I am using a RB5009UG+S+IN for my network and I love it and it works great. It is currently being used as a DHCP server, basic NAT firewall, and a Pi Hole container, and an iperf3 container host. I am using the SFP+ port to feed my CRS309-1G-8S+IN, and the 2.5gbits/sec as a WAN port, and am happy with it.
I currently only use 1 internet connection, but want to use two. I want to implement automatic failover connection based load balancing across my two internet connections - 1 - 1000mbits/sec async, and 2 - 1000mbits/sec download 200mbits/sec upload.
Is it worth getting a second RB5009UG+S+IN for this? Load balancing seems very complicated - I tried to implement it once before but had no success.. and I don’t know whether that was because of the increased CPU load. Even if the CPU load is not significantly more, is it useful to have a second RB5009UG+S+IN for implementing additional firewall rules and/or having a ‘spare’ or redundant router connection that I can build config on and then deploy to the ‘live’ one?
The situation is that I have currently spent nearly £900 on a Firewalla Gold Plus prosumer firewall that claims to support load balancing via an ‘easy to setup’ interface, and 2.5gbits deep packet inspection for security threats, but I can’t get the bloody thing to work and suspect it has a hardware fault and it needs to be RTM’d. I am also not 100% sure whether I like using ‘prosumer’ devices with a ‘nice’ interface at all - Mikrotik is difficult to learn yes, but now I’ve mostly learned how RouterOS all works, it runs stable at a fraction of the cost of the Firewalla (although of course it won’t do deep packet inspection etc).
I’m thinking of getting a pfsense rack mounted box to do deep packet inspection also.
Thanks 