RouterOS 7からはL3 Hardware offloadへの対応が進みそう?(ただし現在では機種が限定される






最近お相手していただいているAlagas NetworkさんからWikiの情報を共有いただきました。


L3 Hardware Offloading

Layer3 hardware offloading (otherwise known as IP switching or HW routing) will allow to offload some of the router features on to the switch chip. This allows to reach wire speeds when routing packets, which simply would not be possible with the CPU.

At the moment of writing this article, only CRS317-1G-16S+ supports L3 HW Offloading and RouterOS v7beta6 or newer must be used.

現時点ではL3 HW offload実装が進んでいたり実装されたりしているようです。

IPv4 UnicastHWDepending on the complexity of routes in routing table, max HW accelerated route count could change (see table below for min-max supported route count for each hardware). Whole-byte IP prefixes (/8, /16, /24, etc.) occupy less HW space than others (e.g., /22). If HW route limit is reached new routes will fall back to CPU, except cases when newly added route overlaps with already existing routes processed by hardware. In this case destinations that were processed in hardware will continue to be processed in hardware. The user should choose the device with HW capability large-enough to store all the routes.
IPv6 UnicastCPU
IPv4 MulticastCPU
IPv6 MulticastCPU
ECMPHWSee hardware limits in the next table.
“blackhole" routesHWThis feature enables the possibility to drop D/DOS attacks at wire speed
“prohibit" routesCPU
“unreachable" routesCPU
gateway=<interface_name>HW/CPUThis works only for directly connected networks. Since HW does not know how to send ARP requests, CPU sends ARP request and waits for a reply to find out a DST MAC address on the first received packet of the connection that matches a DST IP address. After DST MAC is determined, HW entry is added and all further packets will be processed by switch chip.
BridgeHWRouting from/to bridge interface
VLANHWRouting between VLAN interfaces
LACPHW/interface bonding
FirewallFWOnly Fasttrack connections gets processed by HW, which means that CPU is processing packets until connection gets fasttracked.
NATFWNAT rules applied to the offloaded Fasttrack connections are processed by HW.

少し情報を調べてみるとどうやらCPUの「98DX8216」を搭載した製品だけかなーと思ったら、先日アップデートが公開されているRotuerOS 7.1beta2には以下の更新内容が書かれており、対応製品が増えています。

!) added Layer3 hardware offloading support for CRS309-1G-8S+IN, CRS312-4C+8XG-RM and CRS326-24S+2Q+RM;


皆様も試す時は、この記事執筆時点でRouterOS v7がdevelopment(開発版)であることを十分に理解した上でインストールして検証してください。