Community discussions

MikroTik App
 
francoislepage
just joined
Topic Author
Posts: 4
Joined: Mon Jan 14, 2019 10:24 pm
Location: Montreal

Performance issue with Bell FTTH 940mbps/940mbps internet on Mikrotik CRS328-24P-4S+ (Bell Home Hub bypass)

Mon Jan 14, 2019 10:54 pm

Hello everyone. I’m seeking advise on how to properly configure my Mikrotik CRS3XXX to bypass the home hub 2000 with a Bell FTTH 940mbps/940mbps fiber connexion and achieve full speed from my lan.

The supported Bell installation for small business comes with the aging Home Hub 2000 and a Huawei MA5672M ONT media converter. With that setup, and when connecting directly to the Home Hub 2000 with a fast computer/network adapter, I can achieve the advertised 940mbps/940mbps speed (and even more). It is possible to bypass the Home Hub 2000 and connect directly to the ONT with PPPoE through creating VLAN35.

However, when going through the CRS328, download and upload speeds vary between 800bmps and 925mbps.

I have tested both with stable 6.43.8 and LTS 6.42.11 versions of the packages and firmware with similar results.

I’ve tried 3 different configuration approaches and compared the performance of each. My firewall rules are the same for each approach (using fasttrack for established and related packets).

Here they are:

Bridge VLAN filtering off, ether[2-24] in the bridge, vlan35 interface on top of ether1 port, pppoe-client uses vlan35 interface.
  • I can see FastPath FP Tx/Rx packets in the bridge, on vlan35 interface and on ether1
  • I can achieve speeds of 850mbps/850mbps. However, there is a lot of variation from one speed test to the other.
  • Profiler show low firewall cpu usage but high cpu usage for the networking process (70%). Overall, the cpu does hit 100%.
  • There are some RX overflows on ether1 (a few hundred), not sure why.

Bridge VLAN filtering on, ether[1-24] in the bridge, bridge vlans 35 and 10 configured. Port ether1 is tagged to vlan 35 as well as bridge, ports 2-24 untagged with PVID=10, vlan10 tagged for the bridge (vlan10 used for the lan).
  • I don’t see any FastPath packets on the bridge. I though FastPath would still be used at the bridge level with the CRS3XX
  • Firewall process have a high cpu load despite the FastTrack rule being used.
  • Overall cpu usage hits 100%.
  • Upload and download speed no higher than 300mbps.

Bridge VLAN filtering on, ether[2-24] in the bridge, ether1 standalone with VLAN 35 interface configured on top of it.
  • I see some packets in fast path on the bridge, but only for RX.
  • Download speed is comparable to when VLAN filtering is off (850mbps range), but upload don’t get higher than 300mbps.
  • Firewall process have a high cpu o load.
  • Overall cpu usage hits 100%.

My firewall rules in a nutshell
  • Accept established and related input
  • Accept from local network input
  • Drop all other input
  • Fasttrack established and related forward
  • Accept established and related forward
  • Accept local network forward
  • Drop all other forward

PPPoE client
I have tested both 1492 and 1500 MTUs. According to me, both seem to work properly, so I sticked with 1500 since Bell seems to support it. Vlan-35 is set to 1508 to allow for the 6 bytes PPPoE and 2 bytes PPP header. The port itself ether1 is configured to it’s default max L2MTU = MTU = 1592, so there plenty of room.

I’m wondering if I am reaching the physical maximum throughput of the CRS328 or if I'm missing something... If so, how come a piece of device such as the Home Hub 2000 can be faster? Also, I purchased this switch with the idea of setting up VLANs, so the bridge vlan-filtering is something I’d like to enable at some point.

Your help would be more than welcome.

