I notice that in ROS 6.14 the switch chip menu still doesn’t show up in Winbox for the CCR1009 models. Any update on when that will happen?
EDIT:
See below.
CCR1009 does have a Switch Chip
My bad, I was assuming all the RBs from the CCR series have each port directly connected to CPU.
There is no board block diagram for the 1009 series on routerboard.com, so how is it internally connected?
EDIT: the block diagram on routerboard.com for the 1016 series is actually a link to the diagram for the 1036 series - how is 1016 connected internally?
Also, how is CCR1016-12S-1S+ connected internally, also missing block diagram…
16 and 36 are the same, everything to CPU.
9 core has first 4 ports through switch, you can see this indicated on the front panel (see photo)
so can anyone tell me what is the difference between the switch group 1-4 and the rest of the ports,
what are the advantages and disadvantages?
why you cannot make a port from the switch group a slave to the non switch group? i know you can do it by using bridge.
thanks
You can do slaves only within one common switch group. Enslavement means join the ports in switch. But if there is no switch chip you can just bridge the ports thru cpu.
what is the advantage of being in a switch group and not being in it? 
Wire speed without CPU-load.
I have a CCR1009-8G-1S-1S+.
My question is, what interfaces can be used-for best performance, if this CCR will by used as edge router. With one Eth port as LAN and other port as WAN. Traffic 300 - 400Mbps, with routing and NAT.
Thank you very much.
why nobody answered your post? I think you should use ports beyond 1-4, I am going to test it today, because I have max850mb when incoming are ether1 and 3 and outgoing is sfp1, I will try non-switch ports as incoming, this design is not carrier class, or at least we should have been told about it
looks like switched ports are less efficient consumming more cpu
best to use cpu direct ports eth 5,6,7,8 sfp and sfp+
Hello there, and sorry for posting in this old topic. Sorry for my bad english too, it’s not my native language.
I’ll receive my CCR 1009 soon, and I don’t get something about the swtich chip / switch ports.
My CCR will replace and ISP box, home usage.
My wan will be on port 8 , and my LAN on port 5 , since they are both “cpu port”, I figured it was the more efficient way to do things.
Now, my plan was to connect a switch to the port 5, and so my computers would be accessible.
(WAN/Ether8 ==> FW/NAT Rules ==> LAN/Ether5 ==> Switch => multiples PCs and stuff)
From what I read, I can group the switched ports on the CCR, 1 to 4, and they act like a normal L2 switch. But how will they communicate with the port 5 ?
In my head, I was thinking about declared Ether5 as the master port of ether1 to 4, but I believe it’s not possible to do that since ether5 is a “cpu” port, not a switched one.
I must be wrong somewhere… Anybody can help me ? Thx you
Well, just use port 1 as your LAN port, and set port 2-4 to have port 1 as master-port. Don’t use port 5 if you don’t need it If you do need Port 5, you will have to create a bridge, and add port 1 and port 5 as members of the bridge (port 2-4 are already slaves of port 1, adding them is both not necessary and not possible), then move all your LAN configuration (DHCP server, ip addresses, etc..) to the bridge interface. Traffic between Ports 1-4 will still be switched in hardware, traffic between ports 1-4 and port 5 will be software-forwarded by CPU, which is less efficient, but the CCR1009 can easily handle that.
Thx a lot for the explanation and instructions.
Without even using the bridge method, I’m still “afraid” of performances problems if I firewall/nat to a switched port.
I’ve a 1gb/sec fiber connexion, would like to use fastpath, fasttrack&stuff. So, I guess I’ll just put a switch I already have on ether5, It seems the most efficient thing to me.
But I’ll keep in mind your solution, and maybe test it, to see the implications in terms of performances and functionality.
Thx again.
You don’t really need to be afraid of bandwidth issues on the switch-group. The only way you can oversaturate the 1gbps connection to the CPU is by downloading full speed to the switch-group from WAN, and also trying to download full speed to the switch-group from port 5 at the same time - which will cause contention. Transfers within the switch-group will never cause contention on the CPU connection because the packets will never leave the switch chip.
So you can for example do in parallel:
1 gbps transfer from WAN to port 1 (enters switch-group through CPU)
1 gbps transfer from port 2 to WAN (leaves switch-group through CPU)
1 gbps transfer from port 3 to port 4 (does not leave switch-group)
1 gbps transfer from port 4 to port 3 (does not leave switch-group)
1 gbps transfer from port 1 to port 2 (does not leave switch-group)
but this in addition will cause contention because the switch connection is full:
1 gbps transfer from port 5 to port 2 (through CPU to software bridge)
So unless you really positively want to throw in an extra switch for just one extra device, just keep in mind to put the device where you expect the least amount of intra-LAN traffic on port 5 (like a printer or cable set-top box).
Other than the switch-group ports sharing 1 gbps full-duplex towards the CPU, Routing/NATing etc. to a port in a switch-group is not slower than it is on any other port.
That was my main problem, because I read that switch port used more cpu than “cpu port”.
But if it’s wrong, great, I can use more port then and not use another switch.
Thx again for the informations
I have read that a few times as well, but could never reliably reproduce it in lab tests on both RB1100AHx2 and CCR1009-PC. If there is a difference, it is so minor it barely makes an impact.
you are right is better to support this topic with some testing to size correctly the impact of this changes
give me some time to test on my CCR1009
That would be great, thx you.