When sending data from one network connected to one port to another network in another port in the gigabit switch (1-5), the router appears to mirror the transfer to all the ports and thus causing unnecessary traffic and getting terrible speeds (120Mbps @ 100% CPU).
I feel this may have to do with the router operating under some kind of dumb switch mode. I am running RouterOS v6.47.2.
How can I check what the problem is?
Debugging the cpu consumption while at 100% yields about 35% firewall and 35% forwarding. I removed all firewall rules and i am only using the recommended for performance.
[admin@MikroTik] > /ip firewall filter print
Flags: X - disabled, I - invalid, D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough
1 X chain=forward action=fasttrack-connection connection-state=established,related
2 chain=forward action=accept connection-state=established,related
3 chain=forward action=drop connection-state=invalid
As usual, we cannot be inside your head and thus have no clue
a. what model you are talking about
b. no network diagram
c. worst of all no copy of the full export
/export hide-sensitive file=anynameyouwish less any public WAN info (WANIP, WAN gateway info etc…)
By the way the router is not doing anything, its simply acting according to your instructions, so you are causing the issue
When you say “from one network to another network”, by “network” do you mean just a physical network consisting of multiple other devices or you mean an IP subnet? I.e. is the 2011 expected to bridge the traffic (forward it at L2) since source and destination devices are in the same IP subnet, or is it expected to route the traffic (forward it at L3) as source and destination devices are in different IP subnets?
If routing is not required, the 2011 may still forward the traffic at L2 using the software bridge, if pre-requisites for switch chip forwarding are not met. If vlan-filtering is set to yes on the bridge, or if hw is set to no on at least one of the ports in question under /interface bridge port, hardware forwarding will not be used.
Both the above can cause the CPU load to hit the ceiling.
If the traffic is eventually indeed broadcast to all ports, this is normal for any traffic towards a destination MAC address from which the switch (bridge) has not received any frame yet. So either it is a unicast MAC address and the destination has not responded yet, or it is a multicast/broadcast one, and in such case no device can use it as a source one ever, so the frames will keep being broadcast even if some of the recipients do respond. And since the CPU must also listen at multicast and broadcast MAC addresses, it must handle such frames at least to some extent, so even if switch chip forwarding is active on all switch chip ports, multicast and broadcast frames will cause some CPU load.
