MikroTik Traffic Generator: Complete Network Stress Testing Guide

0 Shares

Network failures cost enterprises an average of $300,000 per hour of downtime. A single misconfigured switch or undersized link can cascade into a company-wide outage. Network stress testing prevents these failures by identifying weaknesses before they affect production systems.

MikroTik RouterOS includes a built-in Traffic Generator tool. This tool creates synthetic network traffic to test device performance, link capacity, and network resilience. Network engineers use this tool to validate configurations, benchmark hardware, and verify quality of service policies.

What You Will Learn

How to configure MikroTik Traffic Generator for various testing scenarios
Best practices for safe network stress testing
Methods to analyze and interpret test results
Real-world applications and configuration examples
Troubleshooting techniques for common issues

Prerequisites

Basic understanding of TCP/IP networking
Familiarity with MikroTik RouterOS interface
Access to a MikroTik device running RouterOS v6.x or v7.x
A controlled test environment (recommended)

2. What is the MikroTik Traffic Generator?

Overview

The MikroTik Traffic Generator is a packet generation tool built into RouterOS. The tool creates customizable network traffic streams at Layer 2 and Layer 3. RouterOS has included this feature since version 3.x. No additional licensing or packages are required on most RouterBOARD devices.

Key Features

Feature	Description
Packet Customization	Configure MAC addresses, IP headers, ports, and payload
Rate Control	Set packets per second (pps) or bandwidth (Mbps)
Multiple Streams	Run concurrent traffic streams with different parameters
Bidirectional Testing	Send and receive traffic simultaneously
Real-time Statistics	Monitor TX/RX counters, packet loss, and throughput
Protocol Headers	Generate UDP and TCP packet headers

Traffic Generator vs. Other Testing Tools

Tool	Cost	Max Throughput	Protocol Support	Best For
MikroTik Traffic Generator	Free (built-in)	Hardware-dependent	L2/L3 UDP/TCP headers	Quick testing, MikroTik environments
iperf3	Free (open source)	Host-dependent	TCP/UDP/SCTP	End-to-end throughput testing
IXIA	$10,000+	100Gbps+	Full protocol stack	Carrier-grade testing
Spirent	$15,000+	400Gbps+	Full protocol stack	Enterprise/Carrier testing

Advantages of MikroTik Traffic Generator

Zero cost: Included with RouterOS
No additional hardware: Uses existing MikroTik devices
Native integration: Works seamlessly with RouterOS features
Quick deployment: Available immediately on any MikroTik device
Remote access: Configurable via WinBox, WebFig, SSH, or API

Limitations

Maximum throughput depends on device CPU and architecture
Cannot generate stateful TCP connections
Limited protocol simulation compared to commercial tools
No built-in latency measurement (requires additional tools)

↑ Back to Table of Contents

3. Prerequisites for Network Stress Testing

Hardware Requirements

Supported Devices

All RouterBOARD devices support the Traffic Generator. Performance varies significantly by model:

Device Series	CPU Type	Expected Max Throughput	Recommended Use
CCR2004/CCR2116	ARM64	10-25 Gbps	High-performance testing
CCR1036/CCR1072	Tilera	10-40 Gbps	Enterprise stress testing
RB4011	ARM32	3-5 Gbps	Medium-scale testing
RB3011	ARM32	1-2 Gbps	Small network testing
hAP ac²/ac³	ARM32	500 Mbps – 1 Gbps	Basic testing only
hEX Series	MIPS/ARM	300-900 Mbps	Lab environments

Hardware Considerations

CPU cores: Traffic generation uses CPU resources. Multi-core devices distribute load better.
Memory: Minimum 256MB RAM recommended. Large packet buffers require more memory.
Interface type: SFP+ and 10GbE ports outperform standard Gigabit Ethernet for high-throughput tests.
Switch chip: Hardware offloading affects results. Disable switch chip for accurate CPU-based testing.

Software Requirements

RouterOS Version

Minimum: RouterOS v6.0
Recommended: RouterOS v6.49+ or v7.x
Long-term: Use the latest stable release for bug fixes

Verify Traffic Generator Availability

/tool traffic-generator print

If the command returns an error, check the system packages:

/system package print

Access Methods

WinBox: GUI access via Tools → Traffic Generator
WebFig: Browser-based access at http://[router-ip]/webfig
CLI: SSH or terminal access using /tool traffic-generator commands
API: Programmatic access for automated testing

Network Topology Considerations

Test Environment Recommendations

Isolate test traffic: Use dedicated VLANs or physical interfaces
Avoid production networks: Traffic Generator can saturate links and cause outages
Document baseline metrics: Record normal performance before stress testing
Plan test windows: Schedule tests during maintenance periods

Recommended Lab Setup

[Traffic Generator Device] ---- [Device Under Test] ---- [Traffic Receiver/Reflector]
        (Sender)                    (DUT)                      (Receiver)

Minimum Test Topology

Two MikroTik devices connected via the interface type you want to test
One device acts as sender, one as receiver
For bidirectional testing, both devices send and receive simultaneously

↑ Back to Table of Contents

4. Understanding Traffic Generator Components

Packet Template

A packet template defines the structure of generated packets. You configure headers and payload content here.

Packet Template Parameters

Parameter	Description	Example Value
name	Template identifier	test-template-1
src-address	Source IP address	192.168.1.1
dst-address	Destination IP address	192.168.2.1
src-mac-address	Source MAC address	auto or 00:11:22:33:44:55
dst-mac-address	Destination MAC address	00:AA:BB:CC:DD:EE
ip-protocol	Layer 4 protocol	udp or tcp
src-port	Source port number	5000
dst-port	Destination port number	5001
packet-size	Total packet size in bytes	1500
ttl	Time to Live value	64
vlan-id	VLAN tag (optional)	100

Packet Size Guidelines

64 bytes: Minimum Ethernet frame. Tests packets-per-second performance.
512 bytes: Common VoIP packet size.
1500 bytes: Maximum standard MTU. Tests throughput performance.
9000 bytes: Jumbo frames. Requires jumbo frame support on all devices.

