Community discussions

MikroTik App
  4. RouterOS
  5. General

L3HW Offloading with Traffic Flow

Post Reply
 
jplitza
just joined
Topic Author
Posts: 9
Joined: Mon Sep 20, 2021 4:12 pm

L3HW Offloading with Traffic Flow

Fri Oct 07, 2022 5:36 pm

Hi everyone,

I really like the possibility to use L3HW offloading on the newer high-end devices! However, I also like to monitor my network traffic with Traffic Flow. And sadly, the two are incompatible out of the box (meaning that Traffic Flow simply doesn't see and hence doesn't report flows that are offloaded to the hardware).

I tried tinkering around with switch ACL rules to copy packets to the cpu (on a CRS326-24S+2Q+):
Code: Select all
/interface ethernet switch set 0 l3-hw-offloading=yes mirror-target=cpu
/interface ethernet switch rule add mirror=yes ports=sfp-sfpplus2 rate=1M switch=switch1
This makes the flows visible again - but has two drawbacks:
  1. It duplicates the packets, which are then forwarded by the CPU too.
  2. It copies all packets to the CPU (the rate parameter is simply ignored).
Ideally, I'd like to implement the Flow Sampling in the ACL rule, copying only 1% of packets to CPU, and then stop them from being forwarded by the CPU. Sadly, because Traffic Flow happens after the forward chain processing, the IP firewall cannot be used to prevent the duplication. And switch ACLs configured for the CPU port apparently aren't actually applied (which is consistent with Port Isolation reporting as not being supported for the CPU port).

So... does anybody have this kind of setup? Or do I simply have to mirror the traffic off-device and use another device (e.g. server) for flow monitoring? (Which still poses the question of whether switch ACL rules can somehow be used to implement the sampling.)
Top
 
pmurdock
newbie
Posts: 43
Joined: Sun Jul 03, 2005 7:39 am
Location: Herriman, Utah
Contact:
Contact pmurdock

Re: L3HW Offloading with Traffic Flow

Thu Oct 20, 2022 7:17 am

I have this same question.. :) did you ever find a good solution to this?
Top
 
User avatar
raimondsp
MikroTik Support
MikroTik Support
Posts: 288
Joined: Mon Apr 27, 2020 10:14 am

Re: L3HW Offloading with Traffic Flow

Fri Oct 21, 2022 10:37 am

Hey there,

Hardware traffic sampling and QoS are the next major features that we consider implementing after the finalization of IPv6 L3HW. Unfortunately, at the moment of writing, there is no good solution to your problem.
Top
 
User avatar
clambert
Member Candidate
Member Candidate
Posts: 163
Joined: Wed Jun 12, 2019 5:04 am

Re: L3HW Offloading with Traffic Flow

Fri Oct 21, 2022 8:16 pm

Hi raimondsp, is VRF support on the roadmap?
Top
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2206
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow

Re: L3HW Offloading with Traffic Flow

Fri May 17, 2024 7:54 am

Hi raimondsp, is VRF support on the roadmap?
I would like to know this as well.
Top
 
DarkNate
Forum Guru
Forum Guru
Posts: 1065
Joined: Fri Jun 26, 2020 4:37 pm

Re: L3HW Offloading with Traffic Flow

Fri May 17, 2024 5:57 pm

Hi raimondsp, is VRF support on the roadmap?
Isn't VRF already working?
Top
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2206
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow

Re: L3HW Offloading with Traffic Flow

Sat May 18, 2024 2:09 pm

Hi raimondsp, is VRF support on the roadmap?
Isn't VRF already working?
Not in Hardware
Top
 
DarkNate
Forum Guru
Forum Guru
Posts: 1065
Joined: Fri Jun 26, 2020 4:37 pm

Re: L3HW Offloading with Traffic Flow

Sun May 19, 2024 4:07 pm

Not in Hardware
Any ideas about MPLS/VPLS single-CPU-core choking problem? Did they fix that?
Top
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2206
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow

Re: L3HW Offloading with Traffic Flow

Mon May 20, 2024 3:20 am

Any ideas about MPLS/VPLS single-CPU-core choking problem? Did they fix that?
Straight MPLS forwarding seems to have never had a problem. VPLS however is still exhibiting performance issues on v7.
Top
Post Reply
  4. RouterOS
  5. General