Community discussions

MikroTik App
 
silPlate
just joined
Topic Author
Posts: 1
Joined: Fri Dec 30, 2022 11:17 pm

Out of box line speed or fastrak\fastpath?

Fri Dec 30, 2022 11:53 pm

Hello all,

I have a MikroTik RB750Gr3 that I want to perform one simple duty. Route one IP subnet from our single firewall to our ISP's edge router using our 1Gbps symmetrical internet subscription. (no VLANs no Nat, or anything needed)

1. How can I ensure that I get the fastest line speed for the two ports I am using? (1 Lan port and 1 Wan port) Do I need to enable FastTrack or FastPath or will it give the max speed out of the box?

2. If I just want to route and turn off the firewall do I lose fast track and the speed it gives you? If I do that how do I protect the router from people getting to services on the router?

3. Since my internet connection is symmetrical do you think this device could ever push 1 Gbps up and 1 Gbps down at the same time? Or would I need a more powerful MikroTik to do that?

Thanks!!
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Out of box line speed or fastrak\fastpath?

Sun Jan 01, 2023 11:56 am

1. fasttracking is a special behaviour of the firewall. Its purpose is to reduce the CPU load caused by firewall processing by skipping some steps of that processing for some packets.
So with firewall processing (including NAT) completely disabled, the throughput is always better than with fasttracking.

2. without a firewall, you can use policy routing to prevent the router itself from responding requests coming from other source addresses than those you permit, but you cannot make it selective per service (i.e. port) this way and you cannot prevent the router from accepting the requests (only the response will not reach the requestor). You can also restrict the allowed source subnets at application level for some of the services, but that feels less reliable than doing that using the firewall to me, and the router will still send a response (albeit a negative one) to the client. Or you can use an USB to serial adaptor to manage the router using a command line and disable the management services completely.

3. this table shows that even without any firewall, the aggregate throughput for 512-byte packets is less than the 2 Gbit/s you need for a symmetric 1 Gbit/s connection. Real life experience shows that the figures for 512-byte packets are representative for a general traffic mix.

So I would look for some device from the CRS3xx/CRS5xx line, as some of these devices support routing in hardware.
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 2990
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Out of box line speed or fastrak\fastpath?

Sun Jan 01, 2023 10:39 pm

be aware of this block diagrams

Image

Image

Who is online

Users browsing this forum: andrep and 53 guests