There are a few boxes (RB450x, RB493, RB1100) that can do a real switch
operation on selected ports.
bp
On 1/20/2011 2:57 PM, Robert Haas wrote:
I wonder if Butch can hear me cussing?
Thanks for that little tidbit. I think I may have found the proverbial straw
for my traffic shaping attempt.
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Scott Reed
Sent: Thursday, January 20, 2011 3:50 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] ***SPAM*** Re: p2p firewall rule
AH, bridged. That is a software operation as well, so it adds to the
processor utilization. Not sure what their algorithms are, but routing
takes less processor than bridging. Or it least it did in 3.x and
earlier. I doubt that has changed.
On 1/20/2011 4:44 PM, Robert Haas wrote:
I knew layer 7 could potentially be an issue, but I've been running
similar
rules on the network for quite some time now on older machines. For some
reason this combo of rules caused an issue.. You're right though, it's the
PPS not the aggregate traffic flow. Even the PPS isn't high enough to
cause
an issue IMO.
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Butch Evans
Sent: Thursday, January 20, 2011 3:15 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] ***SPAM*** Re: p2p firewall rule
On 01/20/2011 02:38 PM, Robert Haas wrote:
The layer 7 rule is still active and I'm back to 40-50% cpu load.
I wouldn't have thought connection limiting would cause an issue, but
could
it be a combination of the two - layer 7& connection limiting?
Layer 7 is certainly a high cpu cost. Connection limiting is not
usually that much of a cpu intensive rule, but it is certainly more than
inspecting tcp headers or whatever. Most (not all) stateful matchers
are relatively low cpu requirements.
_______________________________________________
Mikrotik mailing list
[email protected]
http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
