Community discussions

MikroTik App
 
juanpi
just joined
Topic Author
Posts: 1
Joined: Sun Aug 07, 2022 10:53 pm

RB2011 is forwarding traffic to all interfaces

Sun Aug 07, 2022 11:05 pm

When sending data from one network connected to one port to another network in another port in the gigabit switch (1-5), the router appears to mirror the transfer to all the ports and thus causing unnecessary traffic and getting terrible speeds (120Mbps @ 100% CPU).

I feel this may have to do with the router operating under some kind of dumb switch mode. I am running RouterOS v6.47.2.

How can I check what the problem is?

Debugging the cpu consumption while at 100% yields about 35% firewall and 35% forwarding. I removed all firewall rules and i am only using the recommended for performance.


[admin@MikroTik] > /ip firewall filter print  

Flags: X - disabled, I - invalid, D - dynamic 

 0  D ;;; special dummy rule to show fasttrack counters

      chain=forward action=passthrough 



 1 X  chain=forward action=fasttrack-connection connection-state=established,related 



 2    chain=forward action=accept connection-state=established,related 



 3    chain=forward action=drop connection-state=invalid 


 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18959
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: RB2011 is forwarding traffic to all interfaces

Mon Aug 08, 2022 2:23 am

As usual, we cannot be inside your head and thus have no clue
a. what model you are talking about
b. no network diagram
c. worst of all no copy of the full export
/export hide-sensitive file=anynameyouwish less any public WAN info (WANIP, WAN gateway info etc...)

By the way the router is not doing anything, its simply acting according to your instructions, so you are causing the issue :-)
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: RB2011 is forwarding traffic to all interfaces

Mon Aug 08, 2022 10:39 am

Let's start from clarifying the terms.

When you say "from one network to another network", by "network" do you mean just a physical network consisting of multiple other devices or you mean an IP subnet? I.e. is the 2011 expected to bridge the traffic (forward it at L2) since source and destination devices are in the same IP subnet, or is it expected to route the traffic (forward it at L3) as source and destination devices are in different IP subnets?

If routing is not required, the 2011 may still forward the traffic at L2 using the software bridge, if pre-requisites for switch chip forwarding are not met. If vlan-filtering is set to yes on the bridge, or if hw is set to no on at least one of the ports in question under /interface bridge port, hardware forwarding will not be used.

Both the above can cause the CPU load to hit the ceiling.

If the traffic is eventually indeed broadcast to all ports, this is normal for any traffic towards a destination MAC address from which the switch (bridge) has not received any frame yet. So either it is a unicast MAC address and the destination has not responded yet, or it is a multicast/broadcast one, and in such case no device can use it as a source one ever, so the frames will keep being broadcast even if some of the recipients do respond. And since the CPU must also listen at multicast and broadcast MAC addresses, it must handle such frames at least to some extent, so even if switch chip forwarding is active on all switch chip ports, multicast and broadcast frames will cause some CPU load.

Who is online

Users browsing this forum: No registered users and 63 guests