Traffic Stream

A traffic stream controls how and when packets are sent. You configure rate, duration, and interface settings here.

Stream Parameters

Parameter	Description	Example Value
name	Stream identifier	stream-1
packet-template	Associated packet template	test-template-1
interface	Egress interface	ether1
tx-rate	Transmission rate (pps or bps)	100000 or 1G
burst-rate	Burst transmission rate	150000
burst-time	Duration of burst	1s
packet-count	Total packets to send (0 = unlimited)	1000000
disabled	Stream enabled/disabled	no

Rate Configuration Options

Packets per second (pps): Use numeric value (e.g., 100000)
Bits per second: Use suffix notation (e.g., 1G, 500M, 100k)
Maximum rate: Set to 0 for maximum hardware capability

Statistics and Counters

The Traffic Generator provides real-time statistics for monitoring test progress.

Available Statistics

tx-packet: Total packets transmitted
tx-byte: Total bytes transmitted
tx-packet-rate: Current transmission rate (pps)
tx-byte-rate: Current transmission rate (bps)
rx-packet: Total packets received (receiver mode)
rx-byte: Total bytes received (receiver mode)
rx-packet-rate: Current receive rate (pps)
rx-byte-rate: Current receive rate (bps)
lost-packet: Detected packet loss count
out-of-order: Packets received out of sequence

↑ Back to Table of Contents

5. Step-by-Step Configuration Guide

Basic Configuration via WinBox

1: Open Traffic Generator

Connect to your MikroTik device using WinBox
Navigate to Tools → Traffic Generator
The Traffic Generator window displays three tabs: Packet Templates, Streams, and Statistics

2: Create a Packet Template

Click the Packet Templates tab
Click the + button to add a new template
Configure the following parameters:
- Name: basic-test
- Src. Address: 192.168.88.1
- Dst. Address: 192.168.88.2
- IP Protocol: udp
- Src. Port: 5000
- Dst. Port: 5001
- Packet Size: 1500
Click OK to save

3: Create a Traffic Stream

Click the Streams tab
Click the + button to add a new stream
Configure the following parameters:
- Name: test-stream-1
- Packet Template: basic-test
- Interface: ether1 (select your test interface)
- Tx Rate: 100M (100 Mbps)
Click OK to save

4: Start the Test

Select the stream in the Streams tab
Click the Start button (play icon)
Switch to the Statistics tab to monitor progress

5: Stop the Test

Return to the Streams tab
Select the running stream
Click the Stop button

Complete CLI Configuration Examples

Example 1: Basic UDP Traffic Test

This configuration sends 1 Gbps of UDP traffic with 1500-byte packets.

# Create packet template
/tool traffic-generator packet-template
add name=udp-test-1g \
    src-address=10.0.0.1 \
    dst-address=10.0.0.2 \
    ip-protocol=udp \
    src-port=5000 \
    dst-port=5001 \
    packet-size=1500 \
    ttl=64

# Create traffic stream
/tool traffic-generator stream
add name=stream-1g \
    packet-template=udp-test-1g \
    interface=ether1 \
    tx-rate=1G

# Start the stream
/tool traffic-generator stream enable stream-1g

# View statistics
/tool traffic-generator stats print

# Stop the stream
/tool traffic-generator stream disable stream-1g

Example 2: Small Packet Stress Test (64-byte)

Small packets stress the CPU with high packets-per-second rates.

# Create small packet template
/tool traffic-generator packet-template
add name=small-packet-test \
    src-address=172.16.0.1 \
    dst-address=172.16.0.2 \
    ip-protocol=udp \
    src-port=6000 \
    dst-port=6001 \
    packet-size=64 \
    ttl=64

# Create high-pps stream
/tool traffic-generator stream
add name=pps-stress-test \
    packet-template=small-packet-test \
    interface=sfp-sfpplus1 \
    tx-rate=0  # Maximum rate

# Start test
/tool traffic-generator stream enable pps-stress-test

Example 3: VLAN-Tagged Traffic Test

Test VLAN handling and QoS on tagged interfaces.

# Create VLAN-tagged packet template
/tool traffic-generator packet-template
add name=vlan-test \
    src-address=192.168.100.1 \
    dst-address=192.168.100.2 \
    ip-protocol=udp \
    src-port=7000 \
    dst-port=7001 \
    packet-size=1000 \
    vlan-id=100 \
    vlan-priority=5 \
    ttl=64

# Create stream
/tool traffic-generator stream
add name=vlan-stream \
    packet-template=vlan-test \
    interface=ether2 \
    tx-rate=500M

Example 4: Multiple Concurrent Streams

Simulate multiple traffic flows for realistic network conditions.

