router died...and the winner is..

Mackintire

2[H]4U
Joined
Jun 28, 2004
Messages
2,957
So my watchguard firebox PFsense router died yesterday from multiple power surges.
Puffs of black smoke and all..

This was only meant to be a temporary router, until I decided what I wanted next. I 've been trying to decide if I want a Zyxel Zywall 110 or a Ubiquiti Edgerouter. I wasn't ever able to find out if the Zywall would be able to run my desired QOS and traffic rate limiting requirements.

And so the winner is: an Ubiquiti Edgerouter POE. Amazon Prime says it'll be here by Wednesday.

In the meantime I 'm running on an old Hotbrick LB2-VPN
http://www.guru3d.com/articles_pages/hotbrick_lb_2_load_balancing_router,1.html

WAN-LAN 35Mbps MAX
100,000 concurrent connections.

It's old, slow and very outdated but It is quite secure. I'd forgotten how snappy the interface is.

The VPN capability ridiculously slow by today's expectations and so will not be used.

So I will continue running down nostalgia lane for the next couple of days and let you know my personal experiences after I get everything setup.
 
Last edited:

diizzy

2[H]4U
Joined
Nov 6, 2008
Messages
2,602
You mean this?
http://www.amazon.com/Ubiquiti-ERPR...qid=1397423695&sr=1-2&keywords=edgerouter+pro

..or?

http://www.amazon.com/Ubiquiti-Netw...qid=1397423695&sr=1-1&keywords=edgerouter+pro

If you want the most bang for the buck the ERLs are kinda expensive since you can get Baytrail-platforms very cheap nowdays and its not a speed-king by any means...
erl_openvpn.png

//Danne
 
Last edited:

diizzy

2[H]4U
Joined
Nov 6, 2008
Messages
2,602
That would be the same as the 3-port except POE and 2 more ports (same CPU etc).
//Danne
 

Mackintire

2[H]4U
Joined
Jun 28, 2004
Messages
2,957
Pretty much...

I'm going to use a L3 switch behind it to router my local traffic.

Probably an SG300-20 or something similar.
 
Last edited:

diizzy

2[H]4U
Joined
Nov 6, 2008
Messages
2,602
In a home network it would seem that you could spend money on something else more fun than networking... ZyXEL GS1910-24 would do fine (its about 120$ cheaper too), what would you need a L3-switch for at home out of curiosity?
//Danne
 

Red Squirrel

[H]F Junkie
Joined
Nov 29, 2009
Messages
9,211
Why not just build a new PFsense box? Get a 1U Supermicro Atom box, nice and cheap and is rackmount. No redundant PSU though but it's one thing I typically can live without especially for a non storage box.

I have an old core2duo box running pfsense but if ever it dies I'll probably go the 1U Atom route.
 

/usr/home

Supreme [H]ardness
Joined
Mar 18, 2008
Messages
6,160
Why not just build a new PFsense box? Get a 1U Supermicro Atom box, nice and cheap and is rackmount. No redundant PSU though but it's one thing I typically can live without especially for a non storage box.

I have an old core2duo box running pfsense but if ever it dies I'll probably go the 1U Atom route.

Because it uses a hell of a lot less power and is just as powerful.

I have 3 Layer 3+ switches just because I can. Why not? I do it for a living.
 

Mackintire

2[H]4U
Joined
Jun 28, 2004
Messages
2,957
I have a pile of cisco switches for my CCNA lab, but none of them are 1Gbit. I can tinker with the SG300 and see how its features compare while learning something.

It has 802.11az so it won't hit me in the wallet...it has a lifetime warranty.

I will drive it into the ground if it doesn't break.

I just despise being limited.

Also want to see if the community support for the edgerouter is better than PFsense. For an $185 investment, how can I lose.

I also still plan on grabbing a Zyxel USG 50 or higher for cheap by next spring. The USG lineup is scheduled for replacement and once those arrive the older models will be discounted. I 'll buy it just for the web based accelerated SSL VPN.

A USG50 can run SSL VPN at over 15Mbps with no issue, so that's the current plan.
 
Last edited:

diizzy

2[H]4U
Joined
Nov 6, 2008
Messages
2,602
The http://www.msi.com/product/ipc/MS98E3.html isn't much more but it will certainly get bulkier but have much better processing power than the ERL boxes. These retails about 85-90$ bucks here but it'll still be around twice as expensive.

Doing a fast calculation based on the above the ERL can do about 15mbit OpenVPN but after that you'll need something more powerful.
//Danne
 

Mackintire

2[H]4U
Joined
Jun 28, 2004
Messages
2,957
From what I see on the ubiquiti forum. Firmware 1.5 will place the framework for the VPN gui.

If the weight and quantity of discussions are an indicator of what 1.6 will have, I'd bet on a cleaned up QOS with gui framework.
 

Ehren8879

Supreme [H]ardness
Joined
Sep 24, 2004
Messages
4,464
The edgerouter seems like a slick device, but getting WAN IPv6 with prefix delegation functioning looks like a pain.
 

Mackintire

2[H]4U
Joined
Jun 28, 2004
Messages
2,957
It's here. I haven't installed it yet, but I did update it.

Most of what I want to do revolves around QOS which is in fairly sad state on these devices.

I saw we had confirmation that Ubiquiti has it listed as a very high priority after this next pending release.

So I expect it may be is better shape by Christmas.

In the meantime I 'll install it and see what works and what doesn't. I may possibly make a go at prioritizing the small ack packets when the upload is saturated and seeing what that brings me.

I also find it annoying that by default Eth0 is DMZ, Eth1 is WAN and Eth2 is LAN.
So I'll probably change that to WAN, DMZ, LAN.
 
Last edited:

diizzy

2[H]4U
Joined
Nov 6, 2008
Messages
2,602
I've bugged a few people about QoS on FreeBSD so hopefully it'll be in shortly :)
//Danne
 

Mackintire

2[H]4U
Joined
Jun 28, 2004
Messages
2,957
Its online now.

This is the snappiest router I have ever used, of that there is no doubt.

The routing speed is no joke, this is the real deal.

I'll be evaluating other aspects of its behavior/performance has time passes.
 

Grentz

Fully [H]
Joined
May 5, 2006
Messages
17,256
Love my ERL. I have the non-PoE version.

It is fast, easy to work with, and does its job without complaint. While the GUI is not complete, it has most of the necessary stuff. I too am waiting for better QoS options/GUI control.

I came from a Zyxel USG50 and the inter-VLAN routing is WAYYY better with the ERL. Ridiculously better in fact.
 

iroc409

[H]ard|Gawd
Joined
Jun 17, 2006
Messages
1,385
I picked up an ERL and got it running last weekend. Took a little getting used to Vyatta's commands and the GUI is still a bit rough. However, it works fantastic. Quieter than the PC I had running Sophos, and a lot less power. May look into a BSD in the future, but wanted to try out EdgeMax first.
 
D

Deleted member 12106

Guest
My ISP is using ERL on the towers. I'd like to play with one but honestly just don't have the time. I bought a 4 node server for my home lab that I 1/2 way updated the bios/bmc on and now it just sits :(
 

Mackintire

2[H]4U
Joined
Jun 28, 2004
Messages
2,957
Love my ERL. I have the non-PoE version.

It is fast, easy to work with, and does its job without complaint. While the GUI is not complete, it has most of the necessary stuff. I too am waiting for better QoS options/GUI control.

I came from a Zyxel USG50 and the inter-VLAN routing is WAYYY better with the ERL. Ridiculously better in fact.

FYI...I'll be in the market for a Zyxel USG 50 later this fall.
 
Top