Community discussions

MikroTik App
 
SWISSSNOW
newbie
Topic Author
Posts: 35
Joined: Sun Oct 05, 2014 12:50 am

RB3011UiAS-RM - max. 240 Mbit/s

Sat Jan 29, 2022 4:09 pm

Hello,
working with an RB3011UiAS-RM with RouterOS v7.1.1 (same Firmware) I can't find the bottle neck - it's too slow ...

The Internet Access is a DOCSIS Calbe Modem with fixed IPv4-Adresses to the inside (LAN). When I connect directly with my Apple Notebook, using the public IPv4 I get a download rate testen with "fast.com" at 780 Mbit/s down. Then I move the same IP to interface 1 on the RB3011UiAS-RM, connect mit Apple Notebook on Interface 2 in an bridge, the bridge has DHCP, no firefall rules only 1 NAT rule via interface 1 ... I get only 240 Mbit/s down : (

Same test during same time, short time between 3 times the same results.

What can be the bottle neck? Why 780 Mbit/s down to 240 Mbit/S behind the RB3011UiAS-RM ?

Any ideas ?

Grüße
Stefan
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: RB3011UiAS-RM - max. 240 Mbit/s

Sat Jan 29, 2022 8:34 pm

So RB3011 has the default configuration with just the firewall filter rules removed ?
Or there is more configured ?
Maybe an /export hide-sensitive of your configuration would help...
 
mafiosa
Member Candidate
Member Candidate
Posts: 266
Joined: Fri Dec 09, 2016 8:10 pm
Location: Kolkata, India
Contact:

Re: RB3011UiAS-RM - max. 240 Mbit/s

Sat Jan 29, 2022 8:37 pm

Hello,
working with an RB3011UiAS-RM with RouterOS v7.1.1 (same Firmware) I can't find the bottle neck - it's too slow ...

The Internet Access is a DOCSIS Calbe Modem with fixed IPv4-Adresses to the inside (LAN). When I connect directly with my Apple Notebook, using the public IPv4 I get a download rate testen with "fast.com" at 780 Mbit/s down. Then I move the same IP to interface 1 on the RB3011UiAS-RM, connect mit Apple Notebook on Interface 2 in an bridge, the bridge has DHCP, no firefall rules only 1 NAT rule via interface 1 ... I get only 240 Mbit/s down : (

Same test during same time, short time between 3 times the same results.

What can be the bottle neck? Why 780 Mbit/s down to 240 Mbit/S behind the RB3011UiAS-RM ?

Any ideas ?

Grüße
Stefan
I also have the same issue. Opened ticket with mikrotik. As usual no response.
 
ChipsAhoy
just joined
Posts: 5
Joined: Sat Jan 29, 2022 12:07 pm

Re: RB3011UiAS-RM - max. 240 Mbit/s

Sat Jan 29, 2022 9:13 pm

I may be having the same issue except I'm using 6.49.2 (stable), I am randomly losing a few hundred Mbit/s in throughput. It gets worse for high latency connections.

I only use fasttrack and a masquerade NAT rule for outbound. My thread is here: viewtopic.php?p=909190

Tests connected to my ISP router (bridge mode) look like this: https://www.speedtest.net/result/12681002357
Tests connected to my ISP router via RB3011 (router mode) look like this: https://www.speedtest.net/result/12672632997
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: RB3011UiAS-RM - max. 240 Mbit/s

Sat Jan 29, 2022 9:24 pm

Tests connected to my ISP router via RB3011 (router mode) look like this: https://www.speedtest.net/result/12672632997
The results are fine to me...
For an average size packet of 512 Byte and 25 IP filter rules you should get about 830 Mbps... Your results are close to that limit...

