Hello,
i have some CCR 1036 8G 2S+ and CCR 1036 4S so i want see if i create many vlans under my switch uplinks for example 500 or 1000 vlans , is it cause any problem such as high cpu usages ?
i talk with some tech guys they told me add new vlan and having many vlans on your routers does not cause high cpu or such things because you have created for example 500 or 1000 vlans under a interface,
is it correct?
thanks
I dont think there should be any issue. My Australian ISP has several CCR1036 and each customer is connected via separate VLAN interface (and single /32 route). with 580 customers (and around 500-1000Mbit of stable uplink traffic) on a single router there is less than 10% overall utilization and that includes 280 customers behind CGNAT (NAT performed by the router) and 300 customers with public IP (so just routing, no NAT-ing)
Obviously, some basic firewall rules are applied as well as queues for everyone.
If i remember correctly, earlier this year they had over 1k users on single router and the utilization was not significantly worse.
as i know it should not have any issues,
so mentioned that your isp first of the year has 1k users with one vlan per customer so about 1000vlans ona single ccr 1036 ?
then cpu utilization was around %10-20
its really good. but i will apperciate if others give me suggestion i want make sure of this.
hi,
we have some ccr with 8k plus stacked vlans/bridges/ports - it works fine in things of layer 2, when you respect the proper filtering for broadcasts.
the only thing which really sucks, is the performance/stability of winbox, because it loads all interfaces first and makes no ‘lazy load’ on only visible content - also it tries to update all numbers in realtime, which makes high load on the ccr only for management. so the usage latency is pretty high and sometimes it crashes - also when you do some admin change were you have to select a interface of a list of several k, it’s a little bit confusing and not so responsive 
we tried it first with crs, but they never performed (switch chip features are not all implemented yet and real off-load q-in-q support with multiple bridges is not possible - only in sw) nor were stable itself - ccr works fine in production in the appropriate configuration.
- i know i do not have 8k vlan or ports on a single router
maybe i havemax up to 1000vlans
so your mean is if i have for example maybe K (thousands) vlans on a same router maybe winbox cause high load because it loads all interface in realtime , otherwise they work pretty fine, right? so we can manage router by ssh in that case like cisco.
so the only things you know it as issue that is if i have many thousands vlans on same router maybe winbox cause issue, righjt? in that i case i think if i have around 500-1k vlans it should works fine does not it? because you mention you had 8k vlan/bridge/stack ports. - can you exaplin me about proper broadcast filtering, how can i protect it?
thanks
Hi does not write he has 8K vlan, but 8k with ports/bridges/vlan. This could just mean 2 Vlan.
Maks Vlan numer are 4096, but you can off course have Vlan in Vlan to get more Vlan
ok,
as i understand now, if i have 1k or 2k on my ccr 1036 it has no issue right?
on an average box we have about 1000 outer vlans, in each than 1 to 4 inner vlans - this is all not a problem in production environment as described above, as long as you don’t like to fiddle with winbox.
but you have to take care, what you are exactly doing with it. alone the broadcasts of this number of vlans can make a gigabit interface busy easily, when not taking care of the ingress traffic. ingress filtering doesn’t solve the problem, because than it’s already on your interface - you have to eliminate unneeded traffic on the various egresses, before it reaches your cumulated ingress.
also keep in mind, that the box has to learn the mac-addresses of the vlan clients - and the mac table is not endless nor the available ram based on our lab-testing some years ago. we are able to limit the learned number of macs per vlan to two with discarding older ones, but when you don’t limit this, you will run in stress i guess.
in things of performance on a ccr, we never had a problem, when we were respecting above parameters.