[Mikrotik] Policy Routing

Charles Bender cbender at skynetbb.com
Tue Jan 15 22:49:30 CST 2008

Can't you build a basic linux machine for mlppp  and route from there to the

-----Original Message-----
From: mikrotik-bounces at mail.butchevans.com
[mailto:mikrotik-bounces at mail.butchevans.com] On Behalf Of Kriss
Sent: Tuesday, January 15, 2008 7:24 PM
To: Mikrotik discussions
Subject: [Mikrotik] Policy Routing

Greetings to the 'Tik list. Thanks to Butch for hosting it, very 
generous of you kind sir!

My problem. I have multiple DSL lines coming into a single RB532A, 5 of 
them in fact. At one point many of you may remember my question on EOIP 
Tunnels, that flopped. So instead we decided to just route subnets over 
the lines and manually manage our traffic per line.

So i have 5 lines -> the RB and we policy route the subnets. All public 
IP's, no NAT. The problem is that the lines independently of the RB are 
performing like champs at the rate we are paying for to the teleco. 
However, once plugged into the RB532 with the policy routing going, they 
drop their performance by a huge margin. The lines are 3Mb and average 
load we are able to get on the lines behind the RB532 is around 512. 
Without the RB532 we get 2.4-2.7 (which is right given the DSL overhead.)

Now onto more strangeness. If I do a btest from my router at my NOC to 
the RB532 at the DSL Location which does the policy routing, it will 
show correct performance. The speed hit only occurs *behind/after* the 
RB532. Yes, we have tried a different port. The port is currently on the 
6 port daughter board for the network side of that RB532.

I have removed all additional firewall rules. Tried enabling and 
disabling connection tracking (usually we leave it on...) CPU resources 
almost always at 30% or less. We have tried disabling all of our queues 
and combinations of the above.

Any ideas why the performance would suffer once behind the RB532 ?

We are considering moving to a PC based setup, and i've checked the  
configuration and it looks like what MT has in a very various places of 
their documentation (Previously we didn't have mangle rules in,  and it 
worked like the above, i recently put it in just to be sure but it 
doesn't seam to make a difference.)

Suggestions ?

Actual throughput is less than 1500pps  and each line is only serving 
out 1.5Mb, but the clients themelves usually only hit 300-700kbit. 
despite a line showing having much more available.

Not sure if you need anything else, do you think we'll have better 
experience with a x86/Pc system doing the work instead of the Rb?

Each DSL line servers upto 50 clients, but most we cap out at 30 and it 
doesn't matter if we have 30 clients or 10 clients or 1 clients on at 
the moment. If its behind the RB, its severely throttled.

- Kriss
seccour at nebonet.com

Mikrotik mailing list
Mikrotik at mail.butchevans.com

More information about the Mikrotik mailing list