Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

hap ac2 low speed with 1gbps fiber  [SOLVED]

Post Reply
 
Bolo
just joined
Topic Author
Posts: 8
Joined: Tue Jan 17, 2023 10:31 pm

hap ac2 low speed with 1gbps fiber

Sun Feb 26, 2023 10:52 pm

Hi there,
I'm pretty new on the forum, networking and Mikrotik products as well.
I decided to start learning routeros from scratch but as a first thing I'd like to use a hap ac2 as main home network router. I have 1Gbps FTTH and the hap is connected to the ONT.
I set the pppoe client up on ether1, basic firewall config (the basic one from mikrotik) and the other interfaces are bridged.
Now, I just can get up to 300Mbps upload speed instead of something close to 1 Gbps. By reading the specs and speed test I assumed hap ac2 was capable to manage such 1Gbps speed with a basic firewall rules set.
Config down below.
Any suggestion or explanation on how I can't get the full speed?
Thanks
Code: Select all
# feb/26/2023 21:49:05 by RouterOS 6.49.7
# software id = 35QG-FUDM
#
# model = RBD52G-5HacD2HnD
# serial number = HCY081Y2GKN
/interface bridge
add admin-mac=18:FD:74:77:0C:48 auto-mac=no comment=defconf name=bridge
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX \
    disabled=no distance=indoors frequency=auto installation=indoor mode=\
    ap-bridge ssid=MikroTik-770C4C wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-XXXX \
    disabled=no distance=indoors frequency=auto installation=indoor mode=\
    ap-bridge ssid=MikroTik-770C4D wireless-protocol=802.11
/interface vlan
add interface=ether1 name=vlan_fibra vlan-id=835
/interface pppoe-client
add add-default-route=yes disabled=no interface=vlan_fibra name=pppoe-fibra \
    password=*********** user=*************
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=default-dhcp ranges=10.10.10.10-10.10.10.100
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=10.10.10.254/24 comment=defconf interface=bridge network=10.10.10.0
/ip dhcp-server network
add address=10.10.10.0/24 comment=defconf dns-server=10.10.10.254 gateway=\
    10.10.10.254
    /ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=10.10.10.254 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
    "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
    ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
    ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=\
    invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" \
    connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-fibra
/system clock
set time-zone-name=Europe/Rome
/system identity
set name=RouterBolo
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
Top
 
liviu2004
Frequent Visitor
Frequent Visitor
Posts: 70
Joined: Tue Jul 01, 2008 10:22 pm
Location: Rotterdam

Re: hap ac2 low speed with 1gbps fiber

Mon Feb 27, 2023 12:48 am

Do you test on cable, wifi, 2g or 5g? You might want to drop dns open resolver, why do you need that? To be part of ddos attacks? You’re one of the bad guys?
Top
 
Moba
Member Candidate
Member Candidate
Posts: 211
Joined: Sun Sep 27, 2020 6:15 pm

Re: hap ac2 low speed with 1gbps fiber

Mon Feb 27, 2023 7:31 pm

There's something wrong if you tested over ethernet. This device can handle a lot more bandwidth with Fasttrack unless the CPU is pegged doing other things. Reset the device, connect a single computer over ethernet and monitor the CPU cores while testing. Anything that can't be handle by the switch has to be processed by the CPU (incl. NAT). If it still doesn't work and the CPU looks fine, something else is probably wrong between the ONT and the router.
Top
 
Bolo
just joined
Topic Author
Posts: 8
Joined: Tue Jan 17, 2023 10:31 pm

Re: hap ac2 low speed with 1gbps fiber

Wed Mar 01, 2023 10:21 am

Dear all,
thanks for the kind replies.
About the DNS attacks...I'n not one of those guys, just set the default config and added the pppoe connection as a first step. My first target is to replace the terrible router provided by the ISP. I also have another cheap routerboard on which I'll be start learning and testing. If something is wrong in the config, please tell me what to remove and, maybe, why and I will also read documentation.
I found out that the usb-nic I was using for testing was somehow limited to around 350Mbps even if it should be a 1Gbps one.
In tried with another one and I get speed up to 930, 935 Mbps which is very reasonable for the 1 Gbps fiber.
I now have another problem right now. The WiFi speed is very slow, up to 100Mbps with both 2.4 and 5 GHz. I can't find any capping configuration but I may absolutely be wrong. Do you have any suggestion?
Thanks again so much!
Top
 
erlinden
Forum Guru
Forum Guru
Posts: 1958
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: hap ac2 low speed with 1gbps fiber  [SOLVED]

Wed Mar 01, 2023 10:27 am

The WiFi speed is very slow, up to 100Mbps with both 2.4 and 5 GHz. I can't find any capping configuration but I may absolutely be wrong. Do you have any suggestion?
Your config is crappy in regards to wireless settings. Please use the search option in this forum (and search for user bpwl), you will find tons of optimizations. Default config just works...but wireless requires a lot of finetuning.
Top
 
Bolo
just joined
Topic Author
Posts: 8
Joined: Tue Jan 17, 2023 10:31 pm

Re: hap ac2 low speed with 1gbps fiber

Wed Mar 01, 2023 11:30 am

I'm gonna do that! :)
The WiFi speed is very slow, up to 100Mbps with both 2.4 and 5 GHz. I can't find any capping configuration but I may absolutely be wrong. Do you have any suggestion?
Your config is crappy in regards to wireless settings. Please use the search option in this forum (and search for user bpwl), you will find tons of optimizations. Default config just works...but wireless requires a lot of finetuning.
Top
Post Reply

Who is online

Users browsing this forum: sebol1204 and 56 guests
  4. RouterOS
  5. Beginner Basics