Hello,
i want buy a crs326-24g-2s+rm but i need to limit known/unknown unicast,multicast,broadcast traffic to X% and if exceed more than this limit or drop it,
i see some article on wiki.mikrotik.com but it seems it can only limit unknown unicast, can anyone help me regarding this?
thanks
In Firewall Filter, you can create a rule with packet limit per sec, etc. not %. On this rule you can then select src / dst address type as unicast, broadcast, etc. Look under the “Extra” tab
hi,
just another question if i use swos or routeros on crs326 it cause any difference on speed performance?
thanks
is a switch, the best way to do it s using switching features
i think routeros gives you more functionality, no performance difference
very important to use switching done by hardware to get wirespeed performance
in routeros 6.43rc32 you can to this by hardware switching at wire speed:
disable unknown unicast, and unknown multicast on a per port basis
limit unknown unicast, and unknown multicast and broadcast to 1% of actual port speed
isolate ports
but when i send an email to support@mikrotik.com and ask them what performance do i get if i add 4-5 firewall rules,
they told me i should expect ethernet result on datasheet so its too much low , so are you sure there is no difference in performance between routeros and swos ?
because i need to use switching feature only and add 4-5 firewall rules or acl,
thanks
firewall rules and switch ACL are not the same
understood,
so if i use routeros and use only switch tab i have full performance and if i use firewall rules or etc my performance will degree, right?
yes
to limit storms to 1 % of link speed make this
https://wiki.mikrotik.com/wiki/Manual:CRS3xx_series_switches#Traffic_Storm_Control
you can try “unknown unicast flood” and “unknow multicast flood” bridge port options, they work without loosing hardware acceleration and help to reduce storms
with RouterOS v6.43rc32 you can do port isolation
https://wiki.mikrotik.com/wiki/Manual:CRS3xx_series_switches#Port_isolation