I’ve inherited a few RB532s with RouterOS 2.9.x which experience high CPU load dependent on traffic volume.
My opinion is that the use of connection tracking, VRFs (At least from what I understand of the separate routing tables and route rules in RouterOS it sounds like VRFs) are contributing to the high CPU load.
These routers at most have 15MBps going through them.
I stopped connection tracking on one router since NAT isn’t used on it but I can’t on another since there is at least one dstnat rule in place.
Is connection tracking/NAT/VRFs the case of the high CPU load? Is there anything I can do?
On a side note is there a way to view a routers configuration in it’s entirety on the console?
This would help me go as I analyze the current configuration of these routers. The previous operator seemed to have a penchant in leaving old configuration bits scattered around.
Thanks
How much did CPU load go down when you turned off connection tracking?
How many mangle rules do you have? How many firewall rules are there on that router? How many queues are there currently?
RouterBOARD 532 Specifications >
RouterBOARD 532 >
CPU > MIPS 32 4Kc based 266MHz (BIOS adjustable from 200 to 400MHz; 400MHz default and recommended) embedded processor
Memory > 32MB DDR onboard memory chip
Root loader > RouterBOOT, 1Mbit Flash chip
Data storage > 128MB onboard NAND memory chip
CompactFlash type I/II slot (also supports IBM/Hitachi Microdrive)
Ethernet ports > One IDT Korina 10/100 Mbit/s Fast Ethernet port supporting Auto-MDI/X
Two VIA VT6105 10/100 Mbit/s Fast Ethernet ports supporting Auto-MDI/X
MiniPCI slot > Two MiniPCI Type IIIA/IIIB slots
Daughterboard connector > Present
Serial ports > One DB9 RS232C asynchronous serial port
LEDs Power, 2 LED pairs for MiniPCI slots, 1 user LED
Watchdog IDT internal SoC hardware watchdog timer
Power options > IEEE802.3af Power over Ethernet: 12V or 48V DC
Power jack/header 6..22V or 25..56V DC jumper selectable. PoE does not support power over datalines
Dimensions > 14.0 cm x 14.0 cm (5.51 in x 5.51 in)
Temperature > Operational: -20°C to +70°C (-4°F to 158°F)
Humidity > Operational: 70% relative humidity (non-condensing)
Currently supported OS > RouterOS 2.9, Linux 2.4
RouterBOARD 532A > 64MB DDR onboard memory chip
Is the CPU at 400MHz?
Looking back at the CPU load history for these two routers, the router that no longer tracks connections always peaked at 60%. There hasn’t been a significant reduction in CPU load. The other router which is still tracking connections peaks at 90%.
These routers are running at 266Mhz. Is there a way to boost it? I have 32MB of RAM so it seems like an older rev of the RB532.
Thanks
I forgot to answer all your questions:
Filter/Mangle/Queues:
On the router with 60% CPU load:
I just disabled all of the filter and NAT rules. There are zero mangle rules. There are quite a few simple queues but they are all disabled. The interface queues are all ‘ethernet-default’
On the router with 90% CPU load:
No filter rules, 1 dstnat rule, and zero mangle rules. There are several simple queues only one is being used and it’s not necessary to have it enabled anyway.
The interface queues are all ‘ethernet-default’, except for two bridge interfaces that are ‘default’
Thanks