Thank you! :)
 
User avatar
Steveocee
Forum Guru
Forum Guru
Posts: 1120
Joined: Tue Jul 21, 2015 10:09 pm
Location: UK
Contact:

Re: Performance issue with Bell FTTH 940mbps/940mbps internet on Mikrotik CRS328-24P-4S+ (Bell Home Hub bypass)

Tue Jan 15, 2019 12:29 pm

CRS series are primarily switches with an amount of L3 capability. I think you'd need to use fast track and hardly anything else to get near the throughput you want. Ideally you'd need an RB3011 or upwards to route at those sorts of speeds.
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 871
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: Performance issue with Bell FTTH 940mbps/940mbps internet on Mikrotik CRS328-24P-4S+ (Bell Home Hub bypass)

Tue Jan 15, 2019 1:25 pm

@francoislepage
Very nice report. ! for one do not believe that you can get to 1Gbps using your config with the CRS328 ... I believe that the CRS317 could do it using your config test bed.

My overview is simply based on comparing the Test Results published by MikroTik for the respective devices.I do not have any direct experience using either of these 2 devices.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Performance issue with Bell FTTH 940mbps/940mbps internet on Mikrotik CRS328-24P-4S+ (Bell Home Hub bypass)

Tue Jan 15, 2019 2:38 pm

Interesting discussion I recently got bell Fiber but not ppooee and yes using vlan35.
1. Create ethernet interface
2. Create vlan interface under the ethernet interface,
3. all other rules point to the vlan interface.

With a hex router getting 400up 300 down (It maxes out for sure)
With an rb450gx4 getting 900+up 800+ down with standard firewall rules.
With a bunch of rules that look at long lists and layer7 rules getting 600-800 up and 300-600 down depending on the test site..........
Just preliminary testing for now but there is a hit on firewall rules I am using.
 
francoislepage
just joined
Topic Author
Posts: 4
Joined: Mon Jan 14, 2019 10:24 pm
Location: Montreal

Re: Performance issue with Bell FTTH 940mbps/940mbps internet on Mikrotik CRS328-24P-4S+ (Bell Home Hub bypass)

Tue Jan 15, 2019 4:42 pm

Thanks everyone for commenting.

It seems like I might not using the right hardware for the task. Do you believe using an GPON SFP connecting directly to the fiber network could help, or is that "networking" process going up to 70% (total CPU 100%) the proof that I have maxed out the routing capability of the CSR328?

Unfortunately, making sure I can use all available bandwidth is only the first step and I already hit a wall with the CRS328.

I do have 3 remote offices (w/ hAP AC lite) I'd like to connect to the my administrative home office (where the Bell service is installed) through site-to-site VPN + setting up a dedicated VLAN for segregating IP Cameras (in each remote office + a bunch at the admin office) + a voice VLAN for Yealink IP phones. It does not seem like I have the headroom required to implement those configurations.

I've looked at the Mikrotik routers. It seems like the newer RB4011iGS+RM is quite powerful, and the form factor will allow it to sit on my rack's shelve. However, I would have liked to have the option to install a GPON SFP in order to eventually get rid of the bulky Huawei ONT and Cyberpower battery-less "UPS" attached to it (only needed for the Phoenix power connector!). An RB4011 with 2x SFP, 18 PoE ports, hardware IPSec, 1.4ghz quad core in a 1U form factor would have been great ;-)

Since I'm learning as I go, would a SFP+ 1m direct attach cable the best way to link the CRS328 and an RS4011? The RS4011 won't have enough ports and I do need multiple PPPoE outputs for the phones, IP cams and access point, so I need to keep using the CSR. With the RB4011 installed, would it be advised to boot the CSR328 with SwOS instead?

Thank you!
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 871
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: Performance issue with Bell FTTH 940mbps/940mbps internet on Mikrotik CRS328-24P-4S+ (Bell Home Hub bypass)

Tue Jan 15, 2019 5:55 pm

The RB4011iGS+RM acting as your Router and the CRS328 acting as your Switch I believe would provide you with 1 Gbps symmetrical throughput. And Yes -- GPON SFP connecting directly to the fiber network would be the approach I definatly would recommend. You may need to do some reconfiguration of the Router SFP interface [no Auto-negations [and the switch SFP interface ] and force to 1Gbps]. Do not use SWOS -- go strictly with RouterOS --- Router OS on the switch does an excellent job, I find SwOS somewhat flakey so far + RouterOS on the switch or CLI is VERY powerful and provides much more granularity of control.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Performance issue with Bell FTTH 940mbps/940mbps internet on Mikrotik CRS328-24P-4S+ (Bell Home Hub bypass)

