I’m trying to use a powerbox pro to do some basic VLAN switching with a few hybrid ports trunked out the SFP port via fiber. The SFP port is not part of the switch, so I am using the bridge to do the VLAN tagging and filtering. CPU is hitting 60-80% when traffic is 300-500Mbps. Only config other than the bridge is management IP on a vlan.
Is there another way to configure to reduce CPU or do I need to look at another switch? Space in the cabinet is tight so I’m not sure I can fit a netpower16 in.
You could use switch chip to do the tagging/untagging on ether ports and use bridge without vlan-filtering. This way bridge would act as dumb switch and SFP port would be trunk port for all VLANs available to CPU. Which is not all VLANs on switched ports, you can set VLAN membership for switch-cpu1 port on switch chip. You could not do anything regarding VLAN on SFP port though but with correct config on other bridge members the setup can still be secure.
Thank you! I didn’t think this would help that much because almost all traffic would be going through the SFP port and thus switch CPU. But setting it up this way made significant improvement. In test lab, 500B UDP bandwidth test went from 500M/500M to 900M/900M. In production, CPU went from 60-70% down to 30-40%.
Yes, pretty much that setup. In my case, I had a few ports that I wanted to be hybrid with some tagged VLANs and a PVID.
For config, all ports, including the SFP were put into a bridge with VLAN filtering disabled. Then switch config looked like this.
/interface ethernet switch port
set 1 default-vlan-id=243 vlan-mode=secure
set 2 default-vlan-id=24 vlan-mode=secure
set 3 default-vlan-id=24 vlan-mode=secure
set 4 default-vlan-id=246 vlan-mode=secure
set 5 vlan-mode=secure
/interface ethernet switch vlan
add independent-learning=no ports=ether5,switch1-cpu switch=switch1 vlan-id=2015
add independent-learning=no ports=ether5,switch1-cpu switch=switch1 vlan-id=246
add independent-learning=no ports=ether5,switch1-cpu switch=switch1 vlan-id=2017
add independent-learning=no ports=ether2,switch1-cpu switch=switch1 vlan-id=2016
add independent-learning=no ports=ether2,switch1-cpu switch=switch1 vlan-id=243
add independent-learning=no ports=ether3,ether4,switch1-cpu switch=switch1 vlan-id=24
add independent-learning=no ports=ether3,switch1-cpu switch=switch1 vlan-id=31