My RB4011 with ROS 7.2.3 still consume 100% cpu on only 1 core.

ArShuRaZ · June 1, 2022, 5:06pm

Site A (Leased Line)<— pptp —>(FTTx; PPPoE) Site B
RB 4011 is at site B. The Traffic usage is only about 200Mbps but it consumes 100% on cpu0 and slow down overall traffic.

Any suggestion?

Znevna · June 1, 2022, 5:15pm

yes, right click cpu0, profile, sort, screenshot, upload here.

ArShuRaZ · June 1, 2022, 6:07pm

Edit: sorry. profile wrong cpu. will post the right one later when it occurs again.

Kindis · June 1, 2022, 6:08pm

I may be wrong here but does pptp spread over cores or is it only one core for all traffic?

memelchenkov · June 1, 2022, 6:22pm

I doubt anybody will fix PPTP even if there is some bug.

ArShuRaZ · June 1, 2022, 6:28pm

ArShuRaZ · June 3, 2022, 2:11pm

ArShuRaZ · June 4, 2022, 1:21pm

any suggestion?

Wangz · June 8, 2022, 4:07am

Are you natting at your RB4011?

Kindis · June 8, 2022, 8:42pm

I assume that this only happens during high traffic over the pptp connection?

I maintain the idea that this is they way pptp works. The interface will only run over one CPU core and that is the effect you see now. I can be wrong but think this is the way it work. So not a bug but by design.

Still think it is wrong then do a supout file during the issue and send to support with a explanation of the issue.

ArShuRaZ · June 12, 2022, 2:04pm

Yes. RB4011 dial PPPoE (FTTx) and NAT all client to Internet IP for accessing Internet. But no natting for traffic in vpn tunnel.

ArShuRaZ · June 12, 2022, 2:05pm

Thank you. I’m planning to change vpn connection to wireguard … and will check the result on high traffic again.

Kindis · June 14, 2022, 8:52am

Very interested to see the effect of this.

ArShuRaZ · June 19, 2022, 7:42am

Wireguard Tunnel between MikroTik must be specific ip (endpoint) on both side?

My situation is
MikroTik at Site A: has fixed public ip address.
MikroTik at Site B: has dynamic public ip address.

Still finding the way to do it without specific Public IP at site B (Treat Site B like road warier).

Znevna · June 19, 2022, 7:45am

No, it’s not mandatory to specify an endpoint for both sides.

ArShuRaZ · June 19, 2022, 8:46am

Thank you. Able to do the tunnel now.

just specific endpoint at site B and leave endpoint blank at site A.
and use persistence handshake at site B.

Will wait to see the CPU usage when high traffic.

ArShuRaZ · June 20, 2022, 5:24pm

From Max Bandwidth 190 Mbps with PPTP … to 490 Mbps with Wireguard.

Znevna · June 20, 2022, 5:28pm

Hmm, I think RB4011 can do a little more than that, unless you have a funky config.
What MTU did you set for the Wireguard interfaces?
And what MTU do you have on your WAN at BOTH sides (tested)?

ArShuRaZ · June 20, 2022, 5:53pm

I thought so.. My Internet b/w is 1Gbps but can use about 500Mbps with RB4011

I did not set the MTU .. just leave it to default value (1420) for both side on wireguard.

Site A: MikroTik CHR is directed connect to ISP with static IP (Interface MTU is 1500) … cpu only about 10% on b/w 500Mbps
Site B: RB4011 connect Internet with PPPoE and default MTU (1492) … firewall was only 2 rows. and no L7 protocol.

Anyway. I’m satisfied with the current result. 500Mbps is better than 200Mbps as before.