RB450G 100%CPU at 100Mbit/s is that correct?

Hello Folks!

I experience problems with RB450G, it is put up as NAT router with som queues and failover to alternate ISP etc. nothing complicated.

I put traffic queues limit to 100Mbit/s up and down and start limit at 80Mbit/s, we have gigabit internet full duplex.

But my problem is, either RB450G does not have the power to drive att 100MBit/s or there is some else problems.

When traffic nears 70-80MBit/s CPU goes up to 80-90%, and when traffix exeeds 100Mbit/s cpu is 100% and then all stops working. I had to disable watchdog, it start to reboot the router in those cases. When traffic fall down below 70Mbit/s CPU goes down to.

Looking in profile, I can see firewall and queuing takes most CPU.

What is the problem is RB450G not powerful enough, what next level router is recommended ?

Queuing at such speeds can be pretty heavy for the CPU. Maybe you can tweak a little, but for gigabit speeds you really need something (much) faster.

Yea, we just got recomended a CloudCore from our distributor, and so it will be.

That sounds about right for the RB450G. We recommend it for connections up to about 70 or 80 Mbps.

Hello Folks!

We had a breakdown of RB450G in high time traffic yesterday, some capacitances where broke inside , a drop in replacement solved the problems.

But we have now ordered CCR router, and we will also implement clustering to compensate for similar problems in future.

Hello Folks!

Nice! very nice!

Now I got my CCR, unpacking and testing it will be performed this weekend. We will order one more and cluster them when we are back on track.

It even had a small cute touch sensitive display

I took a CCR1016, it is more powerful than I need I guess, if not I will upgrade to CCR1036.

I will post some more details about how it went.

CCR is now configured, tomorrow it will replace the temporary router.

I was supriced to see that CCR lacks switch-chip, and you have to use bridge that will eat unessesary CPU cycles for local lan server to server copy, so we could not abandon our switch at this time, maybe CCR is so fast it does not matter, I dont know, tomorrow I know.

If it falls out good, we will replace all older core routers with CCR.

40 to 50 mbps is good enough for 450G more than this bandwidth you will face problem… if you want cost effective high power router than you may go for RB1100AHx2

But definitely CCR series is the best option.

Hello Folks!

CCR1016 12G is successfully in place!

It was a big performance difference, whole network feels like new built, CPU never raised over 2%, lack of internal switch chip seems not to have any bigger influence on CPU power either.

I now wait on Mikrotik Switches, we need 24 port gigabit managable switches in our networks.

RB450G had the classical problem, two capacitors inside has become “fat”, and device will be repaired after some time.

CCR series are good performer

Hello Folks!

I am very happy with CCR, the graphs speak for themself:

And now the RB850Gx2 is available as an excellent upgrade from the RB450G. I would expect it to handle at least 300Mbps.

Hello Folks!

We will replace some RB333 devices with CCR1016 or CCR1009 this year and next year.

We are suffering max troughput of 30-31Mbit/s using RB333, it is very loaded due to many complicated routing rules, policy based routing, advanced queues, tagged traffic and firewall rules. CPU is 100% at 30Mbit and the device start to act bad at 32Mbit.

You can overclock the RB450G to 800mhz to handle a bit more traffic. I got myself a CCR1036 to do some serious packet processing involving scripts since my ISP blocks NAT. It is also has the CPU power to handle brute force attacks and DDOS while still being responsive. I do wish mikrotik would’ve given the option to overclock the CPU to 1.5 Ghz as shown in Tilera CPU specs. It is always good to have more CPU power than you need. You can speed things up by combining rules since firewall rules each have multiple fields for a lot of properties.

Lack of support from mikrotik forums really makes me feel like mikrotik doesnt really exist despite the fact that i buy their products while quoted on their website includes 30 day support. I might not buy mikrotik in the future. I have had to spend too much time just to get things working right while my questions go unanswered. Its a pitty since i was planning to buy their CCR with 72 cores if it came out and also include my own scripts and programs for computer cluster monitoring and power control. RouterOS is always buggy and even my RB450G reboots itself from time to time when theres very little load. I even wonder if mikrotik even included ECC ram/ECC ram support in their CCR series which the CPU does support but not mentioned in the mikrotik product manual/specs/guide. Taking a close look at the board it supports redundant PSUs and 4 fans but the case is only designed for 2 fans and 1 PSU with no option to get the CCR1036 board by itself.

Looking around the forums it seems that too many questions just go unanswered

Hello Folks!

Regarding support from mikrotik I must say some words.

Forum has been very helpful for us, also our distributor has helped a lot.

I always had got answer on my supout files within 1-3 officedays, I do what they tell me, write a small report what happened and so on, eventually if possible doing some tests and also include those steps in the support request to them.

Our business staff will not agree with me in all aspects, they claim to many stops and wasted time, however they always do. They even bought some more ASA5510 instead of CCR some months ago due to various problem at that time, which was solved in next RoS release and we invested some money on more expensive devices.

And yes over the years we have had capacitor problem, crs problem, wireless protocol problem, routing mark problem, ccr port problem and device hanging problems, device power off problems.
But they always solved after some time. Rollbacks has always worked so far, and we do keep cold and hot stand by devices to mitigate discrapency as much as possible.

Changing capacitors is a bit tricky, I did that on some of our devices and also some of our competitors around as well. The nice with that was competitor’s come back for more help and we earned some money, thank you mikrotik

I must also say, we do not have any fancy firewalls or vpn settings, we always try to do it as simple as possible, therefore we eventually did not hit so many bugs.

The grass is not much greener on the other side, we have had similar problems with Cisco, HP, IBM, Dell, McAfee, Buffalo devices. They were more expensive and tricky to fix so to say, their support costs money and took longer time, except the SLA we have with IBM, responce time “next day on site”, that comes with a price tag to.

Switch chip not required each port I believe is allocated a cpu, besides these units are so powerfull a switch chip is pointless

It has been working without any cpu/memory related resource problems since installed. However, there have been other issues, the device suddenly stopped to pass traffic four times since installed.

I have tried this on a few RB450G boards, and it always has caused instability and kernel panics for me. Perhaps some boards out there have a CPU that is overclockable on them, but based on my own experience, I would guess that the majority of 450G boards cannot be safely overclocked. Therefore it probably isn’t worth the risk for most people.

The forums are not an official avenue of support. If you want a written response from MikroTik staff, you need to send them e-mail.

– Nathan