Не симметричные скорости через радиомост SXT (10 и 100 Mbs)

Обсуждение ПО и его настройки
Валентина
Сообщения: 44
Зарегистрирован: 10 авг 2012, 13:44
Откуда: Самара

у меня все еще печальнее - скорости нет на проводе Комп -> Роутер1, даже если напрямую, без свичей. К серверам тот же комп нормально подключается.


Валентина
Сообщения: 44
Зарегистрирован: 10 авг 2012, 13:44
Откуда: Самара

Дорогая Техподдержка, помогите разобраться

Почуму-то после отключения-включения connection tracking на Роутер1 UDP заработал! по 95 Мбит гонит туда-обратно. TCP все также непонятно - в одну сторону 90 в один поток, в другую 6-10, если в несколько потоков, удается до 60 дотянуть.

Код: Выделить всё

iperf -c 172.29.134.63 -u -b 95M
------------------------------------------------------------
Client connecting to 172.29.134.63, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  3] local 172.29.135.53 port 45260 connected with 172.29.134.63 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   114 MBytes  95.6 Mbits/sec
[  3] Sent 81298 datagrams
[  3] Server Report:
[  3]  0.0-10.0 sec   114 MBytes  94.9 Mbits/sec   0.169 ms  304/81297 (0.37%)
[  3]  0.0-10.0 sec  1 datagrams received out-of-order

 iperf -c 172.29.135.53 -u -b 95M
------------------------------------------------------------
Client connecting to 172.29.135.53, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  224 KByte (default)
------------------------------------------------------------
[  3] local 172.29.134.63 port 50587 connected with 172.29.135.53 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   114 MBytes  95.6 Mbits/sec
[  3] Sent 81302 datagrams
[  3] Server Report:
[  3]  0.0-10.0 sec   114 MBytes  95.2 Mbits/sec   0.119 ms   39/81301 (0.048%)
[  3]  0.0-10.0 sec  1 datagrams received out-of-order
 
iperf -c 172.29.135.53
------------------------------------------------------------
Client connecting to 172.29.135.53, TCP port 5001
TCP window size: 23.5 KByte (default)
------------------------------------------------------------
[  3] local 172.29.134.63 port 55273 connected with 172.29.135.53 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   109 MBytes  91.1 Mbits/sec

iperf -c 172.29.134.63
------------------------------------------------------------
Client connecting to 172.29.134.63, TCP port 5001
TCP window size: 22.9 KByte (default)
------------------------------------------------------------
[  3] local 172.29.135.53 port 56720 connected with 172.29.134.63 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.1 sec  11.2 MBytes  9.30 Mbits/sec

 iperf -c 172.29.134.63 -P 15
------------------------------------------------------------
Client connecting to 172.29.134.63, TCP port 5001
TCP window size: 22.9 KByte (default)
------------------------------------------------------------
[  3] local 172.29.135.53 port 56729 connected with 172.29.134.63 port 5001
[  7] local 172.29.135.53 port 56732 connected with 172.29.134.63 port 5001
[  5] local 172.29.135.53 port 56730 connected with 172.29.134.63 port 5001
[  9] local 172.29.135.53 port 56734 connected with 172.29.134.63 port 5001
[  8] local 172.29.135.53 port 56733 connected with 172.29.134.63 port 5001
[ 10] local 172.29.135.53 port 56735 connected with 172.29.134.63 port 5001
[  6] local 172.29.135.53 port 56731 connected with 172.29.134.63 port 5001
[ 12] local 172.29.135.53 port 56737 connected with 172.29.134.63 port 5001
[ 13] local 172.29.135.53 port 56738 connected with 172.29.134.63 port 5001
[ 15] local 172.29.135.53 port 56740 connected with 172.29.134.63 port 5001
[ 11] local 172.29.135.53 port 56736 connected with 172.29.134.63 port 5001
[ 17] local 172.29.135.53 port 56742 connected with 172.29.134.63 port 5001
[  4] local 172.29.135.53 port 56728 connected with 172.29.134.63 port 5001
[ 16] local 172.29.135.53 port 56741 connected with 172.29.134.63 port 5001
[ 14] local 172.29.135.53 port 56739 connected with 172.29.134.63 port 5001
[ ID] Interval       Transfer     Bandwidth
[ 14]  0.0-10.3 sec  5.62 MBytes  4.60 Mbits/sec
[ 13]  0.0-10.3 sec  5.38 MBytes  4.37 Mbits/sec
[ 10]  0.0-10.3 sec  5.00 MBytes  4.07 Mbits/sec
[ 16]  0.0-10.3 sec  5.12 MBytes  4.16 Mbits/sec
[  7]  0.0-10.4 sec  4.88 MBytes  3.95 Mbits/sec
[  4]  0.0-10.4 sec  4.62 MBytes  3.75 Mbits/sec
[ 15]  0.0-10.4 sec  4.75 MBytes  3.84 Mbits/sec
[  3]  0.0-10.4 sec  5.12 MBytes  4.13 Mbits/sec
[  8]  0.0-10.4 sec  5.25 MBytes  4.22 Mbits/sec
[  5]  0.0-10.4 sec  5.12 MBytes  4.12 Mbits/sec
[ 11]  0.0-10.5 sec  5.38 MBytes  4.31 Mbits/sec
[ 12]  0.0-10.5 sec  5.38 MBytes  4.30 Mbits/sec
[ 17]  0.0-10.5 sec  4.88 MBytes  3.89 Mbits/sec
[  9]  0.0-10.5 sec  4.00 MBytes  3.19 Mbits/sec
[  6]  0.0-10.6 sec  5.12 MBytes  4.07 Mbits/sec
[SUM]  0.0-10.6 sec  75.6 MBytes  60.1 Mbits/sec

Пинги с одной стороны ровные ( min/avg/max/mdev = 2.451/6.111/8.180/1.576 ms), обратно не очень (min/avg/max/mdev = 3.790/14.162/31.306/7.337 ms).
И кстати BTest - фигня какая-то, не знаю как он меряет - показывает на проводном линке 30 Мбит до роутера, а фактически получается 100.


p0rsche
Сообщения: 10
Зарегистрирован: 10 окт 2013, 16:04

По-хорошему, нужно снять радиоточки, сбросить на них настройки и перенастроить. Соединять напрямую через 2 ПК (ноутбука) и проверять без роутеров. Имейте ввиду, что проблема может быть и в самих ПК.


Валентина
Сообщения: 44
Зарегистрирован: 10 авг 2012, 13:44
Откуда: Самара

Напрямую ОК, с роутеров Btest тоже ОК, что в 20 потоков, что в 1. Что такого плохого может делать роутер, что скорость падает? там просто маршрутизация и файрвол. Да, и с UDP проблем нет, если с клиента на клиент смотреть.


vqd
Модератор
Сообщения: 3605
Зарегистрирован: 26 сен 2013, 14:20
Откуда: НСК
Контактная информация:

Ну вы бы хоть конфиги показали


Есть интересная задача и бюджет? http://mikrotik.site
Валентина
Сообщения: 44
Зарегистрирован: 10 авг 2012, 13:44
Откуда: Самара

Спасибо что откликнулись) Конфиги вкратце - Роутер1 - Main Office, Роутер2 - Galaktika. На ether1 - Интернеты, bridge1 - LAN+Wifi внутренний, на ether3 - SXT Lite5. Галактика подключается к главному по SXT (distance1) и L2TP (distance2). Если в одной из точек отваливается инет, шлюзом становится другой офис с его интернетом.

 Роутер1:
/interface l2tp-server
add name=galaktika user=galaktika
/interface bridge
add l2mtu=1524 name=bridge1
/interface ethernet
set 0 mac-address=<mac>
/interface wireless
set 0 band=2ghz-b/g country=russia disabled=no distance=indoors frequency=\
2462 hide-ssid=yes ht-rxchains=0,1 ht-txchains=0,1 l2mtu=2290 mode=\
ap-bridge ssid=<skipped> tx-power=16 tx-power-mode=all-rates-fixed \
wireless-protocol=unspecified
/interface pptp-client
add connect-to=<skipped> disabled=no max-mru=1460 max-mtu=1460 name=btf password=<skipped> user=<skipped>
/ip neighbor discovery
set wlan1 discover=no
set btf discover=no
set galaktika discover=no
/interface wireless nstreme
set wlan1 enable-polling=no
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods=\
passthrough mode=dynamic-keys supplicant-identity=MikroTik \
wpa-pre-shared-key=<skipped> wpa2-pre-shared-key=<skipped>
...

/ppp profile
add local-address=192.168.172.1 name=galaktika only-one=yes remote-address=\
192.168.172.2 use-compression=yes use-encryption=yes use-ipv6=no \
use-vj-compression=yes
...
ovpn-profiles skipped
...

/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=wlan1
/interface bridge settings
set allow-fast-path=no
/interface l2tp-server server
set authentication=mschap2 default-profile=galaktika enabled=yes max-mru=1460 max-mtu=1460
/interface ovpn-server server
set auth=sha1 certificate=cert2 cipher=aes256 default-profile=\
default-encryption enabled=yes keepalive-timeout=disabled \
require-client-certificate=yes
/ip address
add address=<wan> comment="WAN Beeline" interface=ether1 network=<wan_network>
add address=172.29.134.254/24 comment="LAN Bridge" interface=bridge1 network=172.29.134.0
add address=192.168.172.9/29 comment="WiFi Bridge To Galaktika" interface=ether3 network=192.168.172.8
/ip dhcp-client
add add-default-route=no dhcp-options=hostname,clientid disabled=no
/ip dhcp-relay
add dhcp-server=172.29.134.4 disabled=no interface=wlan1 name=relay1
/ip dns
set allow-remote-requests=yes servers=<dns1>,<dns2>

/ip firewall filter
add action=drop chain=input comment="Drop invalid connection packets" connection-state=invalid
add action=drop chain=forward comment="Drop invalid connection packets" connection-state=invalid
add chain=input comment="Allow established connections" connection-state=established
add chain=input comment="Allow related connections" connection-state=related
add chain=input comment="Allow ICMP Ping" protocol=icmp
add chain=input comment="Access router from LAN and Galaktika" src-address=172.29.134.0/23
add chain=input src-address=192.168.172.12
add chain=input comment="Access router from VPN" src-address=172.29.132.0/24
add chain=input comment=OpenVPN dst-port=1194 protocol=tcp
add chain=input comment="Remote control" dst-port=8101 protocol=tcp
add chain=forward dst-address=172.29.134.4 dst-port=8081 protocol=tcp
add chain=forward dst-address=172.29.134.9 dst-port=80 protocol=tcp
add chain=forward dst-address=172.29.134.9 dst-port=443 protocol=tcp
add chain=forward dst-address=172.29.134.9 dst-port=8000 in-interface=ether1 protocol=tcp
add chain=forward dst-address=172.29.134.9 dst-port=8001 in-interface=ether1 protocol=tcp
add chain=forward dst-address=172.29.134.9 dst-port=8080 in-interface=ether1 protocol=tcp
add chain=forward dst-address=172.29.134.9 dst-port=8081 in-interface=ether1 protocol=tcp
add chain=forward dst-address=172.29.134.9 dst-port=9180 in-interface=ether1 protocol=tcp
add chain=forward dst-address=172.29.134.2 dst-port=8111 protocol=tcp
add chain=forward dst-address=172.29.134.2 dst-port=8380 protocol=tcp
add chain=forward dst-address=172.29.134.2 dst-port=8580 protocol=tcp
add chain=forward dst-address=172.29.134.15 dst-port=8087 protocol=tcp
add chain=input comment="Me + VPN <-> Galaktika" dst-address=<wan> src-address=<galaktika_wan>
add chain=forward dst-address=172.29.132.0/22 src-address=192.168.172.2
add chain=forward dst-address=172.29.134.0/24 src-address=192.168.172.12
add chain=forward comment="Galaktika <-> Moscow + VPS" dst-address=10.0.0.0/8 src-address=192.168.172.2
add chain=forward dst-address=192.168.172.2 src-address=10.0.0.0/16
add chain=forward dst-address=192.168.172.2 src-address=10.250.0.0/16
add chain=forward dst-address=192.168.172.2 src-address=10.100.0.0/16
add chain=forward dst-address=192.168.172.2 src-address=10.127.20.0/24
add chain=forward comment="Galaktika <-> BTF" dst-address=172.17.100.3 src-address=192.168.172.2
add chain=forward comment="Me + VPN + Galaktika <-> Moscow + VPS" dst-address=172.29.132.0/22 src-address=10.0.0.0/16
add chain=forward dst-address=172.29.132.0/22 src-address=10.250.0.0/16
add chain=forward dst-address=172.29.132.0/22 src-address=10.100.0.0/16
add chain=forward dst-address=172.29.132.0/22 src-address=10.127.20.0/24
add chain=forward comment="Allow established" connection-state=established
add chain=forward comment="Allow related connections" connection-state=related
add chain=forward comment="Allow source NAT" src-address=172.29.134.0/24
add chain=forward src-address=172.29.132.0/24
add chain=forward src-address=172.29.135.0/24
add action=drop chain=input comment="All other inputs drop"
add action=drop chain=forward comment="All other forwards drop"
/ip firewall nat
add action=masquerade chain=srcnat comment="Me -> Internet" out-interface=ether1 src-address=172.29.134.0/24
