Community discussions

MikroTik App
 
jellyfrog
just joined
Topic Author
Posts: 4
Joined: Sat Aug 27, 2011 1:13 am

Performance troubles with firewall (RB450G)

Sat Aug 27, 2011 9:43 pm

Using the default config you get when you reset the router...
NAT, FW ON ca 20MB/S
NAT, FW OFF ca 28MB/S (Max speed if I connect my computer directly too)

Any ideas how to get a better speed with FW on? (The FW-rules are the default ones)
 
tjc
Member Candidate
Member Candidate
Posts: 276
Joined: Sun Jul 10, 2011 3:08 am

Re: Performance troubles with firewall (RB450G)

Sat Aug 27, 2011 10:11 pm

How are you testing and what packet sizes are you using? Also did you mean bits or bytes?

I pretty consistently test at the promised 25 Mbps (bits) from Comcast with a RB750G (a step down from your RB450G) with single digit CPU usage for a somewhat more complex than default firewall rule set. Given that the router seems to be nearly idle at that rate, it shouldn't be a bottle neck even with the ~10x bump to Mbytes/second.
 
jellyfrog
just joined
Topic Author
Posts: 4
Joined: Sat Aug 27, 2011 1:13 am

Re: Performance troubles with firewall (RB450G)

Sat Aug 27, 2011 10:29 pm

Downloading a 1GB file from my ISPs speedtest server using FTP
I mean Megabyte... (I have 250Mbit/s down)

Seems like there is a 95-100% cpu usage during the tests, and 0-3% idling
 
tjc
Member Candidate
Member Candidate
Posts: 276
Joined: Sun Jul 10, 2011 3:08 am

Re: Performance troubles with firewall (RB450G)

Sun Aug 28, 2011 3:11 am

What's the MTU set to on your PC? Since most of the RBs only support 1500 (1524 for the L2MTU), you may be fragmenting if both ends of the link think they can do jumbo frames.
 
tjc
Member Candidate
Member Candidate
Posts: 276
Joined: Sun Jul 10, 2011 3:08 am

Re: Performance troubles with firewall (RB450G)

Sun Aug 28, 2011 7:43 am

The product page does show a pretty substantial hit for the firewall and connection tracking: http://routerboard.com/RB450G but with reasonable frame sizes it should still be able to do it. What OS version are you running? (The tests are apparently for v5.x)
 
jellyfrog
just joined
Topic Author
Posts: 4
Joined: Sat Aug 27, 2011 1:13 am

Re: Performance troubles with firewall (RB450G)

Sun Aug 28, 2011 1:05 pm

What's the MTU set to on your PC? Since most of the RBs only support 1500 (1524 for the L2MTU), you may be fragmenting if both ends of the link think they can do jumbo frames.
The product page does show a pretty substantial hit for the firewall and connection tracking: http://routerboard.com/RB450G but with reasonable frame sizes it should still be able to do it. What OS version are you running? (The tests are apparently for v5.x)
1500 MTU on my PC, running W7
Running RouterOS 5.6
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Performance troubles with firewall (RB450G)

Sun Sep 04, 2011 1:44 am

on RB450G in production network, the maximum we achieved for FW+NAT is about 200-240 Mbps

seems like it's the ceiling for RB450G's CPU

Who is online

Users browsing this forum: Amazon [Bot], apitsos and 53 guests