Seeking MikroTik-Based Alternative for Multi-Building 10Gbps Network Infrastructure

Hi everyone,

I need to purchase the network infrastructure for the rack I’m about to install, and I have identified a possible solution based on devices from one of your competitor companies. That configuration meets most of my requirements, although not entirely. I’ve opened this discussion to evaluate potential equivalent or superior alternatives using MikroTik equipment.

In Building 0, I have a patch panel with 24 shielded CAT6A keystone modules. The goal is to ensure that all outlets can support up to 10 Gbps bandwidth and that at least four of them can provide PoE power - mainly for access points mounted on the ceiling - with the option to have additional PoE ports for other devices, if possible.

Regarding the solution proposed above from the competitor company, there are two main compromises:

The overall cost, which is particularly high.

The number of 10 Gbps ports, which is limited to 16 instead of the ideal 24; the remaining 8 ports operate at 2.5 Gbps.

In Building 0, two PoE access points are required (one high-performance and one budget-friendly), in addition to the rack that will house all the planned devices.

In Building 1, a budget PoE access point and an affordable switch with 10 Gbps ports are needed.

In Building 2, a budget PoE access point is required.

I will also need an adapter in case the provider installs fiber using an ONT, if the MikroTik router does not have a 10 Gbps Ethernet WAN port - an outcome that is likely but not yet certain. This component can be purchased later, but I would like to prepare the installation so that it is compatible with this scenario from the start.

Since the three buildings are close to each other but have separate grounding systems, the electrician advised me that it is not possible to use FTP cable for inter-building connections, making UTP cable necessary instead. As a result, of the 24 total runs, three will be made with Cat 6A UTP cable (those between different buildings), while the remainder - the majority - will use Cat 6A FTP cable.

Thank you in advance to anyone who can help me choose the most suitable solution.

Ports on competitor devices:

Building 0

AP: 1 x 2.5 GbE PoE

AP: 1 x 10 GbE PoE++ | 1 x 1 GbE PoE

SWITCH: 16 x 10 GbE PoE+++ | 8 x 2.5 GbE PoE+++ | 2 x 25G SFP28

CABLE: From 10G SFP+ to 25G SFP28

ROUTER: 8 x 1 GbE | 1 x 2.5 GbE WAN | 1 x 10G SFP+ | 1 x 10G SFP+ WAN

SFP+ to RJ45 Adapter: From 10G SFP+ WAN to 10 GbE WAN

Building 1

SWITCH: 4 x 10 GbE | 1 x 1 GbE PoE+

AP: 1 x 2.5 GbE PoE

Building 2

AP: 1 x 2.5 GbE PoE

My main thought is to get a contractor to run and terminate fibre between the buildings.
Don't attempt to run copper.

Scroll through the devices in MikroTik Routers and Wireless - Products

The router seems doable, probably the CCR2116-12G-4S+
(The product page has performance information on it.

Not so sure about the switch in building 0.

... but it will be tough running PoE over fiber ...

Fibre would be much better (and completely insulate the three buildings electrically), but if you have to carry PoE power you need copper.

If using copper, I am not so sure that it is a good idea to use a non-shielded cable to connect the buildings, even if in conduits and what not, they remain "outdoor cables", while I can understand the need to keep grounds separated, usually with shielded cables termination is ground connected on one side (the rack, that should also be grounded) and NOT connected on the other side.

Another (side) note:
the three buildings must be very small if the first can be covered by two AP's and the other two with just one each, maybe before doing the cable work it would be advisable to make a couple tests of wifi coverage, it is rather pointless to have 2.5 Gb upstream connection if the coverage (please read as speed) of the wifi is sub-optimal.

It is almost always a bad idea to run copper networking between buildings. The main reason for this is that there can be significant voltages between the local grounding systems, either due to the way the electrical system is constructed or because of lightning.

I think you can disclose the name of the competitor here

First of all, thank you all for your input. The proposed router seems valid, even though it has a high number of 1 Gbps ports which I don't really need; however, if it turns out to be the most convenient solution, I am willing to consider it.

