Mikrotik hEX Bandwith issue

sb101 · April 6, 2022, 11:29am

I recently purchased a brand new Mikrotik hEX RB750Gr3. I have a 200/200Mbps fibre line at home. Performing a speed test directly connected to the WAN (ONT) using my laptop I can verify the speed matches. However, when the router is connected to the ONT and I connect (via LAN) to the router, I get speeds in the range of 70/80Mbps.

Is there some default configuration in RouterOS that might be limiting this? I have made no configuration changes post-purchase.

anav · April 6, 2022, 12:46pm

NO, have you changed the configuration??

/export hide-sensitive file=anynameyouwish

Did you check your cables??

sb101 · April 6, 2022, 2:14pm

Only config change was related to IP ranges (from 192.168.88.. to 192.168.1..)

Cables all good, testing against ONT

# apr/06/2022 16:08:17 by RouterOS 6.49.5
# software id = YZ1G-CUG8
#
# model = RB750Gr3
# serial number = CC210EABA9A9
/interface bridge
add admin-mac=2C:C8:1B:C4:A3:CE auto-mac=no comment=defconf name=bridge
/interface ethernet
set [ find default-name=ether1 ] name=ISP_eth1
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=default-dhcp ranges=192.168.1.10-192.168.1.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ISP_eth1 list=WAN
/ip address
add address=192.168.1.1/24 comment=defconf interface=bridge network=\
    192.168.1.0
/ip dhcp-client
add comment=defconf disabled=no interface=ISP_eth1
/ip dhcp-server network
add address=192.168.1.0/24 comment=defconf dns-server=192.168.1.1 gateway=\
    192.168.1.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall filter
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
    "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
    ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
    ipsec-policy=out,ipsec
add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    ipsec-policy=out,none out-interface-list=WAN
/system clock
set time-zone-name=Africa/Johannesburg
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN

hecatae · April 6, 2022, 2:21pm

changed subnet to 192.168.1.x but dns is still 192.168.88.1

which ethernet port are you connected to for WAN and LAN?

holvoetn · April 6, 2022, 2:28pm

My Hex when going from eth1 to eth2 using iperf3 on two connected computers can easily saturate 1Gb ethernet…
Are you sure your cables are all CAT6 or better ?

sb101 · April 6, 2022, 2:36pm

eth1 connects to WAN
eth2 is where I’m connected to the router

anav · April 6, 2022, 2:43pm

See no reason for it based on the config.

sb101 · April 6, 2022, 2:45pm

Using same cable that was used for testing directly against the ONT.
Cable setup as is gave one test at around 200/200 when I disabled all firewall rules (shot in the dark). However, came back down to the 90/90 results.

Going to source some different cables and test again…

Znevna · April 6, 2022, 3:50pm

/interface ethernet monitor [find] once

And see which port doesn’t have rate = 1Gbps.
Rocket science!

holvoetn · April 6, 2022, 4:19pm

You need 2 cables if hex gets in between.
Quick check is indeed as Znevna suggests. See what the ports advertise.

Anyhow, the fact you only get 70-90 makes me conclude there is somewhere a 100Mb restriction to be found.

holvoetn · April 6, 2022, 5:16pm

This is how it should look like:

sb101 · April 6, 2022, 7:32pm

Ok, so I guess that confirms where the issue lies - guess the second cable might be the culprit?

anav · April 6, 2022, 7:47pm

cool command line entry!

holvoetn · April 6, 2022, 9:02pm

Switch both cables.
If the problem moves as well, it’s definitely the cable.
My advice: if it’s the cable, toss it or at least attach a clear label on it “100Mb only”.
You might encounter it again sooner or later and then you will run into the same problems (wasting time again to search why).