Proxy on 450G slowing down WAN

RouterOS Beginner Basics
1

I ordered a routerBoard 493g, but I got a 450G while waiting for the other product to get here !
I never thought I would LOVE a router/firewall that much, i will never get back to other products :smiley:

Well, I only have 1 concern, there is a proxy setting in the router that can cache all the web site we go to, and can also block entered web sites.

If I activate that, even without caching, my internet become really slow !
I am on fiber at 100mb/s on the internet, and I get 75Mb/s on speedtest.net with a latency between 0 and 7ms.
Proxy activated without caching just blocking *porn per example, then I have a latency of 207ms and 5Mb/s !

Am I doing something wrong or it is completly normal ?
Or will it be ok when iā€™ll get my 493g ?

Thank you very much for your help !
Martin L.

2

No help ?

3

Are you using only RAM for cache or perhaps microSD card?

Edit:
Sorry, missed the ā€œeven without cachingā€ part.

4

Well in fact, I just did some tests and the problem is not from webProxy !!
I have read somewhere on the forum that to activate the web proxy correctly, I should add a firewall filter Rule and a Nat rule !

Filter rule:
Chaine = Input
SRC= 0.0.0.0/0
Protocal= TCP
DST Port= 8080
In. Interface= ETH1-WAN
DROP !

NAT rule:
Chain = DSTnat
Protocol = TCP
Dst Port= 80
dst-nat to adresses x.x.x.x (Routeur IP Adress)
to port= 8080

The Nat rule seams to redirect the port 80 to 8080 because the WebProxy is configured to 8080 only by default, but I also added 80 in the webproxy !

And if I remove only that NAT rule, everything is OK.
I guess I donā€™t really need it ?

5

Ok I get it !!
The NAT rule is to redirect to the routerā€™s proxy !
and if I redirect from port 80 to 80, every site goes to the routeur web access !!

So I still need some help on how to configure correctly without loosing so much speed !

Thank you very much,
Martin L.

6

If, in NAT Rule, I redirect to 8080 instead of using DST-nat to IP adress port 8080, it helps on the web proxy !

Without web proxy:
latency = 0ms Download = 93Mbps Upload = 77Mbps

With web proxy no caching :
latency = 205ms Download = 63Mbps Upload = 23Mbps

With web proxy and caching (to internal, didnā€™t receive mt MicroSD yet)
latency = 215ms Download = 5Mbps Upload = 11Mbps

Still weird that I loose that much even without caching !!
I thought a would in latency, but not that much either !!

Any help ?

Reference : http://wiki.mikrotik.com/wiki/How_to_make_transparent_web_proxy

7

Hi!

Can you Do this:

  1. Run proxy at port 8080
  2. Redirect tcp port 80 to8080 on your local interface.
  3. Add this input filter rule in firewall:
    In interface=local net interface, action=accept
  4. Make speed test

Itā€™s just a funny bug that I found on some router os, canā€™t remember which though.

8

I have found the same thing on my 450. As soon as I turn on the webproxy and then redirect to it jump from 4 to 5 ms pings to 250 to 260ms ping times. Surfing seems fast, but the latency sure seems high. I use webproxy for page logging purposes so I hate to have it turned off all the time.

9

I have the same issue on my 450, I also can get it to do it on a i386 machine. Any ideas on how to get this fixed. I see 26ms pings with webproxy off and 250 on. Any traffic hitting the proxy gets slowed badly. I set my rules to avoid my connection using a not 10.0.1.x. once the traffic avoids the proxy itā€™s great.

10

CobblinGoblin

What happends if you do what I said in my previous post?

Test 2:

Place this NAT rule after the proxy NAT rule:

chain=input, src address=local-net (e.g. 192.168.1.0/24), action=accept


I have seen this rule + the one in my previous post to really slow down the INet. The one in my previous post has been effective when I have not used proxy, and this last one when I have been using proxy.

11

I have 433ah, also the web proxy slow down the internet!!!. I flow the setting which exist in the following URL:
http://wiki.mikrotik.com/wiki/Proxy_on_RouterBOARD's_external_drive
to activate the web proxy.
Please help my if there is any additional setting.
Thanks

12

I still ahve this issue on my 450g, even with all the suggestions in place. My CPU util is less than 40% but my latency is in teh 250ā€™s with webproxy on and in the 40ā€™s without.

13

hi did you manage to fix this?

14

On my 493G the speed stays the same but I gain 200ms on the ping so thatā€™s not really a good thing. Is it normal ?

15

same for me, its not a normal thing for proxies to do this, im guessing this is caused by read/write?

would be really good to find out what causes this.

16

Iā€™m having the same issue. Any aknowledgement of an issue from support? Iā€™m running a 450G.

17

Hm ā€¦
Im also runing web proxy on X86 ROS 5.20 and can confirm that ping is going high
when firewall rule redirect to proxy : PING 150-200 ,
when I just disable firewall transparent proxy PING is 50 -60

But this is only seen on http://www.speedtest.net/
Ordinary ping to some host on internet is same ā€¦

18

icmp isnt port 80 and therefore wont be proxied.

19

Yes I know that :smiley:
I say that this ā€œproxy issueā€ is only show in web when testing on speedtest.net ā€¦ i dont know why ā€¦ but im suspecting on speedtest.net script ā€¦ not on mikrotik proxy

20

is their any other way to redirect 8080 to 80 port that didnā€™t make internet slow down ?
Please helpā€¦

I using built memory in router-boardā€¦ Thank you.