It sounds like the vlan to vlan rules are going though the cpu, not the switch. Essentially, if I got this right, if going through the switch at layer 2, you get full line speed (as seen going from server to server). But when traversing vlans (essentially layer 3), you need to go though the cpu, which would be limited speed. Faster mikrotik router may help...
-Tiernan Get Outlook for iOS<https://aka.ms/o0ukef> On Mon, Aug 21, 2017 at 5:55 PM +0100, "Terri Kelley" <net...@farm-market.net<mailto:net...@farm-market.net>> wrote: So I have a speed mystery with a Netgear 16port switch and a 750Gr3. The switch I have vlan'ed the first 8 ports in one and the second 8 in another, untagged. I have a 750Gr3 where the wan port has several public IPs 6.x.1.x/27 assigned. Port2 has an office 192.x.x.x/24 subnet NAT'ed and is plugged in to one of the first 8 switch ports. Port 3 has a server 10.x.x.x/24 subnet Nat'ed and is plugged in to one of the last 8 switch ports. First rule in the firewall nat is add action=masquerade chain=srcnat disabled=yes out-interface=ether1 \ to-addresses=0.0.0.0 (left over from the initial config I did a long time ago). The second rule is add action=src-nat chain=srcnat src-address=192.168.x.x/24 to-addresses=\ 6.x.1.2. The rest of the rules are src-nat and dat-nat rules for a 6.x.1.x and a corresponding 10.x.x.x address for servers. If I iperf from one of the last 8 switch ports to a server I get gig speeds. If I iperf from one of the first 8 switch ports to a server I get around 250 megs speed. The same if I iperf from elsewhere on the network. Any ideas why I have the slow down? Thanks -- Terri Kelley -------------- next part -------------- An HTML attachment was scrubbed... URL: _______________________________________________ Mikrotik mailing list Mikrotik@mail.butchevans.com http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS -- This message has been scanned for viruses and dangerous content by E.F.A. Project, and is believed to be clean. Click here to report this message as spam. http://mail.tiernanotoole.net/cgi-bin/learn-msg.cgi?id=DB6F21213F7.A11D0&token=794c9a7f0fbd5d83e247f51bb4b88a1d -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20170821/e7745391/attachment.html> _______________________________________________ Mikrotik mailing list Mikrotik@mail.butchevans.com http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS