I know that I’m asking this at the Mikrotik forum and it’s likely that I’ll receive biased answers. I also want to state that I’m an advanced beginner. I’m trying to improve my home network and knowledge about networks.
I currently have a switch and a few AX3000 APs from Omada, and a mini pc running OPNSense. The problems that I have are:
The setup is very brittle. Specially at the Omada part with the controller running on a Raspberry PI.
The controller is very slow even with the whole RPI4 available for it.
Seamless roaming never worked. My calls constantly break in case I’m walking around the house while talking.
OPNSense feels bloated. It has lots and lots of features, but doing everything under the same interface is kind of broken for me. I would rather use nginx directly than their plugin representation.
I feel that I don’t need any of the advanced firewall rules that OPNSense offers. I tried ZenArmor this weekend and it output a ton of data, but I really don’t care to any of that on my home network.
My plan is to get a RB5009UPr+S+IN and 3 wAP ax. The benefits in my opinion would be:
Solid network with less moving parts.
More knowledge on networks.
I’ll not downgrade my wifi exprience given that the wAP ax is AX3000 as well.
Mikrotik is top notch on the parts that I need and care, networking.
It still can do firewall, which I need to allow/deny the access from and to a few devices. I have some worry here if the CPU can become a bottleneck.
That’s it. I’m looking for opinions from others that have done a similar move, on any direction, or have hands on experience with both solutions.
Biased opinion: yes, it’s worth it. At least for the routing side.
I’ve had deployed in the past (in my homelab) pfsense, opnsense, ubiquiti and mikrotik.
My opinion for all of them (for routing/firewalling):
pfsense/opnsense: great software, powerful (you can do almost anything), potential for NGFW with ZenArmor if you’re interested in that, easy to use UI, non-existing CLI. I was running it into a VM on my homelab, which made it very unreliable, that’s why I ditched it. I wouldn’t trust a mini-pc either for the job. Wife approval factor very low
ubiquiti: great hardware, very limited software. Ditched it instantly after I learned I can’t deploy multi-WAN by using multiple pppoe clients on the same ethernet interface/port.
mikrotik: ok to great hardware (I think it’s behind Ubiquiti; there are also many questionable design/decision choices), great software, big step-learning curve, even when coming from pfsense/opnsense. Many ways to achieve the same thing (which is not necessarily bad, but can be confusing).
I do not like mikrotik’s wifi. It is too hard to get right, and if you don’t, your wifi performance/reliability is gonna be very bad. With ac2 as my main router, I used a dumb tp-link router in AP mode because I couldn’t stand the ac2 wifi.
Mikrotik is way behind with their wifi products, no wifi 6e or 7. I now use Ubiquiti APs for wifi.
I have an RB5009 with Capsman and two hAP ax2 as access points (Poe). Before, I had Unifi with a controller. Once set up, the system runs wonderfully. You don’t need a cloud controller and setting up on Capsman is really easy, thanks to Youtube videos from Mikrotik.
I upgraded from 2 tp-link eap245 accespoints with an omada controller to 3 tp-link deco X50’s and now to 2 hap-ax3’s and 1 hap-ax2.
Works perfectly
Also using an rb5009 and a bunch of netgear switches
Hi, I have mixed Opnsense, MT, TPLink Omada networks. I had many evolutions, but currently my best practice is:
Omada: APs (Wifi6e) + HW WLAN Ctrlr; would not use it as a Firewall/Router, and I´m not using the cloud features; seamless roaming works like a charm
Opnsense: Firewall, DNS (authoritative, secure), router, IPS, etc.; I find Opnsense being absolutely robust
Mikrotik: switching, routing; low power, small, but for a firewall I like Opnsense more; I´m still using MT as a firewall and VPN box as well (RB5009 & HAPax3)
I had LOTS of issues with MT APs, and even if it looks like WIFI bugs have mostly gotten sorted out by now MT Wifi is still a far cry from Omada
My setup after many revisions is: RB5009 (was RB450G->RG450Gx4->1100AHx2 which died after lightning strike to the tree in the backyard) + set of Ruckus APs. I like MT devices but Ruckus is set&forget setup.
Had RB4011 as powerfull enogh but there was a bargain for RB5009 so it is now the main router with a lot of power for future.
If you don’t like a lot of features, you may not like MikroTik RouterOS. It has a ton of features that will likely never use. You can check the demo here: https://mikrotik.com/software. But if navigating to the things you need and the learning curve don’t scare you, ROS is an excellent system.
I would be careful with wAP ax. From what I read somewhere here on the forum, it’s more designed for mounting on walls, so the radiation pattern might not be what you can expect from a standard AP.
I think bloat and functionality are different definitions. OPNSense requires at least 4GB of RAM, while Routeros v7 requires at even only 256MB of RAM.
Have RB5009 as my main router, few CRS310 and 3 wAP ax. Never had any problem with that setup. While Mikrotik WiFi indeed is behind ubiquiti or tp link I think it’s good enough for home user.
In my parents house there is all unifi setup just to see how its working. Well UCG Max is at toasty 81 degrees at this weather… One of the lite 8 poe switches had to be replaced within 2 months because it started to randomly reboot.
My hap AC2 (that has only 128MB ram) is running with 50MB free RAM, doing routing, NAT, firewalling on a 1Gbps connection, IPSec site-to-site to a cloud provider, wireguard site-to-site to another location, internal BGP for private routes throught both ipsec/wireguard and ~1400 active connections tracked.