What's new

Why shouldn't I get a Ubiquiti EdgeRouter X?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Nullity

Very Senior Member
I wanted to get a Cisco 891 or 897VAB, but Cisco just seems like too much of an ordeal for home use. I have fallen in love with the Cisco IOS CLI though, and the Ubiquiti EdgeOS seems to have a very similar CLI.

I was considering the ERL, but according to what I've read the ERX actually performs better when traffic-shaping is implemented (~150Mbits, iirc). I only need 50/8Mbits of throughput.

For just $50, the ERX lookjs like a steal. Also, I think the device will be less of an eye-sore while also being a more frugal device when compared to my pfSense PC with a power hungry Pentium D.


All comments are welcomed.


PS - The ERX has fq_codel and may even get "cake" in the future. :D
 
Theres also mikrotik with their boards that have mini PCIe, SFP and such. Still its really up to you to choose between the 3 brands and i like the low power consumption when performance isnt needed which both ubiquiti and mikrotik have.

Im not 100% sure what CPU the ERX uses whether it is the typical 32 bit MIPS or the same dual core 64 bit MIPS as the ERL and such but it seems very much to me that the ERX is a competitor to the RB450G just as the ERL is to the RB850gx2 and the ERPRO to the RB1100AHx2. The RB450G is outdated and has newer and better alternatives though like the RB750gsomething that is new and uses only 4W.

I always think mikrotik as a hardcore router(excluding cisco stuff) and ubiquiti as a versatile router that can also be used as a mini server still i am not able to reproduce my network settings that i use on mikrotik on ubiquiti for my network architecture as i bridge between layer 2,3 and 4 so the same interfaces tends to be part of multiple networks. On linux this is possible while on ubiquiti this isnt (they try to be user friendly by limiting options). Other than that they have different interfaces and capabilities.

In terms of reliability the ERX uses flash storage and not usb storage like the ERL so i dont see any issues with reliability other than PSU. If you go with cisco make sure it is the configurable variant that lets you do all sorts of things as well. I really think this is a question of price, needs and hobby since you do networks as a living you may want a cisco at home to use to tinker with.

The other option is get both the cisco and the ERX. You could always have your own shelf of cisco hardware collections all plugged in and ready for tinkering :p.
 
My preference is CLI over GUI, which aligns well with EdgeOS, being a fork of the completely CLI VyOS.

Does Miktrotik have a powerful CLI?

pfSense annoys me with the GUI-centric configuration. The CLI is almost useless.


The Ubiquiti forums are quite busy, which is great. With just a quick browse I found an example of the main CoDel developer working with Ubiquiti to implement fq_codel and related Linux kernel features. Very cool.

Are the Mikrotik forums good?
 
My preference is CLI over GUI, which aligns well with EdgeOS, being a fork of the completely CLI VyOS.

Does Miktrotik have a powerful CLI?

pfSense annoys me with the GUI-centric configuration. The CLI is almost useless.


The Ubiquiti forums are quite busy, which is great. With just a quick browse I found an example of the main CoDel developer working with Ubiquiti to implement fq_codel and related Linux kernel features. Very cool.

Are the Mikrotik forums good?
mikrotik has CLI too and CLI is actually their main way of doing things in their tutorial. The only thing mikrotik forum doesnt cater to is what makes mikrotik routers great such as if you wanted to defeat active NAT detection without using a proxy server. Although i believe ubiquiti forums offer better support as ubiquiti focus more on consumers than mikrotik which focuses more onto businesses and ISPs. In terms of basic config support both forums offer equal support. Even from my experience ubiquiti staff do reply on forums for unusual things relating to their routers but on a mikrotik forum dont expect a response for something unusual.

Although mikrotik has CLI and SSH their default interface is GUI so to use CLI you have to login via GUI first and enable SSH or bring up the terminal from winbox. Mikrotik software lacks non windows OS compatibility such as their winbox and bandwidth tester but their winbox has the advantage of operating on almost any network such as layer 2, ipv4 and ipv6 so if you get locked out you can still login using layer 2 winbox to the router and fix the problem. This means you do not need to assign an IP address to manage the router but layer 2 requires being on the same network. Their winbox software can also find mikrotik routers as well in the network. Ubiquiti lacks this kind of software so they rely on SSH and web but if you make a mistake you would have to reset the router. Mikrotik's winbox has safemode that will rollback changes automatically if winbox loses connection to the router.

I think the choice is really between a hardcore router(mikrotik) or a mini server as you can run MIPS compiled debian packages on ubiquiti edgeOS. OFcourse if it is within your budget you could get 2 or all 3 routers (cisco,mikrotik and ubiquiti) and be happier. For QoS on mikrotik it involves creating a bunch of rules in a tree like hierarchy using different algorithms and you would divide your traffic into a few simple trees instead of one big complicated trees. Having the rules as a tree to use different algorithms. I would like to help you more in how routerOS does QoS but i lack a proper testing ground for it as my ISP does the NAT and such so i the best i can do is use priorities on layer 2 using the layer 2 and 3 firewall working together with layer 2 QoS (standard routerOS QoS wont work on layer 2 but layer 2 firewall can assign priorities that help for the gateway). So while my ISP doesnt perform QoS the gateway they use supports QoS. If i had to use NAT i would've had a standard QoS setup as an example for this forum. On mikrotik QoS can be done using both QoS and firewall. Firewall can limit packet rate if you plan to drop additional packets or route them differently and QoS to handle managing their speed. You can also adjust buffer sizes on mikrotik QoS. Each que can have its own buffer but by having multiple non related simple ques you can have a large buffer for things like web and high priority but no buffer for games and VOIP.

