CRS310-8G+2S+IN - Low speed ISP

mesgas · May 17, 2024, 5:47pm

Hello everyone.

I’m a happy user of RB960PGS, I had it for many years with 1Gbps/500Mbps IPS link.
Since I can upgrade my internet connection to 2.5Gbps/1Gbps, I upgrade the routerboard with CRS310-8G+2S+IN. Here we have issues…

Negotiation on eth1 is 100Mbps Half Duplex, I tried replacing the patch cord and client, same behaviour.
I guess that’s DOA, so I connected the IPS to the eth2, negotiation 1Gbps Full Duplex (I haven’t upgraded the internet connection yet). Here we go I thought…

I configured everything, the internet came to clients, and I went for a speed test. Result 340 Mbps download, 550 Mbps upload.

Why download speed is 1/3 of the full capacity? Did I make some mistake configuring it?

Configuration is really simple, CPU load is around 3% with some spike to 12%. Memory utilization is 190 MiB

Pasting below the config:

[admin@MikroTik] > export
# 2024-05-17 19:34:42 by RouterOS 7.14.3
# software id = 0CMJ-65VK
#
# model = CRS310-8G+2S+
# serial number = HFGXXXHNXX
/interface vlan
add interface=ether3 name=vlan-848 vlan-id=848
/interface pppoe-client
add add-default-route=yes disabled=no interface=vlan-848 max-mru=1498 max-mtu=1498 name=pppoe-out1 user=O2
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=dhcp_pool0 ranges=192.168.2.150-192.168.2.254
/ip dhcp-server
add address-pool=dhcp_pool0 interface=ether8 name=dhcp1
/ip address
add address=192.168.2.1/24 interface=ether8 network=192.168.2.0
/ip dhcp-server network
add address=192.168.2.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.2.1
/ip dns
set servers=8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
/ip route
add disabled=no distance=1 dst-address=192.168.2.0/24 gateway=88.x.x.x pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
    target-scope=10
add disabled=yes distance=1 dst-address=192.168.2.0/24 gateway=0.0.0.0 pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
/system clock
set time-zone-name=Europe/Prague
/system note
set show-at-login=no
/system routerboard settings
set boot-os=router-os
[admin@MikroTik] >

What can be the root cause?

I’m a Cisco and Aruba devices expert, but not at all about Mikrotik Just a basic knowledge to have internet, VLANs, and routing for home purposes.

PS. I will go for RMA on Monday.

tangent · May 17, 2024, 6:20pm

No, you downgraded from a router to a switch. Check the test results:

A proper ~2.5 Gbit/sec upgrade for a hEX class router is an RB5009. They’ve even got a PoE version now.

infabo · May 17, 2024, 6:53pm

yep, compare the Routing test results from your RB960PGS to the CRS. You downgraded actually. But now you have a very capable switch.

tangent · May 17, 2024, 8:38pm

If the purpose of getting the CRS310 is to have more 10G ports than an RB5009 gets you, you can connect these two together with a short DAC cable. Separating switching from routing is an excellent way to get the best speed. It segregates the 10G LAN traffic from that going out to the Internet through the router, where the bottleneck is 2.5G for all.

mesgas · May 17, 2024, 9:31pm

Thank you everyone, it’s clear now! I didn’t realize about poor performances…
I pointed to this model because I need 2 SFP+, the RB5009 has just one.
Does Mikrotik have a router with 2 SFP+ and 1 eth 2.5Gbps?

I don’t need switching, I already have an Aruba 1960 (JL806A).

I just need a “real” 10Gbps router.
Cisco is too expensive and Aruba doesn’t sell small routers.

Brand doesn’t matter.

Paternot · May 17, 2024, 11:03pm

You want at router with at least one SFP+ in and one SFP+ out?

The first one is the CCR2004-16G-2S+PC (desktop, passive cooled) or CCR2004-16G-2S+ (rack, active cooled). They are functionally the same - just a different form factor.
If You want to route 10Gbps, fast track will be needed. Otherwise I’d say You will get about 5Gbs routing out of this guy (25 ip rules, 512 byte size packets).

If for some reason that isn’t enough, there is the CCR2116-12G-4S+ - but You will pay for it.
4 SFP+ ports, should do 16Gbps routing, with 25 firewall rules and 512 byte packet size.

The one 2,5Gbps port is tricky, needing two SFP+ ports. But with two SFP+ ports one surely could use an external switch?

mesgas · May 18, 2024, 7:19am

I want to upgrade my routerboard because it doesn’t exceed 1 Gbps.

My ISP can give me max 2.5 Gbps, so I wouldn’t need a 10G link. My concern is about proactivity. I want to buy a device with 1 port WAN 10Gbps and 1 port LAN 10Gbps to avoid device upgrades in the future (if I can get a 5G or 10G link).
The WAN port must negotiate 1G/2.5G/5G/10G. The LAN port can negotiate 1G/10G, it doesn’t matter since my Aruba switch has 10Gbps SFP+ and 10BaseT ports.