The main critical issue is the link between the buildings. The use of fiber is too expensive, which is why I was considering using copper exclusively. It is worth clarifying that all cables coming from the three houses converge in a single patch panel installed in the rack of building 0, which also serves as the grounding point. Any interference on the copper links towards the other two buildings does not represent a significant problem: a suboptimal level of performance is acceptable.

The cables to building 1 have already been laid and are of the FTP type, but I can replace them without difficulty. The cables to building 2, on the other hand, still need to be installed: only the underfloor conduit is currently in place. I would prefer to maintain an entirely copper solution and avoid fiber; I have already thoroughly evaluated this aspect.

If Mikrotik offers cost-effective solutions, that's welcome, but the budget needs to be around €4,000. My priority is the infrastructure of building 0; for buildings 1 and 2 the requirements are much less stringent. These are small buildings, so I don't have any particular critical issues related to Wi-Fi coverage: each access point serves a single room and it is not necessary to cover more extended areas. If further APs are needed I can add them without problems, but the ones already planned are more than sufficient.

You wrote that I can indicate the name of a competing product, so I will: I am interested in finding a solution comparable to what I am currently using, so that I can make a direct comparison. I also point out that the Mikrotik site is not very practical: it lacks a filtering system that allows excluding switches with speeds below 10 Gbps from the search.

Building 0

Ubiquiti U7 Lite (U7-Lite) 1 x 2.5 GbE PoE 106,80 €

URL https://eu.store.ui.com/eu/en/products/u7-lite

Ubiquiti E7 (E7) 1 x 10 GbE PoE++ | 1 x 1 GbE PoE (PoE 15.4W PoE+ 30W PoE++ 60W PoE+++ 90W) 538,80 €

URL https://eu.store.ui.com/eu/en/products/e7

Ubiquiti Pro XG 24 PoE USW-Pro-XG-24-PoE (720W) 16 x 10 GbE PoE+++ | 8 x 2.5 GbE PoE+++ | 2 x 25G SFP28 1.942,80 €

URL https://eu.store.ui.com/eu/en/products/usw-pro-xg-24-poe

Ubiquiti 25G Direct Attach Cable (UACC-DAC-SFP28-3M) From 10G SFP+ to 25G SFP28 42,00 €

URL https://eu.store.ui.com/eu/en/category/accessories-modules-fiber/collections/accessories-pro-direct-attach-cables/products/25gbps-direct-attach-cable?variant=uacc-dac-sfp28-3m

Ubiquiti Dream Machine Pro Max (UDM-Pro-Max) 8 x 1 GbE | 1 x 2.5 GbE WAN | 1 x 10G SFP+ | 1 x 10G SFP+ WAN 666,00 €

URL https://eu.store.ui.com/eu/en/products/udm-pro-max

Ubiquiti SFP+ to RJ45 Adapter (UACC-CM-RJ45-MG) From 10G SFP+ WAN to 10 GbE WAN 72,00 €

URL https://eu.store.ui.com/eu/en/category/accessories-modules-fiber/collections/accessories-pro-direct-attach-cables/products/uacc-cm-rj45-mg

Tot.: 3.368,40 €

Building 1

Ubiquiti Flex 10 GbE USW-Flex-XG 4 x 10 GbE | 1 x 1 GbE PoE+ 324,00 €

URL https://eu.store.ui.com/eu/en/products/usw-flex-xg

Ubiquiti U7 Lite (U7-Lite) 1 x 2.5 GbE PoE 106,80 €

URL https://eu.store.ui.com/eu/en/products/u7-lite

Tot.: 430,80 €

Building 2

Ubiquiti U7 Lite (U7-Lite) 1 x 2.5 GbE PoE 106,80 €

URL https://eu.store.ui.com/eu/en/products/u7-lite

Tot.: 106,80 €

Tot.: 3.906,00 €

I don’t know your situation. In my hometown, fiber is less expensive than copper and my first choice to connect building's network. Distance matters.

Once deployed a ring topology to connect 3 school buildings using fiber. RouterOS (CCR or similar) in the main building, and in the other two using SwitchOS (CSS or similar). But for AP… Unifi is hard to resist maybe because I used to it (Unifi Protect and Unifi Network is really convenient for me).

