Hi All -

I have gigabit fiber coming in on an AT&T router, the Arris BGW210-700. I have IP passthrough set up to pass the WAN IP to the MikroTik CRS125-24G-1S. I seem to be up and running just fine, but my speed has been cut by more than three-quarters, and I don't know why. Hardwired off the Arris I'm at over 900Mbps. Hardwired off MikroTik it drops to 200Mbps. Nothing else on the network yet. Any ideas?

Thanks

Are you using the CRS125 as a router? (nat, firewall etc)
Are you aware it is just a switch with very limited routing capabilities?
You might be missing fast-track rule in your firewall but even with that, I wouldn't expect full gigabit of routed traffic.

Thanks for the reply - much appreciated. Yes, I am using the CRS125 as a router with NAT and firewall in place, etc. I do not have the fast track rule in the firewall; I will try that. I'm curious to know what my expectation should be from the CRS125. As I said, with nothing but my laptop hardwired to it - and NOTHING else on the network, shouldn't I be able to get so much more from it? If not, what are the limiting factors of a CRS125 that matter most? I have an RB3011 I could use instead - would my experience really be that much more improved?

CRS without fasttrack as a router - thats definitely cause of the issue. It simply does not have enough CPU power.

I am not sure if you don't have fast track on purpose (it can't be enabled if you want to use simple queues, ipsec and some other features)
or if you don't have it by mistake. It definitely speeds up things a log (basically, if packet hits fasttrack rule, it will mark the connection and most subsequent packet within that connection will skip some processes = causing less cpu load).

If you have RB3011 it will definitely improve your experience a lot:
RB3011 is full-featured router with 2 cores on 1.4GHz, meanwhile CRS-125 has only 1 core on 600MHz. Simply said - it has 4.6 times more processing power. (also way more RAM which helps with some tasks) In addition, CRS125 has only single 1gbit line between cpu and switch chip, which means you have any CPU-processed data limited by hardware to 1Gbit half-duplex.

Is there any particular reason why you decided to use CRS125 as your router instead of RB3011? Although I would recommend to use RB3011 I also want to make sure, that you don't have any legitimate reason for this setup.

If you have RB3011 it will definitely improve your experience a lot:
RB3011 is full-featured router with 2 cores on 1.4GHz, meanwhile CRS-125 has only 1 core on 600MHz. Simply said - it has 4.6 times more processing power. (also way more RAM which helps with some tasks) In addition, CRS125 has only single 1gbit line between cpu and switch chip, which means you have any CPU-processed data limited by hardware to 1Gbit half-duplex.

Is there any particular reason why you decided to use CRS125 as your router instead of RB3011? Although I would recommend to use RB3011 I also want to make sure, that you don't have any legitimate reason for this setup.

Don't forget the hardware encryption: from 6.43.1 onward the RB3011 supports it.

Don't forget the hardware encryption: from 6.43.1 onward the RB3011 supports it.

I would be careful with that... I already saw one report of RB3011 with panicking kernel, which I bet was caused by this "update"...
I don't have any RB3011 around to test it but I guess something does not work as expected...

Don't forget the hardware encryption: from 6.43.1 onward the RB3011 supports it.

I would be careful with that... I already saw one report of RB3011 with panicking kernel, which I bet was caused by this "update"...
I don't have any RB3011 around to test it but I guess something does not work as expected...

Ah, well. This unit is cursed from the beginning. What a shame.

I really appreciate your thoughtful replies, Paternot, and especially yours, vecernik87. Adding the Fast Track rule made a HUGE difference.

As to your question asking why I chose the CRS125 over the RB3011, the answer is, honestly, inexperience. I've used the CRS125 a lot and love that it offers 24 ports. However, I have not used it in a gig speed environment up until now, I guess, so I simply had not learned yet of its limited potential.

Thank You Again!

No worries, happy to help

ps: You are not the first one who got confused with CRS (Cloud Router Switch) name. Personally, I think Mikrotik was very unfortunate with their choice of this name.

And, yes: the CRS name is a bad one. Time and again we see people taking it literally (why shouldn't they?), and getting low speeds.