MikroTik

Hi Guys,

Please go easy, I'm still learning... I have an issue where I'm only seeing half of the actual bandwidth when connecting to my mikrotik which is connected to a fibre modem. The mikrotik is doing basic NAT.

If I connect my laptop to the modem directly and run a speedtest, every time I get 950Mb/s download and 572.8Mb/s upload. However, if I connect to my Mikrotik then I get 460Mb/s download and 572.8Mb/s upload.

I've checked the Ethernet ports in the Mikrotik and they're all running 1Gbps/Full Duplex. Have I done something wrong? Is this an MTU issue?

Here is the basic config:

/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether1 ] comment="Modem"
/interface bridge port
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
/ip address
add address=192.168.19.1/24 interface=bridge1 network=192.168.19.0
add address=192.168.1.2/24 interface=ether1 network=192.168.1.0
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall filter
add chain=forward comment="allow established connections" connection-state=established
add chain=forward comment="allow related connections" connection-state=related
add chain=input comment="Allow Broadcast Traffic" dst-address-type=broadcast
add action=drop chain=forward comment="Drop Invalid Packets" connection-state=invalid
add action=drop chain=input comment="Drop Invalid Packets" connection-state=invalid
/ip firewall nat
add action=masquerade chain=srcnat
/ip route
add distance=1 gateway=192.168.1.1

Any help would really be appreciated. This is drivin

before estab/related on forward you need
you can also group tour estab/relate:

I did try, but I got this?

[admin@BillHuston] > /ip firewall filter
[admin@BillHuston] /ip firewall filter> add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related hw-offload=yes
expected end of command (line 1 column 113)

Can I ask what this command does? (it child's terms?)

Link to wiki:
https://wiki.mikrotik.com/wiki/Manual:IP/Fasttrack

If your new and still learning why did you change/deviate from the default firewall rules??
Also you dont state which model of device you have??

try it without the last part
as below:

If your new and still learning why did you change/deviate from the default firewall rules??
Also you dont state which model of device you have??

There were no rules on the router. It was completely blank with no configuration. The router is a Mikrotik hEX

THANK YOU GUYS! IT WORKED.

If your new and still learning why did you change/deviate from the default firewall rules??
Also you dont state which model of device you have??

There were no rules on the router. It was completely blank with no configuration. The router is a Mikrotik hEX

A reset of the router would have brought them back.
Glad its working for you now but you really need to address your firewall rules if attached to the internet.

If your new and still learning why did you change/deviate from the default firewall rules??
Also you dont state which model of device you have??

There were no rules on the router. It was completely blank with no configuration. The router is a Mikrotik hEX

You should reset configuration to defaults. Default firewall filter rules include the fast-track rule, but also include very sane other rules making very decent protection of both your router and your LAN.

All of that when running decently recent version of ROS (e.g. 6.48.5).