You probably can't match the port capabilities of Ubnt stuff with Mikrotiks. One of the reasons is that Ubnt makes specific use of hardware features in the chips that they include to a much higher degree than Mikrotik.

Altogether, if you want or need what they are selling then go ahead with them. You won't get these specs cheaper.

I have my doubts in general about how useful 2.5GbE is for APs, but they seem to be all the rage. In these circumstances I'd probably go with an rb5009 and cAP ax-es (or if I wanted Wifi 6e or 7, U7 lite) and be done with it. I don't think the additional spend yields much benefit in actual use. I'm kind of conservative in these choices, so take all this with an appropriate amount of salt.

Only having a quick look at the devices you chose, what stands out (only as a common sense observation) is that you are going to spend half your budget on a single (good as it might be) switch.

Cannot say what that can be replaced with, but it seems to me out of proportion, also because it represents essentially (if I get this right) a single central hub (and thus a single possible point of failure for the whole network).

EDIT: re-thinking about it, maybe dividing in two, you could go with two Zyxel XS1930-12HP, 2x650€=1300 €

There’s an error in the post above, my apologies. The nicest AP I’d like to get is the Ubiquiti U7 Pro XG (U7-Pro-XG), which costs around 200 euros.

I would like to make an additional important clarification. With IDS/IPS enabled and a single Ubiquiti user, it is possible to reach up to 2.5 Gbps theoretical throughput for simultaneous download and upload traffic, with actual speeds being lower. Under the same conditions, if only download or only upload is performed, the theoretical speed can reach up to 5 Gbps, again with lower real-world values.

These speeds can be doubled using an EFG, a solution I have decided not to purchase due to cost considerations.

Could you recommend an equivalent Mikrotik configuration with similar performance (neither more powerful nor weaker)? Thank you.

The rb5009 that I suggested has a higher throughput than the udm pro max. Doesn't do idp/ips though... but Ubnt's version of it is mostly useless... So again, it's never really an apples to apples comparison. On the other hand, the MT is built way better...

Knew that this project was gonna be UniF–k…. it’s always UniF–k.

There is no Tik Wap with WiFi7, certainly not 2.

Tik doesn’t have a comparable switch.

As others have stated… that outdoor fiber is going to a be a far better choice for linking building.

They sure carved out their niche very well, very little competition at the feature set and price point they offer. I’m not as angry about it as you are though

Not angry about it.

I do find i hate the fans a lot more than that product.

Mostly because the stuff is OK ,but I can get painted in to corners quickly by its limits.

But the fanboys… god are they annoying. You are standing there right in front of the ticked off client demonstrating that its purely a hardware issue. And they won’t back down. Even after you unplug there stuff and demonstrate that it works just fine if you can actually work outside of a wizard.

The real problem goes back to this… It was designed from the ground up for people who don’t know how to build networks… to be able to deploy networks.

Which leads to my often repeated quote.

“The Greatest thing about UniF–k, is it allows people with absolutely no idea of what they are doing, to deploy networks.The Worst thing about UniF–k, is it allows people with absolutely no idea of what they are doing, to deploy networks.”

Which explains why I see so many awful deployments… But in their defense… after years of always testing their gear on the bench… I stopped after the wifi6 roll out. If they hadn’t fired my counterpart at the company I contract for… I use to atleast get to see the gear when he screwed it up.

I would really like to have comparable hardware from Tik. But when it comes to switching and WiFi… I don’t.

Number one rule: go with the best tool for the job. While it’s a good exercise to check with other vendors when doing upgrades and retrofits, change for the sake of change can cause more headaches than it’s worth. And once you’ve found a solution that makes sense, do it. UniFi is (IMHO) superior for larger-scale deployments, especially with the single-pane-of-glass management you get. (The downside as mentioned by others is limited insight into what’s going on, unless you know UniFi CLI-fu.)

(We have hundreds of MikroTik and UniFi routers deployed. MikroTik runs most of my ISP network, with UI radios, and a mix of MikroTik and UniFi runs most of our customers’ home networks.)

Always go with fiber between buildings whenever each building’s power is going to be used at both ends. A POE device installed in building 2 but powered from building 1 is really the only exception I can think of (and doesn’t make sense unless building 2 has no power).

