Layer 3 Hardware Offloading Mikrotik - Deep Dive
Вставка
- Опубліковано 13 вер 2024
- #L3HwOffloading #mikrotik #routeros7
Are you ready to supercharge your MikroTik router's performance with Layer 3 Hardware Offloading?
I'll take you through the step-by-step process in a real lab environment with physical devices. Watch closely as we demonstrate how to enable and harness the magic of Layer 3 Hardware Offloading on MikroTik routers.
Here's what you can expect:
🔹 Exploring Layer 3 Hardware Offloading: Learn what it is and why it matters for network optimization.
🔹 Real Lab Demonstration: Follow along as we configure and optimize MikroTik devices for maximum performance.
🔹 Pro Tips and Troubleshooting: Gain valuable insights and solutions for common challenges.
Whether you're a networking professional or a MikroTik enthusiast, this video will empower you to elevate your network game. Subscribe now and ring the notification bell so you won't miss this essential tutorial!
#MikroTik #Layer3Offloading #NetworkOptimization
Check more videos on my channel
/ @thenetworktrip
Connect with Wilmer Almazan
LinkedIN: / wilmeralmazan
Facebook: / nsswilmeralmazan
Twitter: / wilmer_almazan
Instagram: / wilmer_almazan
Personal Blog: thenetworktrip...
mikrotik
routeros 7
ospf
mtcna
mtcre
cybersecurity
routing
cloud computing
virtualization
switching
network automation
I am building my lab with a full Mikrotik stack. Your videos have been instrumental in my training and understanding the ins and outs of the Mikrotik world. I do wish to give you a very big THANK YOU fo your help an dclear presintation of methods and configurations.
Thanks! this was exactly the fix I was looking for. CPU stays under 35% most of the time now and I learned how to VLAN better!
Great to hear!
You are simply the best Mikrotik trainer I have seen.
Thank you. Really happy to see this today. You are the best!!!!
You are so welcome!
Network trip . Did really well in ospf . He did extremely well on ospf . Respect to him on ospf as aswell as other lecture
Thank you!
Your videos are awesome. Thanks!
Glad you like them!
Great tutorial !
Thanks Wilmer
Very well structured and well explained video.
Thank you!
Great content as always. Thanks!
Much appreciated!
Really good video
Glad you enjoyed it
excellent tutorial ! thanks
Glad you enjoyed it!
Would be great to have a step by step NAT - using Fasttrack and firewall using Fasttrack guide.. with these, it almost seems inconceivable but, might one completely eliminate CCR's for CRS devices for doing most deployments? BGP?
Hi sir! Great tutorial.
Will it work if I have only one interface for both up and downstream traffic?
Many thanks sir
It’s a pleasure
I have a crs326. Configured hw offload with single bridge only. I see the "H" in the route list. But when I pass traffic, cpu stay very high (93%). It doesn't seem like HW offload is working. When I look at the vlan under bridge on the interface screen, I see traffic on the vlan instead of physical interface. Any suggestion?
As always very thanksful Mr.Wilmer..! it was very informative..!
But Question to ask: why you use VLAN in your LAB..? i mean why you didn't just use the physical interface and assigning IP to it without creating any VLAN..?
Hello Ali!
That will force to use the CPU, if we want to take advantage of L3 hardware offloading we must use a bridge and Vlan interfaces.
Just began exploring Mikrotik. Useful Vid! Heroic dose!
Can you elaborate on HW offload for inter-vlan routing security? What performance penalty (CPU) on Switch ACLs vs IP firewall + Fastrack?
I'm accustomed to L3 switch ACLs stateful TCP and stateless UDP. Can Mikrotik bridge / vlan int routing be full L4 stateful within the bridge / vlan interfaces. Or must go CPU?
I have the packet flow documentation which I need to dive into more but the GNS3 routeros image lacks the switch chip / ACLs. Likely I need to buy switch to really demo Mikrotik L3 switching. Eyeing CRS326-24S+2Q+ vs CRS317-1G-16S+. CRS326-24S+2Q+ appears more designed toward L2 raw forwarding. CRS317-1G-16S+ appears more designed toward L3/4 given it has much more CPU.
