Hello Folks!
In my network I Have about 4000 clients with an average traffic of 6-8 Gbps. I’m starting to get into some network refactoring in order to accommodate a couple enterprise customers without having to change all my network gear.
Right now part of my network is controller by a CCR1009-7G-1C-1S+ which has Clients VLAN, DHCP Server, Client with NAT, Clients Without NAT, 0 Queues, with an average of 3Gbps traffic it usually sits about 75% CPU which is very far away from the 11Gbps according to Mikrotik testing.
After some testing I was able to hit 10Gbps traffic around 95% CPU by disabling the Bridge VLAN Filtering and Firewall Connection Tracking but the main issue with this approach is that it won’t work for the customers behind NAT so I was thinking about using a CRS326-24G-2S+RM as a NAT router for the CCR1009 taking advantage of his L3-HW capabilities. At first test it seems to be working fine and the CRS switch remains almost at 3% even with NAT traffic.
My biggest concern comes when I think about the possibility of having some QoS Happening, maybe using some Queues in the CCR1009, if my understanding is correct this will force me to use again the connection tracking so I’m not sure if maybe I’m just overcomplicating things or if this approach will eventually deliver a higher throughput than just having the CCR1009 doing eveything.