[AusNOG] Routeros 6.15 Memory Leak

Damien Gardner Jnr rendrag at rendrag.net
Fri Aug 15 12:17:54 EST 2014 

That's a good point - I am using conntrack, as I'm also running a couple of
VRF's with NAT, as well as doing policy routing for sending traffic from a
couple of legacy subnets out to the provider they belong to (due to ingress
filtering on that provider's border)

I just re-tested with iperf in udp mode, and I can happily push
960mbytes/sec between vlans on the bond, which pushes one CPU core to 91%
 I wonder if it might be worthwhile moving those VRF's to a router in a VM,
and doing away with conntrack.. Hmm!  Thanks for the insight :)


On 15 August 2014 11:38, Alexander Neilson <alexander at neilson.net.nz> wrote:

> I suspect that some of this could be also the firewall rule changes etc on
> the boxes.
>
> Not sure what exactly they fixed but I found that traffic going through
> the devices seems to be processed by conn track or at least it went through
> some of the conn track processing before being handled even when conn track
> was turned off (this was the bug I reported)
>
> I could easily understand that something might be affecting TCP at this
> point and would let UDP go fairly well. But I guess we will see on release.
>
> Regards
> Alexander
>
> Alexander Neilson
> Neilson Productions Limited
>
> alexander at neilson.net.nz
> 021 329 681
> 022 456 2326
>
> On 15/08/2014, at 1:26 pm, Matt Perkins <matt at spectrum.com.au> wrote:
>
> > I would suspect it would go faster then 620M/b but perhaps TCP with
> overhead goes that badly. Was your test traffic UDP/TCP what sort of packet
> size's. I have a CCR with 5 bonded interfaces where I did a back to back
> test between a ccr and a linux box using btest with UDP (didnt test tcp)
> was well over 4G.
> >
> > Matt.
> >
> > On 15/08/2014 11:17 am, Damien Gardner Jnr wrote:
> >> I don't believe so - I'm running 2x1gbps ports in a bond to my switch,
> trying to pass traffic between two vlans on that bond.  When testing, I'm
> making sure I'm picking machines with the right mac address combos so
> traffic goes in one interface in the bond, and out the other interface, but
> it just won't push much past 620mbps. While iperf is running, I have two
> cpu cores at 99%.  If I pass the traffic between two hosts on the same vlan
> it happily hits the full 1gbps.
> >>
> >> From what I could see in the docs, you can't use fastpath when using
> bonded interfaces?  I haven't put a HUGE amount of effort into it, as I
> don't *need* the bandwidth (usual inter-vlan traffic is more in the 10s of
> mbps), it was just an irritation as I would have thought a router with a
> 10G interface would be able to handle a full 1G through it's 1G interfaces
> ;)   Considering the power saving compared to the DL360G3 it replaced, I
> can live with the small bandwidth hit :)
> >>
> >> --DG
>
>


-- 

Damien Gardner Jnr
VK2TDG. Dip EE. GradIEAust
rendrag at rendrag.net -  http://www.rendrag.net/
--
We rode on the winds of the rising storm,
 We ran to the sounds of thunder.
We danced among the lightning bolts,
 and tore the world asunder
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140815/cc4c82c2/attachment.html>

More information about the AusNOG mailing list