I have a question about what the Maximum number of clients you can put on a router is, and how best to remedy the situation.
We have a cloud core router, CRS112-8G-4S, feeding a hotel/camp site type place. This is the core router feeding a wireless/mesh network, it has 100MB in, and serves approximatley 300 devices at any given moment, but peaks at about twice that. We’re getting sever slow down on the network, with the router sitting at 100% CPU usage the majority of the time, with Networking and Firewall taking up most of the CPU. we have extremely simple firewall rules, basically allow remote connections to manage the router and drop everything else, and I’ve tried dropping even those, but firewall still stays at like 35% CPU.
I’m definitely not a Mikrotik Expert, but I’ve set up several smaller sites and they’ve worked just fine with a mikrotik RB2011 acting as the core.
So basically, is the CRS112 just not capable enough of handling that much traffic, or do I just not have my rules setup right? I don’t know why this one is working so hard, when other good sized sites with 100+ devices aren’t breaking a sweat.
I’m looking at possibly replacing the CRS112 with a CCR1036-12G-4S, as 4 SFP’s are a requirement.
CRS is a switch, not a router.
Because it runs RouterOS, it looks like a router from the configuration, and it can offer some basic layer 3 forwarding (routing) capabilities, but it will quickly overload the CPU if you do much layer 3 forwarding. These are designed to be layer 2 primarily.
You could easily add a hEX router to your network for just $50 and keep your investment in the CRS for its port density.
OK. We have several RB2011’s on hand, would one of those work as well? RB2011iLS-IN to be precise?
And, to potentially open a whole can of worms, what exactly is the difference between a Mikrotik Switch and a Mikrotik Router? They have fairly similar stats, does the hEX or RB2011 just dedicate more of it’s processor to routing? It seems like the line between router and switch has gotten pretty blurry, so what makes one of these devices suited for one and not the other?
The CRS is a switch (Cloud Router Switch) with routing ability. The RB2011 has the same CPU. I would recommend that you invest in a router more suited for what you are doing. The RB3011, RB1100AHx4, and CCR1009 will all do nicely for that.
To be honest, all of the MMIPS based units are great boxes for small networks or CPE’s. But once you start loading them with more than 10~20 clients, they start to slow. The CRS is just an RB2011 with more ports. You need to move to the ARM or TileGX based units to get real routing and firewall power.
The HEX is a quad-core version of the MMIPS routers. It’s fairly inexpensive, and is more powerful than the others, but still much slower than the ARM based units. And it only has 256M of ram. The RB3011 and RB1100AHx4 have 1GB, and the CCR1009 has 2GB.
My opinion is to try the $60 RB750Gr3 (hEX). Even if what the previous post says is true, you’re only out $60 and you’ll find something else to do with it for sure. Mine isn’t doing anything too groundbreaking but I have quite a few IPv4 and IPv6 firewall rules plus tunnels, routing and IPSEC and it doesn’t ever show more than 10% CPU.
By the way, there isn’t some client limit. It’s just whatever the router will handle for what you’re doing. If you’re running a lot of layer 2 devices, the upper limit might be the mac table in memory. If you’re doing a lot of firewalling, that will tax the CPU. If you’re peering with BGP on the internet it might be the size of the BGP route table in memory. This is where a consultant might help for your specific situation.
Thanks all. We got it up and running with an old 1100, running like a champ, but we’re going to look into those other boxes as a dedicated router box moving forward with this and other properties. Thank you again.
Don’t forget to use fasttrack. It can do a miracle in your case.