MikroTik – Enterprise level routers for the masses

Hello evreyone,

It’s been a while since my last post. I’ve been very busy at work.

I’ve just got my first MikroTik equipment few days ago, a RB751G-2HnD router.
More about that later, first of all, for those of you that never heard of MikroTik: MikroTik is a Latvian company manufacturing network equipment. Their products vary between switches, routers and WiFi equipment.
These equipment runs either SwOS (for the switches) or RouterOS (for everything else).

One more thing worth mentioning is that they sell both enclosed products (which are the routers/switches/access point you are familiar with) and bare boned mother boards to fit with modules – meaning you can “build” your custom router.

I never liked the SOHO routers sold on the stores for home use, they’re never reliable. Up until now I’ve used a Debian box with two NICs – one for the ISP (WAN) and one for the LAN.
That box was doing everything from routing to DNS/DHCP services (actually, it does more than that, but that’s the functionality I’ve replaced with my MikroTik). The only functionality I was relying on specialized hardware for is the WiFi – a 3COM wireless router (don’t even remember the product exactly) functioning as an access point.

For those of you who gonna jump and say “why don’t you use DD-WRT or <other_opensource_router_firmware_here>?” I’ll answer: it’s never reliable. I’ve actually ordered a DD-WRT mega from eBay to give it a shot, still, my Debian box was irreplaceable.

What I would’ve liked the most is a Cisco 800 series router as my home router, but these are way more expensive than I’m willing to pay for something not mandatory.
Then, I’ve heard about MiroTik, a router so simple, so powerful and yet so cheap. I bought my router for 76USD – it has 5 Gigabit Ethernet ports, a USB port and 30dBi/1W 802.11b/g/n WiFi. It’s probably the cheapest MPLS capable router out there.

This router supports the regular routing protocols (OSPF, BGP, RIP), it has a built-in firewall, it supports IPv6, OpenVPN (which came out kind of disappointing, but more on that later), Hotspot, Bonding, VRRP and the list goes on and on… A more complete list can be found on their Features Wiki Page.
No doubt, a powerful piece of equipment.

First time plugging it in, connecting the computer (set as a DHCP client) and navigating with the web browser to http://192.168.88.1/. A page with a few links appears:

As you can see, there are several ways you can configure this router:

1. Winbox – a native Windows application
2. Webfig – web based UI
3. Telnet/SSH – access to the CLI

Although I’m a CLI kind of guy, playing with the RouterOS once on a virtual machine (it can run on a computer as well!), the CLI was kind of intimidating and had nothing similar to everything I’m used to (Linux, IOS, JunOS). When it comes to non-friendly CLIs, I prefer using the GUI and then checking the changes it made to the config file – figuring out how to achieve the same purpose using the CLI.
My choice was Winbox. Clicking the link downloads winbox.exe, executing it shows the routers it auto discovers (something cool about that, it can even communicate with the router if you screwed it’s IP settings up – it uses broadcast for communicating with such a router). Logging in with the username admin revealed the Winbox UI:

Clicking on a menu item pops up a window for configuring that functionality.

Playing around with it, I found where to configure everything I wanted: NAT (including some port forwarding), DHCP, DNS server, WiFi and OpenVPN.
Everything was straight forward, I pronounce the Winbox application as the first router UI that worth something.

The OpenVPN part was disappointing. Being one of the reasons I purchased this router, the OpenVPN feature lacks some important functionality: it doesn’t support LZO compression and UDP.
Sometimes, you don’t control both ends of the VPN and you are dictated to use specific parameters.
According to MikroTik’s forums, there’s also a problem with pushing routes to the clients (something that I haven’t tested yet).

Other than the OpenVPN issues I haven’t found anything that isn’t perfect with this router. I absolutely love it!

If you are a networking freak I would most definitely recommend buying one. There are other models that are cheaper (for example, without WiFi and with Fast Ethernet instead of Gigabit Ethernet ports).

Omri.