Community discussions

MikroTik App
  4. RouterOS
  5. Forwarding Protocols

Mikrotik CCR 1072 route cache

Post Reply
 
blackmetal
Member Candidate
Member Candidate
Topic Author
Posts: 227
Joined: Mon Aug 16, 2010 9:01 am

Mikrotik CCR 1072 route cache

Mon Jun 22, 2020 12:11 pm

Hello,
We have a Mikrotik CCR 1072 and some days ago we had some ddos attack then we announce the attacked prefixes towards our ddos protected IP transits but after time about 1-2 days later we cpu our cpu usages are about %40-45 and our memory normally is 15g but its 14g then we found out that the issue is with IP route cache , when i disable that my cpu usages back to under %6-8 and memory back to 15g so:
1) if i keep route cache disabled do i face any issue? i just disable connection tracking and i have some bgp and clans and routing protocols, so disabling route cache does not cause any issue?
2) do you have any idea how to fix this by enable IP route cache?
Thanks,
Top
 
telcouk
newbie
Posts: 31
Joined: Mon Jan 08, 2018 3:50 pm

Re: Mikrotik CCR 1072 route cache

Mon Jun 22, 2020 2:07 pm

Hello,
We have a Mikrotik CCR 1072 and some days ago we had some ddos attack then we announce the attacked prefixes towards our ddos protected IP transits but after time about 1-2 days later we cpu our cpu usages are about %40-45 and our memory normally is 15g but its 14g then we found out that the issue is with IP route cache , when i disable that my cpu usages back to under %6-8 and memory back to 15g so:
1) if i keep route cache disabled do i face any issue? i just disable connection tracking and i have some bgp and clans and routing protocols, so disabling route cache does not cause any issue?
2) do you have any idea how to fix this by enable IP route cache?
Thanks,
Do you use fastpath or fast track? Apparently they won't run with route cache turned off.
However I'm not actually 100% sure if that's actually the case for bridges, MPLS etc.

We have had the route cache turned off for years now, we use MPLS, OSPF and BGP.
Performance issues, we haven't noticed any difference with it turned off.
Top
 
blackmetal
Member Candidate
Member Candidate
Topic Author
Posts: 227
Joined: Mon Aug 16, 2010 9:01 am

Re: Mikrotik CCR 1072 route cache

Mon Jun 22, 2020 3:50 pm

Hello,
We have a Mikrotik CCR 1072 and some days ago we had some ddos attack then we announce the attacked prefixes towards our ddos protected IP transits but after time about 1-2 days later we cpu our cpu usages are about %40-45 and our memory normally is 15g but its 14g then we found out that the issue is with IP route cache , when i disable that my cpu usages back to under %6-8 and memory back to 15g so:
1) if i keep route cache disabled do i face any issue? i just disable connection tracking and i have some bgp and clans and routing protocols, so disabling route cache does not cause any issue?
2) do you have any idea how to fix this by enable IP route cache?
Thanks,
Do you use fastpath or fast track? Apparently they won't run with route cache turned off.
However I'm not actually 100% sure if that's actually the case for bridges, MPLS etc.

We have had the route cache turned off for years now, we use MPLS, OSPF and BGP.
Performance issues, we haven't noticed any difference with it turned off.
no i do not use fastpath or fast-track because always my connection tracking is off and i do not need them i have just following items :
bgp , ospf ,
200x vlans
10 filter rules , 10x raw filter (they are only for control permit and deny towards my network and they have no special config)
300x VLans

so if it will be off you think there is no performance issue or performance degree ?
because honestly sometimes route cache bother me too much due to high cpu usages and when i turn it off my cpu usages will degree from %50 to under %8
Top
 
telcouk
newbie
Posts: 31
Joined: Mon Jan 08, 2018 3:50 pm

Re: Mikrotik CCR 1072 route cache

Wed Jun 24, 2020 12:01 pm

so if it will be off you think there is no performance issue or performance degree ?
because honestly sometimes route cache bother me too much due to high cpu usages and when i turn it off my cpu usages will degree from %50 to under %8
I think you have answered your own question... :)
Turning route cache off has not impacted performance for us, ping times and browsing performance remains the same.
This could be different for other platforms, however for the CCR it has made no noticeable difference.
Top
 
User avatar
Murmaider
Member Candidate
Member Candidate
Posts: 126
Joined: Fri Oct 30, 2015 10:10 am

Re: Mikrotik CCR 1072 route cache

Thu Jun 25, 2020 12:23 pm

route cache has been removed from newer linux kernels because of the performance impact under load.
Turn route cache off, your router will survive a bit better in a DDoS with it disabled.
Top
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 2098
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Krugersdorp (Home town of Brad Binder)
Contact:
Contact CZFan

Re: Mikrotik CCR 1072 route cache

Thu Jun 25, 2020 7:01 pm

route cache has been removed from newer linux kernels because of the performance impact under load.
Turn route cache off, your router will survive a bit better in a DDoS with it disabled.
Reason was that it was "buggy" and no one was maintaining it, hence being removed

https://lists.openwall.net/netdev/2007/03/12/76
https://lwn.net/Articles/241465/
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 13 guests
  4. RouterOS
  5. Forwarding Protocols