Mikrotik software firewall/router?
-
@dmacf10 said in Mikrotik software firewall/router?:
@Pete-S I use the RB2011, RB3011 primarily for routing and I use the Cloudswitch PoE switches for switching.
Thanks, I will for sure check them out.
-
@JaredBusch Yes! We were primarily a WISP but also ran DNS and email servers, as well as web hosting. I became so familiar with MikroTik routing working that job that when I went out on my own it was an easy choice to continue using them.
-
@Pete-S said in Mikrotik software firewall/router?:
@dmacf10 said in Mikrotik software firewall/router?:
@Pete-S I use the RB2011, RB3011 primarily for routing and I use the Cloudswitch PoE switches for switching.
Thanks, I will for sure check them out.
I recommend RB4011 (new generation, faster then RB2011 or RB3011)
-
@Mario-Jakovina I have a couple of those but have been having trouble sourcing then lately. Yes, it is an upgrade from the other two I use primarily.
-
@Pete-S said in Mikrotik software firewall/router?:
Does anyone have experience with Mikrotik's software firewall/routers?
Or any opinion on their products in general, especially for business use?I used to think they were some kind of garage company but it turns out they're a billion dollar company.
We worked with them quite a bit at a site. Clunky, difficult, and not the most stable at that time.
Have they improved? Not sure, but IMNSHO, there's better products out there for the same or slightly higher pricing.
-
@PhlipElder said in Mikrotik software firewall/router?:
@Pete-S said in Mikrotik software firewall/router?:
Does anyone have experience with Mikrotik's software firewall/routers?
Or any opinion on their products in general, especially for business use?I used to think they were some kind of garage company but it turns out they're a billion dollar company.
We worked with them quite a bit at a site. Clunky, difficult, and not the most stable at that time.
Have they improved? Not sure, but IMNSHO, there's better products out there for the same or slightly higher pricing.
Lack of stability doesn't sound good because that is the most important IMO.
What brand are you thinking of? I have tried to look at the low budget business market but haven't found any other brand that have a complete line-up. Ubiquity for example, only have a small subset of the routers that Mikrotik have and no software router.
-
@Pete-S said in Mikrotik software firewall/router?:
@PhlipElder said in Mikrotik software firewall/router?:
@Pete-S said in Mikrotik software firewall/router?:
Does anyone have experience with Mikrotik's software firewall/routers?
Or any opinion on their products in general, especially for business use?I used to think they were some kind of garage company but it turns out they're a billion dollar company.
We worked with them quite a bit at a site. Clunky, difficult, and not the most stable at that time.
Have they improved? Not sure, but IMNSHO, there's better products out there for the same or slightly higher pricing.
Lack of stability doesn't sound good because that is the most important IMO.
What brand are you thinking of? I have tried to look at the low budget business market but haven't found any other brand that have a complete line-up. Ubiquity for example, only have a small subset of the routers that Mikrotik have and no software router.
The stuff we were working with was their entry level business class products.
Ubiquiti would be one I think. They are pretty stable though we do have issues with them when there's a fair amount of VLANs configured on the switches.
-
@PhlipElder Odd that you had stability issues. When properly configured I've never had any issues at all besides the occasional lightning strike back in the day on the PtP sites. When used in controlled environments they have world-class stability and reliability. At least that's been my experience with the 500+ that I've worked with.
-
@dmacf10 said in Mikrotik software firewall/router?:
@PhlipElder Odd that you had stability issues. When properly configured I've never had any issues at all besides the occasional lightning strike back in the day on the PtP sites. When used in controlled environments they have world-class stability and reliability. At least that's been my experience with the 500+ that I've worked with.
It's been a while, but they were primarily due to the site-to-site VPN going down and the occasional lockup.
There's always been "suspicion" around inexpensive products since we get what we pay for.
Ubiquiti is no less in the crosshairs of that suspicion with it being justified.
Once bitten, twice shy so really haven't looked back.
Are there folks that are running MicroTik now with no issues? It sounds like you are?
-
Mikrotik devices are usually very stable, rock solid. However, from time to time, there are serious problems with some models and it can take looooong time until they fix it. Last two fckups that I remember where problem with RB4011 disabling wifi interface for no reason and CCR2004 router rebooting on random. It took over a year in both cases to solve the problems.
-
I have seen them used in DC world. Though i myself do not have experience on them sorry
-
@PhlipElder said in Mikrotik software firewall/router?:
@dmacf10 said in Mikrotik software firewall/router?:
@PhlipElder Odd that you had stability issues. When properly configured I've never had any issues at all besides the occasional lightning strike back in the day on the PtP sites. When used in controlled environments they have world-class stability and reliability. At least that's been my experience with the 500+ that I've worked with.
It's been a while, but they were primarily due to the site-to-site VPN going down and the occasional lockup.
There's always been "suspicion" around inexpensive products since we get what we pay for.
Ubiquiti is no less in the crosshairs of that suspicion with it being justified.
Once bitten, twice shy so really haven't looked back.
Are there folks that are running MicroTik now with no issues? It sounds like you are?
Yeah cause the likes of Cisco have never had an issue like that.
