I think I read all of the post about hw offloading already and also went multiple times through https://help.mikrotik.com/docs/display/ROS/L3+Hardware+Offloading to have a good understanding how it should work. Also I am aware that the CRS310 is a switch with poor routing performance - but I wanted to use it as an example to test my 10Gbit fiber connection towards my ISP using l3-hw-offloading to gain near wire speed.
The issue is, I am not able to bring l3-hw-offloading to work and I am out of ideas.
The following configuration works fine (l3-hw-offloading=no) but with poor performance with 100% cpu utilization on /tools/profile and about 500mbit speed testing from sfp-sfpplus2 (RJ45 10Gbit) to sfp-sfpplus1 (10Gbit fiber - ISP):
# 2024-08-25 08:37:52 by RouterOS 7.15.3
# software id = 6QMK-65QJ
#
# model = CRS310-8G+2S+
# serial number = HG209JDP7ZV
/interface bridge
add name=bridge1 pvid=10 vlan-filtering=yes
/interface vlan
add interface=bridge1 name=vlan10 vlan-id=10
add interface=bridge1 name=vlan20 vlan-id=20
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=192.168.22.20-192.168.22.254
/ip dhcp-server
add address-pool=dhcp_pool0 interface=vlan20 name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether2 pvid=20
add bridge=bridge1 interface=ether3 pvid=20
add bridge=bridge1 interface=ether4 pvid=20
add bridge=bridge1 interface=ether5 pvid=20
add bridge=bridge1 interface=ether6 pvid=20
add bridge=bridge1 interface=ether7 pvid=20
add bridge=bridge1 interface=ether8 pvid=20
add bridge=bridge1 interface=sfp-sfpplus1 pvid=10
add bridge=bridge1 interface=sfp-sfpplus2 pvid=20
/interface bridge settings
set use-ip-firewall=yes
/ip settings
set rp-filter=loose
/interface bridge vlan
add bridge=bridge1 tagged=bridge1 untagged=sfp-sfpplus1 vlan-ids=10
add bridge=bridge1 tagged=bridge1 untagged=ether2,ether3,ether4,ether5,ether6,ether7,ether8,sfp-sfpplus2 vlan-ids=20
# /interface ethernet switch
# set 0 l3-hw-offloading=yes
/ip address
add address=192.168.88.1/24 interface=ether1 network=192.168.88.0
add address=192.168.22.1/24 interface=vlan20 network=192.168.22.0
/ip dhcp-client
add interface=vlan10
/ip dhcp-server network
add address=192.168.22.0/24 dns-server=8.8.8.8 gateway=192.168.22.1
/ip dns
set allow-remote-requests=yes servers=1.1.1.1,8.8.8.8
/ip firewall filter
add action=accept chain=input connection-state=established,related
add action=accept chain=forward in-interface=vlan20 out-interface=vlan10
add action=drop chain=input in-interface=vlan10
/ip firewall nat
add action=masquerade chain=srcnat out-interface=vlan10
/ip service
set telnet disabled=yes
set ftp disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Zurich
/system note
set show-at-login=no
/system ntp client
set enabled=yes
/system routerboard settings
set boot-os=router-os
Now as soon I switch on l3-hw-offloading the connection to the internet drops.
/interface ethernet switch
set 0 l3-hw-offloading=yes
I can reach the public ip address assigned via dhcp client on vlan10, but not the next hop at my ISP anymore. Switching back to l3-hw-offloading=no, everything works fine,
Any ideas, what could be the issue?