[Mikrotik] Policy Routing
cbender at skynetbb.com
Tue Jan 15 22:49:30 CST 2008
Can't you build a basic linux machine for mlppp and route from there to the
From: mikrotik-bounces at mail.butchevans.com
[mailto:mikrotik-bounces at mail.butchevans.com] On Behalf Of Kriss
Sent: Tuesday, January 15, 2008 7:24 PM
To: Mikrotik discussions
Subject: [Mikrotik] Policy Routing
Greetings to the 'Tik list. Thanks to Butch for hosting it, very
generous of you kind sir!
My problem. I have multiple DSL lines coming into a single RB532A, 5 of
them in fact. At one point many of you may remember my question on EOIP
Tunnels, that flopped. So instead we decided to just route subnets over
the lines and manually manage our traffic per line.
So i have 5 lines -> the RB and we policy route the subnets. All public
IP's, no NAT. The problem is that the lines independently of the RB are
performing like champs at the rate we are paying for to the teleco.
However, once plugged into the RB532 with the policy routing going, they
drop their performance by a huge margin. The lines are 3Mb and average
load we are able to get on the lines behind the RB532 is around 512.
Without the RB532 we get 2.4-2.7 (which is right given the DSL overhead.)
Now onto more strangeness. If I do a btest from my router at my NOC to
the RB532 at the DSL Location which does the policy routing, it will
show correct performance. The speed hit only occurs *behind/after* the
RB532. Yes, we have tried a different port. The port is currently on the
6 port daughter board for the network side of that RB532.
I have removed all additional firewall rules. Tried enabling and
disabling connection tracking (usually we leave it on...) CPU resources
almost always at 30% or less. We have tried disabling all of our queues
and combinations of the above.
Any ideas why the performance would suffer once behind the RB532 ?
We are considering moving to a PC based setup, and i've checked the
configuration and it looks like what MT has in a very various places of
their documentation (Previously we didn't have mangle rules in, and it
worked like the above, i recently put it in just to be sure but it
doesn't seam to make a difference.)
Actual throughput is less than 1500pps and each line is only serving
out 1.5Mb, but the clients themelves usually only hit 300-700kbit.
despite a line showing having much more available.
Not sure if you need anything else, do you think we'll have better
experience with a x86/Pc system doing the work instead of the Rb?
Each DSL line servers upto 50 clients, but most we cap out at 30 and it
doesn't matter if we have 30 clients or 10 clients or 1 clients on at
the moment. If its behind the RB, its severely throttled.
seccour at nebonet.com
Mikrotik mailing list
Mikrotik at mail.butchevans.com
More information about the Mikrotik