add action=masquerade chain=srcnat comment="Galaktika -> My Internet" out-interface=ether1 src-address=172.29.135.0/24
add action=masquerade chain=srcnat comment="All -> BTF" dst-address=172.17.100.3 out-interface=btf
add action=masquerade chain=srcnat comment="All <-> Moscow" dst-address=10.0.0.0/16 out-interface=<ovpn-client19>
add action=masquerade chain=srcnat dst-address=10.250.0.0/16 out-interface=<ovpn-client19>
add action=masquerade chain=srcnat dst-address=10.100.0.0/16 out-interface=<ovpn-client19>
add action=masquerade chain=srcnat dst-address=10.127.20.0/24 out-interface=<ovpn-client19>
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=80 protocol=tcp to-addresses=172.29.134.9 to-ports=80
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=8000 protocol=tcp to-addresses=172.29.134.9 to-ports=8000
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=8001 protocol=tcp to-addresses=172.29.134.9 to-ports=8001
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=8080 protocol=tcp to-addresses=172.29.134.9 to-ports=8080
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=8081 protocol=tcp to-addresses=172.29.134.9 to-ports=8081
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=443 protocol=tcp to-addresses=172.29.134.9 to-ports=443
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=9180 protocol=tcp to-addresses=172.29.134.9 to-ports=9180
add action=masquerade chain=srcnat dst-address=172.29.134.9 out-interface=bridge1 protocol=tcp src-address=172.29.134.0/24
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=8180 protocol=tcp to-addresses=172.29.134.15 to-ports=8087
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=9797 protocol=tcp to-addresses=172.29.134.2 to-ports=8111
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=8380 protocol=tcp to-addresses=172.29.134.2 to-ports=8380
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=8580 protocol=tcp to-addresses=172.29.134.2 to-ports=8580
add action=masquerade chain=srcnat dst-address=172.29.134.2 out-interface=bridge1 protocol=tcp src-address=172.29.134.0/24
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=8087 protocol=tcp to-addresses=172.29.134.15 to-ports=8087
add action=masquerade chain=srcnat dst-address=172.29.134.15 out-interface=bridge1 protocol=tcp src-address=172.29.134.0/24
add action=dst-nat chain=dstnat dst-address=<wan> dst-port=9081 protocol=tcp to-addresses=172.29.134.4 to-ports=8081
add action=masquerade chain=srcnat dst-address=172.29.134.4 out-interface=bridge1 protocol=tcp src-address=172.29.134.0/24
/ip proxy
set max-cache-size=none
/ip route
add check-gateway=ping comment="Beeline Default GW" distance=1 gateway=<wan_gw>
add check-gateway=ping comment="Backup Internet" distance=2 gateway=192.168.172.12
add comment=DIT distance=1 dst-address=10.0.0.0/8 gateway=172.29.132.74
add comment=btf distance=1 dst-address=172.17.100.3/32 gateway=btf
add check-gateway=ping comment="Galaktika through WiFi" distance=1 dst-address=172.29.135.0/24 gateway=192.168.172.12
add check-gateway=ping comment="Galaktika through l2tp" distance=2 dst-address=172.29.135.0/24 gateway=192.168.172.2 pref-src=192.168.172.1
...
/ppp secret
add local-address=192.168.172.1 name=galaktika password=<skipped> profile=galaktika remote-address=192.168.172.2 service=l2tp
...
ovpn-secrets
...