Now, I had a look at CCR2004-16G-2S+ and it could be good enough for me, I don’t care about ETH ports since I have Layer2 on a dedicated device.
Do these SFP+ cages negotiate 1G/2.5G/5G/10G or just 1/10?
If I buy S+RJ10 transceiver, do I get all of these data rates? 10M, 100M, 1G, 2.5G, 5G, 10G

The RB5009, as I said, it’s already good enough right now, but not ready for the future.

Thank you all for your help here

Edit. I think the best choice is a different brand. Mikrotik, unfortunately, doesn’t have competitive routers. A router with ports like CRS310 would be the best thing ever in the market (of course with a competitive price). I understand 1Gbps at home is fine, but the market is moving forward, and 2.5Gbps is the lowest standard acceptable for buying new devices. Even access points have 2.5G connection.
Maybe the NETGEAR PR60X would be the best choice at the moment, or maybe I’ll wait for new devices. I’m a bit confused

Paternot · May 18, 2024, 1:04pm

With at least two SFP+ ports the only options are these routers. I think Mikrotik is missing a trick here too, but makes no difference at the moment.

Future proofing makes sense when we think there will be a near future need, or the price isn’t much of a difference. You just said the 5009 is good enough for now/near future. The alternatives cost about 3x its price. Why make this investment now? Get one RB5009 and use it today. When the time to upgrade come, there will (probably) better models on the market anyway.

Unless your “for the future” is twelve months from now.

tangent · May 18, 2024, 3:18pm

Either you have a strange definition of “competitive,” or you’re trolling. You offer a $700 NetGear router as an alternative to a $465 MT unit and call the latter non-competitive?

Now go and compare their OS feature sets — not merely top-line speeds-and-feeds — and discover that it’s not even a fair comparison. IPsec only for VPN? No SSH? No option to provide a local TLS certificate on its HTTP management interface to avoid the browser’s self-signed cert warning? 8 VLANs max? This isn’t a “pro” router, it’s an overfed home router, as befits its NetGear heritage.

For $700, you can keep the CRS310, strap it to an RB5009, and still come out ahead, both on features and up-front cost.

I wouldn’t even give you NetGear’s simpler UI as a worthwhile consideration here, since even though its lack of features will make configuration easier, you’re here telling us future expansion is an important consideration. On that basis, you want the router with OS features you haven’t even worked out that you might need yet. You can’t argue that it’s sensible to limit yourself to only the OS features you definitely need today while simultaneously making an N-years-in-the-future argument about 2.5 vs 10G WAN ports.

anav · May 18, 2024, 4:07pm

Concur with tangent,
Why would you try and make the CRS3 Model, which is an excellent switch and exactly what you need, into a router???

The RB5009 can accept 2.5 gig from the ISP as it is, and can transfer to the switch using its SFP+ port.
When the day comes and your ISP offers 10Gig connection, I dare say there will plenty of Router Models that will meet the requirements.
Not only that, the RB5009 will still be decent for many many other locations.

infabo · May 18, 2024, 7:07pm

OP is trolling…

mesgas · May 19, 2024, 9:29am

Guys, you are all right, thanks for clearing my ideas. It’s better to save money now by buying the RB5009 (which is good enough right now) instead of something expensive that will be EOL when and if needed.
The overcompensation came because my network is 10G ready, and I don’t want to waste money over years upgrading devices. So, I wanted to keep the 10G ready network.

I’ll return the CRS310 and buy the RB5009.

I saw also CCR2004-1G-12S+2XS, which is scalable on needs with transceivers. Would you stick your mind with the RB5009?

Now go and compare their OS feature sets — not merely top-line speeds-and-feeds — and discover that it’s not even a fair comparison. IPsec only for VPN? No SSH? No option to provide a local TLS certificate on its HTTP management interface to avoid the browser’s self-signed cert warning? 8 VLANs max? This isn’t a “pro” router, it’s an overfed home router, as befits its NetGear heritage.

That’s why my first choice is Mikrotik, and why I’m here discussing with Mikrotik experts

Why would you try and make the CRS3 Model, which is an excellent switch and exactly what you need, into a router???

Because basically, I need just one static route, from one of my networks to the cloud, others are handled on the QNAP. The device description says that it can handle routing, and I thought that 1 static route at 2.5G would be fine. It didn’t reach even 0.5G
Now I know it

OP is trolling…

Thank you again everyone for helping beginners

Paternot · May 19, 2024, 12:10pm

Beware that the RB5009 has ONE SFP+ port and ONE 2,5Gb port - the others are all gigabit. If it’s enough for you, then problem solved.

About the CCR2004
https://mikrotik.com/product/ccr2004_1g_12s_2xs#fndtn-downloads

Take a close look at the device. It has only SFP+ ports. Yes, we have one management gigabit port. But its quite common (not always, but common) to ports called “management port” to have limited possibilities and speed. They are (usually) made to manage the device, not to pass heavy traffic. I can’t comment on this one, since I have no experience with this specific device.

Yes, You can plug ethernet SFP+ modules on it. Yes, they work at 1Gbps and beyond (at least should). They also get quite hot.

