router recommendation/questions, dual WAN

[EngChi]

Any thoughts/recommendations on below?

existing network
ISP (cable 500/50) -> Mikrotik RB 750G r3 (https://mikrotik.com/product/RB750Gr3)
-> Unifi Switch 24 -> 3x AP-AC-Pro
-> Brocade IXC 6450 as primary switch
-> 10Gb link to NAS , 10Gb link to Domain controller
-> 1Gb to everything else (gaming PC, video workstation, network tuner/printer/voice/nvidia shield/3 nas/etc)
Desired functionality
2 ISPs (500/50 and 100/10) - failover/load balancing
ability to filter out ad networks (DPI?)
budget $200-300
brand preferences - i have both Mikrotik and UBNT and had no issues with either. other brands if they are best options


Questions
1) could Hex handle two ISPs with 600Mbs link or should I upgrade?
2) any of the shelf recommendations (Mikrotik RB4011iGS+RM ? UBNT edgerouter model?) I do not think unifi has anything in the same price range and functionality I want and there is no news for refresh of the USG
3) if I roll my own (pfsense) , what would CPU requirements be? I have a dual core Qotom laying around with 3215U CPU which I do not think would handle it.

Thank you

 

[netwrks]

Pick up an Ubiquiti ER4 (all routed ports - no DPI). Pick up a couple of raspberry pi's and run pi-hole. Ads go way..

 

[dosborne]

Pick up a couple of raspberry pi's and run pi-hole. Ads go way.

+1 on this but I don't see the need (from this posting) for more than 1 RPi. I run a multi-homed Pi-Hole to handle my dual NAT setup, as well as running a webserver and other services on the same unit (3B+).

Not saying you shouldn't get more than one as they are fun to have and versatile

I did also like having multiple Raspberry Pi Zero W's with the USB Stem so that I could plug it into the back of the router for distinct services on that particular network, but ultimately decided it was easier to maintain a single primary unit and rsync to a backup.

 

[EngChi]

Any reasons to use dedicated Rpi hardware for the pihole vs installing it as a package within VM (Debian, etc) ?

I already run internal DNS server as part of the Win 2016 domain and can easily stand up the VM to host pihole package and use VM as DNS forwarder for resolution?
I do have a mini VM on the server running unifi controller over Debian... not sure if I would install it there or create another one just for pi-hole

 

[dosborne]

IMO a VM solution would be fine as long as the hardware can handle it. My personal preference is to keep things as simple as possible. One piece of hardware for as few services as makes sense. i.e. my NAS performs file sharings services only. My router, well, routes (ok, and a few other things like DHCP) I have numerous raspberry pis that run single (or very few) services. New service, such as pi-hole = a new RPi.

I *could* run 10 web servers, DHCP servers, Samba servers, media servers, database servers, torrent hosting and literally hundreds of other things all on my NAS. I'm confident this would ultimately be bad Consolidate services where it makes sense and hardware permits.

 

[netwrks]

I suggested 2 pi's as I have experienced pi-hole weirdness, that brought DNS down on my network. Two is better than one. just add the pi-hole ips to your dns forwarder. If you want to go with a VM instance, that is good also.