Speed Problem

asus · Mon Dec 14, 2009 8:15 am

I use a pppoe network i have configured "How to apply different limits for Local/Overseas traffic"

for i have disabled overseas traffic queue coz i use UM queue so my users don't have anyproblem with overseas traffic.

but for my local queue i have set max limit to 1000M & min limit to 500M but it hardly reach to 300M also. my network is gigabit network users try to leech but then they hardly get 2mb download speed.

did I miss anything?

User peak : 400
Free memo : 1827.4 MiB
Cpu load : 40 %

Thanks

asus · Mon Dec 14, 2009 8:20 am

also 1st my users use to get 1mb then i have increased default & eth-default queue size to 1000 packets so now my users get atleast 2M. wat can b done to increase local speed?

asus · Mon Dec 14, 2009 10:02 am

Mikrotik doesn't support Giga Network?? atleast users should get 5Mbps anyway to increase speed?

watever is it but please reply

Mon Dec 14, 2009 10:04 am

Just because you set 1Gbit speed limitation for your user, doesn't mean he will get this speed

This depends on too many factors. Does your ISP actually give you 1Gbit internet?

asus · Mon Dec 14, 2009 10:15 am

we run dc++ on our lan there is no need of internet in it users share files from each other also i have tried from ftp & many file transfers in local network but there also i get 2-3MB

on 2nd port there is only 1 pptp user which actually seed lots of stuff in dc for my network users it also hardly touch 100Mbps

Thanks for reply

asus · Mon Dec 14, 2009 10:33 am

we have 100 users in dc & the speed i have set in local queue is for all users 1000M but max i have seen 500M usage.

few users get good speed duno y?

Mon Dec 14, 2009 10:40 am

what kind of hardware do you have ? your router hardware probably simply doesn't have enough CPU power.

asus · Mon Dec 14, 2009 10:46 am

I use Latest Intel® Core™2 Quad processor Cpu load is max 40%

Mon Dec 14, 2009 10:47 am

It's also more than possible that your user PC isn't able to handle so much traffic. HDD speed is limited, also the OS drivers.

asus · Mon Dec 14, 2009 10:51 am

not possible even I'm one of the user in 100 users! also can we check bandwitdh test with pppoe users i tried but never get it to work

I have heard pppoe reduce 8bit speed is that true?

asus · Mon Dec 14, 2009 10:55 am

if i remove mikrotik & connect directly to 2nd port server then i get 100Mbps individually means 10Mbps download speed coz its my pc mycard speed so can you imagine how all users manage in 300Mbps

Mon Dec 14, 2009 10:56 am

what kind of configuration do you have except the queues? any firewall? what happens if you disable all queues? and if you disable connection tracking? http://wiki.mikrotik.com/wiki/Connection_tracking

asus · Mon Dec 14, 2009 11:10 am

i have many UM created queues for internet bandwidth & 1 queue for local if i disable it i get normal speed which is set for internet in UM.

2nd thing if i disable tracking all local thing in configured my firewall rules stop working only internet work coz i don't any masque configured.

i have firewall filter rules but doesn't effect speed coz i have tried after removing it

     chain=prerouting action=mark-connection new-connection-mark=Con Entire Traffic passthrough=yes 
     src-address-list=local-addr 

 1   ;;; Mark-connection Oversea Traffic
     chain=prerouting action=mark-connection new-connection-mark=Con Oversea passthrough=yes src-address-list=local-addr 
     dst-address-list=!local-addr connection-mark=Con Entire Traffic 

 2   ;;; Mark-packet Oversea Traffic
     chain=prerouting action=mark-packet new-packet-mark=Oversea traffic passthrough=no connection-mark=Con Oversea 

 3   ;;; Mark-packet Local Country Traffic
     chain=prerouting action=mark-packet new-packet-mark=Local Network Traffic passthrough=no

 1    name="Local Network" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=Local Network Traffic 
      direction=both priority=2 queue=default/default limit-at=500M/500M max-limit=1G/1G burst-limit=0/0 
      burst-threshold=0/0 burst-time=0s/0s total-queue=default

I think u have my router login you can check if u have any doubt

asus · Mon Dec 14, 2009 11:53 am

I don't want to limit local traffic is there another rules to redirect local traffic without making a load on router?

Thanks

Mon Dec 14, 2009 12:19 pm

Look at your first post, do you see the RX errors on one of the interfaces? either you have a bad ethernet card, or somebody is DoS attacking you.

asus · Tue Dec 15, 2009 8:38 am

i have configured this to stop it but it block ips rearly

 6   ;;; suppress DoS attack
     chain=input action=tarpit protocol=tcp src-address-list=blocked-addr connection-limit=3,32 

 7   ;;; Port scanners to list 
     chain=input action=add-src-to-address-list protocol=tcp psd=21,3s,3,1 address-list=blocked-addr 
     address-list-timeout=1h 

 8   ;;; NMAP FIN Stealth scan
     chain=input action=add-src-to-address-list tcp-flags=fin,!syn,!rst,!psh,!ack,!urg protocol=tcp 
     address-list=blocked-addr address-list-timeout=2w 

 9   ;;; SYN/FIN scan
     chain=input action=add-src-to-address-list tcp-flags=fin,syn protocol=tcp address-list=blocked-addr 
     address-list-timeout=2w 

10   ;;; SYN/RST scan
     chain=input action=add-src-to-address-list tcp-flags=syn,rst protocol=tcp address-list=blocked-addr 
     address-list-timeout=2w 

11   ;;; FIN/PSH/URG scan
     chain=input action=add-src-to-address-list tcp-flags=fin,psh,urg,!syn,!rst,!ack protocol=tcp 
     address-list=blocked-addr address-list-timeout=2w 

12   ;;; ALL/ALL scan
     chain=input action=add-src-to-address-list tcp-flags=fin,syn,rst,psh,ack,urg protocol=tcp address-list=blocked-addr 
     address-list-timeout=2w 

13   ;;; NMAP NULL scan
     chain=input action=add-src-to-address-list tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg protocol=tcp 
     address-list=blocked-addr address-list-timeout=2w 

14   ;;; detect DoS attack
     chain=input action=add-src-to-address-list protocol=tcp address-list=blocked-addr address-list-timeout=1d 
     connection-limit=10,32

but it is not the issue! I have problem with speed on every eth pppoe users.

anyway?

Thanks

Tue Dec 15, 2009 8:46 am

If the attack targets the router, all users will be affected.

asus · Tue Dec 15, 2009 8:51 am

now 1 ip is in the block list & Rx error counter is of 12d 14:22:14 now no one is attacking..
is there any other way to deal with this??

thanks

asus · Tue Dec 15, 2009 9:11 am

I think if i put 2 more RB640 & divide pppoe users then only every users will get at least 5MB. but just wanna know why mikrotik doesn't support bandwidth in GB??

300-400 Users local bandwitdh pick 500MB Only

Tue Dec 15, 2009 9:23 am

depending on hardware configuration and testing metods, we have tested multiple gigabit throughput with RB1000 and X86 systems. You can probably optimize some stuff. Start by disabling parts of your configuration, see if anything changes if you turn off all the queues, or other rules.

asus · Tue Dec 15, 2009 9:53 am

have you tried in pppoe with or without this local traffic config?? i have tried everything u mention above from 6 month I'm trying to increase speed i have read almost every post here & tutorials.

But still unlucky

Tue Dec 15, 2009 9:55 am

Can you get rid of PPPoE? This is a tunnel after all, it will always have an impact on speed.

Speed Problem

Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Re: Speed Problem

Who is online