High CPU usage.

erlan · April 6, 2018, 8:46am

Help to deal with the problem of high load (up to 100%) of the processor on the CRS112-8G-4S.
There are up to 10 pppoe customers.
CPU Usage.PNG

krautzj · April 6, 2018, 10:03am

Even though the CRS112-8G-4S can be configured to be a router and firewall, it is not well suited for it. I think you’ll find the problem you have with the high load on the CPU is because the CPU in the CRS112-8G-4S is simply not powerful enough for queues and firewall rules. You would have better results if the routing, queues and firewalls were done by a dedicated router, and the switch was used only for switching.

From looking at your firewall rules it seems like you must already have a router somewhere that manages Internet access. You could try moving some of your configuration to that device and see if it helps.

CZFan · April 6, 2018, 1:41pm

I think your firewall rules can be improved upon, i.e. your very first 2 rules are incorrect and will never work as expected, they are the wrong way around.

Also try making use of fasttrack in firewall to reduce CPU usage

BartoszP · April 6, 2018, 1:49pm

Or disable rule #7 to check if usage will drop? There are lots of packets “firing” this rule.

blajah · April 6, 2018, 5:30pm

Do you have default deny rule in input chain? What is in your connection tracking table? Sources you added to address list, you can drop in RAW firewall.

aacable · April 7, 2018, 6:46am

in one case I found a script that was running continuously caused high cpu usage.

mistry7 · April 7, 2018, 8:50am

You Choose a frong device for this job,
How fast is your Upstream connection?

erlan · April 8, 2018, 4:31pm

I already dasbled all the rules, but it did not give a positive result

Tell me which one?

15Mb/s

raidu · April 8, 2018, 7:57pm

Sorry, but this device is not meant to handle any tunneling and the CPU load you are experiencing is normal.
The CRS112-8G-4S is a routing capable switch, where the routing function is mainly for management purposes.

The cheapest MT device that would handle some tunneling is the RB750Gr3 ie. HEX

Steveocee · April 9, 2018, 10:16am

I regularly see CRS112’s hitting 100% on the CPU just from an SNMP call. I even see my one at home doing 80% just from viewing it in Winbox. Others have pointed out optimisations for you but you should probably invest and replace the device with either an RB2011 or RB3011.

poizzon · April 11, 2018, 9:11pm

https://youtu.be/3LmQYIQ5RoA?t=843

Sometimes the situation is not going to happen to you?

Cartman · February 14, 2019, 6:54pm

OK, I know the thread is a bit older, nut I have the same problem.
Already took a RB2011 for routing and load balancing and let
the crs112 do the switching, but is´nt there a device that does
it all?
What about the CRS328-24P ? It is a bit bigger, but that shoud not
be a problem as long as it can do the routing without reaching
its limits.
I need a device that can do load balancing for two WANs and
switching for 6 connected devices (now Groove, might change).
AND: It has to provide power for the connected device. There are
not too many RBs with such many PoE-outs.
The CRS328 also has only one CPU, would that be enough ?

Thanks for your replies.
Wayne

Dude2048 · February 14, 2019, 7:06pm

Buy a ccr.