MikroTik

It happened a few times already, but I cannot reproduce on demand, so let me know what to look for.

The setup is one generic ISP router with ADSL connected to mikrotik gateway. So small net of ISP->generic router ADSL port->192.168.0.1->192.168.0.2 on mikrotik then LAN on 192.168.1.0/24 mikrotik dealing with everything the generic router forwarded all ports to mikrotik.

So once the internet wasn’t working so I checked everything fine except, I looked on interfaces and it looked something like this http://imgur.com/FCqGxgC

Traffic was going out of mikrotik to the generic router (no idea if beyond, couldn’t really test, the generic thing got no graphs) but my upload is 3 Mbit MAX, like the download speed is 10Mbit... So no idea what is happening, It goes away when I restart the generic router but not after restarting mikrotik. Also the mikrotik CPU is going 90%. (normally 5-10)

I am reasonably savy, but cannot figure this out and cannot reproduce this. Just tell me what to look for.

Suggest you torch interface when this happens. Show ports etc. Are your running firewall on your router.

Well, in a near future I cannot really do that as it is a remote location for me right now and while the mystical flow of data is in place the network is almost unreachable from outside.

The router has forwarded ports 80, 3389,443 because there is a server down the road which needs to be accesible. In firewall I only used the NAT to masquerade and to forward ports. My concern is that the upload speed is greater then the one I can achieve to world normally ten times. And it obviousle is going out, because I cannot access it from outside at the time. Is there a way to write torch to file or something ?

you could use packet sniffer under tools and setup a server to receive the information and then view that through wire shark.
I would also review your firewall rules you could be suffer from Dns attack or something similar.