# Template 1: VoIP simulation (small packets, steady rate)
/tool traffic-generator packet-template
add name=voip-sim \
    src-address=10.10.1.100 \
    dst-address=10.10.2.100 \
    ip-protocol=udp \
    src-port=16384 \
    dst-port=16384 \
    packet-size=214 \
    ttl=64

# Template 2: Data transfer simulation (large packets, high throughput)
/tool traffic-generator packet-template
add name=data-sim \
    src-address=10.10.1.50 \
    dst-address=10.10.2.50 \
    ip-protocol=udp \
    src-port=8000 \
    dst-port=8001 \
    packet-size=1500 \
    ttl=64

# Stream 1: VoIP (100 pps per call * 10 calls = 1000 pps)
/tool traffic-generator stream
add name=voip-stream \
    packet-template=voip-sim \
    interface=ether1 \
    tx-rate=1000  # packets per second

# Stream 2: Data (500 Mbps bulk transfer)
/tool traffic-generator stream
add name=data-stream \
    packet-template=data-sim \
    interface=ether1 \
    tx-rate=500M

# Start both streams
/tool traffic-generator stream enable voip-stream
/tool traffic-generator stream enable data-stream

Bidirectional Testing Configuration

Sender Device Configuration (Router A – 10.0.0.1)

# Configure IP address
/ip address add address=10.0.0.1/30 interface=ether1

# Create packet template (A → B)
/tool traffic-generator packet-template
add name=to-router-b \
    src-address=10.0.0.1 \
    dst-address=10.0.0.2 \
    ip-protocol=udp \
    src-port=5000 \
    dst-port=5001 \
    packet-size=1500

# Create stream
/tool traffic-generator stream
add name=stream-to-b \
    packet-template=to-router-b \
    interface=ether1 \
    tx-rate=1G

Receiver Device Configuration (Router B – 10.0.0.2)

# Configure IP address
/ip address add address=10.0.0.2/30 interface=ether1

# Create packet template (B → A)
/tool traffic-generator packet-template
add name=to-router-a \
    src-address=10.0.0.2 \
    dst-address=10.0.0.1 \
    ip-protocol=udp \
    src-port=5001 \
    dst-port=5000 \
    packet-size=1500

# Create stream
/tool traffic-generator stream
add name=stream-to-a \
    packet-template=to-router-a \
    interface=ether1 \
    tx-rate=1G

Start Bidirectional Test

Execute simultaneously on both routers:

# On Router A
/tool traffic-generator stream enable stream-to-b

# On Router B
/tool traffic-generator stream enable stream-to-a

Receiver Mode Configuration

Configure a device to receive and measure incoming test traffic.

# Enable receiver on specific interface and port
/tool traffic-generator
set rx-template-enabled=yes

# Monitor received traffic statistics
/tool traffic-generator stats print interval=1s

↑ Back to Table of Contents

6. Network Stress Testing Use Cases

Use Case 1: Bandwidth Capacity Testing

Objective

Determine the maximum throughput capacity of a network link or device.

Test Methodology

Start with 10% of theoretical link capacity
Increase rate by 10% increments
Monitor for packet loss at each level
Record the maximum rate with 0% packet loss
Document the rate at which packet loss begins

Configuration Example

# Start at 100 Mbps on a 1 Gbps link
/tool traffic-generator packet-template
add name=capacity-test src-address=10.0.0.1 dst-address=10.0.0.2 \
    ip-protocol=udp packet-size=1500

/tool traffic-generator stream
add name=capacity-100m packet-template=capacity-test interface=ether1 tx-rate=100M

# Increment to 200M, 300M, etc.
/tool traffic-generator stream set capacity-100m tx-rate=200M

Expected Results

Gigabit Ethernet: 940-960 Mbps usable throughput
10 Gigabit Ethernet: 9.4-9.8 Gbps usable throughput
Lower results indicate bottlenecks in CPU, memory, or configuration

Use Case 2: Router CPU Stress Testing

Objective

Determine how many packets per second a router can process before CPU saturation.

Test Methodology

Use small packets (64 bytes) to maximize packets-per-second
Disable hardware offloading (fasttrack, switch chip)
Monitor CPU usage during test
Increase rate until CPU reaches 100%
Record maximum sustainable pps rate

Configuration Example

# Disable fasttrack for accurate CPU testing
/ip firewall filter disable [find action=fasttrack-connection]

# Create small packet test
/tool traffic-generator packet-template
add name=cpu-stress src-address=10.0.0.1 dst-address=10.0.0.2 \
    ip-protocol=udp packet-size=64

/tool traffic-generator stream
add name=cpu-test packet-template=cpu-stress interface=ether1 tx-rate=0

# Monitor CPU during test
/system resource print

Benchmark Reference (Approximate)

Device	64-byte pps (Routing)	64-byte pps (Firewall)
CCR1036-12G-4S	~24 Mpps	~12 Mpps
CCR2004-16G-2S+	~7 Mpps	~3 Mpps
RB4011iGS+	~2 Mpps	~1 Mpps
hEX S (RB760iGS)	~0.5 Mpps	~0.3 Mpps

Use Case 3: Firewall Rule Performance Testing

Objective

Measure the performance impact of firewall rules on throughput.

Test Methodology

Establish baseline throughput with minimal firewall rules
Add firewall rules incrementally
Re-test throughput after each rule set addition
Compare results to identify performance impact

Configuration Example

# Baseline test - minimal firewall
/ip firewall filter print count-only
# Result: 3 rules

# Run traffic test and record throughput
/tool traffic-generator stream enable stream-1g
# Wait 60 seconds, record statistics

# Add 100 firewall rules
:for i from=1 to=100 do={
    /ip firewall filter add chain=forward \
        src-address="192.168.$i.0/24" action=accept
}

# Re-run test and compare
/tool traffic-generator stream enable stream-1g

Use Case 4: QoS Queue Validation

Objective

Verify that QoS policies correctly prioritize traffic.

