a ddos attack to my network yesterday, attack traffic was about 500M,400 flows/s, and my x86 routeros became freeze almost 5 minutes, this made me so sad,
the routeros configuration:
cpu: dual X5670,
interface: dual 10G
traffic: 500-800m
Do you really need connection tracking in a router that likely is some core router?
do you mean connection tracking cause freeze or lock up when it suffer from attack?
Well, doing connection tracking means your router has to spend more work on those packets,
especially in a DDoS attack where many different flows are created.
When you just want to route packets and don’t care about connections you don’t need connection tracking
and it is better to turn it off.