Check test results on product page. Many of us find number listed under "Routing -> 25 ip filter rules ->512 bytes" to reflect real-life performance pretty well (yes, there are particular use cases where cevices perform much better and there are use cases where devices perform even worse). Mind that for older devices (which were introduced in v6 era) test results are correct when running ROS v6 ... ROS v7, due to architectural changes in used linux kernel, has quite a bit worse routing speed.

It is always possible to downgrade ROS version, factory installed version is the lowest possible. So if your hEX came with v6 from factory, you can try to downgrade to 6.49.7 and see how it performs. Unless you absolutely need some of new features in v7, in which case you'll have to live with lower performance.

I was under the impression that it's faster given the hw offloading support which isn't present in ROS v6 for this particular chip

I was under the impression that it's faster given the hw offloading support which isn't present in ROS v6 for this particular chip

This particular chip has quite a few features which unfortunately are not used in ROS. Feature which got supported in v7 but isn't in any of v6 is HW accelerated switching with VLANs used. Which has nothing to do with routing (even if VLANs are used this way or another). And depending on your particular use case it might not be used even for intra-LAN traffic (if you use device as router/switch combo).

Queuing is currently incompatible with fasttrack (which in turn is prerequisite for L3HW offliading if I'm not much mistaken).

If you use vlan-filtering=yes on your bridge, then indeed v7 should make this part better on hEX. But the part about routing performance I mentioned is still true.

If you're saying that having best routing performance is the most important thing your hEX, then yes, downgrading to v6 would be the best way to go.

Fasttrack is instrumental in getting decent performance on devices with slow CPUs (which is almost all Mikrotiks apart from top CCR models).

As far as VLAN is concerned, my only use of it is separation and blocking of 3 untrusted ones from LAN access.

As far as VLAN is concerned, my only use of it is separation and blocking of 3 untrusted ones from LAN access.

If you can isolate those untrusted devices to single router port, then it would be beneficial to use that port as stand-alone port for separate subnet ... that way you wouldn't need VLANs and hence there would be no performance hit when using ROS v6.
If you have to keep using VLANs, then ... as soon as you enable vlan-filtering=yes on bridge, L2 (switching) HW offload is lost and then it's up to CPU-bound bridging. Mind that bridging is much easier on CPU than routing, but it's still a hog. While it is possible to get at wire-speed throughput between a pair of bridge ports, that's not possible to reach simultaneously on all ports (due to switch-CPU interconnect bottleneck) and CPU will be heavily loaded (thus eating into routing throughput).

What could be intresting to know is which is more of a hog vlan in v6 vs routing in v7.

What could be intresting to know is which is more of a hog vlan in v6 vs routing in v7.

You can try

Think of some use scenarios which apply to your particular use. Then perform tests and save test results, make sure you follow resource utilization on hEX (tool -> profiler -> all CPU). Also take configuration backup and exported config. Then downgrade your hEX to v6 (netinstall would be the best) and re-create configuration. Re-do the same tests and take note of results. Compare them, also compare CPU usage. Then you'll be able to decide which ROS version is better (or: less bad) for you.

Did OP fix this or return the router and get something else? I'm having the exact same problem. I have even tried disabling all firewall rules just to be sure (I'm running factory defaults anyway). FastTrack rule is present and enabled.

I'm getting 257.17 Mbps download through my TP-Link wireless AP connected directly to ISP router. If I connect ISP router → hEX S → wireless AP I get only 90 Mpbs.