https://mikrotik.com/product/RB3011UiAS ... estresults
 
SWISSSNOW
newbie
Topic Author
Posts: 35
Joined: Sun Oct 05, 2014 12:50 am

Re: RB3011UiAS-RM - max. 240 Mbit/s

Mon Jan 31, 2022 5:07 pm

# model = RB3011UiAS
# serial number = xxx
/interface bridge
add admin-mac=xxx auto-mac=no name=bridge1_LAN
add admin-mac=xxx auto-mac=no name=bridge109_JUGEND
add admin-mac=xxx auto-mac=no name=bridge170_GAME
/interface ethernet
set [ find default-name=ether1 ] advertise=1000M-full comment=WAN1
set [ find default-name=ether3 ] disabled=yes
set [ find default-name=ether4 ] comment=Gaming-PC
set [ find default-name=ether5 ] comment=Gaming-PC
set [ find default-name=ether6 ] disabled=yes
set [ find default-name=ether7 ] comment=Mac-Book disabled=yes
set [ find default-name=ether8 ] disabled=yes
set [ find default-name=ether10 ] advertise=1000M-full disabled=yes
set [ find default-name=sfp1 ] advertise=1000M-full auto-negotiation=no comment=LAN_Link_24-PoE-Switch
/interface eoip
add mac-address=xxx name=eoip-tunnel_GAME remote-address=10.10.1.214 tunnel-id=336
add mac-address=xxx name=eoip-tunnel_JUGEND remote-address=10.10.1.1 tunnel-id=314
/interface ethernet switch port
set 0 default-vlan-id=0 vlan-mode=fallback
set 1 default-vlan-id=0 vlan-mode=fallback
set 2 default-vlan-id=0 vlan-mode=fallback
set 3 default-vlan-id=0 vlan-mode=fallback
set 4 default-vlan-id=0 vlan-mode=fallback
set 5 default-vlan-id=0 vlan-mode=fallback
set 6 default-vlan-id=0 vlan-mode=fallback
set 7 default-vlan-id=0 vlan-mode=fallback
set 8 default-vlan-id=0 vlan-mode=fallback
set 9 default-vlan-id=0 vlan-mode=fallback
set 10 default-vlan-id=0 vlan-mode=fallback
set 11 default-vlan-id=0 vlan-mode=fallback
/interface lte apn
set [ find default=yes ] ip-type=ipv4
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool109 ranges=10.109.1.129-10.109.1.142
add name=pool170 ranges=10.170.1.2-10.170.1.6
/ip dhcp-server
add address-pool=pool109 interface=bridge109_JUGEND lease-time=1d name=server109
add address-pool=pool170 interface=bridge170_GAME lease-time=1d name=server170
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge1_LAN ingress-filtering=no interface=sfp1
add bridge=bridge170_GAME ingress-filtering=no interface=ether5
add bridge=bridge109_JUGEND ingress-filtering=no interface=ether7
add bridge=bridge109_JUGEND ingress-filtering=no interface=eoip-tunnel_JUGEND
add bridge=bridge170_GAME ingress-filtering=no interface=ether4
add bridge=bridge170_GAME interface=eoip-tunnel_GAME
add bridge=bridge170_GAME interface=ether9
add bridge=bridge170_GAME interface=ether2
/ip neighbor discovery-settings
set discover-interface-list=none protocol=""
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set accept-redirects=no disable-ipv6=yes forward=no max-neighbor-entries=8192
/interface ovpn-server server
set auth=sha1,md5
/ip address
add address=10.10.1.3/24 interface=bridge1_LAN network=10.10.1.0
add address=37.xx.xx.xx/28 comment=WAN__gw33-110__GAMING interface=ether1 network=37.xx.xx.xx
add address=10.109.1.1/24 interface=bridge109_JUGEND network=10.109.1.0
add address=10.170.1.1/29 interface=bridge170_GAME network=10.170.1.0
add address=37.xx.xx.xx/28 comment=WAN__gw33-99__GAMING disabled=yes interface=ether1 network=37.xx.xx.xx
/ip cloud
set update-time=no
/ip dhcp-server lease
/ip dhcp-server network
add address=10.109.1.0/24 dns-server=10.109.1.1 gateway=10.109.1.1 netmask=24 ntp-server=10.109.1.1
add address=10.170.1.0/29 dns-server=10.170.1.1 gateway=10.170.1.1 netmask=29
/ip dns
set allow-remote-requests=yes cache-max-ttl=10m servers=1.1.1.1,1.0.0.1
/ip dns static
/ip firewall address-list
add address=208.67.222.222 list=OpenDNS
add address=208.67.220.220 list=OpenDNS
add address=10.109.1.0/24 list=SRC_NAT
add address=10.170.1.0/29 list=SRC_NAT
add address=10.0.0.0/8 list=PRV
add address=192.168.0.0/16 list=PRV
/ip firewall filter
add action=fasttrack-connection chain=forward comment="Accept established connections" connection-state=established,related hw-offload=yes
add action=accept chain=forward connection-state=established,related
add action=accept chain=input comment=ICMP protocol=icmp
add action=accept chain=forward protocol=icmp src-address=10.10.1.0/24
add action=accept chain=forward protocol=icmp
add action=accept chain=input comment="Accept established and related connections" connection-state=established,related
add action=accept chain=forward connection-state=established,related
add action=accept chain=input comment=GRE protocol=gre
add action=accept chain=input comment="ADMIN LAN" dst-port=22,8291 protocol=tcp src-address=10.10.1.0/24
