System Error Message
Part of the Furniture
its one of the places. If you search there are tutorials from professionals too on other websites.
New hEX
- Thread starter kvic
- Start date
DanH
Regular Contributor
Well it got here today. Plugged it in and ran with the default config (changed the password, and updated to the latest routerOS). Installed a 32Gb micro SD card.
Now I have a lot of googling to do. I want to get it set up doing the same things the ERL is doing, but it is not as straightforward as EdgeOS. I need to find an absolute beginners guide to setting up things like Dynamic DNS, assigning static ip addresses, Port Forwarding, L2TP over ipsec vpn, and IPv6. Last but not least I need to find a beginners guide to installing the Dude on the micro SD card. This is definitely a level or two more complex (at least to me) than configuring the ERL. Seems like RouterOS does a lot more.
Oh and wow is this thing tiny, also the packaging is definitely not as flashy as ubiquiti and the printed manual was uh i guess sparse would be the word, pics below:
Now I have a lot of googling to do. I want to get it set up doing the same things the ERL is doing, but it is not as straightforward as EdgeOS. I need to find an absolute beginners guide to setting up things like Dynamic DNS, assigning static ip addresses, Port Forwarding, L2TP over ipsec vpn, and IPv6. Last but not least I need to find a beginners guide to installing the Dude on the micro SD card. This is definitely a level or two more complex (at least to me) than configuring the ERL. Seems like RouterOS does a lot more.
Oh and wow is this thing tiny, also the packaging is definitely not as flashy as ubiquiti and the printed manual was uh i guess sparse would be the word, pics below:
Last edited:
DanH
Regular Contributor
Not a whole lot of English speaking help when trying to figure out routerOS at a beginner level. I have managed to get the dynamic DNS working, assigned static ip addresses, a proper SSL certificate installed, my ports forwarded that I need, and I have the Dude server up and running with the database installed on a 32GB micro SD card. OnceI figure something out, it is actually pretty straightforward and makes sense. A lot more stuff is exposed in winbox then in edgeos without having to use the CLI which is pretty nice. Getting to that point is kind of a process of just clicking tabs and seeing what it all does; unlike with the ERL where there is a plethora of people with guides, and who are willing to help (for free). I am still working on getting IPv6 working and the associated firewall rules, as well as L2TP over ipsec vpn, not a whole lot of info to work with and all the help I can find is not in English. I love this router though. I am still scared of QoS on this thing it looks pretty complicated, and I am sure the router cant really manage a whole lot of throughput doing it, but I am still excited to try it out.
Not sure which of the two routers (ERL and hEX) I am going to use daily, and which will be a back up, but I really can see positives with both.
Not sure which of the two routers (ERL and hEX) I am going to use daily, and which will be a back up, but I really can see positives with both.
Last edited:
System Error Message
Part of the Furniture
since its mips based between 100-300Mb/s or maybe more of QoS throughput depending on your configuration. You can also accelerate some traffic and do QoS on others which you cant do on the ERL.
DanH
Regular Contributor
Definitely put the ERL away as a back up. I just like this hEX too much. Only thing left to do is set up a VPN and try setting up a QoS tree for gaming while my family is streaming.
Winbox and the Dude really won me over. Just a ton of stuff to play with and learn. Performance wise it feels the same as the ERL, I dont think either of them are being taxed on my home network.
Only complaint is the looks really.
Winbox and the Dude really won me over. Just a ton of stuff to play with and learn. Performance wise it feels the same as the ERL, I dont think either of them are being taxed on my home network.
Only complaint is the looks really.
I would want to like Winbox but I can't get over its Windows 95 theme. Though the other me says I should focus more on functionality rather than form...Winbox covers all CLI functions in full in GUI.
I'm very much attached to the hEX's quality of being robust and scalable and Tik's focus on minute details of optimising for performance. The other day (on UBNT forum) I saw a graph of connected devices from Dude which showed the network topology of a dozen of devices...very nice. The hEX btw is the lowest price router that comes with Dude.
I'm very much attached to the hEX's quality of being robust and scalable and Tik's focus on minute details of optimising for performance. The other day (on UBNT forum) I saw a graph of connected devices from Dude which showed the network topology of a dozen of devices...very nice. The hEX btw is the lowest price router that comes with Dude.
DanH
Regular Contributor
To be honest if I didn't just want another toy to mess around with, there was no need to buy the hEX, as the ERL is really nice and picking one over the other is really just a subjective choice.
I do want to throw on some stone washed blue jeans every time I fire up winbox though.
One other nice thing I noticed about it is that you can actually use winbox or webfig on a phone or tablet. The only way I could do stuff on my ERL on my phone was via CLI, since the webui would just shrink up to a unusable mess.
Also transferring files to and from the router is a breeze, no winscp involved just drag and drop, very slick.
Since im having some issues with my current ERL which seems to be due to poor optimized/firmware issues I have been thinking about trying this one out.
