Is the RB3011 a good fit?

warllo · September 9, 2019, 2:07pm

Hi,

I am looking at purchasing an RB3011. I have gigabit symmetrical internet and I just want to confirm that this device should be able to reach max throughput given the configuration I expect to have.

My config should be fairly basic including NAT, basic firewall rules to allow LAN to WAN but blocking WAN to LAN traffic. I will also have a few port forwards in place and potentially running l2tp for remote clients to connect from various locations. I don’t think there would ever be more than 5 remote clients connected at any point.

Lastly is the bridge between the two switch chips hardware or cpu bound? My understanding is later version of Router OS support hardware bridging but I’m not sure if I understand this feature correctly.

I am hoping someone could advise whether or not this device would be a good fit. Thanks for your time in advance.

sebastia · September 9, 2019, 6:08pm

Hey

For general usage, it will do just fine: https://mikrotik.com/product/rb4011igs_rm#fndtn-testresults
L2TP: don’t expect that vpn will be at full speed
bridge: see https://i.mt.lv/cdn/rb_files/RB4011iGSplusRM-180905135303.png

Paternot · September 10, 2019, 1:16am

Well, I would forget about the 3011, and would get a 4011. Much more CPU power, and just US$ 20,00 more. The 3011 should work, but for a little more money You can get something much better.

chechito · September 10, 2019, 1:31am

totally agree

RB3011 had his moment, today the better choice is RB4011

Steveocee · September 10, 2019, 9:28am

The RB3011 had such potential and was severely let down. The RB4011 is the perfect successor to the RB2011 apart from coming in 1 form factor and being ugly as sin on 1U brackets.

warllo · September 10, 2019, 9:01pm

Thank you all for the suggestions and comments. While I would have preferred the 4011 based on your inputs, however I was able to get a 3011 for $80 from a good friend who decided to go to a unifi gateway which I feel is too good of deal to pass up.

chechito · September 11, 2019, 12:02am

yes at that price its a good deal, price proportional to relative performance in comparison with 4011

jvanhambelgium · September 11, 2019, 7:00am

My RB3011 never let me down in the past years.
In terms of performance, when blasting iperf-traffic across the Bridge/CPU (client <> server on 2 ports that need to traverse the CPU) I only hit about 17% CPU while doing a consistent 950Mbps across it.
No worries there.

My Internet link is “only” 100Mbps, but even when running torrents with 500-1000 of open connections to be tracked, decent filtering list, IPv4 & IPv6 usage etc my RB3011 never really exceeds 5% CPU.
I’m pretty sure you higher-speed link will be handled fine. Offcourse don’t expect 1Gbps IPSEC VPN performance or something

chechito · September 11, 2019, 6:02pm

latest RouterOS relases have enabled ipsec hardware acceleration on rb3011, almost at the level of rb1100AHX2

in theory you can get up to almost 800mbps of ipsec with rb3011