Community discussions

MikroTik App
 
jmginer
Member Candidate
Member Candidate
Topic Author
Posts: 153
Joined: Tue Dec 11, 2012 4:56 am
Contact:

Switch VLANs Very High CPU

Fri May 31, 2019 1:05 pm

Hi, I have a CHR x86 for routing and peering at DECIX Madrid.

Additionally DECIX provides me with the same cable peering in Lisbon through a VLAN.

The DECIX cable, I have it connected to an intermediate CRS switch.

What I do is connect the CRS cable to the CHR with 2 VLANs, one for Lisbon (vlan11) and one for Madrid (vlan10).

The problem is that the CPU of the switch is very high, with only 50.000 PPS the CPU reaches +40%.

This is my configuration. Is something wrong?

Thank you!

# model = CRS317-1G-16S+

/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=sfp-sfpplus1 ] auto-negotiation=no name=sfp-sfpplus1-DECIX-IN
set [ find default-name=sfp-sfpplus2 ] name=sfp-sfpplus2-DECIX-OUT speed=10Gbps

/interface vlan
add interface=sfp-sfpplus1-DECIX-IN name=vlan-DECIX-Lisbon-IN vlan-id=11
add interface=sfp-sfpplus2-DECIX-OUT name=vlan-DECIX-Lisbon-OUT vlan-id=11
add interface=sfp-sfpplus2-DECIX-OUT name=vlan-DECIX-Madrid-OUT vlan-id=10

/interface bridge
add name=bridge-decix-lisbon protocol-mode=none
add name=bridge-decix-madrid protocol-mode=none

/interface bridge port
add bridge=bridge-decix-madrid interface=sfp-sfpplus1-DECIX-IN
add bridge=bridge-decix-madrid interface=vlan-DECIX-Madrid-OUT
add bridge=bridge-decix-lisbon interface=vlan-DECIX-Lisbon-IN
add bridge=bridge-decix-lisbon interface=vlan-DECIX-Lisbon-OUT

/ip firewall connection tracking
set enabled=no
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Switch VLANs Very High CPU

Fri May 31, 2019 3:07 pm

Right now all packets between VLANs (and access ports towards your CHR) are passing CRS' weak CPU.

You should reconfigure CRS to use single bridge and vlan-filtering ... you can have a look at this fine tutorial.
Your CRS3xx will then deal with VLANs in hardware (switch chip).
 
jmginer
Member Candidate
Member Candidate
Topic Author
Posts: 153
Joined: Tue Dec 11, 2012 4:56 am
Contact:

Re: Switch VLANs Very High CPU

Tue Jun 04, 2019 1:56 pm

I think I've solved, at least is working and only using 2% CPU...
/interface bridge
add name=BR1 protocol-mode=none vlan-filtering=yes

/interface bridge port
add bridge=BR1 interface=sfp-sfpplus1-DECIX-IN
add bridge=BR1 interface=sfp-sfpplus2-DECIX-OUT

/interface bridge vlan
add bridge=BR1 tagged=sfp-sfpplus2-DECIX-OUT untagged=sfp-sfpplus1-DECIX-IN vlan-ids=10
add bridge=BR1 tagged=sfp-sfpplus1-DECIX-IN,sfp-sfpplus2-DECIX-OUT vlan-ids=11

/interface ethernet switch rule
add switch=switch1 ports=sfp-sfpplus1-DECIX-IN vlan-header=not-present new-vlan-id=10
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Switch VLANs Very High CPU  [SOLVED]

Tue Jun 04, 2019 6:53 pm

Your latest config mixes bridge vlan concept and HW based concept. The last setting (/interface ethernet switch rule) can probably be replaced by
/interface bridge port
set [ find name=sfp-sfpplus1-DECIX-IN ] pvid=10
 
jmginer
Member Candidate
Member Candidate
Topic Author
Posts: 153
Joined: Tue Dec 11, 2012 4:56 am
Contact:

Re: Switch VLANs Very High CPU

Tue Jun 04, 2019 9:30 pm

You're right, fixed, thanks! :)

Now I have my transit upstreams connected directly to the CHR. Tomorrow I will try with one of them to pass it through the switch.
I suppose I can create a new bridge? Or do I have to use a single bridge to take advantage of HW acceleration?
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Switch VLANs Very High CPU

Tue Jun 04, 2019 10:07 pm

Manual says that only single bridge can be HW offloaded ... so you better stick to single bridge and use whatever means available to partition switch (either use VLANs with access ports or port isolation ... the later being switch chip feature which brings you back to a mix of bridge and HW setup)
 
jmginer
Member Candidate
Member Candidate
Topic Author
Posts: 153
Joined: Tue Dec 11, 2012 4:56 am
Contact:

Re: Switch VLANs Very High CPU

Wed Jun 05, 2019 6:08 pm

Got it! :)

I've created the isolated ports and a unique bridge.
I've connected my upstreams (3 x FULL BGP) and all the traffic is working fine.
The bridge is returning "HW Offload" active on all ports.
And the CPU on the CRS is less 1-5% every time.

Many thanks! @mkx Please, send me a PM with your Paypal account to send you a gift.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Switch VLANs Very High CPU

Wed Jun 05, 2019 7:13 pm

No PM on this forum. So kindly pass the offered gift to a charity of your choice, thank you.
 
jmginer
Member Candidate
Member Candidate
Topic Author
Posts: 153
Joined: Tue Dec 11, 2012 4:56 am
Contact:

Re: Switch VLANs Very High CPU

Wed Jun 05, 2019 11:06 pm

No PM on this forum. So kindly pass the offered gift to a charity of your choice, thank you.


done!

Image
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Switch VLANs Very High CPU

Thu Jun 06, 2019 8:15 am

@jmginer: topic outcomes like this make contributing to this forum specially worthwhile.

Who is online

Users browsing this forum: BinaryTB, Bing [Bot] and 68 guests