But before going ahead and doing this, I wanted to ask here if someone can say if this new hEX will do full duplex 1Gbit wan connections with a simple setup with just 15 port forwards, which is basically all I need, so no VPN, QoS or similar just a router that can forward my ports to the internal vms..
Anyone?
But before going ahead and doing this, I wanted to ask here if someone can say if this new hEX will do full duplex 1Gbit wan connections with a simple setup with just 15 port forwards, which is basically all I need, so no VPN, QoS or similar just a router that can forward my ports to the internal vms..
Anyone?
System Error Message
Part of the Furniture
mikrotik might be able to accelerate port forwards as well. NAT acceleration for mikrotik works on the connection and not the packets so you can still port forward and than add the connection of the traffic for acceleration. It may not work so you will need to check stats.
System Error Message
Part of the Furniture
well its a bit hard to figure out what will work with it. NAT acceleration on mikrotik bypasses the traffic chain they have. The traffic is accelerated in filters, the port forwarding is done in NAT firewall, packet marking done in mangle."May not work" is not what I was hoping for
In my case i've never really needed to use acceleration as i have the CCR1036 so it'd port forward at wirespeed.
Based on my own writing which seems to pop up on google https://www.snbforums.com/threads/mikrotik-configuration-example.30783/ it seems that the answer is yes. If you catch the packet that is to be port forwarded after the connection is established, used mangle to mark it and accelerate it in filters it might work. I say might because i've always had a hard time checking wither or not fast track is working. However fast track may not necessarily provide full 1Gb/s if used with mangle as even hardware accelerators have a limit.
System Error Message
Part of the Furniture
when it comes to mikrotik, they're very flexible as a router, you just cant use them for anything else without hacking it.
They still have far to go such as implementing dnscrypt.
They still have far to go such as implementing dnscrypt.
A critical performance fix is added in v1.9.7alpha2 for all Cavium based Edgerouter. You might want to give that a try. I can't believe it's only found after so many years..
hEXr3 can do 1000/1000 simultaneously with your workload. Its IPsec can do 500Mbps...pushing the limit of the hardware crypto block in MT7621.
The folks at Mikrotik do look smarter than Ubiquiti so far on system optimisation.
Regarding dnscrypt, just put all your local dhcp clients to Google 8.8.8.8 and be done with it. All fast tracked as well instead of non-ft local connections. Seems to work fine in my case.
Last edited:
System Error Message
Part of the Furniture
many ISPs hijack DNS traffic, DNScrypt is basically a way around it so rather than being forced to use some DNS server you can use the one you defined instead.
Fasttrack might work with port forwarding, i can test next week if i have the space for it.
System Error Message
Part of the Furniture
I just checked, i can confirm that fasttrack does work with port forwarding.
I marked the connection to and from my game server, specifically the game itself which needs to be port forwarded, i than made a fasttrack rule using the connection mark and only on established connections and after testing ip settings showed packets were being fasttracked.
I tested this using my CCR1036, however i cannot confirm if it is accelerated speed wise only that the firmware says its accelerated.
So the blanket rule of fasttrack every established connection will accelerate port forwarded traffic as well. essentially it'd accelerate every tcp/udp on the forward chain.
I marked the connection to and from my game server, specifically the game itself which needs to be port forwarded, i than made a fasttrack rule using the connection mark and only on established connections and after testing ip settings showed packets were being fasttracked.
I tested this using my CCR1036, however i cannot confirm if it is accelerated speed wise only that the firmware says its accelerated.
So the blanket rule of fasttrack every established connection will accelerate port forwarded traffic as well. essentially it'd accelerate every tcp/udp on the forward chain.
Last edited:
Thanks for your input.
I did actually test the updated "patched" version, while it does work for throughput it is simply unstable, and im seeing constant lag spikes when there's any actual traffic through the link, if my usage rises to 10-15Mbit and above without saturating the connection im seeing ping spikes with +50ms, it makes gaming online nearly impossible while having something like torrent running in the background.
I basically just need a stable, well supported router that I can count on will work without random blibs here and there.
Im borrowing an ERX from a friend on Monday, just to test out my system so I can hopefully completely rule out the ERL, he runs it at his house with 0 issues on a 500/500 link so it should run smoothly here aswell, which is my hope.
Might start learning about RouterOS in the case I need to switch, I have loved my ERL though besides these bumps it has been pretty much set and forget.
System Error Message
Part of the Furniture
you can actually manage traffic with the hEX but if you wish to prevent lag spikes you will have to not accelerate certain types of traffic, like torrents for instance. Basically use hardware acceleration for things you need low latency for like gaming, streaing, web browsing.
RouterOS also handles many connections with no issues either. It wont break if you throw too many connections or packets as long as it has the CPU needed for them and the busses arent overloaded, as you can see weird things happen if you do weird things.
The choice between the ubiquiti or mikrotik is simple, If you just need a router than use mikrotik, if you need extra features like installing some software such as htop for instance than use ubiquiti.
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!