I´m having some performance issues that I cannot find the cause of.
RB1200 with FW 6.42.1
100 Mbps Internet connected to Ether10 (100Mbps full duplex link)
LAN connected to Ether1, Ether1 is (at the moment) the only member of Bridge1
I have appr 35 filter rules on the forward chain, most packets (99.9%) are accepted within the 3 first rules.
When I remove my RB and connect a client directly to Internet I get full 100 Mbps speed, with my RB connected I usually get 30-40 Mbps download and 60-80 Mbps upload and the results are very inconsistent.
I never see more than 30% CPU utilization and 15% IRQ. Since CPU is not limiting, what else could it be?
Any suggestion on how to trouble shoot? Removing the configuration and start all over is not what I want to do with this setup…
I know this is not the most professional thing to do, but i would still disable all fw rules to see, if bandwith usage is okay or not without them
(yes, Sindy, u are totally right,[i wrote this here, to not make the thread longer, so more ppl will read your post m8]
It doesn’t matter so much whether it is professional or not, what does matter is whether it is safe, and that depends on the circumstances. Measuring throughtput this way when the network is protected some other way is normal, doing the same when the Mikrotik is connected directly to the internet is a very bad idea. It sometimes takes just minutes to be found and attacked.
I tested the site I’m at. My networking process went to 40% on my RB750 but I got the full 100mbit. And I have a bunch of rules and a queue too with ipsec (speed test didn’t go through ipsec).
So now I think your cpu usage is normal since mine is the same and I get the expected numbers.
You may have to bite the bullet. Do a backup, factory reset and start off with default config. Then do speed tests as you add your config back to see where it chokes.
Also, if your current config came from a restore, then reset the macs of the interfaces back to their defaults. if you did a backup and restore to copy configs across devices then you’ll have duplicate macs on the networks if both devices are online at the same time.
You could run wireshark on your PC during the speed test. If it shows a lot of black packets, then I think those are retransmission’s and you have major packet loss somewhere. One or two retransmission’s are normal.
Try to add a new network to another ethernet and dont put interface to bridge. then do the test. also check fastpath and connection trackning. check mtu and that you dont fragment packages.
FYI:
I cleared configuration and addad a minimal configuration, but that didn´t help. I then connected the Internet cable to another ethernet port and problem was gone! I guess that tells me that there is a hardware problem with one of the ethernet ports on the router…
