Migrate to Mikrotik or other advices ?

[Cedric Duchesne]

Hi all,

My setup is the following:

I'm connected with a Cable ISP with a subscription plan of 400 Mbit down /20Mbit up.
The cable modem is a technicolor in bridge mode.
My actual router is a R7000. Stock firmware. The wifi is little used for a few IoT devices used for home automation.
My wifi is based on Omada with 4AP spread over the house and in the garden.

I've got around 30-40 devices connected. The various server are served by a DHCP with a static lease (around 20 leases). My household is composed of 2 adults and 4 children.... all in the age of consuming youtube, iptv, fortnite on switch. Also since the Covid19, we are both working at home with VPN connections back to our headquarters.

My spouse and children are complaining about sessions drop ...either a jabber session or a fortnite session. I cannot find the reason for this but a potential culprit is the bufferbloat. I did a test and i've got a C grade on DSLReport.

I tried to look for alternative firmware on the R7000 like DD-WRT or OpenWRT

DD-WRT is not stable, i had freeze happening on the router that i cannot explain. syslog does not show anything. I've tried multiple version and difficult to select the correct one.

OpenWRT does not support wifi with the R7000.

So, as i want to improve my HomeNetwork, i was looking to replace the R7000 and use a dedicated router.... but i do not want to invest 300€ on this. I've seen the mikrotik HEX and the test on SNB are positive but i see that it ranks below the R7000 .... so does it make sense to invest in the Mikrotik ? moving with OpenWRT on R7000 would give me more performance than the mikrotik ? (knowing that openwrt does support the SQM QOS that Mikrotik does not)

Any other advices of platform ?

Thanks

 

[Trip]

Yep, I'd yank that R7000 in favor of an SQM-capable wired router. Besides the noticeably better stability for your "wired core", you'll also standardize your wifi access on a single Qualcomm product -- two very good things in one move.

Regarding a router/firewall choice, the main question is what are you looking to do on the box? If it's just QoS/shaping and little else, Mikrotik or Ubiquiti could work, but if you're thinking you may want point-and-click access to a lot of other services (OpenVPN, IPS/DPI, access control, reporting, etc.) you might want to think about a more fully-featured/extensible distro like pfSense, OpenWRT, Untangle, etc.

Regarding Mikrotik in particular, RouterOS may actually not be the best choice for de-bloating, as it lacks modern qdiscs (codel, fq_codel, cake, piece_of_cake) that underpin much of what make's SQM, well, SQM. Instead, you'd have to build your shaping/queuing schema manually, via PCQ and queue trees; doable, and you can likely get yourself to "A"-status on DSLReports (I've done it in the past), but a fair bit more complex, and the results likely won't be quite as good at ensuring per-flow/host fairness under all conditions. So I would probably lean more towards Ubiquiti, or an SQM-capable distro like OpenWRT.

Regarding hardware choices, for 420Mb/s, you'll need at least a 1Ghz+ MIPS or ARM 64 embedded device, Qualcomm-based (no Broadcom binary blobs), or x86 (Intel Celeron or its AMD equivalent, or better). The EdgeRouter 4/6P/12/12P platform would just be able to handle it. A UniFi Dream Machine / UDM Pro will do 1Gb+ of SQM, but is likely out of your budget, and since you're running Omada, makes little sense there as well. A Mikrotik RB3011 would be their baseline-minimum (a HeX isn't powerful enough), but has the software limitations mentioned above. That leaves us with community distros. For SQM in particular, I'm partial to OpenWRT, as it has the most options and best kernel integration for maximally effective de-bloating. For a Qualcomm SoC, I'd go IPQ80__ series, mainly the Netgear R7800 (wifi off, antennas removed), or for x86, whatever is cheapest -- PC-Engines APU2, Qotom mini PC, used PC + Intel NIC off eBay, etc.

So there are your options. I'd personally lean towards OpenWRT on x86 hardware with Intel x210 or better NICs, if you can get the hardware cheap enough. I think you'll find the results to be superior.

 

[tarassippo]

I tried to look for alternative firmware on the R7000 like DD-WRT or OpenWRT

Have a look at FreshTomato: http://freshtomato.org/

 

[ddaenen1]

I can highly recommend pfsense on a dedicated 2nd hand server like a Dell R210 (Intel Xeon X3430 with 16GB ECC RAM) or something like that. I have gone all the way from a Linksys EA4200 to an Asus RT-AC88u on consumer product followed by an Ubiquiti ERL4, Mikrotik RB2011, RB3011 to now pfsense on dedicated server. Whilst the ERL4 was ok (difficult to configure) the Mikrotiks were way better imho but nothing beats pfsense. It is rocksolid, bunch of features, extremely customizable and very easy to configure. I now run it for about 4 months with several packages such as acme and HAproxy for external SSL access to my Nextcloud server and pfblockerNG to filter out some crap. Highly recommended.

 

[coxhaus]

pfsense is a solid performer when I ran it. I just don't like the way it interfaces with other routers one being my L3 switch and you need to test it a lot as things change. pfsense will probably have more bells and whistles than any other router software out there but will require more patches.

