CRS125-24G-1S-2HnD slow switching

RouterOS General
1

As the topic says, I have a CRS125-24G-1S-2HnD that I am trying to use strictly as a switch, with no routing going on. I have everything configured and all of my ports are communicating, but I am not getting anywhere near the speed I’m supposed to be via this connection. All ports are negotiated at full duplex 1Gbps, and performance without this switch in place is where it’s supposed to be. What’s strange is clients who are on the same switch perform fine, but having to make a connection to something outside the switch suffers terribly. Not sure what I’m doing wrong so any help would be appreciated.

iperf results for clients on the same switch:

------------------------------------------------------------
Client connecting to 192.168.10.56, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  3] local 192.168.10.15 port 49642 connected with 192.168.10.56 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3] 0.0000-60.0015 sec  6.56 GBytes   939 Mbits/sec

iperf results for a client through the switch downlink:

------------------------------------------------------------
Client connecting to 192.168.10.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  3] local 192.168.10.15 port 40068 connected with 192.168.10.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3] 0.0000-60.0991 sec   649 MBytes  90.5 Mbits/sec

Config dump:

# apr/02/2023 13:27:07 by RouterOS 7.8
# software id = U83F-BPW2
#
# model = CRS125-24G-1S-2HnD
# serial number = 496E0281735E
/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=ether2 ] speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
set [ find default-name=ether6 ] speed=100Mbps
set [ find default-name=ether7 ] speed=100Mbps
set [ find default-name=ether8 ] speed=100Mbps
set [ find default-name=ether9 ] speed=100Mbps
set [ find default-name=ether10 ] speed=100Mbps
set [ find default-name=ether11 ] speed=100Mbps
set [ find default-name=ether12 ] speed=100Mbps
set [ find default-name=ether13 ] speed=100Mbps
set [ find default-name=ether14 ] speed=100Mbps
set [ find default-name=ether15 ] speed=100Mbps
set [ find default-name=ether16 ] speed=100Mbps
set [ find default-name=ether17 ] speed=100Mbps
set [ find default-name=ether18 ] speed=100Mbps
set [ find default-name=ether19 ] speed=100Mbps
set [ find default-name=ether20 ] speed=100Mbps
set [ find default-name=ether21 ] speed=100Mbps
set [ find default-name=ether22 ] speed=100Mbps
set [ find default-name=ether23 ] comment="Uplink to Unifi workbench switch" speed=100Mbps
set [ find default-name=ether24 ] comment="Downlink to MoCA adapter" speed=100Mbps
set [ find default-name=sfp1 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 country=no_country_set frequency-mode=manual-txpower ssid=MikroTik station-roaming=enabled
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/port
set 0 name=serial0
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/interface bridge port
add bridge=bridge1 interface=all
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface ethernet switch egress-vlan-tag
add tagged-ports=ether24 vlan-id=10
/interface ethernet switch ingress-vlan-translation
add customer-vid=0 new-customer-vid=10 ports=ether1,ether2
/interface ethernet switch vlan
add ports=ether1,ether2,ether24 vlan-id=10
/interface ovpn-server server
set auth=sha1,md5
/ip address
add address=192.168.0.8/24 interface=ether24 network=192.168.0.0
/ip dns
set servers=192.168.0.1
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=192.168.0.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/lcd interface pages
set 0 interfaces=wlan1
/system clock
set time-zone-autodetect=no time-zone-name=America/New_York

The speed=100Mbps concerns me but from what I can find that is just the default speed if auto-negotiate failed. Winbox shows all ports are linked at 1Gbps.

2

These parts worry me:

/interface bridge port
add bridge=bridge1 > interface=all

/ip address
add address=192.168.0.8/24 > interface=ether24 > network=192.168.0.0

I’d add each interface separately as bridge port. And definitely move address to bridge interface … this probably doesn’t affect switching speed, but it’s wrong never the less.

I can’t judge if the VLAN stuff is done correctly but I have doubts. So you may want to read this tutorial, it explains nicely different personalities of bridge.

That speed=100Mbps on ethernet ports is very likely remnant of an old ROS (which had this setting as default), you can (safely) get rid of it by running command

/interface ethernet
set [ find ] speed=1Gbps

But, as you already figured, this setting is only relevant when auto-negotiation is set to no.

3

Not sure what exactly did it, likely a combination of things I suspect, but all is working now. When I upgraded to RouterOS 7 I didn’t also do the RouterBOARD upgrade. That is done now, I moved the network address directly to the bridge as suggested, and only added needed bridge ports. I did have to make some VLAN changes as well with the new RB version, but with that all set I’m getting full speeds through the switch now. Updated config dump just in case anyone is curious:

# apr/03/2023 19:21:50 by RouterOS 7.8
# software id = U83F-BPW2
#
# model = CRS125-24G-1S-2HnD
# serial number = 496E0281735E
/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether23 ] comment="Uplink to Unifi workbench switch"
set [ find default-name=ether24 ] comment="Downlink to MoCA adapter"
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 country=no_country_set frequency-mode=manual-txpower ssid=MikroTik station-roaming=enabled
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/port
set 0 name=serial0
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether23
add bridge=bridge1 interface=ether24
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface ethernet switch egress-vlan-tag
add tagged-ports=ether23,ether24 vlan-id=10
/interface ethernet switch ingress-vlan-translation
add customer-vid=0 new-customer-vid=10 ports=ether1,ether2
/interface ethernet switch vlan
add ports=ether1,ether2,ether23,ether24 vlan-id=10
/interface ovpn-server server
set auth=sha1,md5
/ip address
add address=192.168.0.8/24 interface=bridge1 network=192.168.0.0
/ip dns
set servers=192.168.0.1
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=192.168.0.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/lcd interface pages
set 0 interfaces=wlan1
/system clock
set time-zone-autodetect=no time-zone-name=America/New_York