[SOLVED] 100/1000 Mbits (NAT Loopback low speed AC66)

[ekze]

Hello,

http://i.imgur.com/P2wbmdS.png

Behind LAN 1 there is a Gbit network switch with 2 PCs with Gbit adapters connected to it. When I try to send something from 1 PC to another directly I can see speeds reaching 85-100 MBytes/s, but when I do the same through router, the speed is limited to 100 Mbits/s (as in have HTTP server on port 80, port forward it on router and request via external IP). Same result via N mode wi-fi 5GHz near the router, even when entering internal IP (don't have AC device on hand, but I'm sure it will give the same result)

Could this be caused by bad (Cat 5) cables in-between the router and the switch, even though the connection on the screen shows 1000 Full Duplex, or it wouldn't show it if the cables weren't able to handle this? I can't really do anything with the in-between cables, as they are laid in the wall and go to every floor. All the cables in my floor (from the wall to the switch, and from the switch to the PCs) are at least Cat 5e, with one being Cat 6)

Model RT-AC66U
Firmware Version 380.68

Any help would be appreciated!

 

[ColinTaylor]

but when I do the same through router, the speed is limited to 100 Mbits/s (as in have HTTP server on port 80, port forward it on router and request via external IP). Same result via N mode wi-fi 5GHz near the router, even when entering internal IP (don't have AC device on hand, but I'm sure it will give the same result)

When you say it's limited to 100Mbps is it exactly 100Mbps or thereabouts? If it's exactly 100Mbps that would indicate a cable/port issue, but if it's only a similar speed you might be hitting a CPU limit on the router. Log into the router with SSH and run top whilst doing a large file transfer - what is the CPU usage?

When you say you're accessing your web server via en external IP do you mean from within your LAN using NAT loopback? Because if it's from the internet your WAN interface is only 100Mbps.

 

[ekze]

That might be it! The router is hitting 100%, didn't expect it to do it just for 1 connection.

Here's top screenshot: http://i.imgur.com/fUHZIGg.png (watchdog process was also on top usage a couple of times, but didn't make it to the screenshot)

CPU usage: http://i.imgur.com/AU8JE1V.png

The speed might actually be higher than 100mbit, I saw it reach 12.8 MBytes/s.

And yes, I meant NAT loopback.

What can I do to reduce CPU load? Something with disabling logs?

 

[ColinTaylor]

What have you changed from the default settings? Start by changing those back.

If you are logging packets on the firewall (Firewall > General >Logged packets type) definitely turn that off.

97.7% sirq means the router's CPU is spending all of its time doing I/O.

 

[ekze]

Pretty much nothing apart from port forwarding, DHCP leases, adding 6in4 Tunnel and 2 VPN servers. Just did a factory reset today. Firewall is enabled, logged packets are off, NAT loopback is set to ASUS, should i try Merlin?

 

[ekze]

Disabling firewall and/or changing loopback to Merlin did nothing. The speed is indeed higher than 100mbit, so then the issue must be with CPU usage. Could the high sirq be caused by NAT loopback? I mean it gets the file to the router and then sends it back on the same LAN port.

One more top screenshot.

Direct DL without NAT loopback.

 

[ColinTaylor]

Do not disable the firewall.

Check the CPU load when you're not doing any big transfers. If it's only 1% or 2% then there's not a lot you can do.

Yes it will be caused by using the NAT loopback because the traffic is going through the router's CPU. I had an N66U which has the same CPU as your router and found the CPU limit to be about 120Mbps.

By using hardware acceleration the WAN to (wired) LAN speeds can be increased to ~900Mbps. Also, (wired) LAN to (wired) LAN data transfers are "switched" so they don't go through the CPU at all, meaning you can get gigabit speeds there as well.

AFAIK hardware acceleration can't be used for wireless to WAN transfers.

 

[ekze]

Big thanks for the help, ColinTaylor! Yes, in idle CPU load is <1%. I'm out of luck then. But I'm happy I don't have to destroy the walls to replace the cables, haha!

Can your router potentially handle high-speed transfer using NAT loopback? Or B revision of AC66, or which one would you recommend? I'd use this one as an access point and finally replace my dir-320!

 

[ColinTaylor]

I don't think any of the mainstream Asus routers will give you gigabit speeds without hardware acceleration, but I could be wrong.

What kind of throughput do you want? Can you just not use NAT loopback and go straight to the server which will give you gigabit speeds?

 

[ekze]

Sorry for going off topic.

I'm not sure. I don't want to spend all the money on router as well so will be happy with a slight upgrade, maybe to AC68. Should I look for a latest revision (it's E1, right?), or it's not a big difference if I end up with earlier rev? At the same time AC66 would be a huge upgrade over dir-320 (which is running on entware modified asus firmware, hehe).

 

[ColinTaylor]

It's not NAT loopback but I just tried a WLAN to LAN file transfer on my router (see my sig) and got about 350-450Mbps throughput.

Because you are CPU-limited the CPU speeds of the different AC68U models should scale (more or less) proportionally. So a 1200MHz CPU should give you about 50% more throughput than an 800MHz.

The new RT-AC66-B1 does look nice considering its price.