Community discussions

MikroTik App
 
lctn
Member Candidate
Member Candidate
Topic Author
Posts: 176
Joined: Tue Apr 04, 2006 3:51 pm

Experiencing VxLAN limits and drops

Wed Mar 30, 2022 6:51 pm

We are running a few VxLAN tunnels on a CCR1036-8G. The one tunnel in true production seems to be limited in throughput and when it hits around 300Mb, drops off for a short period of time. The tunnel seems to consistently underperform when compared to networked devices outside the tunnel. When testing my workstation, outside the tunnel, speed test across our WAN will be 100-150Mb higher than a device running through the tunnel (testing 1 device on its own tunnel, so no other traffic).

My desktop will pull 400+Mb down but my laptop via the tunnel will cap off at about 260Mb. My laptop pulls higher if I move it outside of the tunnel.

I have the tunnel set at 1400 mtu (tested 1500 too) and the main WAN interface is 10Gb with mtu set at 1500.. L2 MTU is 8900 and shows as 8500 on the tunnel interface.

Ideas?

Attaching configs:
Near End
# mar/30/2022 08:13:57 by RouterOS 7.1.3
# software id = AKVK-AUV6
#
# model = CCR1036-8G-2S+

/interface bridge
add name=BRIDGE-VxLAN-VNI-100
add name=BRIDGE-VxLAN-VNI-101
add name=BRIDGE-VxLAN-VNI-102
add ingress-filtering=no name=Vb99 pvid=99 vlan-filtering=yes
add name=loopback
/interface ethernet
set [ find default-name=sfp-sfpplus1 ] l2mtu=8900
/interface vxlan
add group=239.0.0.1 interface=Vb99 mtu=1400 name=vxlan100 port=8472 vni=100
add group=239.0.0.1 interface=Vb99 mtu=1400 name=vxlan101 port=8472 vni=101
add group=239.0.0.1 interface=Vb99 mtu=1400 name=vxlan102 port=8472 vni=102
/interface vlan
add interface=vxlan102 name=V704 vlan-id=704
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/port
set 0 name=serial0
set 1 name=serial1
/routing ospf instance
add disabled=yes name=Area0 router-id=192.168.99.1
/routing ospf area
# ospf instance not active
add instance=Area0 name=Area0
/snmp community
add addresses=::/0 name=xxxx
/interface bridge port
add bridge=BRIDGE-VxLAN-VNI-100 interface=vxlan100
add bridge=BRIDGE-VxLAN-VNI-100 interface=ether2
add bridge=BRIDGE-VxLAN-VNI-102 interface=ether3
add bridge=BRIDGE-VxLAN-VNI-101 interface=vxlan101
add bridge=BRIDGE-VxLAN-VNI-101 interface=ether4
add bridge=BRIDGE-VxLAN-VNI-102 interface=vxlan102
add bridge=Vb99 interface=sfp-sfpplus1 pvid=99
/interface bridge vlan
add bridge=Vb99 tagged=sfp-sfpplus1 vlan-ids=99
/ip address
add address=192.168.99.1 interface=loopback network=192.168.99.1
add address=172.168.0.1/24 interface=Vb99 network=172.168.0.0
/ip dhcp-client
add interface=ether7
/ip firewall filter
add action=accept chain=input dst-port=161 in-interface=ether7 log=yes \
    protocol=udp src-address=10.10.0.0/16
/routing ospf interface-template
# ospf area not active
add area=Area0 interfaces=loopback networks=192.168.99.1/32
# ospf area not active
add area=Area0 interfaces=sfp-sfpplus1 networks=172.168.0.0/24
/snmp
set contact= \
    trap-community=lctnmrtg trap-version=2
/system clock
set time-zone-name=America/Chicago
/system identity
set name=LCTN-VxLAN-VRF
/system logging
set 0 disabled=yes
add disabled=yes topics=snmp
add topics=firewall
/tool graphing interface
add
/tool sniffer
set filter-interface=BRIDGE-VxLAN-VNI-101

Far end:
# mar/30/2022 06:28:13 by RouterOS 7.1.1
# software id = MPIL-B0WN
#
# model = CCR1036-8G-2S+

/interface bridge
add ingress-filtering=no name=BRIDGE-VxLAN-VNI-102 vlan-filtering=yes
add ingress-filtering=no name=Vb99 pvid=99 vlan-filtering=yes
add name=loopback
/interface ethernet
set [ find default-name=ether1 ] l2mtu=8900
/interface vxlan
add group=239.0.0.1 interface=Vb99 mtu=1400 name=vxlan-vni-102 port=8472 vni=\
    102
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=172.168.0.10-172.168.0.30
/ip dhcp-server
add address-pool=dhcp_pool0 interface=Vb99 name=dhcp1
/port
set 0 name=serial0
set 1 name=serial1
/routing ospf instance
add disabled=yes name=Area0 router-id=192.168.99.4
/routing ospf area
# ospf instance not active
add instance=Area0 name=Area0
/interface bridge port
add bridge=BRIDGE-VxLAN-VNI-102 interface=vxlan-vni-102
add bridge=BRIDGE-VxLAN-VNI-102 interface=ether2
add bridge=Vb99 interface=ether1 pvid=99
add bridge=BRIDGE-VxLAN-VNI-102 interface=ether4 pvid=703
add bridge=BRIDGE-VxLAN-VNI-102 interface=ether5 pvid=704
add bridge=Vb99 interface=ether6 pvid=99
/interface bridge vlan
add bridge=BRIDGE-VxLAN-VNI-102 tagged=vxlan-vni-102,ether2 vlan-ids=703
add bridge=BRIDGE-VxLAN-VNI-102 tagged=vxlan-vni-102,ether2 vlan-ids=704
add bridge=Vb99 tagged=ether1 untagged=ether6 vlan-ids=99
/ip address
add address=172.168.0.4/24 interface=Vb99 network=172.168.0.0
add address=192.168.99.4 interface=loopback network=192.168.99.4
/ip dhcp-client
add interface=ether8
/ip dhcp-server network
add address=3.3.3.0/24 gateway=3.3.3.0
add address=172.168.0.0/24 gateway=172.168.0.4
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=172.168.0.1 routing-table=main \
    suppress-hw-offload=no
/routing ospf interface-template
# ospf area not active
add area=Area0 interfaces=loopback networks=192.168.99.4
# ospf area not active
add area=Area0 interfaces=ether1 networks=172.168.0.0/24
/system clock
set time-zone-name=America/Chicago
/system identity
set name=LCTN-Rm426
/tool sniffer
set filter-interface=ether1

Who is online

Users browsing this forum: AtisE, VinceKalloe and 93 guests