Test Methodology

Configure queue trees or simple queues
Create multiple traffic streams with different DSCP values
Saturate the link with mixed traffic
Verify high-priority traffic maintains throughput
Confirm low-priority traffic is throttled

Configuration Example

# Create QoS queues
/queue tree
add name=high-priority parent=ether1 priority=1 max-limit=500M \
    packet-mark=high-prio
add name=low-priority parent=ether1 priority=8 max-limit=500M \
    packet-mark=low-prio

# Mark traffic by DSCP
/ip firewall mangle
add chain=forward dscp=46 action=mark-packet new-packet-mark=high-prio
add chain=forward dscp=0 action=mark-packet new-packet-mark=low-prio

# Create high-priority test template
/tool traffic-generator packet-template
add name=high-prio-test src-address=10.0.0.1 dst-address=10.0.0.2 \
    ip-protocol=udp packet-size=500 dscp=46

# Create low-priority test template
/tool traffic-generator packet-template
add name=low-prio-test src-address=10.0.0.1 dst-address=10.0.0.2 \
    ip-protocol=udp packet-size=500 dscp=0

# Create streams
/tool traffic-generator stream
add name=high-stream packet-template=high-prio-test interface=ether1 tx-rate=400M
add name=low-stream packet-template=low-prio-test interface=ether1 tx-rate=400M

# Enable both streams (total 800M on 1G link = congestion)
/tool traffic-generator stream enable high-stream
/tool traffic-generator stream enable low-stream

Use Case 5: Link Failover Testing

Objective

Measure failover time when a primary link fails.

Test Methodology

Configure redundant links (VRRP, ECMP, or backup routes)
Start continuous traffic stream
Disconnect primary link
Measure packet loss duration
Calculate failover time from lost packets

Failover Time Calculation

Failover Time (seconds) = Lost Packets / Packets Per Second

Example:
- Test rate: 10,000 pps
- Packets lost: 500
- Failover time: 500 / 10,000 = 0.05 seconds (50 ms)

↑ Back to Table of Contents

7. Best Practices for Stress Testing

Planning Your Test Strategy

Define Clear Objectives

Document what you want to measure
Set specific success criteria (e.g., “1 Gbps with less than 0.1% packet loss”)
Identify acceptable performance thresholds

Test Plan Template

Element	Description
Test Name	Descriptive name for the test
Objective	What you want to learn
Topology	Devices and connections involved
Traffic Profile	Packet size, rate, protocol
Duration	How long to run the test
Success Criteria	Specific metrics that indicate pass/fail
Rollback Plan	How to stop the test if issues occur

Safety Precautions

Traffic Isolation Methods

Dedicated VLAN: Assign test traffic to a separate VLAN

/interface vlan add name=test-vlan vlan-id=999 interface=ether1

Physical isolation: Use dedicated interfaces not connected to production

Firewall rules: Block test traffic from reaching production networks

/ip firewall filter add chain=forward \
    src-address=10.99.99.0/24 dst-address=!10.99.99.0/24 action=drop \
    comment="Block test traffic from production"

Emergency Stop Procedure

# Stop all traffic streams immediately
/tool traffic-generator stream disable [find]

# Verify no streams are running
/tool traffic-generator stream print where disabled=no

# Alternative: Remove all streams
/tool traffic-generator stream remove [find]

Scheduling Recommendations

Conduct tests during maintenance windows
Notify stakeholders before testing
Have a colleague monitor production systems during tests
Prepare rollback commands in advance

Incremental Load Testing

Ramp-Up Methodology

Start at 10% of target load
Hold each level for 60 seconds minimum
Monitor metrics before increasing
Increase by 10-20% increments
Stop when packet loss exceeds acceptable threshold

Ramp-Up Script Example

# Incremental load test script
:local rates {"100M";"200M";"300M";"400M";"500M";"600M";"700M";"800M";"900M";"1G"}
:local holdTime 60

:foreach rate in=$rates do={
    :log info "Setting rate to $rate"
    /tool traffic-generator stream set stream-1 tx-rate=$rate
    :delay ($holdTime . "s")
    :local stats [/tool traffic-generator stats get 0]
    :log info "Rate: $rate - TX: $($stats->"tx-packet-rate") pps"
}

Documentation Requirements

Information to Record

Test date and time
Device models and firmware versions
Network topology diagram
Traffic Generator configuration (export)
Baseline metrics before test
Results at each test level
Anomalies observed
Screenshots of statistics

Export Configuration for Documentation

# Export traffic generator configuration
/tool traffic-generator packet-template export file=tg-templates
/tool traffic-generator stream export file=tg-streams

# Export system info
/system resource print file=system-resources
/system routerboard print file=hardware-info

↑ Back to Table of Contents

8. Analyzing Traffic Generator Results

Key Metrics to Monitor

Primary Metrics

Metric	Description	Acceptable Range
Throughput (bps)	Actual data rate achieved	>95% of configured rate
Packets per Second	Packet processing rate	Depends on hardware
Packet Loss (%)	Percentage of packets not delivered	<0.1% for most applications
Out-of-Order	Packets received in wrong sequence	<0.01%

View Statistics Command

# Real-time statistics (updates every second)
/tool traffic-generator stats print interval=1

# Detailed statistics
/tool traffic-generator stats print detail

Sample Output

Columns: NAME, TX-PACKET, TX-BYTE, TX-PACKET-RATE, TX-BYTE-RATE, RX-PACKET, RX-BYTE, RX-PACKET-RATE, RX-BYTE-RATE, LOST
# NAME       TX-PACKET   TX-BYTE    TX-PKT-RATE  TX-BYTE-RATE  RX-PACKET   RX-BYTE    RX-PKT-RATE  RX-BYTE-RATE  LOST
0 stream-1  145823456  218735184000  81234       121851000     145820123  218730184500  81232       121848500     3333

Calculating Performance Metrics

Throughput Calculation

Actual Throughput = TX-BYTE-RATE × 8 (to convert to bits)
Example: 121,851,000 bytes/sec × 8 = 974,808,000 bps = 974.8 Mbps

Packet Loss Calculation

Packet Loss % = (TX-PACKET - RX-PACKET) / TX-PACKET × 100
Example: (145,823,456 - 145,820,123) / 145,823,456 × 100 = 0.0023%

Efficiency Calculation

Wire Efficiency = Payload Size / (Payload Size + Overhead)
Ethernet Overhead = 38 bytes (Preamble, SFD, MAC headers, CRC, IFG)

