We're an ISP and we're considering to buy two CCR1036-8G-2S+EM to be used as border/edge router. Two of these since they don't come with dual PSU. Our setup will be:
[Two upstream Internet transit providers in full BGP] => [CCR1036] => [Huawei carrier-grade core switches configured to provide Internet connection to customers based on VLAN groups and static IPs]. Total traffic about 8Gbps.
We still doubt whether to give Mikrotik a try since there were many reviews talking about these issues:
A. If CRC functions as firewall too, the routing capability is significantly decreased due to high CPU load. Especially on DOS attacks, when it can turn into non-responsive device.
B. BGP routing table updates uses one CPU core, and the core load may stay at 100% all the time.
C. Uptime is not really long.
While we can risk with points B and C, we can not do it with point A, as our network receives a lot of attacks. What would be your advice on overcoming the issue with network attacks when CRC is first on the line of defense?