I don’t see any alternative MikroTik configuration, so I can’t make any comparison. You suggested an RB5009 as the router. The 10 Gbps port is correct, but I don’t see multiple 10 Gbps outputs, no PoE ports, and the IPS-side routing capacity is not specified.

You mentioned an “Ubuntu version,” but I have no idea what you are referring to. I know Ubuntu as an operating system.

You wrote that MikroTik doesn’t have a comparable switch, and indeed I don’t find anything on their website, but there is the MikroTik CRS312‑4C+8XG‑RM, which has 4 SFP+ ports and could simplify connections to the two neighboring buildings.

I would like to see a configuration like this, if possible:

AP: ???

Zyxel XS1930‑12HP: 10 RJ45 multi‑gig ports (100 M/1G/2.5G/5G/10G), 8 with PoE ++ + 2 SFP+ 10G ports

3 m SFP+ to SFP+ cable

MikroTik CRS312‑4C+8XG‑RM: 12 RJ45 10G ports total, 8 dedicated and 4 that can be used as RJ45 10G or SFP+ 10G + 4 SFP+ 10G ports

3 m SFP+ to SFP+ cable

MikroTik CCR2116‑12G‑4S+: 12 RJ45 ports (10/100/1000), 4 SFP+ 10G ports, 1 RJ45 serial console port, 1 M.2 PCIe slot

RJ45 to SFP+ Adapter

ONT

Obviously, splitting the 24 ports across two devices is not equivalent to a router with 24 physical ports, but I would still like to see a configuration to understand what trade-offs or advantages I would have with MikroTik. With Ubiquiti, there are quite a few compromises.

Additionally, there is a possibility of connecting the Ubiquiti Pro XG 24 PoE (USW‑Pro‑XG‑24‑PoE, 720 W) to a MikroTik switch that distributes the fiber to the two houses. I haven’t found any cost-effective solutions with Ubiquiti for this.

In the neighboring houses, I wouldn’t deploy PoE APs: what would you recommend as an alternative?

Thank you

To achieve theoretical simultaneous 10 Gbps Internet throughput with Ubiquiti, an EFG would be required, which unfortunately is very expensive. Could MikroTik offer a more cost-effective solution suitable for my use case?

Again, the rb5009 goes up to almost 10 Gbps, beyond that you have to get the ccr2116.

The rb5009 is usually paired with a suitable switch for the appropriate port config, e.g. the crs309-1g-8s+. (Yes, I'm very much partial to optical 10G.) There are switches with sfp and 2.5GbE ports as well.

No one said anything about Ubuntu. Ubnt is the ticker name for Ubiquiti Networks.

For APs, if you want 6e/7, just go with the ones you selected.

I just don't see any coherent notion emerge as to where that 10 Gbps of traffic would go or come from. Once you have that established, that will direct your equipment choices.

You must have a very tall (or very large) rack.

Seriously, for the AP's the Ubiquity ones you mentioned have no "direct equivalent" in Mikrotik range.

The Zyxel XS1930‑12HP I suggested because you were asking for PoE from building 0 to the other 2.

If you (as everyone suggested) are going to use fiber to connect the three buildings situation changes.

In building 0 you have two "local" PoE powered devices (the two Ubnt AP's).
In building 1 you have just one "local" PoE powered device (a single Ubnt AP).
In building 2 you have just one "local" PoE powered device (a single Ubnt AP).

The need of a PoE capable switch fades away, you can use for those AP's PoE power injectors and you are free to use any switch in building 0.

But you need anyway to "convert" from fiber to ethernet on buildings 1 and 2, so:
https://mikrotik.com/product/ftc11xg

Thank you for the excellent advice. Ubiquiti does not offer anything equivalent to the FTC11XG; there is a similar product, but it only supports 1 Gbps. The FTC11XG, as I would use it, functions like an unmanaged switch: on one side, copper comes in, and on the other side, fiber goes out, and vice versa, without the need for any system-level configuration. With four of these devices, I would completely solve the issue.

The Ubiquiti Pro XG 24 PoE switch (USW-Pro-XG-24-PoE), aside from the cost, appeals to me greatly; it is hard to resist. Simple Ethernet-to-PoE converters are convenient, but they complicate the rack considerably.