For 1500-byte packets:
Efficiency = 1500 / (1500 + 38) = 97.5%

Maximum Throughput on 1 Gbps = 1000 Mbps × 0.975 = 975 Mbps

Identifying Bottlenecks

CPU-Bound Symptoms

CPU usage at or near 100%
Throughput does not increase with higher TX rate
Small packets result in significantly lower throughput than large packets
Disabling fasttrack increases CPU usage dramatically

Check CPU Usage

/system resource print
/system resource cpu print

Memory-Bound Symptoms

Free memory decreasing during test
Packet loss increasing over time
System becomes unresponsive

Interface Queue Drops

# Check interface statistics for drops
/interface ethernet print stats

# Look for:
# - tx-queue-drop: Packets dropped due to full queue
# - rx-overflow: Packets dropped due to receive buffer overflow

Correlating with Other Tools

Using Torch for Traffic Verification

# Monitor traffic on test interface
/tool torch interface=ether1 src-address=10.0.0.0/8

SNMP Monitoring

# Enable SNMP for external monitoring
/snmp set enabled=yes
/snmp community set public addresses=10.0.0.0/24

Graphing Interface Statistics

# Enable interface graphing
/tool graphing interface add interface=ether1 allow-address=10.0.0.0/24
/tool graphing resource add allow-address=10.0.0.0/24

↑ Back to Table of Contents

9. Troubleshooting Common Issues

Issue 1: Low Throughput Results

Symptoms

Actual throughput significantly below configured rate
TX-BYTE-RATE lower than expected

Causes and Solutions

Cause	Diagnosis	Solution
CPU limitation	Check /system resource – CPU at 100%	Use more powerful hardware or reduce test rate
Fasttrack disabled	Check /ip firewall filter for fasttrack rules	Enable fasttrack for production, disable only for testing
Connection tracking	Check /ip firewall connection tracking	Disable connection tracking if not needed
Interface auto-negotiation	Check /interface ethernet – speed setting	Verify link is negotiated at expected speed
Duplex mismatch	Check /interface ethernet – full-duplex	Ensure both ends are full-duplex

Diagnostic Commands

# Check CPU usage
/system resource print

# Check interface negotiation
/interface ethernet print detail

# Check connection tracking status
/ip firewall connection tracking print

# Check fasttrack status
/ip firewall filter print where action=fasttrack-connection

Issue 2: High Packet Loss

Symptoms

LOST counter incrementing
RX-PACKET significantly lower than TX-PACKET

Causes and Solutions

Cause	Diagnosis	Solution
Rate exceeds capacity	Compare TX rate to interface speed	Reduce TX rate
Queue overflow	Check interface stats for tx-queue-drop	Increase queue size or reduce rate
Firewall dropping packets	Check /ip firewall filter print stats	Add permit rule for test traffic
Routing issues	Check /ip route print for destination	Verify routing table has path to destination
ARP resolution failure	Check /ip arp print for destination MAC	Verify ARP entry exists or specify dst-mac-address

Diagnostic Commands

# Check firewall drops
/ip firewall filter print stats

# Check queue drops
/interface ethernet print stats where name=ether1

# Check ARP table
/ip arp print where interface=ether1

# Check routing
/ip route print where dst-address~"10.0.0.0"

Issue 3: Traffic Not Reaching Destination

Symptoms

TX-PACKET incrementing but RX-PACKET stays at zero
Receiver shows no incoming traffic

Troubleshooting Steps

Verify physical connectivity:
```
/interface ethernet monitor ether1
```

Check MAC address configuration:

# Verify dst-mac-address is correct
/tool traffic-generator packet-template print detail

Verify VLAN configuration:

# Check if VLAN tagging matches receiver
/interface vlan print

Use Torch to verify TX:
```
/tool torch interface=ether1
```

Check receiver interface:

# On receiver device
/interface ethernet print stats

Issue 4: Traffic Generator Not Starting

Common Errors and Solutions

Error Message	Cause	Solution
“interface not found”	Specified interface does not exist	Verify interface name with /interface print
“packet-template not found”	Referenced template does not exist	Create template first or fix name reference
“not enough memory”	Insufficient RAM for operation	Reduce stream count or packet buffer size
“feature not supported”	Hardware does not support operation	Check device capabilities

Issue 5: Inconsistent Results

Causes

Background traffic on shared links
CPU usage by other processes
Interface buffer fluctuations
Temperature-based CPU throttling

Solutions

Run multiple tests and average results
Test during periods of low network activity

Stop unnecessary services during testing:

/ip dns set servers=""
/tool bandwidth-server set enabled=no
/ip neighbor discovery-settings set discover-interface-list=none

Monitor device temperature:
```
/system health print
```

↑ Back to Table of Contents

10. Real-World Testing Scenarios

Scenario 1: New Switch Deployment Validation

Background

A company plans to deploy a new MikroTik CRS326-24G-2S+ switch in their data center. Before production deployment, the network team must verify the switch meets performance requirements.

