I have an RB1000u as a firewall/gateway for 2 servers at a DC… I’m experiencing some high levels of CPU on it and I’m not sure why.
It’s connected to a 100mbit uplink but the bandwidth and pps aren’t that high. CPU is at 20% for about 3-5mbit average.
Are there any tips that you can share that will help with CPU reductions?
I’m not running BGP, no VPN and traffic is primarily web, dns, mail… It’s running ROS v.4.5. Upgrade to 4.11 is pending but I don’t want to do it remotely.
What are the configuration details? Layer 7 inspection in firewall rules is expensive, so are inefficient firewall rule sets in general. The RB1000 has some hardware offloading for encryption, but deals with different algorithms differently. Queuing can be expensive. PPS is as importan as bandwidth used - if the router is experiencing a flood of packets with a 1 byte payload the throughput can look deceptively low for the processing it had to do.
Those are rough ideas. It’s impossible to give you anything else without a network topology and details on what the router is doing, and how.
Hi Fewi,
How do you think, what hardware is best for RouterOS, If I dont use VPN? Im using RB1000U for broadband internet service with hotspot and PPPoE services. I found some vendors, that made for routerOS.
What is better?
MikrotikRouter.com and Link Technologies are the same company. Same product. They’re just selling an Axiomtek NA-820. Look at this thread for more info.
http://forum.mikrotik.com/t/x86-hardware-requirement-as-per-the-scenario/40285/6
I’m not sure what the other companies use to make their products. If you’re looking for those types of products you probably just want to look at network appliances from Axiomtek, Lanner, or Portwell.
Thank you blake