I have a RB960PGS (hEX PoE) I have a number of firewall rules (22) and queues (14) and VPN.
My internet has recently been bumped to 200mbps. I cant get more than 115mbps before the router CPU pegs at 100%.
Overclocking the router to 1000mhz I get 135mbps. (All ethernet ports are at 1gbps)
A blank router hits 200mbps easy. It seems I’m CPU bound on the router.
I cant reduce the rules or queues or config, can you recommend a more powerful router?
Needs capsman, PoE and 5 ports min.
Official test results for RB960PGS indicate that this device is in real life capable of routing at around 320 Mbps give or take. Since your config is on the complex side, you’re hitting the ceiling already at 200Mbps.
So when skimming through list of Mikrotik devices, check test results: look at “Ethernet test results - Routing 25 ip filter rules - 512 byte packet size” and scale number shown by a factor of 0.6 to adjust to your rule set. Then select device which satisfies performance and other criteria.
Probably he has upgraded to RouterOS v7. That cuts the performance as well. The published figures of course are for RouterOS v6 so when you want to achieve those, install that.
Yes, netinstall version 6.49.7 and start from defaults. Observe what causes your performance drop, it may be that you are doing something wrong.
(e.g. w.r.t. the order of firewall rules, or using stupid things like L7 matching)
Also when you want a VPN, make sure you next buy a router that can do hardware acceleration of that VPN.
More modern devices can do accelerated IPsec, this older router does that in the CPU.