Edit: Some mikrotik features are CLI only such as wake on lan and configuration backups. A mikrotik configuration backup is a file containing a bunch of CLI commands so you can edit a backup. Every GUI feature on mikrotik can be done using CLI.

Current faults i see with mikrotik are buggy file management (they are a hardcore router), cisco features on it not very reliable in performance and ubiquiti has better support.
 
Last edited:
This means you do not need to assign an IP address to manage the router but layer 2 requires being on the same network. Their winbox software can also find mikrotik routers as well in the network. Ubiquiti lacks this kind of software so they rely on SSH and web but if you make a mistake you would have to reset the router. Mikrotik's winbox has safemode that will rollback changes automatically if winbox loses connection to the router.

The Edgerouter line has a feature called Commit-Confirm
If you invoke it when applying changes over the CLI it will revert back after a specified period of time.

For example
commit-confirm 5 means if you don't confirm again after 5 minutes the router reverts the commit.

Another is a user created wizard called MAC-Telnet:
http://community.ubnt.com/t5/EdgeMA...ture-to-the-EdgeMax-Web-UI/td-p/623431/page/5

It basically allows you to connect over Layer 2 by mac address instead of IP (exactly like the mikrotik winbox)
 
I guess you know the Cisco 891 has reached end of life for software updates as of July 2015. You might be better off with the ERX or ERL since they are actively developing for them.
 
I guess you know the Cisco 891 has reached end of life for software updates as of July 2015. You might be better off with the ERX or ERL since they are actively developing for them.

When do software updates end? The IOS build running on my 877 has a release date of March-2015, and the 877's EOS was December-2012. The "End of SW Maintenance Releases Date: HW" is Dec-2012 as well... why are they still releasing updates? I don't understand.

The 897VAB would be great, but for $1500, I can only dream.

I was reading that the ERL can run OpenBSD, which is pretty darn cool.
 
The ER-X and -X-SFP use a 32-bit 1004Kc MIPS dual-core, 880Mhz per core (CPU spec page, second model down).
The ER-Lite and PoE-5 use a 64-bit Cavium CR-5020 dual-core, 500Mhz per core.
More or less -- lower bit space, higher clock vs higher bit space, lower clock. Six of one, half-a-dozen of the other. ;)

For running the fq_codel+HTB based QoS that UBNT has created, the ER-X should actually offer slightly higher throughput before redlining, while the Lite and PoE-5's are a bit better suited for higher aggregate routed throughput alone. The ER-X is basically a single switch group that shares a 1Gb lane to the CPU, while the Lite has a dedicated lane for each port (and the PoE-5 the same, with the last 3 ports sharing a lane), if my memory serves me right.

An important point that SEM brought up in the onboard flash is a proper soldered chip on the -X and -X-SFP, vs the somewhat goofy USB module on the Lite and PoE-5. Theoretically, this should mean a bit better reliability on the -X/-X-SFP. There are many accounts of the USB flash units failing on Lite's and -5's, and I'm not quite sure they've yet gotten off their butts and issued a "v. 2" of the hardware with fixed flash units. Here's a page detailing a fix, and it appears many admins are now just replacing them right off the bat.... quite embarrassing for a supposedly "carrier grade" model... lol.

Anyways, for a 50/8 line, you could go either way. I tend to lean towards the ER-X, though, as the higher port count and lower price point tend to be a better fit for the SMB installs I do.

Re- Mikrotik, the economy embedded space is their bread and butter, so for every option that UBNT has, 'Tik usually has an equivalent, and then some. Both have very capable CLIs, albeit different nomenclature that one would have to learn.

I don't really see a wrong choice in anything you're looking at, but for bang-for-the-buck coupled with ease-of-use, I think it's the ER-X all day long. :)
 
Last edited:
Being that I do not run heavy, UTM-related services, the extra RAM offered by the ERL is mostly unneeded, yeah? (512 with ERL vs 256 with ERX)
 
I'd say you'd be fine... My ER-X's typically never move much above 25% or so of RAM, and that's with Smart Queue QoS, a couple dozen firewall rules, a switch group and a few other things running concurrently, at 50-100Mb/s of active traffic. Obviously, if we're looking into VPN and/or UTM, etc. all done on the box itself, different conversation, but short of anything like that, you should be good to go with plenty of free overhead. :)
 
When do software updates end? The IOS build running on my 877 has a release date of March-2015, and the 877's EOS was December-2012. The "End of SW Maintenance Releases Date: HW" is Dec-2012 as well... why are they still releasing updates? I don't understand.

The 897VAB would be great, but for $1500, I can only dream.

