Chateau 5G AX - Faster with disabled fasttrack

genesispro · December 7, 2023, 6:55pm

It seams that I get way more speed when I disable the fasttrack rules.
Any explanation?

Amm0 · December 7, 2023, 7:11pm

Interesting. My guess is Moore’s Law at work? e.g. CPU have gotten a lot faster but firewall’s code hasn’t changed… so processing a few more rules may not be significant. But you’re saying faster, that’s more strange, so really not sure.

erlinden · December 7, 2023, 7:21pm

Seems like a riddle…can you give us a hint?

Or better, your config:

/export file=anynameyoulike

Remove serial and any other private info and post it here between code tags by use of the </> button

genesispro · December 8, 2023, 9:15am

The difference is big.
I have a CCR2004 behind the chateau from which I am issuing the Btest.
Without fasttrack I get around 500mbs and with fasttrack less than 200
As you notice the chateau configuration is pretty minimal/basic to provide the ccr with lte internet

/interface bridge
add fast-forward=no name=bridge1 protocol-mode=none
add fast-forward=no name=bridgeIPv6 protocol-mode=none
/interface vlan
add interface=ether5 name=vlan9 vlan-id=9
/interface lte apn
set [ find default=yes ] use-network-apn=no
add apn=internet default-route-distance=1 ip-type=ipv4 name=IPv4
add apn=internet default-route-distance=1 ip-type=ipv6 ipv6-interface=
bridgeIPv6 name=IPv6
/interface lte

A newer version of modem firmware is available!

set [ find default-name=lte1 ] allow-roaming=no apn-profiles=IPv4,IPv6 band=
“” nr-band=“”
set [ find default-name=lte1.1.IPv6 ] master=lte1
/ip pool
add name=dhcp_pool0 ranges=192.168.9.2-192.168.9.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=yes interface=bridge1 lease-time=3d30m
name=dhcp1
/interface bridge port
add bridge=bridge1 interface=vlan9
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ip address
add address=192.168.9.1/24 interface=bridge1 network=192.168.9.0
/ip dhcp-server network
add address=192.168.9.0/24 dns-server=192.168.9.1 gateway=192.168.9.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall filter
add action=fasttrack-connection chain=forward connection-state=
established,related disabled=yes hw-offload=yes
add action=accept chain=forward connection-state=established,related
disabled=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=lte1

normis · December 8, 2023, 9:23am

The config is very strange, this is the cause of your issues. There are many weird things. Bridge with one port, firewall also wrong.
Also, have you tried 7.13 ?

genesispro · December 10, 2023, 4:26pm

what is wrong with the firewall? Do you mean that the fasttrack rules are disabled?

The reasons for having this single interface in a bridge is that I spend once a couple of days to try to spot what was wrong and I had weird local network delays and it turned out to be the MTU. The moment I added it to the bridge the MTU issue was solved. I really don’t know why but I keep using that way since then.
I also use it like that because if I don’t add it now and I have to add another interface in the bridge while I am 9 hours by boat away from that location, it might become tricky to loose the connection while adding the interface to the bridge.

Other than that what “looks” weird?