We are implementing a private APN to route traffic from ~200 SIM cards into our infrastructure. The goal is to direct SIM traffic to ~10 different public internet egress points. The project will use CDA_GREoIPSec from the cellular operator.
A central router will terminate the GREoIPSec tunnel, handle policy-based routing, and send traffic over WireGuard tunnels to VPS-based egress nodes.
At least this is the basic idea we are working to achieve.
Hardware decision - we are thinking CCR2004-16G-2S+ or CCR2116-12G-4S+.
To be extra safe, let’s assume 500Mbps continuous aggregate traffic. CCR2004 will handle the IPSec tunnel without breaking a sweat. My concern centers on policy-based routing and WireGuard tunnels to egress nodes.
Would CCR2004 CPU be overwhelmed by the total aggregate processing power required (IPSec + routing + ~10 WireGuard tunnels)?
Let’s double it for safety - assume 400 SIM cards sending 1000Mbps aggregate traffic and ~20 WireGuard tunnels to our egress nodes. CCR2004 still handles IPSec without any problem. Now there are 20 WireGuard tunnels to support.
What are your thoughts, should we go with CCR2004 or CCR2116? Or some other setup.
an user asked a good question, the RDS2216 seems to be essentially the same as the CCR2216 in performance, so if one needs not the number of ports of the CCR quite a bit of money can be saved, list prices are $2795.00 vs. $1950.00.
Central router goes in a data center – so RDS fan noise isn’t a big problem. Although it has six more fans that can break
Power consumption adds up…
RDS ports are enough for our implementation.
Thus - it looks like a better option than CCR2116.
I am not a Mikrotik model range expert. But I have a feeling RDS is kind of a niche device for them, and niche devices always seem to be the most neglected when it comes to firmware/documentation/long-term support. Does this apply to RDS?
One of benefits of ROS is that there's only one version for all devices. So when it comes to functionality, all devices are the same and added/fixed (software) functions are available for all devices. The difference between devices is in their performance (for certain functions) and possible (HW-related) bugs. So with RDS there might be some unique bugs related to NVMe controllers, bugs related to RAID functions will be same as with other devices (but more prominent, not many other drvice models will run RAID over multiple disks). Bugs related to CPU and networking will be same as those on (corresponding) CCR devices.
Etc.
Might be similar to CCR2004 PCIe which has some teething problems which were never really fixed ... if RDS doesn't really pick up in sales volume.
Since RDS architecture is very much like architecture of some prominent CCR2xxx models I don't think that support for RDS will be dropped any earlier than for CCR2xxx device family.
