I am looking to replace my old home router and i would like some of your suggestions regarding a future achievment.
I need a router with this specs:
-gigabit ports
-capable of s2s and remote VPN
-VLANS
-basic firewalling
-pppoe capable
-high NAT throughput; i will use PAT on it, so LAN subnets translated in one external IP. I will have a gigabit internet subscription, and thus i will need NAT throughput as high as it can get towards 1Gb/s.
I know this one is a hard thing to achieve, and without ASICs, it may be quite impossible; that’s why i need some of your suggestions regarding a Mikrotik product that can satisfy this demands (and also being afordable).
You might want to do a little more searching in threads related to fastpath/fasttrack, but I seem to recall some reports of the 2011 being able to handle a gigabit if the traffic is mostly fastpath… which leads me to believe that the 850Gx2 should be able to handle this much speed with fastpath.
VPN is going to be a different story though. CCR is going to be necessary if you need high speeds over VPN links.
That’s precisely the reason why I did not mention the 3011, which otherwise would be the perfect router for this. Hopefully the ARM architecture matures quickly in ROS.
I wouldn’t be expecting real gigabit natted throughput unless the fasttrack is used on 3011. But I haven’t tested it so I am just guessing from the performance table on the product page.
i think mild CCR’s would be nice start there.
like 1009-PC with passive cooling.(put several those - works like charm)
or if you need quite small bandwidth - try RB3011 instead(but its purely SOHO thing and processor isn’t really satisfying even for some of home usages, so don’t be too over-excited with/about it).
So everyone’s suggestion goes with CCR1009-8G-1S-PC , right? it seems to be a quite powerfull device; the problem is that for home use is quite expensive - almost 500$. I am still thinking what to do, as this one overcomes greatly my initial budget.
Besides that, i just want to clear one thing: as i said before i want it to have high NAT throughput, but i am reffering more exactly to PAT, so basically is one NAT rule. Can’t this speed be aquired with a lower model, as it is only one NAT rule and i am guessing it is not so CPU intensive?
Anyway, as i understood, the whole ideea is that the device should have fasttrack feature in order to perform high NAT throughput. I read a little about it on the forums and i understand that is something similar to cisco CEF, correct?
Fasttrack comes default with fastpath?
RB3011UiAS-RM seems quite attractive and has a better suited price for my purpose, but i will stay away from it, as you guys suggest (for the moment).
I run a rb1100ahx2 at home with a gigabit pppoe link. It does some 920 Mbps NAT with a 80% processor load WITHOUT fastpath checked on netspeed running on the providers server. VPN performance in also ok (200 Mbps in metropolitan network, limited by the provider). I think this device would be the cheapest which meets your requirements, at some $350.
