Please prove me wrong. I found this old thread . It looks like RouterOS is only using 2GB RAM regardless the platform. Even the official hardware from Mikrotik cannot utilise more than 2GB of RAM. Does that mean RouterOS is not meant to be used in large scale? Do I miss anything here?

This number in “max-entries” will increase only when needed. When you will have 60’000 entries, the max entries will increase to accommodate that. I know it may be confusing, but it works that way. It will not reserve RAM for connections that don’t exist. It will increase when you will hit the limit…

What does it have to do with RAM??? It looks like amount of connections in conntrack is simply limited to half a million, and together with RAW table (firewall filter that happens before connection tracking) added to latest versions, i do not see the reason why there should be more. memory is uti…

Hi normis. Thank you for the quick reply. But please read carefully. The total-entries is already greater than max-entries. I don’t see max-entries increased anyhow. The original post of the thread even kept it running for hours on x86 platform and didn’t see the value changed. max-entries: 524288 …

Original post artificially increased connections for experiment sake. Do you really need half a million connections? In what real-life scenario?

Well… What is wrong with “artificially inscresed connections for experiment sake”? People need to test the limit of the hardware/software. How are people suppose to test without artificially generating data? We all need to test the equipment before we deploy to production environment. At least I wo…

Sorry, but what planet are you from? i have /22 network full with clients, and only time i run into problems with amount of connections was when i was under DDoS attack(to be more precise - some of the clients were infected to be a part of DDoS attack to somewhere). it is 500k, it is 500 connecti…

Haha. I’m living on planet Earth. I believe it’s the same planet as yours. Anyway, joking aside. Thank you very much for your valuable experience. Do you use connection tracking for your firewall? If so, how many connections do you normally get for presumably 1000 clients? Do you have SNMP set up…

First of all putting a state-full firewall on such large network is stupid. on almost all my routers that work with 100+ clients i have connection tracking off. But after i got a call that i’m source of DDoS attack, i had to turn it on for some “special” clients. Now with new RAW table - especiall…

Thank you for your reply once again. I don’t really want to use connection tracking, but I see an example from wiki that marks connections to handle load balancing. Is there a better way to load balance without using connection tracking? How do you manage your WAN connections in such scale? This i…

CCR RAM SCAM!?

Hardware MikroTik hardware general

mellow August 8, 2016, 10:28am 6

Thank you for your reply. But the original post already quoted on normis. normis said the following in this thread so I assume connection tracking has something to do with RAM.