If you want something easy to configure and a solid performer the Cisco small business routers, wireless and switches fit this bill. The switches not the easiest to configure but they are menu driven and for die hard fans you have CLI. Something like the Cisco RV260P and a couple of Cisco WAP581 wireless units would make a simple to setup system which is reliable as it is a small business network. It will probably go over your price point. But by the time you buy your second all-in-one router you will have caught up money wise. And you will have had a stable system that runs like an appliance just running in the back ground.

 

[Deepcuts]

Go for Mikrotik.
It has anything you need and then some.

 

[Cedric Duchesne]

Hi,

Thanks all for your answers.

I've bought on Amazon the Mikrotik HEX. I will flash with OpenWRT (to profit of the SPS features) and give it a shot to see if it can handle the traffic. If not, as suggested by Trip then i will return it. The next in the queue would be Cisco then. I've been working with cisco when i was young network engineer so i'm used with their CLI.... even though it might have changed since my last design in 2006 getting old here I could replace part of the power injectors used for the omada EAP and replace my TP link switch... all in one shot. I've not yet looked at the QOS method that they are using.

I had a look to the pfsense but running this on an old server like the R210 ....not really eco power friendly as compard to an ARM.

 

[Deepcuts]

So you want to flash OpenWRT on a Mikrotik, play with it and in case you don't like your toy, return it? You do realize this will void your warranty?
For your measly 400 Mbit down /20Mbit up, ANY Mikrotik will work just fine. Even if said Mikrotik just got ran over by a car then used as a puck by some Canadians.

 

[Trip]

I've bought on Amazon the Mikrotik HEX. I will flash with OpenWRT (to profit of the SPS features) and give it a shot to see if it can handle the traffic. If not, as suggested by Trip then i will return it.

I never suggested the above, nor that the HeX would be powerful enough. I'd maybe use the HeX as a test bed for RouterOS in general, but I wouldn't load OpenWRT, because unless you really know what you're doing, you may be returning a non-resalable item. Amazon may not notice, nor care, but Mikrotik would. For OpenWRT with requisite power, move to an R7800 or x86, as I did suggest.

For your measly 400 Mbit down /20Mbit up, ANY Mikrotik will work just fine.

No, any Mikrotik will not work just fine. 420Mb of queueing and shaping requires routing in-software via CPU and the MT7621AT in the HeX is not powerful enough to queue/shape that much traffic. He'll need an RB3011, at minimum.

 

[Cedric Duchesne]

I never suggested the above, nor that the HeX would be powerful enough. I'd maybe use the HeX as a test bed for RouterOS in general, but I wouldn't load OpenWRT, because unless you really know what you're doing, you may be returning a non-resalable item. Amazon may not notice, nor care, but Mikrotik would. For OpenWRT with requisite power, move to an R7800 or x86, as I did suggest.
No, any Mikrotik will not work just fine. 420Mb of queueing and shaping requires routing in-software via CPU and the MT7621AT in the HeX is not powerful enough to queue/shape that much traffic. He'll need an RB3011, at minimum.

Hi, sorry if i did not express myself correctly. When i said "if not, as suggested by Trip".... i meant ... if the router cannot follow the traffic as you seems to suggest... my idea was to return it... of course with RouterOS and not OpenWRT.... I didn't know that it was handling all in CPU so i will revise the situation.

 

[Trip]

Right on. No worries. More than anything, I didn't want to go that route and suffer for it right off the bat.

 

[Cedric Duchesne]

.... What about the Rpi4? Either with trunking on the native ethernet (preffered method).... or with the native ethernet and a wifi USB adapter (on USB3).

I've seen some perf result and not bad at all. And you can always repurpose a Rpi4.

What do you think ? Any experiences ?

 

[Trip]

Well, you're of course welcome to give it a shot if you'd like to tinker. I guess it depends on how badly you just want a solution in place. If it's more of a fun project and you don't have to care as much how/when you get this all done, then sure thing, go for it. If, however, you'd just like to get something in place and be done with it, I'd probably look elsewhere. Lol, I hope I'm not bursting all your balloons here; just want to see you get the right solution in place, even if it does cost a bit more.

 

[coxhaus]

Hi,

Thanks all for your answers.

I've bought on Amazon the Mikrotik HEX. I will flash with OpenWRT (to profit of the SPS features) and give it a shot to see if it can handle the traffic. If not, as suggested by Trip then i will return it. The next in the queue would be Cisco then. I've been working with cisco when i was young network engineer so i'm used with their CLI.... even though it might have changed since my last design in 2006 getting old here I could replace part of the power injectors used for the omada EAP and replace my TP link switch... all in one shot. I've not yet looked at the QOS method that they are using.

I had a look to the pfsense but running this on an old server like the R210 ....not really eco power friendly as compard to an ARM.

The Cisco RV260P and WAP581 wireless do not have CLI. They are menu driven. The setup is done for you with a short wizard. It just needs to know your ISP connection all else is setup for you by Cisco' wizard.