Requirements

Minimum 20 Gbps switching capacity
Less than 0.01% packet loss under full load
Support for 9000-byte jumbo frames

Test Configuration

# Configure on CCR1036 as traffic generator

# Test 1: Standard 1500-byte frames at 10 Gbps (using 2x SFP+)
/tool traffic-generator packet-template
add name=switch-test-std \
    src-address=10.100.1.1 \
    dst-address=10.100.1.2 \
    ip-protocol=udp \
    packet-size=1500

/tool traffic-generator stream
add name=sfp1-stream packet-template=switch-test-std interface=sfp-sfpplus1 tx-rate=10G
add name=sfp2-stream packet-template=switch-test-std interface=sfp-sfpplus2 tx-rate=10G

# Test 2: Jumbo frames (9000 bytes)
/tool traffic-generator packet-template
add name=switch-test-jumbo \
    src-address=10.100.1.1 \
    dst-address=10.100.1.2 \
    ip-protocol=udp \
    packet-size=9000

/tool traffic-generator stream
add name=jumbo-stream packet-template=switch-test-jumbo interface=sfp-sfpplus1 tx-rate=10G

Results

Test	Throughput	Packet Loss	Result
Standard frames – 10G single port	9.87 Gbps	0.00%	PASS
Standard frames – 20G dual port	19.74 Gbps	0.00%	PASS
Jumbo frames – 10G	9.91 Gbps	0.00%	PASS

Scenario 2: WAN Link Capacity Planning

Background

An ISP needs to determine if a 1 Gbps fiber link can handle projected customer growth. Current utilization peaks at 600 Mbps. Projected growth suggests 40% increase over 12 months.

Test Methodology

Simulate current peak load (600 Mbps)
Simulate projected load (840 Mbps)
Test maximum capacity with acceptable packet loss
Measure performance under oversubscription

Test Configuration

# Simulate mixed traffic profile
# 60% large packets (typical downloads)
# 40% small packets (DNS, ACKs, etc.)

/tool traffic-generator packet-template
add name=bulk-traffic src-address=100.64.0.1 dst-address=100.64.0.2 \
    ip-protocol=udp packet-size=1500

add name=small-traffic src-address=100.64.0.1 dst-address=100.64.0.2 \
    ip-protocol=udp packet-size=128

# Current load simulation (600 Mbps)
/tool traffic-generator stream
add name=current-bulk packet-template=bulk-traffic interface=ether1 tx-rate=360M
add name=current-small packet-template=small-traffic interface=ether1 tx-rate=240M

# Projected load simulation (840 Mbps)
/tool traffic-generator stream
add name=projected-bulk packet-template=bulk-traffic interface=ether1 tx-rate=504M disabled=yes
add name=projected-small packet-template=small-traffic interface=ether1 tx-rate=336M disabled=yes

Results and Recommendation

Load Level	Total Throughput	Packet Loss	CPU Usage
Current (600 Mbps)	598.5 Mbps	0.00%	45%
Projected (840 Mbps)	837.2 Mbps	0.00%	62%
Maximum (1000 Mbps)	974.8 Mbps	0.02%	78%
Oversubscribed (1200 Mbps)	968.4 Mbps	19.30%	100%

Recommendation: The 1 Gbps link can support projected growth. Plan upgrade to 10 Gbps when sustained utilization exceeds 750 Mbps.

Scenario 3: VoIP Quality Verification

Background

A company is deploying 50 VoIP phones. Each call uses G.711 codec at 87.2 kbps (including overhead). Network must maintain quality under full load.

VoIP Traffic Characteristics

Packet size: 214 bytes (160 bytes payload + 54 bytes overhead)
Packet rate: 50 pps per call
Total calls: 50 concurrent
Total bandwidth: 50 × 87.2 kbps = 4.36 Mbps
Total pps: 50 × 50 = 2,500 pps

Test Configuration

# Simulate 50 concurrent G.711 calls
/tool traffic-generator packet-template
add name=voip-g711 \
    src-address=192.168.10.0 \
    dst-address=192.168.20.0 \
    ip-protocol=udp \
    src-port=16384 \
    dst-port=16384 \
    packet-size=214 \
    dscp=46

/tool traffic-generator stream
add name=voip-50-calls \
    packet-template=voip-g711 \
    interface=ether1 \
    tx-rate=2500  # packets per second

# Add background traffic to simulate real conditions
/tool traffic-generator packet-template
add name=background-data \
    src-address=192.168.10.0 \
    dst-address=192.168.20.0 \
    ip-protocol=udp \
    packet-size=1500

/tool traffic-generator stream
add name=background-100m \
    packet-template=background-data \
    interface=ether1 \
    tx-rate=100M

Success Criteria for VoIP

Packet loss: <1%
Jitter: <30ms (requires external measurement)
Latency: <150ms one-way

↑ Back to Table of Contents

11. Alternative and Complementary Tools

MikroTik Bandwidth Test (BTest)

When to Use BTest vs. Traffic Generator

Feature	Traffic Generator	Bandwidth Test
Protocol	Raw packets (UDP/TCP headers)	TCP or UDP connections
Connection Type	Stateless	Stateful (client-server)
Setup Complexity	Moderate	Simple
Packet Customization	Full control	Limited
Best For	Device stress testing, QoS validation	Quick throughput tests, WAN testing

BTest Configuration

# Enable bandwidth test server
/tool bandwidth-server
set enabled=yes authenticate=yes

# Add user for authentication
/tool bandwidth-server user
add name=testuser password=testpass

# Run bandwidth test (from client)
/tool bandwidth-test address=10.0.0.1 user=testuser password=testpass \
    protocol=tcp direction=both duration=60s

Using iperf3 with MikroTik

When to Use iperf3

End-to-end throughput testing (host to host)
TCP window size optimization
Parallel stream testing
JSON output for automated analysis

iperf3 Installation and Usage

# Install on Linux server
apt install iperf3

# Start iperf3 server
iperf3 -s

# Run client test
iperf3 -c 10.0.0.1 -t 60 -P 4 --json > results.json

Combining Traffic Generator and iperf3

Use Traffic Generator to create background load
Run iperf3 to measure application-level throughput
Compare results to assess network efficiency

Integration with Monitoring Tools

The Dude Integration

# Enable The Dude monitoring
/dude set enabled=yes

# Monitor traffic generator statistics via SNMP
# OID: 1.3.6.1.4.1.14988.1.1.7 (MikroTik private MIB)

Grafana/InfluxDB Setup

# Export statistics via script
:local txRate [/tool traffic-generator stats get 0 tx-byte-rate]
:local rxRate [/tool traffic-generator stats get 0 rx-byte-rate]