Tue Jan 15, 2019 7:00 pm

Just a heads up, when they upgraded me with the single unit (wifi, powersupply, ont), I asked can you put this thing in bridge modem as I want to get a public IP and run my own router, not be using Bells router.
The tech said its possbily flaky when trying to do that. Luckily they have another basic ONT unit for the high speed. All to say is that I still have that batteryless power supply on the wall plus the ONT, like before. The technician didnt think that bell had any ONTs with SFP out only ethernet, including for business installs besides residential.
 
francoislepage
just joined
Topic Author
Posts: 4
Joined: Mon Jan 14, 2019 10:24 pm
Location: Montreal

Re: Performance issue with Bell FTTH 940mbps/940mbps internet on Mikrotik CRS328-24P-4S+ (Bell Home Hub bypass)

Tue Jan 15, 2019 7:58 pm

Interesting...

My own story is that when I ordered the connection, I spoke with a Bell support technician (a "RAC") and he advised me that only the Home Hub 1000 would supports real bridge mode (PPPoE client on my router). So that's what they tried to install first. However, the HH1000 caps @ 450mbps and Bell didn't know! I then settled for the HH2000, knowing that I would have to bypass it so I can implement my own routing & firewalling.

I found online a thread from someone that had the HH3000 installed (which unfortunately is not available for business customers). That person was able to remove the SFP from the device and stick it directly into a UBNT router / switch. That might be a good option for you (I assume the single unit you have is a HH3000). Of course, this would be highly unsupported.

I ended up dropping the idea of connecting to Bell with an GPON SFP for 2 reasons. First, affordable Mikrotik routers from the RB series do not come with 2x SFPs (1x for uplink, 1x for switch connectivity). I did not look into other manufacturers since I do not want to go through the process of learning a new technology again. Second, I read that Bell may be filtering Vendor ID (not sure of the exact name), so only approved manufacturers may synchronize with the OLT (this would include Alcatel/Lucent and Huawei GPON SFPs) ** this is to be confirmed **. I don't really mind the ONT which also has the nice perk of providing a 4 ports switch, but I'll definitely try to find a replacement for that stupid batteryless UPS! :)

I think the point is not that bypassing the connection would be flaky, it's more a matter of support from Bell. Bell would obviously not login into my switch with Winbox to diagnose my connection. So in any case my connection goes down or I require support from Bell, I'll plug back in the HH2000 so they can apply their support process and rule out any problem on my side.

My RB4011 is on it's way!
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Performance issue with Bell FTTH 940mbps/940mbps internet on Mikrotik CRS328-24P-4S+ (Bell Home Hub bypass)

Tue Jan 15, 2019 9:08 pm

Good choice!! I think my ONTs old and new are of the lucent alcatel variety by the way.
The Bell support should end at the ONT anyway so not a concern. The technician has to specially program the ONT to work for your particular account and ont device etc........
Once thats done what you do after is transparent. The only challenges for me are forgetting to release the IP if I am mucking about and then have go through the process of turning the unit off and on and seeing what IP the router gets (more importantly the gateway). I take the gateway IP and update my IP route rule and then get connectivity. Cable seems to be able to acquire an IP and get the gateway automatically but its not on a VLAN either.
 
jwrite2019
just joined
Posts: 4
Joined: Wed Sep 04, 2019 12:47 am

Re: Performance issue with Bell FTTH 940mbps/940mbps internet on Mikrotik CRS328-24P-4S+ (Bell Home Hub bypass)

Thu Oct 10, 2019 1:28 pm

Hello,

Glad to see this thread regarding Bell and Mikrotik on here, I've been working on this solution as well and so far have only had good, stable results using a separate system with pfsense as the pppoe client.

What was the outcome of this, or what were the results of the rb4011.

Also with your results are they consistent or fluctuating and what kind of uptime/service stability do you get? I know some routers have issues with maintaining pppoe connections especially at gigabit speeds.

Are there any alternate suggestions?

Excited to hear what's been tested so far!

Thanks,
John Write

Who is online

Users browsing this forum: Bing [Bot] and 54 guests