What kind of hardware is needed to efficiently handle 45mbps of traffic that will burst up to 100mbps? We are getting a 100mbps ethernet feed from our new provider and plan to use RouterOS 2.8 on a Pentium 4 Hyperthreading 800mhz bus system as our Router. It will have to handle 45mbps continuously with bursting to 100mbps, mostly it will just be interfacing traffic between the provided ethernet connection and our ethernet switched network, with static routes setup for blocks of ips assigned to servers to minimize ARP usage and basic firewalling including ports 135-139 and SNMP blocking.
We currently do this with our Cisco 7206 but wish to move towards a more generic solution with less expensive gigabit interfaces.
Our concern is the ability for the software to handle that # of packets. From what I understand since it has to be processed by the Processor it could cause a bottleneck issue. What have you guys been able to continuously push and on what hardware?
Also does the router need any more than 512 megs of ram?

It will all depend on the amount of Mangle Rules, queues etc you have...

I have 100odd queues with 200 mangle rules and average throughput of 5mbps running on a P233 with 64mb RAM and it peaks at 8% processor usage. Although if I mangle all p2p traffic it goes upto 28%.

what I have learned from some forums is that the bottlenack is not the cpu power but the interrupt usage by the ethernet cards.

In your configuration I guess you use the the Intel gbit cards. In fact they seems to have the lowest interrupt usage. I did some test to proof it.

yes, this matches our experience, too.
worst case: realtek chipset based nic.

what I have learned from some forums is that the bottlenack is not the cpu power but the interrupt usage by the ethernet cards.

In your configuration I guess you use the the Intel gbit cards. In fact they seems to have the lowest interrupt usage. I did some test to proof it.

I have a P3 1000mhz with the dual intel gig server nics and I can hit 100mbps and barely tax the CPU. Once you add 500 rules and queues and such you may have an issue, but if it's simply routing it will handle it no problem.

Sam

I am using the routerboard 230, what about the interrupt sof the embedded ethernet cards ?

I say it because it seems I cannot have more then 2/3 mb/s of traffic passing through the router, I have 20/30 users with p2p.

any other with bad experience?

Our core high bandwidth boxes are 2.8ghz P4 supermicros, with onboard dual intel gig-e controlers. Each of these has 1gig of ram, but we never come close to using even 512megs (probably will need that much, if we ever decide to inject the full BGP tables from the border areas)

With minimal queueing, fairly few mangle, or other firewall rules (we do most of that at the edge, before the data hits these boxes), but quite lengthy routing tables, one of these boxes can fully saturate a DS3 (in both directions), at about 6% cpu load. This is on the production network, using external DS3 to FE converters, not internal DS3 PCI cards.

In a contrived test bench setup, we were able to get about 650mbps, pushing UDP back and forth between two of these boxes, while they were doing nothing else. (except that the boxes themselves were generating the traffic, it would likely be somewhat faster if we used additional boxes to generate the traffic)

I have noticed that even at low loads, these boxes add slightly more latency than a 7206, even though they seem able to handle higher bandwidth than the 7206. It's not much (~5ms at the worst, rarely that much, and perfectly acceptable), and is probably due to having to process all packets on the CPU, rather than having a scheme like cisco's CEF.

On our RB230s, with much simpler routing, but much more queueing, firewalling, and other activities; we get ~6mbps at about 80% cpu load.

--Eric

hello,

this leads me to a question, i had in mind for several days already: would it not make sense to have a (third party) hardware forum besides the routerbord forum? i guess there are many people using the router os with their own hardware. (perhaps worth a poll?)

Our core high bandwidth boxes are 2.8ghz P4 supermicros, with onboard dual intel gig-e controlers.
...

Two type of chipset had failed my firewall, they are onboard nvidia and onboard VIA LAN chipsets. So far, I have other firewalls with 4 port NIC from mikrotik, intel dual port nic, and few 3com (integrated and add-on pci) works flawlessly. I would personally recommend intel and 3com chipset.