# Send to InfluxDB (example using fetch)
/tool fetch url="http://influxdb:8086/write?db=mikrotik" \
    http-method=post \
    http-data="traffic_gen,host=router1 tx_rate=$txRate,rx_rate=$rxRate"

Automated Testing Scripts

Scheduled Performance Test

# Script: daily-performance-test
# Run daily at 3:00 AM

:local testDuration 300
:local interface "ether1"
:local logFile "perf-test-log"

:log info "Starting daily performance test"

# Enable stream
/tool traffic-generator stream enable stream-1

# Wait for test duration
:delay ($testDuration . "s")

# Capture results
:local stats [/tool traffic-generator stats get 0]
:local txRate ($stats->"tx-byte-rate")
:local lost ($stats->"lost-packet")

# Log results
:log info "Test complete - TX Rate: $txRate bps, Lost: $lost packets"

# Stop stream
/tool traffic-generator stream disable stream-1

# Alert if packet loss detected
:if ($lost > 0) do={
    /tool e-mail send to="admin@company.com" \
        subject="Performance Test Alert" \
        body="Packet loss detected: $lost packets"
}

# Schedule script
/system scheduler
add name=daily-perf-test interval=1d start-time=03:00:00 \
    on-event=daily-performance-test

↑ Back to Table of Contents

12. Limitations and Workarounds

Known Limitations

Performance Limitations

Limitation	Description	Impact
Hardware-dependent throughput	Maximum rate varies by CPU/architecture	Cannot test beyond device capability
Single-threaded generation	Each stream uses one CPU core	Multi-core devices may not fully utilize CPU
No hardware timestamping	Latency measurements use software timestamps	Microsecond-level accuracy not possible

Protocol Limitations

Limitation	Description	Workaround
Stateless traffic	Cannot establish real TCP connections	Use iperf3 for stateful TCP testing
No application protocols	Cannot simulate HTTP, FTP, etc.	Use dedicated application testing tools
Limited header options	Cannot set all IP/TCP options	Use packet capture and replay tools

Workarounds and Solutions

Distributed Testing for Higher Throughput

Use multiple MikroTik devices to generate more traffic than a single device can produce.

# Device 1 configuration
/tool traffic-generator stream
add name=dist-stream-1 interface=ether1 tx-rate=5G packet-template=test-template

# Device 2 configuration
/tool traffic-generator stream
add name=dist-stream-2 interface=ether1 tx-rate=5G packet-template=test-template

# Combined: 10 Gbps from two devices

Multi-Stream CPU Utilization

Create multiple streams to utilize more CPU cores.

# Create 4 streams to utilize 4 CPU cores
:for i from=1 to=4 do={
    /tool traffic-generator packet-template
    add name="template-$i" src-address="10.0.$i.1" dst-address="10.0.$i.2" \
        ip-protocol=udp packet-size=1500
    
    /tool traffic-generator stream
    add name="stream-$i" packet-template="template-$i" interface=ether1 tx-rate=2500M
}

Latency Testing Alternative

For accurate latency measurements, use ping flood with timestamps.

# Measure latency with ping
/ping address=10.0.0.2 count=1000 interval=10ms

# Output includes:
# - min/avg/max RTT
# - Packet loss percentage

↑ Back to Table of Contents

13. Security Considerations

Preventing Accidental DoS

Risk Assessment

The Traffic Generator can produce gigabits of traffic. Misconfiguration can cause:

Network congestion and outages
Device CPU exhaustion
Service degradation for production traffic
Potential ISP complaints if traffic leaves your network

Containment Strategies

Use non-routable addresses:

# Use RFC 5737 documentation addresses
src-address=192.0.2.1
dst-address=192.0.2.2

Implement firewall blocks:

/ip firewall filter
add chain=output dst-address=!10.99.99.0/24 \
    src-address=10.99.99.0/24 action=drop \
    comment="Prevent test traffic from leaving test network"

Use rate limiting as a safety net:

/queue simple
add name=test-traffic-limit target=ether1 max-limit=1G/1G \
    comment="Safety limit for test traffic"

Set packet count limits:

# Limit total packets instead of continuous stream
/tool traffic-generator stream
add name=limited-test packet-template=test packet-count=1000000

Emergency Stop Script

# Create emergency stop script
/system script
add name=emergency-stop-traffic source={
    /tool traffic-generator stream disable [find]
    :log warning "Emergency: All traffic generator streams stopped"
}

# Bind to scheduler for quick access or create hotkey in WinBox

Access Control

Limiting Traffic Generator Access

# Create restricted user group
/user group
add name=network-tester policy=read,write,test,sensitive

# Create user with limited access
/user
add name=tester password=SecurePassword123 group=network-tester

# Note: 'test' policy required for traffic generator access

Restrict Management Access

# Limit WinBox/SSH access to management network
/ip firewall filter
add chain=input src-address=!10.0.0.0/24 dst-port=22,8291 protocol=tcp action=drop \
    comment="Restrict management access"

# Limit API access
/ip service
set api address=10.0.0.0/24
set api-ssl address=10.0.0.0/24

Audit Logging

# Enable logging for traffic generator actions
/system logging
add topics=system,info action=memory
add topics=script action=memory

# Log traffic generator commands
:log info "Traffic Generator: Stream $streamName started by $[/user active get [find] name]"

Change Management Procedures

Pre-Test Checklist

☐ Change request approved
☐ Test plan documented and reviewed
☐ Stakeholders notified
☐ Rollback procedure prepared
☐ Monitoring systems in place
☐ Emergency contacts available
☐ Test traffic isolated from production
☐ Backup configuration saved

Configuration Backup Before Testing

# Export full configuration
/export file=pre-test-backup

# Export specific sections
/tool traffic-generator packet-template export file=tg-templates-backup
/tool traffic-generator stream export file=tg-streams-backup

# Create system backup
/system backup save name=pre-test-backup

↑ Back to Table of Contents

14. Conclusion

Key Takeaways

MikroTik Traffic Generator is a powerful built-in tool for network stress testing, available at no additional cost on RouterOS devices.
Proper planning prevents problems. Always isolate test traffic, document your procedures, and have emergency stop procedures ready.
Incremental testing is essential. Start at low rates and increase gradually to identify performance thresholds safely.
Hardware determines maximum performance. Choose appropriate devices for your testing requirements and understand their limitations.
Combine tools for comprehensive testing. Use Traffic Generator alongside Bandwidth Test, iperf3, and monitoring tools for complete network validation.

