NEW Public Bandwith Test Server

Hello mikrotik fans,

I will be bringing up a btest server soon. I have preprared one RB800 and a 1Gbit connection dedicated only for the sake of testing.
It is ready, but I want to limit the usage somehow before I post it public. I have created filter rule for input that puts your IP in ban address list for X period of time.

I can’t figure out how to limit the test sessions per time. You can basically let it run indefinately. Can you tell me how to disconnect every btest connection for example on 5min?

Nice work!

You can check out the configuration of TomjNorthIdaho posted here:

http://forum.mikrotik.com/t/public-mikrotik-bandwidth-test-server-s-now-shutdown-as-of-april-1st-2025/94863/469

/ip firewall raw
add action=accept chain=prerouting comment=“testers accepted” src-address-list=tester
add action=drop chain=prerouting comment=“previous testers drop” src-address-list=previous
add action=add-src-to-address-list address-list=tester address-list-timeout=2m chain=prerouting comment=“add to tester” dst-port=2000-2100 protocol=tcp
add action=add-src-to-address-list address-list=tester address-list-timeout=2m chain=prerouting comment=“add to tester” dst-port=2000-2100 protocol=udp
add action=add-src-to-address-list address-list=previous address-list-timeout=15m chain=prerouting comment=“add to previous” dst-port=2000-2100 log=yes protocol=tcp
add action=add-src-to-address-list address-list=previous address-list-timeout=15m chain=prerouting comment=“add to previous” dst-port=2000-2100 log=yes protocol=udp

This will limit tests to 2m every 15m per ip address.

It’s almost like Mikrotik should run one

I did check his config and set it up nicely. Everything works except when the timer runs out for “testing” address list it wouldnt drop the traffic server>client only the other way. This issue appears only when testing UDP. With TCP test there is no problem. I worked on this for about 6 hours last night and I couldnt find a solution. Anyone else experenced this iisue?

Should I provide any screenshots?

Have you enabled fasttrack? I will probably bypass raw firewall, however doesn’t explain why tcp is working.

Please do no post screenshots, just export config ( /export hide-sensitive ) and paste in code blocks.

Also.. TomjNorthIdaho mentioned more than a terabyte of traffic per month hosting public bandwidth server.
Are you sure your connection can handle such large amount of traffic?

I have enabled fasttrack, but it doesn’t count packets so I guess i doesn’t apply for this.

I will post config as soon as I can.

The mikrotik will be in a datacenter for the clients to test their bandwith and also for public use. So yes the network behind it will handle alot

Please forward the bandwidth test link for Cisco, Juniper, Huawei, Zyxel, TP-Link, …

Hello again.
It seems I fixed it and it’s now working as expected. RAW rules needed tweaking. I will post before and after output so you can compare:

Before:
[user@Server] /ip firewall> raw print
Flags: X - disabled, I - invalid, D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=prerouting action=passthrough
1 ;;; testers accepted
chain=prerouting action=accept log=no log-prefix=“” src-address-list=tester
2 ;;; previous testers drop
chain=prerouting action=drop log=no log-prefix=“” src-address-list=previous
3 ;;; add to tester
chain=prerouting action=add-src-to-address-list dst-port=2000-3000 log=no log-prefix=“” protocol=tcp address-list=tester address-list-timeout=15m
4 ;;; add to tester
chain=prerouting action=add-src-to-address-list dst-port=2000-3000 log=no log-prefix=“” protocol=udp address-list=tester address-list-timeout=15m
5 ;;; add to previous
chain=prerouting action=add-src-to-address-list dst-port=2000-3000 log=yes log-prefix=“” protocol=tcp address-list=previous address-list-timeout=1d
6 ;;; add to previous
chain=prerouting action=add-src-to-address-list dst-port=2000-3000 log=yes log-prefix=“” protocol=udp address-list=previous address-list-timeout=1d

