Community discussions

MikroTik App
 
happydaisy
just joined
Topic Author
Posts: 4
Joined: Tue Dec 29, 2020 10:31 pm

RB750GL - RouterOS 7.6, Bridge or switch?

Wed Mar 15, 2023 1:18 am

Hi,
I have an RB750GL configured in a very simple setup using a Bridge. I was wandering if there would be a noticeable performance increase by switching it to /switch configuration, I haven't played with /switch before and if I have to go down that route I would like some advise on what to do.

Here is the configuration. Basically it serves out vlan50 and another router (RB4011) connects to it as a dhcp client with no default route.

Cheers
/interface bridge
add ingress-filtering=no name=bridge1 vlan-filtering=yes
/interface vlan
add interface=bridge1 name=vlan50 vlan-id=50
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=vlan50pool ranges=192.168.50.2-192.168.50.254
/ip dhcp-server
add address-pool=vlan50pool interface=vlan50 name=server1
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2 pvid=50
add bridge=bridge1 interface=ether3 pvid=50
add bridge=bridge1 interface=ether4 pvid=50
add bridge=bridge1 interface=ether5 pvid=50
add bridge=bridge1 interface=vlan50 pvid=50
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether1 untagged=ether2,ether3,ether4,ether5 \
    vlan-ids=50
/ip address
add address=192.168.50.1/24 interface=vlan50 network=192.168.50.0
/ip dhcp-client
# DHCP client can not run on slave or passthrough interface!
add interface=ether1
/ip dhcp-server network
add address=192.168.50.0/24 gateway=192.168.50.1
/ip firewall filter
add action=fasttrack-connection chain=input hw-offload=yes
/system clock
set time-zone-name=Australia/Sydney
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11446
Joined: Thu Mar 03, 2016 10:23 pm

Re: RB750GL - RouterOS 7.6, Bridge or switch?

Wed Mar 15, 2023 8:27 am

Changing over to switch setup would definitely make your RB750GL a much faster switch.
Conversion between the two configuration styles is not trivial, but not hard either. Basically you have to replace /interface bridge port and /interface bridge vlan sections with corresponding config under /interface ethernet switch subtree. I suggest you doing it using winbox (MAC connection) and using safe mode enabled. If you miss something in /interface ethernet switch subtree, you can loose MAC connectivity as well and that's where safe mode can save your day.

While you're at it, you may want to upgrade ROS to latest stable version (v7.8 as of writing).

BTW, you have a few errors in your config:
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2 pvid=50
add bridge=bridge1 interface=ether3 pvid=50
add bridge=bridge1 interface=ether4 pvid=50
add bridge=bridge1 interface=ether5 pvid=50
add bridge=bridge1 interface=vlan50 pvid=50
You should never ever add subordinate interface (vlan50 is vlan interface, anchored off bridge interface) back to bridge, effectively you're creating a loop (it's not really drastic one due to tagging/untaggin by vlan interface, but can make bridge unhappy).

Additionally, what purpose does DHCP client on ether1 serve? The comment even warns that this is not correct setup because ether1 is "slave" of bridge. You should remove this DHCP client.
 
User avatar
Buckeye
Forum Veteran
Forum Veteran
Posts: 890
Joined: Tue Sep 11, 2018 2:03 am
Location: Ohio, USA

Re: RB750GL - RouterOS 7.6, Bridge or switch?

Wed Mar 15, 2023 8:53 am

It appears you are using the RB750GL as a switch only, but tagging on ether1.

So you are doing vlan operations, and currently doing it with the CPU, which is pretty lame on the RB750GL (AR7242 1 core 400Mhz MIPSBE with AR8327-BL1A switch chip). Look at the test results, where it appears that it can handle about 81k pps, where the switch chip is capable of 406 (taken from RB250 which uses the slightly older AR8316 but has same number of ports).

If you need to have ether1 tagged, and you want the best performance, then the switch method is what will provide it.

Whether it will be noticeable in your situation depends on what it is being used for, and how many packets per second you will be processing over all the ports. If you have another vlan capable switch, you could compare the performance you get it it with what you do with the software bridge. I would expect a managed switch to perform about the same as using the RB750GL with the switch method. Then you could decide if it is worth your time to figure out how to get it configured with the switch method.
 
happydaisy
just joined
Topic Author
Posts: 4
Joined: Tue Dec 29, 2020 10:31 pm

Re: RB750GL - RouterOS 7.6, Bridge or switch?