add action=accept chain=forward comment=LAN9 dst-address-list=OpenDNS dst-port=53 in-interface=bridge109_JUGEND log-prefix=LAN9_WAN__ out-interface=ether1 protocol=udp src-address=10.109.1.0/24
add action=accept chain=forward comment=LAN9 dst-port=53 in-interface=bridge109_JUGEND log-prefix=LAN9_WAN__ out-interface=ether1 protocol=udp src-address=10.109.1.2
add action=accept chain=input comment=LAN9 dst-address=10.109.1.1 dst-port=53 in-interface=bridge109_JUGEND log-prefix=LAN9_WAN__ protocol=udp src-address=10.109.1.0/24
add action=accept chain=forward comment=LAN9 in-interface=bridge109_JUGEND log-prefix=LAN9_JAN_WAN__ out-interface=ether1 protocol=tcp src-address=10.109.1.2
add action=accept chain=forward comment=LAN9 dst-address=10.10.1.204 in-interface=bridge109_JUGEND log-prefix=LAN9_WAN__ out-interface=bridge1_LAN src-address=10.109.1.2
add action=accept chain=forward comment=LAN9 dst-address=!10.0.0.0/8 dst-port=80,443 in-interface=bridge109_JUGEND log-prefix=LAN9_WAN__ out-interface=ether1 protocol=tcp src-address=10.109.1.0/25
add action=accept chain=input comment=LAN9_WLAN dst-address=10.109.1.1 dst-port=53 in-interface=bridge109_JUGEND log-prefix=LAN9_WAN__ protocol=udp src-address=10.109.1.128/28
add action=accept chain=forward comment=LAN9_WLAN dst-port="" in-interface=bridge109_JUGEND log-prefix=LAN9_WAN__ protocol=tcp src-address=10.109.1.128/28
add action=accept chain=forward comment=LAN9_WLAN in-interface=bridge109_JUGEND log-prefix=LAN9_WAN__ protocol=udp src-address=10.109.1.128/28
add action=accept chain=forward comment=LAN9_WLAN dst-address=10.10.1.204 in-interface=bridge109_JUGEND log-prefix=LAN9_WAN__ out-interface=bridge1_LAN src-address=10.109.1.128/28
add action=accept chain=input comment=LAN170 dst-address=10.170.1.1 dst-port=53 in-interface=bridge170_GAME log-prefix=LAN160_UDP_WAN__ protocol=udp src-address=10.170.1.0/29
add action=accept chain=forward comment=LAN170 in-interface=bridge170_GAME log=yes log-prefix=LAN170_TCP_WAN__ out-interface=ether1 protocol=tcp src-address=10.170.1.0/29
add action=accept chain=forward comment=LAN170 in-interface=bridge170_GAME log=yes log-prefix=LAN160_UDP_WAN__ out-interface=ether1 protocol=udp src-address=10.170.1.0/29
add action=drop chain=forward comment=DROP_FINAL log=yes log-prefix=DROP_FWD__
add action=drop chain=input log=yes log-prefix=DROP_IN__
/ip firewall nat
add action=masquerade chain=srcnat comment=NAT dst-address-list=!PRV log=yes out-interface=ether1 src-address-list=SRC_NAT
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=37.xx.xx.xx
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip smb
set allow-guests=no
/ip ssh
set allow-none-crypto=yes forwarding-enabled=both
/ip upnp
set show-dummy-rule=no
/lcd
set backlight-timeout=never default-screen=stats read-only-mode=yes
/lcd interface
set ether2 disabled=yes
set ether3 disabled=yes
set ether4 disabled=yes
set ether5 disabled=yes
set sfp1 disabled=yes
set ether6 disabled=yes
set ether7 disabled=yes
set ether8 disabled=yes
set ether9 disabled=yes
set ether10 disabled=yes
/snmp
set contact=fw33-c6 enabled=yes location="xxx"
/system clock
set time-zone-name=Europe/Berlin
/system identity
set name=xxx
/system ntp client
set enabled=yes
/system ntp server
set enabled=yes manycast=yes
/system ntp client servers
add address=78.47.184.132
add address=62.116.130.3
/system package update
set channel=testing
/system routerboard settings
set auto-upgrade=yes
/system watchdog
set automatic-supout=no watchdog-timer=no
/tool bandwidth-server
set authenticate=no enabled=no
/tool mac-server
set allowed-interface-list=none
/tool mac-server mac-winbox
set allowed-interface-list=none
/tool mac-server ping
set enabled=no
With this config. Directly 780 Mibit/s - via Port 9 only 450 Mbit/s - Why ?
 
SWISSSNOW
newbie
Topic Author
Posts: 35
Joined: Sun Oct 05, 2014 12:50 am

Re: RB3011UiAS-RM - max. 240 Mbit/s  [SOLVED]

Sun Jun 12, 2022 6:54 pm

Solved:
1. removed Mangle Rules - only testing
2. set up fasttrack connection in fw rules !
 
mafiosa
Member Candidate
Member Candidate
Posts: 266
Joined: Fri Dec 09, 2016 8:10 pm
Location: Kolkata, India
Contact:

Re: RB3011UiAS-RM - max. 240 Mbit/s

Sun Jun 12, 2022 10:26 pm

Solved:
1. removed Mangle Rules - only testing
2. set up fasttrack connection in fw rules !
If you disable mangles then you can't do PCC loadbalancing. It defeats my purpose.

Who is online

Users browsing this forum: A9691, Amazon [Bot], hatred, mogiretony, mojojojo, tjanas94 and 75 guests