on routing/firewall that will affect other traffic. Are 
you using FastPath?

Andy

-Original Message-
From: AusNOG <ausnog-boun...@lists.ausnog.net> On Behalf Of Rhys Cuff (Latrobe 
I.T)
Sent: Friday, 6 April 2018 9:44 AM
To: ausnog@lists.ausnog.net
Subject: Re: [AusNOG] CPU - when to upgrade

Hi Guys

Thanks very much for the responses.
We are a very small wireless ISP (around 2000 customers) and run MikroTik 
router kit (I know I know...) I can see its normally firewall and routing 
process's that use most.
Running around 300mbps on the routers in question.
I can certainly upgrade, just wasn’t sure if it was worth it.
MikroTik don’t have much kit that is small and runs 24v.

Thanks again

Rhys

-Original Message-
From: Graeme Allen [mailto:m...@graemeallen.com]
Sent: Friday, April 6, 2018 11:22 AM
To: Rhys Cuff (Latrobe I.T)
Cc: ausnog@lists.ausnog.net
Subject: Re: [AusNOG] CPU - when to upgrade

Hi Rhys,

If you are looking at an MRTG style graph, then as Jim points out you are 
probably looking at a 5 minute rolling average, and the peaks will very likely 
be much higher and yes possibly impacting performance.

For a more instant view of the CPU, do a "show proc cpu history", this will 
show you the spikes (assuming csco).

Assuming the box you are using is not just under-powered, you need to look at 
what is hitting the cpu and see if you can control/remove it.

Chasing "links that don't seem to go as hard as they should", oh man, that's 
such a can of subjective worms..

On Fri, April 6, 2018 10:51 am, Jim Woodward wrote:
> On 06-04-2018 10:21, Rhys Cuff (Latrobe I.T) wrote:
>
>
> Hi Rhys,
>
>
> If it's a Cisco I have found that once you start hitting 70% you'll 
> start to see Latency creep up, this in turn will likely to have an 
> overall effect on achievable speeds.
>
> If the 70% figure is an average then peaks may be quite a bit higher, 
> I would consider working on a plan to upgrade the device(s) or do the 
> usual process of looking at your configuration to see if you have any 
> misconfigured/redundant ACL's or or routing policies that may be 
> eating into your CPU performance.
>
> Kind Regards,
>
>
> Jim.
>
>
>> FROM: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] ON BEHALF OF 
>> Rhys Cuff (Latrobe I.T)
>> SENT: Friday, April 6, 2018 10:19 AM
>> TO: ausnog@lists.ausnog.net
>> SUBJECT: [AusNOG] CPU - when to upfrade
>>
>>
>> Hi Guys
>>
>>
>> When you have a router and cpu is hitting about 60 - 70% with traffic 
>> load would that impact speeds?
>>
>> I've got a few links that don't seem to go as hard as they should, 
>> but I can't find the 
>> reason.___
>>
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] CPU - when to upgrade

2018-04-05 Thread Matthew Smee

One other thing worth mentioning, since you said firewall process, is that 
device throughput is dependant on what services or features you enable on it. 
Not every device has dedicated chips/ASICs for every function, or in some cases 
they do but you'll only get a fraction of the line throughput if you enable 
things like firewall, inspection, etc. 
Might be worth checking the data sheet and see what you've enabled versus 
what's advertised.
...And then take about 30% off the vendor advertised number for the real 
expected result :-).

Cheers,
Matt.

-Original Message-
From: AusNOG <ausnog-boun...@lists.ausnog.net> On Behalf Of Rhys Cuff (Latrobe 
I.T)
Sent: Friday, 6 April 2018 11:44 AM
To: ausnog@lists.ausnog.net
Subject: Re: [AusNOG] CPU - when to upgrade

Hi Guys

Thanks very much for the responses.
We are a very small wireless ISP (around 2000 customers) and run MikroTik 
router kit (I know I know...) I can see its normally firewall and routing 
process's that use most.
Running around 300mbps on the routers in question.
I can certainly upgrade, just wasn’t sure if it was worth it.
MikroTik don’t have much kit that is small and runs 24v.

