I am looking for a relatively cheap router to be used at first to work as a bridge between a number of tagged VLANs, with shaping and prioritization independently on the different VLANs (based on IP TOS/DiffServ).
This will later be transformed into true routing (the VLANs being put in to separate IP subnets one by one, after renumbering has been planned and performed).
So what I need is a router with only a single (gigabit/100Mbit) ethernet port. Throughput is relatively low, like maybe 10-20 Mbit/s now up to maybe 100 Mbit/s in its lifetime.
I am familiar with the RB2011 but looking at the products page I also see the hEX and hEX lite as candidates.
What is the difference between hEX and hEX lite? I only see higher CPU clock on the lite model, but it appears those 3 all have different CPU so the clock is not the only yardstick.
What would people recommend? Which box is (within what can be expected in this segment) the most reliable?
(e.g. least “hangups” or even failures seen in the field that require a trip to the site)
Ok thanks…
And how can I compare performance?
Of course it is not very useful to compare clockspeed when cpu type is different…
And it will probably also depend on what the box is exactly doing.
I also have good experience with the RB2011. Others that I know are using it as well now. Know only of one
incident at another user’s place where it suddenly ran very hot, but it was recovered by powercycling and I think
restore of a backup. I would expect it was some issue with 100% CPU but apparently that was not the case.
Anyway, it is a nice box for general use in our (amateur radio) network. And at a very good price.
so far HEX appears to be 2-3 times faster than most expensive 951/2011 models, while HEX Lite appears to be slower.
(even WITHOUT fast-path !!)
in harsh(Way more PPS and smaller packets)traffic difference reduced a lot, but gap remain noticeable. in “general use” most consumers can fully-saturate 3-4 ports or even all 5.
HEX(not HEX Lite ?) also had Excellent Phy/Switch chip. 1Gb speed on 8337 ins’t gimmick anymore and its perhaps one of reasons of performance boost.
Ok but for my single-port router the switch will probably do nothing.
Switch is nice when you have a home network that you route to internet and you want fast connection between devices, but in a pure router it cannot do much, I think.
Or is the switch working as an L3 router in these models?
maybe you have not used mikrotik before because that you have not noted that the ethernet interfaces in some 5 port devices like this are really part of a manageable switch, you can use this interfaces like a switch or like separate interfaces for routing.
from the diagram block you have to take in mind that for routing you will have a limitation of 1gbit/sec for routing because routing need the traffic to pass from ethernet interfaces (part of a switch) through the cpu and the link between cpu and switch its 1gbit/sec only.
1gbit/sec for routing its a lot, is only a limit in specific scenarios when you do pure routing without firewall, nat, mangle, or queues, that its called fast path mode, any other configuration will be limited by cpu performance to speeds lower than 1gbit/sec.
Of course for switching you have 1gbit/sec on each interface of hardware switching.
I am still studying the exact possibilities of those advanced switch chips. The documentation is a bit terse.
I have experience with L3 routing switches but it is not clear to me if this switch can do that in the generic case.
(I see it is possible to make rules that forward packets based on header fields, but how practical is it to make rules for some small subnets, if at all possible?)
For now I have to assume that routing will be a CPU operation.
routing always “CPU operations”.
PR BS about “ASIC-based something” will Always remain BS in networking.
cus size, consuption and especially cost of design - are erratical/inadequate to task, especially considering how fast it become obsolete/useless.
so good networking SoC will always remiain based on generic CPU Good balance of IPC, FP performance, latency and band of buses and controllers(including memory), size and speed of caches and etc.
ASIC-based and FPG-baseds(and GPU-based offloading portions and attempts was remain but only for hardcore/aged portions of “hot spots” in code and not with so notable benefits as pain introduced with.
Tilera is one of such examples. while its perfect for NASA or NSA/CIA(for crypto-cracking desne blade servers -packed distributed supers), or NRO or combat submarines, airplanes, tanks, its not really netwokring-ready thing, IMO, but initially only one of ambitious many-core brands. now its only one of ten major many-core vendors and trend gonna explode that thing further very much.
Maybe in these routers… yes. But there exist many “L3 switches” that actually do route IP using the hardware.
There is a small processor that does one-time lookup actions and then sets an entry in associative memory similar to what an L2 switch does for its MAC-address to port lookup table.
Many years ago I already had a quite affordable gigabit L3 switch at work which could route IP at wirespeed, while the CPU-based routers in the same price category at that time had a tough job at even achieving 50 Mbps.
That one only did static routes and I think RIP, but more expensive ones that also do BGP etc did exist as well.
What I wonder is if the switch ASIC in the MikroTik could do the same thing (with cooperation of the processor).
well actually they don’t, despite being advertised as such thing. ironically, but reasonably.
so far you can only make extremely “dumb” switches this way. which isn’t economically and technically reasonably too, long time ago.
some offloading done in generic SoC, buts its wasn’t used in most firmware for plenty of reasons for good. otherwise stability, security and latency issues become pain in … literally.
and yep, they still remain to be based on firmware hacks, mangling with traffic to achieve bigger bandwidth(naggle/lso-style, basically).
offloading portions and attempts was remain but only for hardcore/aged portions of “hot spots” in code and not with so notable benefits as pain introduced with.