Community discussions

MUM Europe 2020
 
gferrai
just joined
Topic Author
Posts: 1
Joined: Sun Aug 09, 2009 8:40 pm

Serious performance issue

Wed Jan 04, 2012 7:11 pm

Hi all.
I have a dual core opteron K8 at 1.6GHz serving about 500 pppoe customers and giving them a 100Mb (total) internet link
I configured my ROS 3.30 with about 50 pppoe servers listening each one on a different vlan.
Every pppoe server use a profile with encryption and "change tcp MSS" set to yes
Nothing more, some simple firewall filter rules, a few nat rules and a lot of dynamic mangle rules due to "change tcp MSS" configuration (2 for each pppoe user).
PROBLEM:
My cpu consumption is near 90-95%!!!!

Please point me in which direction I can investigate!
Can help me disable dynamic change of MSS and set a single static rule?

Many Thanks
Gianni
 
krajnalic
newbie
Posts: 34
Joined: Wed Nov 30, 2011 1:39 am

Re: Serious performance issue

Sun Feb 19, 2012 3:05 am

I had the same problem until I add mangle rule:
add action=change-mss chain=forward comment="MTU 1360" \
disabled=no new-mss=1360 passthrough=yes protocol=tcp tcp-flags=syn \
tcp-mss=1361-65535

Also dont set change-tcp-mss=yes in ppp profile.

The problem is that mikrotik tries to change MSS for every frame, and not only for frames that are bigger than MSS you want to be, and CPU goes Up.
In my case I want MSS to be 1360 and my router sets this only for frames that are between 1361-65535. It helped me very much.

Please dont forget to give karma

Who is online

Users browsing this forum: Baidu [Spider], MSN [Bot], Panbambaryla and 58 guests