Is RouterOS right for our needs?

RouterOS General
1

Greetings all,

I am looking at implementing gigabit and VLANs in our datacentre in the near future. Unfortunately, I have a very limited budget for this and can not afford a Layer3 Gb switch, nor a brand-name hardware router/firewall with sufficient performance to route between VLANS at gigabit speeds. I’m hoping RouterOS can fill this need adequately. I would greatly appreciate if anyone could confirm whether RouterOS is capable of meeting the following requirements.

  1. Routing between two Internet Connections (each on its own physical interface) and approximately 12 VLANs initially (more will be added in future).

  2. Ability to direct traffic on port 80 out of one internet connection (browsing) while all other traffic passes out the other.

  3. Configure strict rules about which traffic may pass between VLANs/interfaces (e.g. This IP on VLAN1 can talk to that IP on VLAN2 on a particular port, but this IP on VLAN2 can talk to anything on VLAN1 etc). It looks as though this should be possible according to the documentation, but just want to confirm.

  4. If 3 is possible, will such a config with many interfaces become quickly unmanageable? Can this kind of config be managed via a GUI rather than command line?

  5. Route between / configure multiple VLANs on one physical interface whereby the interface is a tagged member of several VLANs – or will we need to cable a dedicated physical interface for each and every VLAN? I believe that if I’ve read the VLAN section of the documentation correctly then the first instance should be correct (i.e. able to route between any number of VLANs with only one physical interface)

  6. Can we apply different QoS settings to each VLAN interface on the same physical interface? Or do we need to configure QoS on a per-physical interface basis.

  7. We are looking at configuring redundancy. I understand VRRP is not supported with VLANs so I was wondering if there is any problem with keeping a cold-standby unit with identical hardware nearby and simply uploading the configuration from the failed unit, reconnecting the cables and powering it on?

  8. Finally, we are looking at recycling an old server for this project, it has a single-core Xeon 2GHz processor w/ 512MB RAM and 64-bit PCI slots. Network cards and storage aside, do you believe that this hardware will be sufficiently powerful to route several Gb/s of data with low latency?

Thanks all in advance for your help with this!

Regards,

Martin

2

From what it sounds, sounds like everything can be done. The box you have should be able to support it, but keep in mind the reliability as well if you can run it on your existing hardware. There are other options out there as far as hardware, that can do this.