I have Mikrotik CRS125-24G-1S and its CPU usage is 100% most of the time. According to profiler, it’s caused by firewall and queueing. The Mikrotik is router for about 300 devices (students), internet connectivity is 100mbps. At this moment, we use only 2 ports (1x WAN, 1x LAN), but we’re going to use 18 ports for LAN (each floor of building = 1 LAN port).
Queues are made by PCQ Queue Tree (download and upload):
rate = 100M
Limit = 100
Total Limit: 5000
there are no packet drops, but PCQ queue is 150.
Do I have to care about 100% CPU usage? Firewall takes about 35%, queueing about 25% and also networking and ethernet eats a lot of CPU.
I think CPU usage of firewall is caused by NAT (masquerade), but I’m not sure.
What can I do for better performance?
You think it’s good idea to use dedicated port for each floor?
Is my queue settings optimal, or you suggest another strategy for fair distribution of connectivity?
are you serious? you bought a 100 bucks switch pretending to route, nat and queue 300 users on a 100Mbit link?!
maybe crs is good enough for switching your user network, but now it’s time to buy a quite powerful router !
if you have low budget, a 3011 would be the cheaper solution
I feel like a fool now, but it’s really low budget project. Don’t even ask what they used before CRS125 and how the infrastructure looked like
Do you suggest to buy hEX (5x Gigabit Ethernet, Dual Core 880MHz CPU, 256MB RAM) for example?
I can set-up roles:
1, router (hEX) as router, firewall, DHCP server, DNS server
2, switch (CRS125) as switch and queues
new hEX is indeed powerful and affordable, probably it can do the job ..worth a try. I’ve suggested 3011 to be sure and to have some rooms for growth with few bucks more.
I would leave the crs doing the switch only, queue is heavy task (anyway you can try)