Thanks again

Rhys

-Original Message-
From: Graeme Allen [mailto:m...@graemeallen.com]
Sent: Friday, April 6, 2018 11:22 AM
To: Rhys Cuff (Latrobe I.T)
Cc: ausnog@lists.ausnog.net
Subject: Re: [AusNOG] CPU - when to upgrade

Hi Rhys,

If you are looking at an MRTG style graph, then as Jim points out you are 
probably looking at a 5 minute rolling average, and the peaks will very likely 
be much higher and yes possibly impacting performance.

For a more instant view of the CPU, do a "show proc cpu history", this will 
show you the spikes (assuming csco).

Assuming the box you are using is not just under-powered, you need to look at 
what is hitting the cpu and see if you can control/remove it.

Chasing "links that don't seem to go as hard as they should", oh man, that's 
such a can of subjective worms..

On Fri, April 6, 2018 10:51 am, Jim Woodward wrote:
> On 06-04-2018 10:21, Rhys Cuff (Latrobe I.T) wrote:
>
>
> Hi Rhys,
>
>
> If it's a Cisco I have found that once you start hitting 70% you'll 
> start to see Latency creep up, this in turn will likely to have an 
> overall effect on achievable speeds.
>
> If the 70% figure is an average then peaks may be quite a bit higher, 
> I would consider working on a plan to upgrade the device(s) or do the 
> usual process of looking at your configuration to see if you have any 
> misconfigured/redundant ACL's or or routing policies that may be 
> eating into your CPU performance.
>
> Kind Regards,
>
>
> Jim.
>
>
>> FROM: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] ON BEHALF OF 
>> Rhys Cuff (Latrobe I.T)
>> SENT: Friday, April 6, 2018 10:19 AM
>> TO: ausnog@lists.ausnog.net
>> SUBJECT: [AusNOG] CPU - when to upfrade
>>
>>
>> Hi Guys
>>
>>
>> When you have a router and cpu is hitting about 60 - 70% with traffic 
>> load would that impact speeds?
>>
>> I've got a few links that don't seem to go as hard as they should, 
>> but I can't find the 
>> reason.___
>>
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> https://protect-au.mimecast.com/s/Q5Z6CVAGXPtmmv9jFGEX8d?domain=lists.
> ausnog.net
>
>

___
AusNOG mailing list
AusNOG@lists.ausnog.net
https://protect-au.mimecast.com/s/Q5Z6CVAGXPtmmv9jFGEX8d?domain=lists.ausnog.net

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] CPU - when to upgrade

2018-04-05 Thread Rhys Cuff (Latrobe I.T)

Hi Guys

Thanks very much for the responses.
We are a very small wireless ISP (around 2000 customers) and run MikroTik 
router kit (I know I know...)
I can see its normally firewall and routing process's that use most.
Running around 300mbps on the routers in question.
I can certainly upgrade, just wasn’t sure if it was worth it.
MikroTik don’t have much kit that is small and runs 24v.

Thanks again

Rhys

-Original Message-
From: Graeme Allen [mailto:m...@graemeallen.com] 
Sent: Friday, April 6, 2018 11:22 AM
To: Rhys Cuff (Latrobe I.T)
Cc: ausnog@lists.ausnog.net
Subject: Re: [AusNOG] CPU - when to upgrade

Hi Rhys,

If you are looking at an MRTG style graph, then as Jim points out you are 
probably looking at a 5 minute rolling average, and the peaks will very likely 
be much higher and yes possibly impacting performance.

For a more instant view of the CPU, do a "show proc cpu history", this will 
show you the spikes (assuming csco).

Assuming the box you are using is not just under-powered, you need to look at 
what is hitting the cpu and see if you can control/remove it.

Chasing "links that don't seem to go as hard as they should", oh man, that's 
such a can of subjective worms..

