I've come to the realization, I need more speed!
* note the buffer bloat... ouch!
hAP AC: * firewall rules, port mirroring on, netflow on
hAP AC: * firewall rules, port mirroring off, netflow off
hAP AC: * defcon, only nat, no filter rules, port mirroring off, netflow off
* does not have the fasttrack filter rule.
Architecture of my network:
I've since moved ether5 (to 4), and made ether5 the SPAN Port.
I can plug the SFP module into the Mikrotik. It does work. No difference in speed tests really. I'm using the TP-Link because a) I already bought it and b) I can quickly plug a PC into it and be directly connected by passing all my equipment. The provider gives me a 'Homehub' which is a Sagemcom F@ST 5250. The issue is that the modem breaks under heavy load, can't do a HE IPV4-IPV6 tunnel (modem hard locks), and you are forced to use only a single 192.168.2/24 netblock (cant be changed). For my lab, that just won't cut it.
I am looking for recommendations on what to buy to handle my 1Gb link with multiple PPPOE clients (providing multiple IP's), provide port mirroring and netflow, and handle around 15 IP filter rules.