Just yesterday I received my RB5009UG+S+ and I am trying to set up Hardware offloading for Layer 3 routing. I upgraded to RouterOS 7.17.
According to the online docs, I should be able to enter these commands in the terminal
/interface/ethernet/switch set 0 l3-hw-offloading=yes
/interface/ethernet/switch/port set [find] l3-hw-offloading=yes
But instead I get this:
[admin@MikroTik] > /interface/ethernet/switch set 0 l3-hw-offloading=yes
expected end of command (line 1 column 34)
So then I start entering parts of the command one by one. I get to:
[admin@MikroTik] /interface/ethernet/switch> set 0 l3-hw-offloading=yes
expected end of command (line 1 column 7)
I am thinking it might be the new firmware version since it's got a completely different web interface I am wondering if the CLI has changed as well.
Anyhow, looking for help on getting the hardware offloading enabled for routing. It's agonizingly slow right now. And if this model won't support HW Offloading then this is going right back to Amazon...
Then please let me know which Amazon platform you’re returning it to – maybe I can grab the RB5009 at a good price in the Amazon resale section. One person’s loss is another’s gain.
I’m bummed. This is a great router otherwise. But I need the L3 hardware acceleration. With my application, the way it is right now is just way to slow and unusable. I can’t even load a web page from a device on the second network. My previous $100 Ubiquiti Edge Router has hardware acceleration. Guess I will go back to that. Really surprised it does not have acceleration.
Thanks everyone for the replies. I appreciate it. This is really too bad. Great device otherwise. Already have it removed from my network and boxed up.
Oh no. It was tremendously slow. Connectivity was there. Just extremely slow. Unless there is something more to do in this device than just setting a static route in the routing table.
Put my EdgeRouter X back in (which has hardware offloading) and everything is working great.
Really wanted to use this to take advantage of my available 2Gbit download speed.
And let’s put it this way - if there’s something else I need to do to speed up the routing across the router, then great. I would love to keep it.
Let me explain my network.
I have a main LAN in the 192.168.0.0/23 subnet.
I have multiple VLANs that are all segments of the 10.0.0.0 subnet. These VLANs are all established on a Layer 3 managed switch with an IP of 192.168.1.198. The VLANs handle IGMP multicast video data.
If I am entering a static route in Windows, it would be something like this:
route add 10.0.0.0 mask 255.0.0.0 192.168.1.198
I set up a similar routing entry in the MikroTik router:
10.0.0.0/8 with a next hop of 192.168.1.198
Routing into those VLANs was painfully slow. Connections were there but it felt more like 300 baud dialup than gigabit ethernet.
Exact same setup with my Ubiquity EdgeRouterX has no issue with speed. The EdgeRouter X has hardware offloading and I remember I had a horrible speed issue with it until I enabled that. Now it works great. I just have multi-gigabit internet now and my cable modem has a 2.5Gbit connection. So the MikroTik device was great - 2.5 Gbit from the modem to the router and 10 Gbit SFP down to my switch..
Again, happy to give this thing another try before I ship it back if someone can point out something else I need to do with the routing setup.
It’s not 2gbit of traffic. It’s handling the routing between my LAN and my VLANs. Speed across the LAN and out to the internet was fine. I was able to run speed tests from multiple computers and was easily getting close to 2 Gbit. It’s the routing where it breaks down.
And please suggest an idea of what you think it might be that was misconfigured. Here’s all that was done on the unit:
changed the LAN IP address from 192.168.88.1 to 192.168.1.1
You seem likely to have done all of this already but just in case…
Remove sfp+ from bridge
Give sfp+ an IP address, and switch port/vlan? at other end an IP address.
Make the sfp+ interface a member of the LAN interface list.
But if you need lots of gigs of intervlan routing, it isn’t going to do it.
You could maybe put your lan behind the L3 switch, and have the router just
doing gateway routing.
I haven’t given IP addresses to the specific interfaces. When I’m using maximum data, I’m pulling a total of about 600 Mb/s from maybe 10 different VLANs.
But your comment about basically making the L3 switch the LAN router has a lot of merit. The switch is obviously able to handle routing all the traffic and there’s really no need to do my local routing through an extra interface. And the L3 switch has a 0.0.0.0 route to the gateway anyhow so any non-LAN traffic would get routed outward.
I need to think about this as this changes my calculus somewhat…
I have no problems routing between VLANs at 2.5Gbps (the limit of ether1) on the RB5009. How did you configure the VLANs on it? Maybe you can post your configs here?
Your EdgeRouter X has the hardware equivalent to the hEX RB750Gr3, with the same MediaTek MT7621 chip.
But you still need to configure the VLAN interfaces on the router, plus the trunk port, if you want the RB5009 to route (L3) traffic between the VLANs.
I think your current problem is that you are getting triangular routing.
(which is probably why hardware offload is good, as it is likely not stateful)
From Device on 192.168.1.x network to 10.0.0.0/8 likely goes from device to 5009 then to Switch then to 10.x.x.x device.
(Hopefully often the 5009 will issue a redirect so traffic from device on 192.168.1.x will know to go direct to Switch, but
device might well ignore it)
Return traffic goes from 10.x.x.x to switch and then direct to the device on 192.168.1.x bypassing the 5009
Assuming near default config.
Triangular routing will cause the default invalid rule to drop packets.
These connections never get properly completed in the 5009, as it never sees the return traffic.
There are a couple of options:
Rejig the network so the switch comes directly into the 5009 on a different subnet, so traffic in both directions has to traverse the 5009.
You could try using a couple of raw rules to hopefully bypass most of the firewall.
rule 1:
in interface = bridge, src ip address=192.168.1.0/24 dest ip address = 10.0.0.0/8 action = notrack
rule 2
in interface = bridge, src ip address=10.0.0.0/8 dest ip address = 192.168.1.0/24 action = notrack
This with luck should cause the default filter fasttrack rule and accept rule (immediately after fasttrack rule) to process these packets.
(And hopefully no other rules)
These 2 default filter rules should by accept established, related and notrack packets.
If not already done, you could perhaps put some sort of null route on the switch so you don’t wind up with packets to unconnected 10.x.x.x subnets
just bouncing between the switch and the router until their ttl runs out.