I have just been getting into Mikrotik recently and i have for a long time I’ve always just used routers with having routed ports going into a switch and then handling the switch after that. But i was wondering if it would be doable to just add the ports on this router to the bridge and then connect to remote switches from there. I usually use the CRS328-4C-20S-4S+RM or the CRS317-1G-16S+RM for the core switch when I’m doing my larger event networks.. and in some case we have like in a stadium. Switches we out out in all the IDFs… So if at the core? I only had a CCR2004.. running to the different IDFs to CRS317s rather then always having a a CRS317 at the core as well, would it be alright to just set up all networks on the bridge vs. per port. ?
Thank you
In the simplest way I’m asking if bridging the ports is a bad idea using ccr2004 as a switch as well or should i just add a CRS3XX? Switch to the core?
How much throughput are you expecting? The CCR2004 maxes out at roughly 19-20Gbps on both routing and bridging. If you’re only pushing around a gigabit or two through all the ports combined, you’ll be fine and have no need for a separate switch.
If you’re doing straight-up routing (no firewalls, no NAT, no MPLS), the CRS317 can route at wirespeed with L3HW offload, so you’d have no need for the CCR2004 (or RB4011 or RB5009).
I recommend using 7.4.1 for Layer 3 Hardware Offload. I’m using it on CRS310’s, CRS317’s, and CCR2116’s.
I’m going to be doing about 2 gigs and routing dhcp (4k users or so.. could be more could be less) nat, firewall (but really basic) and WireGuard tunnel for management.
2Gbps for 4K users? I guess you mentioned it’s event work, so not the same as traditional home or business customers, where the average is 5-7Mbps per user.
It sounds like the bandwidth comes into the CCR2004, then you’d distribute to up to a dozen switches around the facility, and from there to the AP’s and so on.
The 2004, along with its quad-core brothers, the 4011 and 5009, should be good for 3-5Gbps with firewall and NAT. The 2004 should be able to do a little more.
Also, using the SFP28 ports for uplinks to the ISP and the SFP+ ports as downlinks to customers yielded the best CPU performance in my testing.
Correct there will be a lot of PoS machines doing small transaction and employee devices that just need messaging service. I assume some light social media.. 20% or less would be production offices. Emails and what not.. I was wondering how the dhcp on the 2004 would hold up..
Question .. in my case I’ll end up with (2) 1 gig hand offs and I’ll 10gig everything below the CCR.. should I enable flow control on any of the interfaces ?
Question .. in my case I’ll end up with (2) 1 gig hand offs and I’ll 10gig everything below the CCR.. should I enable flow control on any of the interfaces ?
i think CCR2004-1G-12S+2XS is a niche product aimed to replace another niche product, the CCR1016-12S-1S+
what niche? In a role that can be described like a Simple Distribution Router with all the interfaces in fiber
in this context the CCR2004-1G-12S+2XS meet its main goal, which is to serve as an upgrade for CCR1016-12S-1S+ whit same power and space footprint
is when you try to use this device in a different scenario that you can hit its limits easily, mainly because is not strong in scenarios requiring heavy CPU processing, in fact can be scenarios where CCR1016 can be slightly more capable
in comparison with CCR2116/2216 does not have integrated ASIC for switching so dont support neither L2 HW offload nor L3 HW offload
Many people find CCR2004-1G-12S+2XS attractive because of the price, plus the ammount of SFP interfaces, plus an opportunity to save the purchase of a switch, and the space and power related to it and…
most the time they really need a ccr2116 maybe plus a fiber switch
After reading this, should I be a little concerned about its ability to handle all those dhcp requests and netting, and any comment on the flow control with the uneven wan to lan links ? Sorry I know im just digging and digging more, but I was hope to solve my “big” router for big events issue.. Was hoping to get a few more of these if that were the case.
DHCP is nothing, especially if you set the lease times long enough (12-24 hrs, up to a week). You could serve DHCP leases from pretty much anything that MikroTik makes.
Flow control won’t make a difference unless you start maxing out the ports. This router is less about constantly providing 10Gbps to every port and more about having “multi-gig” available (anything over 1 but usually less than 5). For example, I’m redeploying mine as site routers for new sites with 4-6 x 2.5Gbps radios + 2-10Gbps uplinks. Even with all that capacity, and all radios maxed out with subscribers, the average utilization would hover around 500-600Mbps per site. The 10Gbps ports mean that individual radios can burst over 1Gbps when needed.
I think your use case is a fine fit. It will probably run at a constant 20-30% load with firewall, NAT, and 2Gbps of traffic. You can estimate about 7-10% per 1Gbps of traffic.
As I mentioned earlier, I was able to get up to 19Gbps through the router (19 in, 19 out) in a series of tests with two CCR2116’s as the traffic generators. The test had simple routes and no firewall/nat rules. I used to use the same 2004 as a border router to handle BGP, firewall, some NAT, and 1-2Gbps of traffic for hundreds of customers, before upgrading to the 2116.
Once you exceed 5-6Gbps of constant traffic or 60-70% of CPU load, I’d consider an upgrade to a 2116 for routing/firewall, combined with 317 for port density.