Recommended Testing Schedule

Event	Test Type	Frequency
New equipment deployment	Full stress test	Before production
Firmware upgrades	Performance validation	After each upgrade
Configuration changes	Targeted testing	After significant changes
Capacity planning	Load testing	Quarterly
SLA verification	Throughput/loss testing	Monthly
Baseline updates	Comprehensive benchmark	Annually

Next Steps

Set up a dedicated test environment in your lab
Create standard test templates for your common scenarios
Document baseline performance for all critical network paths
Establish regular testing procedures in your maintenance schedule
Train team members on Traffic Generator usage and safety procedures

↑ Back to Table of Contents

15. Quick Reference

Essential Commands Cheat Sheet

Packet Template Commands

# List all templates
/tool traffic-generator packet-template print

# Create template
/tool traffic-generator packet-template add name=test \
    src-address=10.0.0.1 dst-address=10.0.0.2 ip-protocol=udp packet-size=1500

# Modify template
/tool traffic-generator packet-template set test packet-size=512

# Remove template
/tool traffic-generator packet-template remove test

Stream Commands

# List all streams
/tool traffic-generator stream print

# Create stream
/tool traffic-generator stream add name=stream1 \
    packet-template=test interface=ether1 tx-rate=1G

# Start stream
/tool traffic-generator stream enable stream1

# Stop stream
/tool traffic-generator stream disable stream1

# Stop all streams
/tool traffic-generator stream disable [find]

# Remove stream
/tool traffic-generator stream remove stream1

Statistics Commands

# View statistics
/tool traffic-generator stats print

# Real-time statistics (1 second interval)
/tool traffic-generator stats print interval=1

# Detailed statistics
/tool traffic-generator stats print detail

# Reset statistics
/tool traffic-generator stats reset

Quick Diagnostic Commands

# Check CPU usage
/system resource print

# Monitor interface
/interface monitor-traffic ether1

# View interface statistics
/interface ethernet print stats where name=ether1

# Check routing
/ip route print

# View active connections
/ip firewall connection print count-only

Common Configuration Templates

1: Basic Throughput Test (1 Gbps)

/tool traffic-generator packet-template
add name=throughput-1g src-address=10.0.0.1 dst-address=10.0.0.2 \
    ip-protocol=udp packet-size=1500

/tool traffic-generator stream
add name=test-1g packet-template=throughput-1g interface=ether1 tx-rate=1G

2: Small Packet Stress Test

/tool traffic-generator packet-template
add name=pps-stress src-address=10.0.0.1 dst-address=10.0.0.2 \
    ip-protocol=udp packet-size=64

/tool traffic-generator stream
add name=stress-max packet-template=pps-stress interface=ether1 tx-rate=0

3: VoIP Simulation

/tool traffic-generator packet-template
add name=voip-g711 src-address=10.0.0.1 dst-address=10.0.0.2 \
    ip-protocol=udp src-port=16384 dst-port=16384 packet-size=214 dscp=46

/tool traffic-generator stream
add name=voip-stream packet-template=voip-g711 interface=ether1 tx-rate=2500

4: VLAN-Tagged Traffic

/tool traffic-generator packet-template
add name=vlan-test src-address=10.0.0.1 dst-address=10.0.0.2 \
    ip-protocol=udp packet-size=1000 vlan-id=100 vlan-priority=5

/tool traffic-generator stream
add name=vlan-stream packet-template=vlan-test interface=ether1 tx-rate=500M

Troubleshooting Flowchart

START: Traffic not flowing as expected
    │
    ├─► Is stream enabled?
    │   NO → /tool traffic-generator stream enable [stream-name]
    │   YES ↓
    │
    ├─► Is TX-PACKET incrementing?
    │   NO → Check interface assignment and template configuration
    │   YES ↓
    │
    ├─► Is RX-PACKET incrementing on receiver?
    │   NO → Check:
    │        • Physical connectivity
    │        • MAC address configuration
    │        • VLAN tags match
    │        • Firewall rules
    │        • Routing table
    │   YES ↓
    │
    ├─► Is throughput lower than expected?
    │   YES → Check:
    │         • CPU usage (/system resource print)
    │         • Interface negotiation speed
    │         • Fasttrack/connection tracking
    │         • Queue configuration
    │   NO ↓
    │
    ├─► Is packet loss occurring?
    │   YES → Check:
    │         • Rate vs. link capacity
    │         • Interface queue drops
    │         • CPU overload
    │         • Buffer sizes
    │   NO → Test operating normally
    │
END

Performance Reference Table

Packet Size	Theoretical Max pps (1 Gbps)	Typical Use Case
64 bytes	1,488,095 pps	CPU stress test
128 bytes	844,594 pps	Small packet test
256 bytes	452,898 pps	Mixed traffic
512 bytes	234,962 pps	VoIP simulation
1024 bytes	119,731 pps	General data
1500 bytes	81,274 pps	Throughput test
9000 bytes	13,889 pps	Jumbo frame test