-
@PhlipElder said in Mikrotik software firewall/router?:
There's always been "suspicion" around inexpensive products since we get what we pay for.
Ubiquiti is no less in the crosshairs of that suspicion with it being justified."You get what you pay for" is a standard marketing trick and is anything but true in IT, if anywhere in life. Routers are a key example, the most expensive brands are often crap and the cheapest, like Ubiquiti and Mikrotik, are some of the best. "You get what you pay for" mostly refers to getting hoodwicked by flashy "used car salesmen" who know when someone is unable to evaluate products and so uses price as a proxy because it's easy to not do due diligence.
Dealing with Cisco Meraki stability issues this week. At 1% of the fleet, it has more issues than the bulk of it. But isn't really a bad product, but certainly can't be considered in the same category as higher class (and cheaper) players.
-
The same sales tactic is used to sell expensive "you have to pay the vendor extortion rates for support" over open source products that are known to be far better for decades. It's probably the best known scam in our industry. And once people overpay and get too little, the vendor has customers over a barrel and they feel that they can't expose to management that they spent a fortune and got less than they would have gotten for cheap or for free. And so the spending spree continues because no one up the chain wants to expose what they've done.
-
@ITivan80 said in Mikrotik software firewall/router?:
I have seen them used in DC world. Though i myself do not have experience on them sorry
Being that human beings are imperfect anything we make will be imperfect.
It's a given that all products experience problems that need to be addressed.
It's also one of the main reasons why a red flag gets raised when vendors, especially the hyper-cloud sized ones, remain silent about any issues they've had.
-
@PhlipElder said in Mikrotik software firewall/router?:
It's also one of the main reasons why a red flag gets raised when vendors, especially the hyper-cloud sized ones, remain silent about any issues they've had.
that's a tough one because how do we know when they are being silent or not, or just have had fewer issues? It's hard to say.
-
@scottalanmiller said in Mikrotik software firewall/router?:
The same sales tactic is used to sell expensive "you have to pay the vendor extortion rates for support" over open source products that are known to be far better for decades. It's probably the best known scam in our industry. And once people overpay and get too little, the vendor has customers over a barrel and they feel that they can't expose to management that they spent a fortune and got less than they would have gotten for cheap or for free. And so the spending spree continues because no one up the chain wants to expose what they've done.
Open Source may be as vulnerable or more vulnerable to the SolarWinds style "attack":
https://www.theverge.com/2021/4/30/22410164/linux-kernel-university-of-minnesota-banned-open-source
No system managed and run by human beings is exempt from issues with the product nor the malicious behaviours of perps.
-
@scottalanmiller said in Mikrotik software firewall/router?:
@PhlipElder said in Mikrotik software firewall/router?:
It's also one of the main reasons why a red flag gets raised when vendors, especially the hyper-cloud sized ones, remain silent about any issues they've had.
that's a tough one because how do we know when they are being silent or not, or just have had fewer issues? It's hard to say.
Okay, I have a memory: A perp was running around Microsoft's CorpNet and snipping images of what they saw and posting them via Tw33ter or other social media platform. I did not save them, unfortunately.
So, have they been memory holed? Can you find them?
How about Microsoft's statement around the perps running around CorpNet after the SolarWinds fiasco? "Oh, they only saw not important code" or something to that effect. Has that been memory holed?
-
@PhlipElder said in Mikrotik software firewall/router?:
@scottalanmiller said in Mikrotik software firewall/router?:
@PhlipElder said in Mikrotik software firewall/router?:
It's also one of the main reasons why a red flag gets raised when vendors, especially the hyper-cloud sized ones, remain silent about any issues they've had.
that's a tough one because how do we know when they are being silent or not, or just have had fewer issues? It's hard to say.
Okay, I have a memory: A perp was running around Microsoft's CorpNet and snipping images of what they saw and posting them via Tw33ter or other social media platform. I did not save them, unfortunately.
So, have they been memory holed? Can you find them?
How about Microsoft's statement around the perps running around CorpNet after the SolarWinds fiasco? "Oh, they only saw not important code" or something to that effect. Has that been memory holed?
The reason I ask is because it seems to be the standard order of procedure to hide everything instead of coming clean and being forthright.
iNSYNQ, Maersk, Wolters Kluwer are three public situations. I know of plenty of not public ones that never got broadcast beyond those impacted. No news item, no mention anywhere.
So, what's up with that?
-
@scottalanmiller said in Mikrotik software firewall/router?:
The same sales tactic is used to sell expensive "you have to pay the vendor extortion rates for support" over open source products that are known to be far better for decades. It's probably the best known scam in our industry. And once people overpay and get too little, the vendor has customers over a barrel and they feel that they can't expose to management that they spent a fortune and got less than they would have gotten for cheap or for free. And so the spending spree continues because no one up the chain wants to expose what they've done.
Three cluster setups:
1: Cisco Small Business Pro series Gigabit and 10GbE
2: NETGEAR Gigabit and 10GbE
3: Ubiquiti Gigabit and 10GbE
4: Mellanox/NVIDIA 10GbE, 40GbE, 50GbE, 100GbEGuess which ones we've had the most grief with? Which one's the least?