Hi all!

I've been using a RB2011UAS-2HnD-IN as a SOHO router for a while, and love the product. I've now however increasingly made use of its IPSec / L2TP capabilities to remotely access a storage box behind it, and have found that this will max out at around 30Mbps. I've had a look around and from what I've found the only current RouterBoard hardware to support 100Mbps IPSec throughput seem to be the RB1100AHx2 and the RB1036 range. Are these really the only ones?
The RB1036 is complete overkill for my purposes, and even the RB1100AHx2 is otherwise much more than I need (or can afford). Do any of the "smaller" Routerboards offer hardware crypto acceleration by any chance? Integrated Wi-Fi would be ideal, but a somewhat more affordable price would be a higher priority.

Many thanks!

Yeah I feel you on this man . The cheapest IPSEC 100Mbps capable router I've been able to find is the UBNT Edge Router Lite and whilst it is a nice piece of kit a lot of the software felt very unfinished . I'm not sure if things have got better in the last couple of months for UBNT but it's not something I felt entirely comfortable with in a production environment so we're mostly rocking 1100AHx2 + 951/2011 . Would be great if they could combine something that powerful into a single box since our WAN speeds just seem to keep increasing and increasing all the time over here.

Not sure if the CCR series is even in the race here as currently the hardware acceleration for encryption is not used in ROS. So RB1x00 seem to be pretty much the only option at the moment.

I'm currently testing a Ubiquiti EdgeRouter Lite (around 90 Euros here in Germany incl. VAT) which is a dual core router with hardware accelerated encryption. The system is a ported Vyatta Core 6.3 with some web ui for basic stuff. I'm about to write some reviews comparing the ERL to one of my RB2011UAS. I'll also be testing IPSec throughput with a Watchguard XTM330 firewall cluster on the other side, resembling my needs (Watchguard in the office, ERL / RB at home), just leaving out my home connection as I plan to directly attach them to the same switch.

Not sure when I'll be able to do the test but I'll report back my findings.

FYI I did some testing of an ERL to an RB1100AHx2

http://blog.linitx.com/ubiquiti-edgerou ... e-testing/

Al you will find just like Nick did that the performance of the little UBNT is top notch.I found that a lot of stuff still had to be done via the CMD line and were not present or working in the GUI.Still a top little router , and if they put a wireless interface on it I can definitely see it hurting RB2011 / RB951 sales.

My unit does get really hot though , so I wouldn't put in in a non airconditioned / ventilated room.

Thanks for sharing your results! Pretty impressive indeed..

There's really a lot you can't do right now from the UI but I'm fine with that. Downloaded the Vyatta 6.3 documentation and got along pretty well. I especially like the configuration management and by now haven't found anything that didn't make sense to me.

I'm gonna test it beyond what I need at home to do some platform evaluation. We're still looking for our new core router platform and it seems it's gonna be decided between UBNT and MT. Gonna have to wait until we get CCR and Edgerouter Pro hardware and then we'll see. Basically we just need BGP, VLANs and traffic shaping of VLANs.

I also like that I can poll SNMP traffic stats from virtual interfaces on EdgeOS while it's still advised to turn off SNMP on ROS when using BGP.

Have you considered rb800 ? you can add 4 minipci and 1 minipcie wlan card to it ....

JF.

Thanks for all the responses!

The Ubiquiti looks like a very good candidate for what I need. Indeed if it had integrated Wi-Fi and maybe a few more ethernet ports it would be perfect! But I think I could make do with it plus a cheap AP, or use the RB2011 I already have as a switch and AP. That seems to me to be the cheapest option. I'll have to have a look into the software issues, but it's not a highly critical environment so some minor things might be acceptable. Certainly the VPN throughput seems to fit my needs.

nickshore: Very interesting, thanks for sharing those numbers. I've looked around a bit and I think I saw >200Mbps quoted elsewhere, so just over 100 is a bit surprising. But still enough for my needs for now.

I had a look at the RB 800 - does that support HW cryptography? Even so, it is quite expensive, and at that price I could go for that 1100AHx2 as well plus a cheap AP for the Wi-Fi.

Again, thanks everyone! I don't think I would have come across the Ubiquiti without you.