L3HW traffic monitoring

mikronoob89 · February 29, 2024, 1:40am

Hi dears.
Partial noon here

I implemented the L3HW on the CCR2216. It works great! My CPU dropped to near zero percent from 72 percent!!

But now I lost the ability to monitor my subinterface traffics. I work in an ISP and is mandatory for me to monitor my traffic on “per-user” basis.

I have only one 100G interface for both up and downstream traffic.

I tried mirroring the traffic to CPU. Then the monitoring works, but the CPU goes up again. What’s the solution for this?

mkx · February 29, 2024, 6:11am

There is no solution for this. L3HW offload implementation doesn’t provide any detailed statistics, so if you need it, then … well, you unfortunately can’t use L3HW offload.

raimondsp · March 1, 2024, 8:41am

Hi,

What’s the problem with mirroring? It increases CPU usage since packets enter the CPU. However, unlike the software routing, the CPU does not throttle the performance in the case of mirroring. For instance, if the CPU can handle 10G while the actual traffic rate is 50G, all 50G will get hardware-routed while only 10G gets mirrored to the CPU (the rest is tail-dropped from CPU queues). But if you need to monitor 100% traffic, then I see no other way but disabling L3HW and throttling bandwidth down to the CPU capabilities.

nz_monkey · March 1, 2024, 11:31pm

Hi raimondsp

Hardware level traffic sampling on the Marvell ASIC’s to netflow/sflow would be the optimal solution, to quote you "Hardware traffic sampling and QoS are the next major features that we consider implementing after the finalization of IPv6 L3HW. "

Is this still on the high priority list ?

It will allow exporting of flow information to DDoS systems well as well as flow accounting systems like nfacct that are widely used.

mikronoob89 · March 12, 2024, 7:10am

Hi. Sorry for late reply. I didn’t check the email

I tried mirroring it too. The CPU went to 70% again. I don’t get it.

mikronoob89 · March 12, 2024, 7:13am

Hi.

Dear, do you know if it is on the “to-do list” of Mikrotik developers?

raimondsp · March 13, 2024, 6:45am

Hey there,

We are currently finalizing hardware QoS implementation. I wouldn’t say traffic sampling is the next big feature in line, but it is on the roadmap.

nz_monkey · May 17, 2024, 5:09am

Thanks raimondsp, it is great to know it is on the roadmap.

jtommasi · August 2, 2024, 12:35pm

Hi there,

Is there any news about traffic flow for L3HW ?

wahezu · August 1, 2025, 8:06am

Hey,

Any news regarding netflow reporting while using HW offload?