Wed Mar 15, 2023 9:11 am

Thank you for the feedback.
Basically the purpose of this little device is to serve out DHCP to an isolated network with no internet access. The hardware on that network basically stops working if it loses IP address and I don't really want to go down static IP addresses on the individual devices in the network as I don't have control over them myself. This device basically sits at another power point in another location so things won't stop working if I am messing with the data rack, unplugging things, updating firmware and the like. Most of the traffic will be between devices on the same VLAN (50), only 'control' commands are going to be sent from the main network.

The DHCP-client bit was so the RB750GL gets an IP address from the RB4011, so I can route return traffic from my main network more easily. Normally this wouldn't be part of the bridge as it would be a 'WAN' port, I'll have to think on this one a bit more.

Thanks for spotting the subordinate interface bit, I just checked my RB4011 and haven't made the same mistake there.

The reason I am using the RB750GL is because it was on hand... I may swap it over to a HEX POE at some point as a few of these devices can be POE powered.
 
User avatar
JohnTRIVOLTA
Member
Member
Posts: 345
Joined: Sun Dec 25, 2016 2:05 pm
Location: BG/Sofia

Re: RB750GL - RouterOS 7.6, Bridge or switch?

Wed Mar 15, 2023 9:28 am

Bridge vlan filtering performance results :
Image
 
happydaisy
just joined
Topic Author
Posts: 4
Joined: Tue Dec 29, 2020 10:31 pm

Re: RB750GL - RouterOS 7.6, Bridge or switch?

Wed Mar 15, 2023 12:27 pm

That throughout actually looks better than I expected.
I'll fix the configuration when I get a chance and monitor the CPU usage when the system is in use.

Thanks everyone, I'll let you know how I go
 
User avatar
Buckeye
Forum Veteran
Forum Veteran
Posts: 890
Joined: Tue Sep 11, 2018 2:03 am
Location: Ohio, USA

Re: RB750GL - RouterOS 7.6, Bridge or switch?

Wed Mar 15, 2023 2:47 pm

Bridge vlan filtering performance results :
Thanks for posting real results.

If you still have the config loaded, can you do an iperf test with 60 byte packets (82 or 78 bytes ethernet frame depending on whether vlan tag is present or not) through the RB750GL and also through a dumb switch. That should show a bigger difference than with 1500 MTU packets, because the majority of the CPU time is per packet (it is setting up a transfer and then the ethernet controller probabaly uses DMA when actually sending the ethernet frame). So you are more likely to notice the limits pushing small packets through (for example 20 bytes of tcpdata will result in 60 byte + 22 bytes of ethernet overhead (with vlan header). using --set-mss=20 if memory serves.

But this is primarily for curiosity sake. The application that @happydaisy posed isn't going to be data intensive. And if the DHCP server is on the RB750GL, then the packets will always hit the CPU anyway, so doing stuff in the switch ASIC isn't going to make a measurable performance difference, so using the "standard vlan-filtering bridge method" is what I would do given the circumstances.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11446
Joined: Thu Mar 03, 2016 10:23 pm

Re: RB750GL - RouterOS 7.6, Bridge or switch?

Wed Mar 15, 2023 3:34 pm

I have a couple of RB951Gs, which feature a bit faster CPU but same switch chip. And I can tell that when configured via switch chip menus (including VLANs), this thing can do wirespeed without CPU even noticing. If done via bridge menus, it'll be able to go to 1Gbps between a pair of ports, but with CPU pegged at 100%. I never tried running tests between two pairs of ports concurrently (because I don't have enough capable wired devices at home), but I guess it would divide CPU throughput between the ports. And as I already wrote, the config on switch chip is not something worth a PhD (even ChatGPT might get it working).
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11446
Joined: Thu Mar 03, 2016 10:23 pm

Re: RB750GL - RouterOS 7.6, Bridge or switch?

Wed Mar 15, 2023 3:40 pm

The DHCP-client bit was so the RB750GL gets an IP address from the RB4011, so I can route return traffic from my main network more easily.

it's not entirely clear here who does routing between VLAN50 and the rest of network. Since ether1 is either trunk or hybrid port (if untagged is allowed over wire, it'll be mapped as VLAN1 due to default config, it'll be available as untagged on bridge as well), it could be RB4011 that's doing the routing. But anyway, if the intent of DHCP client is for RB750GL to get IP address on untagged portion of ether1, then DHCP client should go to bridge interface. Binding DHCP client to ether1 is definitely wrong in any case.

Who is online

Users browsing this forum: abdullanetworking, carrionlee, holvoetn, mkx and 38 guests