Hi All
Im new to mikrotik eco system. Im looking for a router recommendation that will do 1G internet. The router will be purely internet router with NAT and firewall. Thinking of getting Hex S is that enough for my requirements. I don’t need wifi
Topology
ISP internet —>Mikrotik Router —> Layer 3 switch —> client
The hEX is underpowered by today’s standard. If you ever need QoS or extra firewall rules, it won’t handle that speed. hAP ax models are more powerful and designed for ROS 7. You can turn off the radios.
Alternate opinion, yeah it’s probably fine.
I’m running a hEX with 4 VLANs, a few firewall rules, DHCP, SNMP, NAT and the CPU barely hits 5%. All on a 1G connection. It’s really going to depend on how crazy you go with firewall rules.
I am however updating to a L009 that I got for a good price and going to keep the hEX as a failover just in case.
Routing performance vastly depends on configuration. Each device has official benchmark results published as part of product page, hEX’s are here. The most optimistic reading says that hEX is capable of routing at almost 2Gbps (not via a single pair of 1Gbps lines obviously, tests are done using all ports at the same time and cumulative throughput is used as result).
However, most of users on this forum agree, that most indicative number for common real-life use cases is the one under “Routing - 25 filter rules - 512 byte [packets]”, for hEX that’s 385.4Mbps.
For a bit more complex setups even this number is optimistic. With lighter config, higher numbers are reachable. But until one configures quite a few routers, it’s hard to predict how heavy will the setup be on device. So it’s better to go with a conservative estimate.
Note that these tests are done only for IPv4 and fasttrack is heavily used. Fasttrack (so far) doesn’t support IPv6, so results with IPv6 (which closely match IPv4 without fasttrack) are waay lower (my own hAP ac2 can do 1Gbps of IPv4 with sone CPU cycles to spare but struggles at less than 400Mbps with IPv6; official figure in the table I mentioned us at 980Mbps; config is mostly default).
There’s a cost/performance balance that needs to be part of the discussion on purchasing a new device IMO. Where I live, there are absolutely not discounts to be had on older MT devices, so they are being sold at more or less the same price as newer devices. As 1 Gbps+ home packages are becoming mainstream, embedded SoCs have become much more powerful in the last 5 years. Throwing out a still workable solution is a waste (GAS), but buying something now with no room to grow at all can be as well…
Indeed, the 25/512 metric is the best one to use when comparing MT products.
I can recommend you RB5009 for 1Gbps fiber, maybe it’s overkill now but you can run containers if you want (i’m running adguard), 8 ports with poe if you have poe version. SFP+ port, USB. Future proof device.