need expert answer: Strange behaviour in bridging

brianchrist · October 10, 2008, 12:24pm

Configuration:

1 PC with 2 network cards, bridged
Mikrotik version 3.14

Vlan trunk traffics (802.1q) flow through the box without problem.

diagram:

router1(vlan) --------- Mikrotik (bridge) --------- (trunk)Cisco(vlan) --------- router2

Problem:

If you try to torch the traffic on Mikrotik, you’ll find that the packet rate and traffic rate is LOWER than you’d found on BOTH router1 and router2.
I did this by using Mikrotik on both router1 and router2 ping from router1 to router2 and run the torch on them.

Here the status captured:

Router1:

Mikrotik:

Router2:

Is there anything to do with vlan’s overhead?

Egate · October 11, 2008, 9:49am

Is connection tracking for bridge on? Why would you want to put Vlan, if you bridge the two routers?

brianchrist · October 13, 2008, 12:37am

Do you mean the one at the /ip firewall connections? yes, it is enabled.

and,

use-ip-firewall: yes
use-ip-firewall-for-vlan: yes

Between those two routers, there are some vlans, with different purpose, and I want to limit/filter/queue traffic on each vlans. This way I don’t have to physically separate the traffic and use mikrotik on each link.

brianchrist · October 13, 2008, 1:56am

New findouts:

This morning I did a ping test again, but now I add a firewall filter on each box and the result is:

All the packets COUNT and bytes COUNT in each box are exacly the same, means no packet is loss nor bypassed.
But the traffic RATE in the middle mikrotik, in torch, is always lower than the other two.

Though the CPU on mikrotik (act as bridge) is far higher than the other two, seems like it cannot catchup the traffic calculation (?)