I don’t know if I would stick with the RB5009 or the CCR2004. It all depends on what You need, how much You can find them selling for and growth perspective for the near/medium future. 10% price difference? CCR2004, no brainer. Twice as expensive than RB5009? Well, the RB5009 can route 2,5Gbps, no problems. Will You need to route more than this on the next (say) 3 years?

If all You need is a router to reach the cloud… get the RB5009.
If You want to run several containers and/or weird and heavier loads… get the CCR2004.

tangent · May 19, 2024, 2:01pm

This is why I suggested segregating switching from routing, with 10G on the LAN side bottle-necking to 2.5G at the WAN link.

Let’s use the QNAP NAS you brought up as an example. If that has a 10G port on it, it can feed something over 1G to a collection of 1G clients. (It likely can’t fill a 10G pipe from disk all on its own, but that’s off-topic here.) If you have a client with a 10G link of its own, it may be able to peg the QNAP’s limits all by itself.

The thing is, none of this tells you that the WAN has to be 10G as well. Most of that 10G traffic on the LAN side remains on the LAN, and only sometimes does a LAN client go out to the Internet and grab something.

You can try to put the switching into the router, but that only works as long as you’re able to keep the LAN-side load off the switch’s CPU, by using its switch chip capabilities. That isn’t always possible, and then you’ve got purely LAN traffic loading the router’s CPU. Now you need a router with CPU capable of sustaining 10G transfers, else you’re back to being unsatisfied with the result. Segregating switching from routing is cheaper and easier than getting it all working together in a single box.

I saw also CCR2004-1G-12S+2XS

As Paternot points out, you have to add the cost of the SFP+ modules you need to its $595 base cost.

Atop that, this unit seems simultaneously overkill and “underkill” for your purposes. You have no need for 25G in your current network, but at the same time, the single-stream performance of this router is in the 3-4G range, not 10G, so unless you’re aggregating traffic from multiple hosts, it still won’t get you 10G WAN performance. (This is why the official test results do an “all port” test.)

Another thing you should consider: you’re planning for 10G Internet today, but you don’t say how soon you expect that to be available. My expectation is that just as we plateaued at 1G Internet as the highest level you could expect for reasonable money for something like a decade, we’ll be plateaued at 2.5G for quite a long time, too. If that situation recurs, do you really want to be stuck on a decade-old router when 10G Internet becomes affordable?

Capacity planning makes sense on the LAN side where you have kilometers of in-wall cable to amortize, but that last-meter WAN link to the fiber ONT or whatever doesn’t have the same cost equation associated.

tangent · May 19, 2024, 2:30pm

I think you should keep the CRS310 and extend your existing network like this:

The thick arrows represent an aggregation of multiple links, to contrast them with the single-link arrows.

This leaves you with a single spare 10G SFP+ port, presumably for that QNAP NAS you brought up. If you plan to add more 10G clients, you’d want something more powerful in the middle. The new CRS326-4C+20G+2Q+RM would do that and replace your old Aruba switch besides.

You could use the 1G ports in the RB5009 to implement a DMZ, or simply to have some “edge” ports near the Internet modem without needing to run separate lines back to either the Aruba or CRS310 switches.

mesgas · May 19, 2024, 3:27pm

That’s what I have in mind,

The Aruba 1960, has already 4 10G ports, 2 10G BaseT and 2 10G SFP+
The QNAP has 2 ports 2.5G and I added 1 10GBaseT through PCI, and it’s already connected to the Aruba.
I will use one of the Aruba SFP+ ports for the link to the RB5009, and the other BaseT to the client that needs 10G. So, I still have one spare SFP+.

Connected to the 1960, I have an Aruba 1930 (JL680A) with 2G port-channel (1Gx2) located in another room.

The QNAP is a TS-473A, I move 100GB files often, and with a gigabit link the transfer lasts 20 to 25 mins and it’s annoying . Using M.2 SSD there is no HDD bottleneck anymore.

I will also consider the CRS326-4C+20G+2Q+RM, it’s interesting. Not now, but when I have more 2.5G clients I’ll consider it.
Thank you all for your clarification. I know what to do now everything is clear.

Does Mikrotik have published books to learn RouterOS and their devices?

infabo · May 19, 2024, 3:54pm

One book I can recommend - though its about basic security - is the only book I read about ROS: “MikroTik Security Guide” by Tyler Hart (ISBN: 978-1549893407). IMHO the best source to read about specific topics: https://help.mikrotik.com/docs/

Paternot · May 19, 2024, 9:33pm

Books I don’t know - but their site has a lot of info about the devices, including speed tests and block diagram.
https://mikrotik.com/products

mesgas · May 22, 2024, 3:57pm

Thank you everyone for helping.

The RB5009 is installed and configured. Internet speed is even better than RB960PGS (I gained 150 Mbps on 1G link more or less).
Friday the ISP engineer will come to replace the ONT and I’ll have the 2.5G, and I’ll test the full speed then.

Thanks again
Keep you posted