I have a question, in a scenario where you have multiple CRS310's and at the end of it a client device, assigning a /30 address on a vlan on the bridge in the last CRS310, tagging the vlan on the bridge and on the interface connected to a client mikrotik, and assigning a /31 IP address on the vlan and another on the customer mikrotik seems to break offload. Im getting 20% cpu on 65mbps. :-( am I missing something? ) all routes have the flag H in them.
amazing. if im going to use my ccr2216 to bgp peer with my upstream provider, do i need follow exactly the same procedure?
You mention that we can only have a single bridge, but you are using ospf here as well. You recommend using a loopback bridge in OSPF. So don't we end up with two bridges here?
Hello!
Only one bridge will be using hardware offloading. You can add a loopback interface without any problems.
Hi and great video! Is it possible to use L3HW Offloading without OSPF? (i know, the routing must then be done manually)..
Hello!
Yes, you can use static routing
Sir can explore more regarding mpls hardware offloading on mikrotik. I believe it only works on lates ccr 22xxx or 21xxx series
Thanks for the suggestion! I’ll create a class about it.
How would you add a Management VLAN as well as romon and MAC telnet to this setup?
Does this work with the rb750gr3?
Would be interesting to see how those CPU counts look like when running tcp tests. UDP is very forgiving...
It should not impact the CPU because it does not it.
@@TheNetworkTrip I noticed the introduction of lo interface somewhere in the last couple of releases, it seems any IP configured on this interface is not offloaded. and if that is the IP your traffic hits to go through the router, CPU baby! I by default install a loopback address and advertise it passively as broadcast on ospf.
@@arebacollins All traffic going to the router will hit the CPU!! The traffic going to remote hosts will be offloaded
@@TheNetworkTrip then something must be amiss. I dont seem to be getting offloaded even with all the routes set up and marked as H
In the case of having two operators and only receiving default routes, would it work well for the BGP border?
without a public IP on this BGP border
Hello!
If all the routes are in the main table, yes. If not, only the main table will be hardware offloaded.
Very good video, everything explained clearly, I have been using several CRS305 with Hardware Offloading for a couple of months now, they are installed in micro pops, they have a WAN interface (where there is BGP to announce our prefixes) and a LAN interface where simply with a DHCP delivers the service, but I have problems limiting the speed, I used the "rate" function in Switch>Rule and it worked well but until certain traffic, I have noticed that after 1.5Gbps it starts to cause problems, for example on the WAN port It reaches 1.5Gbps and only 1.2Gbps is coming out of the LAN port, I deactivate the rule and at that moment both interfaces start to have 1.5. Could you help me with an idea of how I could effectively limit the service? taking into account that it was done in switch>rule since, being hierarchical, it first had a rule allowing ICMP not to be affected by saturation and avoid high times and packet losses (at least in that protocol). Thank you so much.
Hello!
I'll create some videos about rate limiting on CRSXXX devices.
is it possible to hardware offload MPLS on those devices? P PE function? if so, are you planning to make video about it?
I’ll complete some additional testing with MPLS VPNs and I’ll add a video about it
@@TheNetworkTrip while you're at it, could you check if it's possible to hardware offload macsec on these chips ?
Great! Is L3HW work on BGP routes?
Hello!
Yeah, it does, it will offload up to 240k entries (CCR2216).
Is this applicable for Mpls/Vpls with Ospf case?
Hi, i enable L3 Hw Offloading but this block navigation to internet on the vlans
Hi!
Before enabling l3 hardware offloading, you must build the Vlan table and enable Vlan filtering as I explained in the video.
Vlans should work without any problem.
Thanks!@@TheNetworkTrip in my case, get out ports with my "wans" of the bridge has the solved
@@AlejandroMartinezHernandez-f8u Removing the ports from the bridge will disable L3 hardware offloading in those interfaces. The ports should remain in the bridge, and manage all the IPs using vlan interfaces as I have shown in the video.
Thanks, yes! it was my mistake. Regarding this configuration, it is recommended to use ServerOpenVPN
ccr2004 -16G-2S+ ? does it have l3hw like the 2116 ? cant see anything in the literature
Hello, no,it doesn’t. At the moment, the CCR2116 and CCR2216 are the only CCRs that support it (plus CRS 3xx and 5xx)
It is worth activating it in a CCR 2116 acting as DHCP Server + CGNAT?
Hello! If you have high traffic and don't require mangle or VRFs, using it would be a great idea.
Would MPLS/VPLS work this way too?
what happen with your blog - thenetworktrip ???
Coming soon!
mano esto mismo pero en español por favor!