Hello,
i have a ccr 1036 8g 2s+ and in some cases that my users receive ddos attacks (for example too many new connections or around 500k udp) i should add a rule in ip firewall raw with drop action so that packets does not go through connection tracking table (my connection tracking in my mikrotik is off) and drop and my cpu loads in this case will reduce and back to normal.
so in this case my question is can i use no track action instead drop ? in this case again my cpu load will be normal but traffic go towards user? because while i am under attack for example i receive 80k new connection and because my connection tracking is off in my mikrotik i can not limit new connections. so the only way is play with raw filter rules to keep cpu usages normal.
THank you.