The supported Bell installation for small business comes with the aging Home Hub 2000 and a Huawei MA5672M ONT media converter. With that setup, and when connecting directly to the Home Hub 2000 with a fast computer/network adapter, I can achieve the advertised 940mbps/940mbps speed (and even more). It is possible to bypass the Home Hub 2000 and connect directly to the ONT with PPPoE through creating VLAN35.
However, when going through the CRS328, download and upload speeds vary between 800bmps and 925mbps.
I have tested both with stable 6.43.8 and LTS 6.42.11 versions of the packages and firmware with similar results.
I’ve tried 3 different configuration approaches and compared the performance of each. My firewall rules are the same for each approach (using fasttrack for established and related packets).
Here they are:
Bridge VLAN filtering off, ether[2-24] in the bridge, vlan35 interface on top of ether1 port, pppoe-client uses vlan35 interface.
- I can see FastPath FP Tx/Rx packets in the bridge, on vlan35 interface and on ether1
- I can achieve speeds of 850mbps/850mbps. However, there is a lot of variation from one speed test to the other.
- Profiler show low firewall cpu usage but high cpu usage for the networking process (70%). Overall, the cpu does hit 100%.
- There are some RX overflows on ether1 (a few hundred), not sure why.
Bridge VLAN filtering on, ether[1-24] in the bridge, bridge vlans 35 and 10 configured. Port ether1 is tagged to vlan 35 as well as bridge, ports 2-24 untagged with PVID=10, vlan10 tagged for the bridge (vlan10 used for the lan).
- I don’t see any FastPath packets on the bridge. I though FastPath would still be used at the bridge level with the CRS3XX
- Firewall process have a high cpu load despite the FastTrack rule being used.
- Overall cpu usage hits 100%.
- Upload and download speed no higher than 300mbps.
Bridge VLAN filtering on, ether[2-24] in the bridge, ether1 standalone with VLAN 35 interface configured on top of it.
- I see some packets in fast path on the bridge, but only for RX.
- Download speed is comparable to when VLAN filtering is off (850mbps range), but upload don’t get higher than 300mbps.
- Firewall process have a high cpu o load.
- Overall cpu usage hits 100%.
My firewall rules in a nutshell
- Accept established and related input
- Accept from local network input
- Drop all other input
- Fasttrack established and related forward
- Accept established and related forward
- Accept local network forward
- Drop all other forward
PPPoE client
I have tested both 1492 and 1500 MTUs. According to me, both seem to work properly, so I sticked with 1500 since Bell seems to support it. Vlan-35 is set to 1508 to allow for the 6 bytes PPPoE and 2 bytes PPP header. The port itself ether1 is configured to it’s default max L2MTU = MTU = 1592, so there plenty of room.
I’m wondering if I am reaching the physical maximum throughput of the CRS328 or if I'm missing something... If so, how come a piece of device such as the Home Hub 2000 can be faster? Also, I purchased this switch with the idea of setting up VLANs, so the bridge vlan-filtering is something I’d like to enable at some point.
Your help would be more than welcome.
Thank you!