Internet stopped to work, or very slow. Latency went from 5ms to 1000ms. Many times not possible to get into winbox. CPU was not 100%.
I have this rule as prevention against syn flood:
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new \
action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=yes
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new \
action=accept comment="" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new \
action=drop comment="" disabled=no
but seems it make it worse…Only after disabling this three rules, everything seems to run normal. Why? can anybody explain?