On Fri, April 6, 2018 10:51 am, Jim Woodward wrote:
> On 06-04-2018 10:21, Rhys Cuff (Latrobe I.T) wrote:
>
>
> Hi Rhys,
>
>
> If it's a Cisco I have found that once you start hitting 70% you'll 
> start to see Latency creep up, this in turn will likely to have an 
> overall effect on achievable speeds.
>
> If the 70% figure is an average then peaks may be quite a bit higher, 
> I would consider working on a plan to upgrade the device(s) or do the 
> usual process of looking at your configuration to see if you have any 
> misconfigured/redundant ACL's or or routing policies that may be 
> eating into your CPU performance.
>
> Kind Regards,
>
>
> Jim.
>
>
>> FROM: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] ON BEHALF OF 
>> Rhys Cuff (Latrobe I.T)
>> SENT: Friday, April 6, 2018 10:19 AM
>> TO: ausnog@lists.ausnog.net
>> SUBJECT: [AusNOG] CPU - when to upfrade
>>
>>
>> Hi Guys
>>
>>
>> When you have a router and cpu is hitting about 60 - 70% with traffic 
>> load would that impact speeds?
>>
>> I've got a few links that don't seem to go as hard as they should, 
>> but I can't find the 
>> reason.___
>>
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] CPU - when to upgrade

2018-04-05 Thread Jim Woodward

On 06-04-2018 10:21, Rhys Cuff (Latrobe I.T) wrote: 

Hi Rhys, 

If it's a Cisco I have found that once you start hitting 70% you'll
start to see Latency creep up, this in turn will likely to have an
overall effect on achievable speeds.  

If the 70% figure is an average then peaks may be quite a bit higher, I
would consider working on a plan to upgrade the device(s) or do the
usual process of looking at your configuration to see if you have any
misconfigured/redundant ACL's or or routing policies that may be eating
into your CPU performance. 

Kind Regards, 

Jim. 

> FROM: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] ON BEHALF OF Rhys Cuff 
> (Latrobe I.T)
> SENT: Friday, April 6, 2018 10:19 AM
> TO: ausnog@lists.ausnog.net
> SUBJECT: [AusNOG] CPU - when to upfrade 
> 
> Hi Guys 
> 
> When you have a router and cpu is hitting about 60 - 70% with traffic load 
> would that impact speeds? 
> 
> I've got a few links that don't seem to go as hard as they should, but I 
> can't find the reason.___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] CPU - when to upgrade

2018-04-05 Thread Nathan Brookfield

Cisco?

Nathan Brookfield
Chief Executive Officer

Simtronic Technologies Pty Ltd
http://www.simtronic.com.au

On 6 Apr 2018, at 10:22, Rhys Cuff (Latrobe I.T) 
> wrote:

Ignore spelling, sorry chaps


From: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] On Behalf Of Rhys Cuff 
(Latrobe I.T)
Sent: Friday, April 6, 2018 10:19 AM
To: ausnog@lists.ausnog.net
Subject: [AusNOG] CPU - when to upfrade

Hi Guys

When you have a router and cpu is hitting about 60 – 70% with traffic load 
would that impact speeds?
I’ve got a few links that don’t seem to go as hard as they should, but I can’t 
find the reason.

Thanks

Rhys

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] CPU - when to upgrade

2018-04-05 Thread Rhys Cuff (Latrobe I.T)

Ignore spelling, sorry chaps

From: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] On Behalf Of Rhys
Cuff (Latrobe I.T)
Sent: Friday, April 6, 2018 10:19 AM
To: ausnog@lists.ausnog.net
Subject: [AusNOG] CPU - when to upfrade

Hi Guys

When you have a router and cpu is hitting about 60 - 70% with traffic
load would that impact speeds?

I've got a few links that don't seem to go as hard as they should, but I
can't find the reason.

Thanks

Rhys

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] CPU - when to upgrade

Re: [AusNOG] CPU - when to upgrade

Re: [AusNOG] CPU - when to upgrade

Re: [AusNOG] CPU - when to upgrade

Re: [AusNOG] CPU - when to upgrade

Re: [AusNOG] CPU - when to upgrade

Re: [AusNOG] CPU - when to upgrade

Re: [AusNOG] CPU - when to upgrade

8 matches

Site Navigation

Mail list logo

Footer information