RB2011UAS-2HnD intasato

[ss4]

Ciao,rieccomi con un'altro problemino,il solito RB2011UAS-2HnD collegato ad un router configurato in bridge(solo modem),la configurazione è piuttosto liscia e ogni 10 giorni circa mi ritrovo con la connessione verso l'esterno mezza morta e pure tra i client della lan,ho delle latenze abominevoli tipo 5000 ms,pingtest.net mi schiaffa una bella F con tanto di 30% packet loss,la situazione si risolve al volo facendo un PPPoE reconnect...e pingtest mi regala una A e 0% packet loss,la latenza scende a 30/40ms,i client della lan ricomunicano nuovamente come un lampo.
Data la presenza di tali problemi anche con le connessioni tra apparati in lan escludo il router-modem,che posso controllare per capire che diavolo li piglia?dai log non vedo nulla di anomalo e le risorse dell'apparato sono nella norma.

[ss4]

Ho notato guardando meglio,che in risorse il valore cpu load è parecchio alto,oscilla tra 60 e 75%,e dopo un PPPoE reconnect scende a 3-6%

[figheras]

Fai un export della config. Vediamo

[ss4]

/interface bridge
add admin-mac=D4:CA:6D:ED:99:2E auto-mac=no l2mtu=1598 name=bridge-local \
protocol-mode=rstp
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=\
20/40mhz-ht-above country=italy disabled=no distance=indoors l2mtu=2290 \
mode=ap-bridge ssid=MikroTik wireless-protocol=802.11
/interface ethernet
set [ find default-name=ether1 ] name=ether1-gateway
set [ find default-name=ether6 ] name=ether6-master-local
set [ find default-name=ether7 ] master-port=ether6-master-local name=\
ether7-slave-local
set [ find default-name=ether8 ] master-port=ether6-master-local name=\
ether8-slave-local
set [ find default-name=ether9 ] master-port=ether6-master-local name=\
ether9-slave-local
set [ find default-name=ether10 ] master-port=ether6-master-local name=\
ether10-slave-local
set [ find default-name=sfp1 ] name=sfp1-gateway
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1-gateway name=\
pppoe-out1 password=xxxx use-peer-dns=yes user=xxxx
/ip neighbor discovery
set ether1-gateway discover=no
set sfp1-gateway discover=no
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk group-ciphers=\
tkip,aes-ccm mode=dynamic-keys unicast-ciphers=tkip,aes-ccm \
wpa-pre-shared-key=xxxxxxxx wpa2-pre-shared-key=xxxxxxxx
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m \
mac-cookie-timeout=3d
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=dhcp ranges=192.168.0.30-192.168.0.50
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge-local name=default
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge-local interface=ether2
add bridge=bridge-local interface=ether3
add bridge=bridge-local interface=ether4
add bridge=bridge-local interface=ether5
add bridge=bridge-local interface=ether6-master-local
add bridge=bridge-local interface=wlan1
/ip address
add address=192.168.0.1/24 comment="default configuration" interface=wlan1 \
network=192.168.0.0
/ip dhcp-client
add comment="default configuration" dhcp-options=hostname,clientid disabled=\
no interface=sfp1-gateway
add comment="default configuration" dhcp-options=hostname,clientid interface=\
ether1-gateway
/ip dhcp-server network
add address=192.168.0.0/24 comment="default configuration" dns-server=\
192.168.88.1 gateway=192.168.0.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=0.0.0.0
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add chain=input comment="default configuration" protocol=icmp
add chain=input comment="default configuration" connection-state=established
add chain=input comment="default configuration" connection-state=related
add action=drop chain=input comment="default configuration" in-interface=\
sfp1-gateway
add action=drop chain=input comment="default configuration" in-interface=\
ether1-gateway
add chain=forward comment="default configuration" connection-state=\
established
add chain=forward comment="default configuration" connection-state=related
add action=drop chain=forward comment="default configuration" \
connection-state=invalid
add chain=input protocol=icmp
add chain=input connection-state=established
add chain=input connection-state=related
add action=drop chain=input in-interface=ether1-gateway
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" \
out-interface=pppoe-out1
add action=dst-nat chain=dstnat dst-port=6881 in-interface=pppoe-out1 \
protocol=tcp src-port="" to-addresses=192.168.0.2 to-ports=6881
add action=dst-nat chain=dstnat dst-port=4662 in-interface=pppoe-out1 \
protocol=tcp src-port="" to-addresses=192.168.0.2 to-ports=4662
add action=dst-nat chain=dstnat dst-port=4665 in-interface=pppoe-out1 \
protocol=udp to-addresses=192.168.0.2 to-ports=4665
add action=dst-nat chain=dstnat dst-port=4668 in-interface=pppoe-out1 \
protocol=tcp to-addresses=192.168.0.2 to-ports=4668
add action=dst-nat chain=dstnat dst-port=2020 in-interface=pppoe-out1 \
protocol=tcp to-addresses=192.168.0.2 to-ports=22
/ip service
set telnet disabled=yes
set ftp disabled=yes
set winbox disabled=yes
/ip upnp interfaces
add interface=bridge-local type=internal
add interface=ether1-gateway type=external
/lcd interface
set sfp1-gateway interface=sfp1-gateway
set ether1-gateway interface=ether1-gateway
set ether2 interface=ether2
set ether3 interface=ether3
set ether4 interface=ether4
set ether5 interface=ether5
set ether6-master-local interface=ether6-master-local
set ether7-slave-local interface=ether7-slave-local
set ether8-slave-local interface=ether8-slave-local
set ether9-slave-local interface=ether9-slave-local
set ether10-slave-local interface=ether10-slave-local
set wlan1 interface=wlan1
/system clock
set time-zone-name=Europe/Rome
/system ntp client
set enabled=yes mode=unicast primary-ntp=193.204.114.232 secondary-ntp=\
193.204.114.233
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=ether2
add interface=ether3
add interface=ether4
add interface=ether5
add interface=ether6-master-local
add interface=ether7-slave-local
add interface=ether8-slave-local
add interface=ether9-slave-local
add interface=wlan1
add interface=bridge-local
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether2
add interface=ether3
add interface=ether4
add interface=ether5
add interface=ether6-master-local
add interface=ether7-slave-local
add interface=ether8-slave-local
add interface=ether9-slave-local
add interface=wlan1
add interface=bridge-local

Aspetterò comunque che si impalli di nuovo per dare un'occhiata al processo che si ingoia la cpu,sono curioso di sapere sta cosa.

[Blodoksmobile]

Ciao ss4, hai risolto il problema? Ho il tuo stesso router Mikrotik ed ho notato che ho anch'io lo stesso problema, ovvero dopo alcune ore di funzionamento (abbastanza variabili) ho notato che il ping aumenta sino a circa 900 - 1000 ms, ho una percentuale di packet loss variabile tra il 30 ed il 40% ed un traffico costante sul bridge di 300 - 500 Kbps.

La situazione mi pare abbastanza anomala, tu come hai risolto?
Non vorrei ci fosse qualche processo o qualche script che generi un loop!

[castanoweb]

Che versione di ros usate?

[Blodoksmobile]

Ho aggiornato da pochi giorni alla 6.7 ( i problemi c'erano prima e ci sono anche dopo l'upgrade)