RB4011 Slow Inter-VLAN Routing

shaunmccloud · September 27, 2021, 1:34am

Just navigated to two IPs on my VM VLAN. My Dude VM and my unRAID server’s IP on that VLAN. The Dude VM responded immediately while the unRAID server took a while to respond. Both with no real increase in CPU load on the RB4011. A 1.1GB file transfer across VLANs will max out the 1G connection on my desktop and pin a core on the RB4011. So I guess the issue is something with my unRAID server and not the RB4011 like I thought it was. Now to figure out why it is having an issue.

millenium7 · September 27, 2021, 9:52am

Traffic staying on the same VLAN won’t be going through the router, its staying on that switch. Ergo if your performance is slow within the same VLAN, the router (and thus firewall rules, NAT etc) is COMPLETELY irrelevant as its not even being used
You might not be using the switch correctly, are all ports in the bridge and with the ‘H’ flag under the ‘ports’ tab? If not then its going through the CPU of that switch and will be slow as balls
Check the actual port speeds, don’t just assume. Ethernet cabling going to a PC might be running at 10mbit or 100mbit. Check the stats, there might be a bunch of CRC errors again indicating bad cabling (or bad NIC). Check the log for duplex mismatch, ARP conflicts or other issues

Don’t just assume your switch is perfect, cause right now if what you say is true, I can guarantee you it isn’t (or its just a PC issue like a dying HDD)

anav · September 27, 2021, 10:59am

Slow as balls? Cannot recall hearing that expression.
Sperm in balls travel rather quickly though.
With some research
Refers to the snail’space at which the testicles are retracted upward into the groin area when exposed to cool temperatures. Dangit, this dataconnection is slow as balls!
Slow as molasses I can relate to but thanks learned a new one!

shaunmccloud · September 27, 2021, 2:01pm

My switch is a CSS326-24G-2S±RM, no routing in it. It has a single 10G trunk to the RB4011 with all the VLANs on it.

Traffic staying on the same VLAN won’t be going through the router, its staying on that switch. Ergo if your performance is slow within the same VLAN, the router (and thus firewall rules, NAT etc) is COMPLETELY irrelevant as its not even being used
You might not be using the switch correctly, are all ports in the bridge and with the ‘H’ flag under the ‘ports’ tab? If not then its going through the CPU of that switch and will be slow as balls
Check the actual port speeds, don’t just assume. Ethernet cabling going to a PC might be running at 10mbit or 100mbit. Check the stats, there might be a bunch of CRC errors again indicating bad cabling (or bad NIC). Check the log for duplex mismatch, ARP conflicts or other issues

Don’t just assume your switch is perfect, cause right now if what you say is true, I can guarantee you it isn’t (or its just a PC issue like a dying HDD)

Keep in mind, the setup had no issues with pfSense. Only started with the RB4011. I did just try adding the SFP+ port to a bridge, but it isn’t hardware accelerated. If I do 1Gbe ports, will the VLAN switching happen on the bridge or back to the CPU?

sindy · September 27, 2021, 3:34pm

Where? On the 4011? “VLAN switching” means L2 forwarding within the same VLAN, so it is irrelevant for inter-VLAN routing, where the CPU has to strip the VLAN tag of the source VLAN to get to the IP packet, route it, and assign another VLAN tag to it prior to sending it into the destination VLAN. So the VLAN switching is not related to inter-VLAN routing. CRS3xx is another story, there the switch chip can handle routing as well, but this is not (yet?) the case with the switch chip of the 4011. Since your switch is a CSS, it cannot do that either.