I was reading that the ERL can run OpenBSD, which is pretty darn cool.

http://www.cisco.com/c/en/us/produc...series-routers/eos-eol-notice-c51-730680.html
 

I was looking for help deciphering what the Cisco-speak means.

Apparently "End of SW Maintenance Releases Date: HW" (Dec-2012 for 877) does not mean what I think it says, because my 877's IOS release date is March-2015, well past when I thought IOS releases would have ceased for the 877.

By my understanding, the "Last date of Support" is the actual date where there are no more software releases. This would mean the 891 has until July-2019, which is acceptable.

Like I said though, I am confused and assume I am incorrect. Any clarification would be appreciated. :)
 
What I think is there will be no more testing and no more fixes for issues. If there is a major hack then you may see a software patch but I would not count on it. This is what they state as of July 3,2015
"The last date that Cisco Engineering may release any final software maintenance releases or bug fixes. After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software."

I do like Cisco products but I would not want a product which does not have active development.

I just bought a Cisco RV320 router used off eBay at a good price, cheaper than the ERlite. It works fine with my layer 3 switch and is rated faster than the ERlite here on this site. Others have informed me that the new IOS on the ERlite is much faster now. So I don't know if I made the right decision. I had a problem at first with the RV320 router which turns out to be my error. I had gotten use to these small routers allowing all LAN traffic to flow through the WAN port but the RV320 works more like pro gear and all LAN traffic needs to be setup to flow out the WAN port as all traffic is not allowed out to the internet until you specifically allow it out with a ACL.
 
for a router like mikrotik or ubiquiti 128MB is the minimum for using advanced features in your routing setup on a low end router. More ram is needed if you plan to use many routes or BGP which is basically some sort of layer 3 routing stuff that stores routes. Storing lots of routes or connections is what needs ram but to use 100MB of ram for connections would mean having like a million connections to support simultaneously.

The SFP port is very useful to have if you ever plan to get fibre optics or something that has an SFP module for it because it means you wont need a modem and thats more power saved.

The cisco RV series is usually unstable.
 
Last edited:
This thread is an interesting read :)

The dual-core 500MHz Cavium CN5020 (link to brief data sheet) in ERL looks interesting. It has an integrated coprocessors for application acceleration
  • Packet I/O processing, QoS, TCP acceleration
  • Support for IPsec, SSL, DH, SRTP, WLAN security,DES, 3DES, AES (up to 256-bit including GCM), SHA1, SHA-2 up to SHA-512, RSA, ECC, KASUMI, and Data-at-rest security (AES-XTS)
With h/w acceleration enabled, people found IPSEC VPN could reach sustained 150Mbit/s. With h/w acceleration off, it's about 60Mbit/s sustained. To put the numbers into perspective, a 1.4GHz ARM Cortex A9 reaches sustained 70Mbit/s with OpenVPN.

ERL is appealing to users with a 100Mbit/s full duplex WAN at home and VPN is a priority.

The dual-core 880MHz MIPS 1004Kc in ERX is a MediaTek MT7621AT (link to wikidevi). As a SoC, it looks more feature rich than CN5020. E.g. it has 6 GbE links, 3 PCIe links and 1 USB3 link to the CPU. CN5020 only has 2 GbE links and 1 PCI (the old 32-bit, 66MHz, parallel).

Worth noting that the very similar MT7621S is used in ASUS RT-N56U. The "S" chip perhaps comes with fewer GbE link and minus USB3. We may get a sense of routing and VPN performance by looking at N56U. Though EdgeOS could perform better with voodoo in its DNA.

If I were going to try EdgeOS, I would probably go with ERL. Its processor isn't commonly found in consumer routers. That's not to say ERX isn't an attractive offer.
 
The Cisco RV320 and RV325 have very good NAT thoughput at 900 Mbps This will support your 50/8Mbits .

The RV320 is running the same Cavium 5020 as the EdgeRouter Lite but at 3/5ths the clock speed and with half the RAM. The firmware and (possible) customer support is the real differentiation.
 
The RV320 is running the same Cavium 5020 as the EdgeRouter Lite but at 3/5ths the clock speed and with half the RAM. The firmware and (possible) customer support is the real differentiation.

Wow. So you are saying the Cisco's program code is that much tighter and faster since it ranks higher in the router charts and runs in less RAM at a slower CPU clock speed?
 
Wow. So you are saying the Cisco's program code is that much tighter and faster since it ranks higher in the router charts and runs in less RAM at a slower CPU clock speed?
The fastpath/hardware acceleration has almost nothing to do with RAM or CPU.
Once you turn on QOS or anything else that disables it (on both the cisco and ubnt), performance drops significantly.
But you knew that already. ;)

As a caveat, take a deeper look at the simultaneous Up/Down.
ER3 : 1307 mb/s
RV320: 832 mb/s

I personally was able to get an ER3 to push closer to 1900 mb/s (aggregate over all 3 ports).
So something is different.
 
Similar threads
Thread starter Title Forum Replies Date
B Logging inbound connections on Edgerouter X Routers 1
C OpenWRT on EdgeRouter Lite 3 Routers 5

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top