Confused with Mikrotik HW options.

dalben · October 9, 2023, 12:12am

This is a follow on from this post: http://forum.mikrotik.com/t/moving-from-usg-to-mikrotik/170138/1

Looking for some thoughts on which device makes the most sense for my needs. It’s a home setup where I work from home. 2 x 1Gb WAN circuits with the intent to have one WAN circuit for my work devices when working from home, and the other for the rest of the house’s devices. I don’t need to max out my WAN circuits and I don’t need to have the latest CPU with large RAM, but this is not about needs, it’s about wants.

I don’t need WiFi as there is an AP near where the router will sit. 1 x POE Out would be perfect (to power said AP). I don’t need 10Gb WAN capability today, but it could be something I do when the costs come down. I doubt my firewall rules will be anything too taxing.

The Hex S looms ok but the CPU and RAM, please real-life accounts have me thinking it might not handle 2 x 1Gb WAN fully. But it might be the low entry cost to become familiar with Mikrotik until I upgrade.
The RB5009 looks future proof and can handle anything I throw at it. But it’s either no POE out or all POE out. Getting POE out on this model pushes the costs above what I wanted.
The L009 Series had me excited until I saw the CPU and RAM specs. Not sure where this device is meant to sit in the lineup.
The hAP ax² ticks most of the boxes at the moment, but it has the WiFi I don’t need and might not be future proof. I’m also assuming that with wifi deactivated, the CPU/RAM will dedicate itself to routing and switching.

I’m now caught in that loop where I start at the Hex S and slowly step my way up the chain until I reach the RB5009UPr+S+IN, but then it’s an overkill and expensive so the loop starts again. Now that I have written this post out, the hAP AX 2 looks like the device I will go for despite not needing the Wifi as it fits the other criteria and isn’t too much of an investment that will prevent upgrading later. But if the RB5009 series had a model with a single poe out, then that would be the standout winner.

Being new to Mikrotik, how often do they kick out different models of the same series with added features? Is there a possibility a new RB5009 series will come out with a single poe out? It seems odd that this series doesn’t have that option when many of the other series do.

If anyone isn’t confused by the above, is there any downside to the hAP ax² that I am missing? It seems to have most of what I want without being an overkill.

Edit: To add, the lack of USB port on the hAP ax2 is another con as I liked the idea of being able to run a PiHole instance in the router. But the SFF balances that out.

tl;dr there isn’t a router that has all the capabilities and features I want, so I’m conflicted.

normis · October 9, 2023, 5:27am

hEX S is an older device. The hAP ax2 is much faster in every way. You don’t have to disable the WIFi, it will take nothing away from the performance. Why not use this as the step into mikrotik world, plus as a bonus, also test the WIFi. The only drawback is that PoE in and Out are both on the first port (same with hAP ax3, but that one does have USB)

dalben · October 9, 2023, 5:44am

Yeah, I just ordered the hAP ax2. The PoE out was to drive a U6-Lite, but I don’t think the hAP can push out 48v, If the hAP ax2 wifi, sitting in a small shelf, can outperform the ceiling mounted U6-Lite then I might use the wifi as well. If not, it will just act as a router for now.

gigabyte091 · October 9, 2023, 5:49am

Well, router is not something you will change every year so I believe that it’s maybe better for you in the long run to go with RB5009 with PoE. I was also in this dilemma and at the end I bought RB5009 PoE version and combined with 2 cAP ax’s it’s pretty powerful setup. It was over my budget but now I have pretty much future proof router that is capable of handling everything that is thrown to him. (At least for my needs)

Now you will buy for eg. ax2, or ax3, and then you need poe switch, and if we put VLANs into a mix you need managed poe switch so maybe it’s better to just save a little bit more money and buy RB5009. HexS can be used for learning purposes.

normis · October 9, 2023, 5:51am

Nice! Let us know if you need any help setting it up. Out of the box it should be usable for most setups, it will have a password (it’s on the box and on the device). For windows use winbox (https://mt.lv/winbox64), you can also use the mikrotik smartphone app for the initial setup, it can be easier with the step by step wizard

mkx · October 9, 2023, 5:53am

You’re right, it can’t. All MT devices can only provide PoE out voltages same as received from power supply, none (apart from RBGPOE_CON_HP which is entirely different beast) are doing voltage conversions. And since hAP ax2 can only take power supply up to 28V volts, PoE out with 48V is out of the question.

mkx · October 9, 2023, 5:59am

And regarding routing performance: I’m with @gigabyte091 here. While hAP ax2 will be able to route at 1Gbps for IPv4 (because it supports fasttrack), it likely won’t be able to do so with dual WAN … and it definitely won’t do it for IPv6 (where fasttrack is still missing). My hAP ac2 (older device, but according to official test results its routing performance should be similar to hAP ax2 performance) can fill up my 1Gbps WAN (PPPoE even) without much sweat, but it peaks at around 300Mbps for multi-connection IPv6 tests. RB5009 should handle it much better, possibly even doing 1Gbps IPv6 routing. If MT introduces fasttrack to IPv6 eventually (no sign of it so far), then it’ll be a huge bonus … at that time.

A bonus: RB5009 can take up to 57V from power supply (you need to purchase appropriate power adapter though, supplied PA is 24V part), so it can provide 48V on PoE out …

dalben · October 9, 2023, 6:46am

In reality I can’t think of a situation where I will be saturating both WAN links other than running concurrent speed tests. But in saying that it would be nice to know I could do it if I wanted too, just because, well, because I can.

I’ll start my MikroTik affair with the hAP ax2, it does most of what I want, in a SFF and lower price. Seeing the USG is still working for now, it allows me to spend some time becoming familiar with a MT setup and slowly port vlans from the USG across to the MT and being able to quickly roll back with a quick swap of cables (I hope). But there’s no doubt in mind mind that if I get everything working the way I want and the MT performs as I expect, I’ll be looking at getting the RB5009 within the next 12months.

gigabyte091 · October 9, 2023, 7:13am

In that case your ax2 can be CAP, and your RB5009 if you buy it can be capsman controller. I have no doubt that you will be satisfied with your ax2, it’s a great little device.

Here you can find excellent tutorial for new users: https://forum.mikrotik.com/viewtopic.php?t=182373

It’s a lot of reading, ROS is not the simplest to learn but once you learn more you will see how powerful it is.

Basic thing to do is to configure one port off the bridge so you can do configuration without fear of locking yourself out of the router.

dalben · October 9, 2023, 7:20am

My APs and switches are all Unifi and I’ll keep those for the foreseeable future, I think. But the hAP AX2 won’t go to waste, and I might, as you suggested, use it to start learning the MT WIFI ecosystem.