Slow speed from outside on RB850Gx2

Hello!

I have my main router, Mk RB850Gx2, which is behind ISP Mikrotik router which has 1:1NAT setup.

I am having problems with connections from outside to inside. I tried bandwidth test with iperf3 from outside via dst-nat to client on inside, and speed I get is around 10Mbps.


Everything else works ok, download and upload speeds to outside on clients are ok (iperf and speedtest shows >200Mbps which is how it should be).

I have around 25filter and nat rules, is that a problem?
Most of NAT rules are dst-nat for port forwarding and same are for hairpin-nat.

I have around 50 clients on that router and 2 site-to-site vpn tunnels.
Hardware resources shows that CPU is around 10-20% busy and i have 400MB free RAM.

How should i troubleshoot this problem?

SRC-NAT and DST-NAT don’t differ much from resource-consumption point of view so the direction of connection establishment (LAN → WAN versus WAN → LAN) doesn’t explain the difference in performance you see. So my suspicion is that ISP is somehow throttling incoming connections to discourage use of lines for offering WAN services.

You can verify this if you connect a test computer on WAN side of your router, set some address from WAN subnet (verify it doesn’t exist prior to that … using RBs ping tool) and run iperf tests between test machine and LAN machine.