What would be the proper choice of a routerboard from the current available lineup of hardware for the following scenario?
BW: about 125 Mbits down / 10 Mbits up, cable
users: about 30 in an office, normal office work, nothing out of the ordinary
a mail server in the office for those users, with remote access (smtp, imap)
external access for resources like rdp, but not really prominent (not a remote work site)
2 or 3 wifi APs, later
VPN access is through an internal server, so no load of that kind for the routerboard. Would a series 2011 be a wise choice? I’ve seen 450Gs handling 100/100 conveniently with nat (never fully saturated tho in both directions), but only a few users. Would it be better to go for an RB1200 at least? Thanks.
I think either a 450G or 2011L would be just fine. If you want to have something a little bigger incase you decide to do QoS or something later I would go with the RB1200 or RB1100AH.
Yeah, comparing the throughput figures, I thought so too. No queues planned so far, however, I’m concerned about the amount of ram. 2011 has 64M, while the 450G has 256M. Although no heavily loaded servers inside with thousands of connections, so it might not be an issue.
Well, i guess so. Compared to the 450G, how are NAT throughput figures? Can the 2011 top the 450G’s max througput of about 200 Mbps? This in an information I’m unable to find. I won’t actually need more than that, of course, just wondering.
As I’ve already said, I was comparing the two while trying to decide. No NAT figures there, only routred/bridged config with and without conntrack, which is not the same. Actually, far from it. The 450G is capable of a NAT througput at around 200 Mbps (based on others and on my own experience), while, in theory it can route traffic at near gigabit speeds without NAT.
Thanks. I’ve decided to try the RB2011 for the particular task for a start. If it’s not a good fit I might go a little higher, maybe try a 450G or use something completely different (not a MikroTik product). RB1200 is out of the current budget. That’d be a shame since I like their products and especially ROS. Anyway I’ll get back and at least report a NAT throughput which is I think is at least as important in these usage scenarios as the basic figures presented on routerboard.com.
If anyone is interested, I’ve made a simple test with NAT. An adress on ether1 (representing the wan side), a subnet on ether2 (representing a lan), and a simple TCP forwarding rule from ether1_wan_ip:9999 to a virtual machine on ether2_lan_ip:9999. There is a masquerading srcnat rule for the subnet behind ether2. The ‘nc’ command was used to transfer data betwen the hosts. On the “wan” side, a desktop win7 acted as an arbitrary source or target. In total, there are 12 firewall rules (only the ones mentioned above get used, of course).
lan → wan: consistently above 250 Mbps, average around 270
wan → lan: consistently above 300 Mbps, average around 315
CPU on 100% in both cases. Only one stream. This test is very simple, so it might not be representative, but it’s indicative of what is to be expected of these devices.