After:
[user@Server] /ip firewall> raw print
Flags: X - disabled, I - invalid, D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=prerouting action=passthrough
1 ;;; testers accepted
chain=prerouting action=accept log=no log-prefix=“” src-address-list=tester
2 ;;; testers accepted
chain=output action=accept log=no log-prefix=“” dst-address-list=tester
3 ;;; previous testers drop
chain=output action=drop log=no log-prefix=“” dst-address-list=previous
4 ;;; previous testers drop
chain=prerouting action=drop log=no log-prefix=“” src-address-list=previous
5 ;;; add to tester
chain=prerouting action=add-src-to-address-list dst-port=2000-3000 log=no log-prefix=“” protocol=tcp address-list=tester address-list-timeout=15m
6 ;;; add to tester
chain=prerouting action=add-src-to-address-list dst-port=2000-3000 log=no log-prefix=“” protocol=udp address-list=tester address-list-timeout=15m
7 ;;; add to previous
chain=prerouting action=add-src-to-address-list dst-port=2000-3000 log=no log-prefix=“” protocol=tcp address-list=previous address-list-timeout=1d
8 ;;; add to previous
chain=prerouting action=add-src-to-address-list dst-port=2000-3000 log=no log-prefix=“” protocol=udp address-list=previous address-list-timeout=1d

You can test the server at:

IP: 87.121.0.45
U: neterra
P: neterra

15min. testing time and 24h ban (this was their request).

Please share results when you test. Cheers

it says “can’t connect” for UDP and “test unsupported” for TCP.
Are you certain it works fine?

Works fine here:

RB3011 @ 500Mbps

[admin@MikroTik] > /tool bandwidth-test 87.121.0.45 user=neterra password=neterra direction=both
                status: running
              duration: 57s
            tx-current: 543.9Mbps
  tx-10-second-average: 543.6Mbps
      tx-total-average: 456.1Mbps
            rx-current: 543.6Mbps
  rx-10-second-average: 543.5Mbps
      rx-total-average: 406.0Mbps
          lost-packets: 4653
           random-data: no
             direction: both
               tx-size: 1500
               rx-size: 1500

Cannot post 1Gbps result in upcoming 24 hours

Thanks nescafe2002 for testing. It’s interesting how much CPU will be consumed on full bandwidth. Today max was 660mbps and the cpu was around 30%. Tell me from which IP you are testing so I can remove you from ban list for another try

Reset to default configuration & got a fresh ip

RB4011 @ 1Gbps

[admin@MikroTik] > /tool bandwidth-test 87.121.0.45 user=neterra password=neterra direction=both
                    ;;; results can be limited by cpu, note that traffic generation/termination performance might 
                        not be representative of forwarding performance
                status: running
              duration: 59s
            tx-current: 696.0Mbps
  tx-10-second-average: 693.7Mbps
      tx-total-average: 685.8Mbps
            rx-current: 965.2Mbps
  rx-10-second-average: 972.7Mbps
      rx-total-average: 963.8Mbps
          lost-packets: 4774
           random-data: no
             direction: both
               tx-size: 1500
               rx-size: 1500
      connection-count: 20
        local-cpu-load: 42%
       remote-cpu-load: 100%

Seems fine for me

Nice btest server

I just ran some btest’s from my 207.32.194.24 btest server to your new btest server.
FYI: UDP is pretty much immune to distance (because it is mostly a fire-and-forget protocol) , and TCP can be sensitive to distance because TCP requires return ACK packets.
Here are the results:

Great 10x for the test

Hope it is used a lot Do you think the RB800 will come weak if pushed? I can see it doesn’t go higher than 70% cpu when being used for tests with 900mbps.

is this server still working?

im getting “connecting…”

code used:
/tool bandwidth-test 87.121.0.45 user=neterra password=neterra direction=both

RB-800 - don’t know — guess you can just wait and see …
North Idaho Tom Jones

Now it is. Try again

is the server running on stable or long term ?
, lately you can test only if you have the same version of the packages