 Роутер2:
/interface bridge
add comment="LAN Bridge" l2mtu=1524 name=bridge1
/interface wireless
set 0 adaptive-noise-immunity=client-mode band=2ghz-onlyg basic-rates-b="" \
comment=WLAN country=russia default-forwarding=no disconnect-timeout=10s \
distance=indoors frequency=2462 ht-rxchains=0,1 ht-txchains=0,1 \
hw-protection-mode=rts-cts l2mtu=2290 mode=ap-bridge \
periodic-calibration=enabled rate-set=configured ssid=<skipped> \
supported-rates-b="" tx-power=13 tx-power-mode=all-rates-fixed \
wireless-protocol=802.11
/interface ethernet
set 0 comment=WAN
set 1 comment=LAN
/interface wireless manual-tx-power-table
set wlan1 comment=WLAN
/interface wireless nstreme
set wlan1 comment=WLAN enable-polling=no
/ip neighbor discovery
set ether1 comment=WAN
set ether2 comment=LAN
set wlan1 comment=WLAN discover=no
set bridge1 comment="LAN Bridge"
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys supplicant-identity=MikroTik wpa2-pre-shared-key=<skipped>
/ip pool
add name=dhcp_pool ranges=172.29.135.40-172.29.135.126
/ip dhcp-server
add add-arp=yes address-pool=dhcp_pool authoritative=yes disabled=no interface=bridge1 name="DHCP server" src-address=172.29.135.254
/ppp profile
add change-tcp-mss=no local-address=192.168.172.2 name=galaktika only-one=yes remote-address=192.168.172.1 use-encryption=yes
/interface l2tp-client
add allow=mschap2 comment="Tunnel to Main Office" connect-to=<wan_main_office> \
disabled=no name=L2tp-out password=<skipped> profile=galaktika \
user=galaktika
/ip neighbor discovery
set L2tp-out comment="Tunnel to Main Office"
...
/interface bridge filter
add action=drop chain=output out-interface=wlan1 packet-type=multicast
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=wlan1
...
/ip address
add address=<wan> comment="Internet" interface=ether1 network=<wan_network>
add address=172.29.135.254/24 comment="LAN Bridge" interface=bridge1 network=172.29.135.0
add address=192.168.172.12/29 comment="WiFi Bridge" interface=ether3 network=192.168.172.8
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no
/ip dhcp-server network
add address=172.29.135.0/24 dns-server=172.29.135.254 domain=<akipped> gateway=172.29.135.254 netmask=24
/ip dns
set allow-remote-requests=yes max-udp-packet-size=512 servers=<dns1>,<dns2>
/ip firewall filter
add action=drop chain=input comment="Drop invalid connection packets" connection-state=invalid
add action=drop chain=forward comment="Drop invalid connection packets" connection-state=invalid
add chain=input comment="Allow established connections" connection-state=established
add chain=input comment="Allow related connections" connection-state=related
add chain=input comment="Allow ICMP Ping" protocol=icmp
add chain=input comment="Remote Control" dst-port=8101 protocol=tcp
add chain=input dst-port=80 protocol=tcp src-address=172.29.134.0/24
add chain=input dst-port=80 protocol=tcp src-address=192.168.172.8/29
add chain=input comment="Access to router from LAN" src-address=172.29.132.0/22
add chain=forward comment="Main to Me" dst-address=172.29.135.0/24 src-address=192.168.172.1
add chain=forward dst-address=172.29.135.0/24 src-address=192.168.172.9
add chain=forward dst-address=172.29.135.0/24 src-address=172.29.134.0/24
add chain=forward comment="VPN to Me" dst-address=172.29.135.0/24 src-address=172.29.132.0/24
add chain=forward comment="Moscow To Me" dst-address=172.29.135.0/24 src-address=10.0.0.0/8
add chain=forward comment="Allow established" connection-state=established
add chain=forward comment="Allow related connections" connection-state=related
add chain=forward comment="Allow source NAT" src-address=172.29.135.0/24
add chain=forward src-address=172.29.134.0/24
add action=drop chain=forward comment="All other forwards drop"
/ip firewall nat
add action=masquerade chain=srcnat comment="Me -> Internet" out-interface=ether1 src-address=172.29.135.0/24
add action=masquerade chain=srcnat comment="Main Office -> My Internet" out-interface=ether1 src-address=172.29.134.0/24
/ip route
add check-gateway=ping comment="Default Gateway" distance=1 gateway=<wan_gw>
add check-gateway=ping comment="Backup GW via Bridge" distance=2 gateway=192.168.172.9
add check-gateway=ping comment="To Moscow via Bridge" distance=1 dst-address=10.0.0.0/8 gateway=192.168.172.9
add check-gateway=ping comment="To Moscow via Tunnel" distance=2 dst-address=10.0.0.0/8 gateway=192.168.172.1
add check-gateway=ping comment="To btf via Bridge" distance=1 dst-address=172.17.100.3/32 gateway=192.168.172.9
add check-gateway=ping comment="To btf via Tunnel" distance=2 dst-address=172.17.100.3/32 gateway=192.168.172.1
add check-gateway=ping comment="To VPN via bridge" distance=1 dst-address=172.29.132.0/24 gateway=192.168.172.9
add check-gateway=ping comment="To VPN via tunnel" distance=2 dst-address=172.29.132.0/24 gateway=192.168.172.1
add check-gateway=ping comment="To Main Office via Bridge" distance=1 dst-address=172.29.134.0/24 gateway=192.168.172.9
add check-gateway=ping comment="To Main Office via Tunnel" distance=2 dst-address=172.29.134.0/24 gateway=192.168.172.1
...
/queue interface
set ether1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default

:smu:sche_nie:


Валентина
Сообщения: 44
Зарегистрирован: 10 авг 2012, 13:44
Откуда: Самара

Может из-за разных пингов (в одну и другую сторону)? тем самым размер TCP окна в одну сторону растет до максимального, а в другую - нет. Но странно что только в одну сторону - как так может быть? Пинг с SXT Client на SXT Station Min: 2 ms Avg: 13 ms Max: 34 ms, обратно Min: 2 ms Avg: 5 ms Max: 8 ms


Ответить