Was there a consensus on a better 10g router than the one listed or other hardware to consider?
Just covering my bases!
Mikrotik RB5009UG+S+IN can do 9-10gbps for $220 of routing performance with a few firewall rules. Though it drops performance drastically when going down to smaller packet sizes (lacks raw CPU grunt). This ones is the most “cisco like” in how many settings and options and setup requirements you have.
Alta Labs Route10 ($200 but requires additional $150 hardware controller) will do 10gb with firewall rules and various features enabled, as long as you stick to features it has hardware acceleration for. This one has 25gbps total up/down simultaneous throughput and 10gb IDS/IPS performance. Extremely fast and especially at its price point. This is the fastest router of the 3 options im listing in this post.
Cloud Gateway Fiber ($280) will do 10gb with firewall rules and various features enabled, but only 5gbps with traffic inspection turned on. Hardware controller required but is built in to this router so no extra cost.
Route10 and Cloud Gateway Fiber are more GUI based and less of the “more complicated” options. The Route10 does have a CLI though and a way to make CLI changes survive reboots. Cloud Gateway Fiber does not really have a CLI, but does have more GUI options than Route10 and actually now has just about every routing type option you would want.
Thank you for the information.
Not familiar with alta labs thou!
Just to add to the observed issues with my current router.
Past 2 - 3 days I’ve had to reboot the router twice due it detecting that the wan nic connection has been disconnected. It has not. a reboot and look at that the connection is back!
Alta Labs is trying to be “the next Ubiquiti”. Some of the founders are both former Ubiquiti employees as well as a co-founder of pfsense. They still have a long way to go on refining their features and product portfolio, but they are moving quickly and have quite a few good options for home and homelab users now.
Ahh. I’ll give their stuff a look see then. No harm in looking!
These 3 items are on order:
Cisco Nexus N3K-C3172TQ-10GT 48x 10GbE RJ45 +6x 40Gb QSFP+ Port 1U Switch
I’ve also got rackmout ears and a rj45 to use console cable on order for the cisco switch so I can start configuring it.
Anyone know where I can get the firmware for the cisco switch without having to try and get a cisco subscription just to get the firmware?
2 Likes
Most of the equipment ordered has come in. I have the new ap and router installed and working. I Don’t know if I have all the setting set correctly as there is a lot of setting I’m not use to setting. Any suggestions / tips?
Depends - what are you looking for? Which of these things are you trying to set up?
Should I enable / upgrade these 2 items:
Zone-Based Firewalls in UniFi
Upgrade to CyberSecure by Proofpoint
Not sure I’m getting the full 2gb connection from my isp to my network. the speed test on the router says yes and the speed test on my pc says no. the lan connection is thru an sfp+ port and the wan connection is thru a rj45 port. not sure if this makes a difference.
I’m sure I’ve got other questions to ask / should be asking as I go thru the new router.
Cybersecure by Proofpoint isn’t really needed for home use. You can enable zone based firewalls if you want. I kind of just changes the layout from the old style. Makes it a little easier to manage the firewall rules and traffic flow.
2 Likes
Ahh … thank you for that!
Crowdsec is a nice free alternative to cybersecure if you want a bit of IP filtering in addition to what unifi has to offer.
*edited for spelling
Since the original goal of this upgrade is to learn how to do networking more, I guess the first question on whether to change to Zone Based Firewall or not is: Do you have experience making firewall rules and for VLANs already? They are pretty much all the same on every firewall from all manufacturers so you may already know this stuff. If not, then I would leave the firewall without the zone based and learn that way since it is more common and the “old school” way of making rules. If you already know how to do those rules and all of what the LAN In, LAN Local, Internet In, etc. mean, then switch to zone based firewall and learn that after.
I’ve made a couple of vlans thru the unifi ap i had before and that’s it. had to recreate them with the new ap and that went fine. I was familiar with knowing that I had used vlans in corporate offices and it’s basically to separate the traffic into groups with certain access rights to do certain stuff on the network and to allow more devices onto the same network (or at least one trick in doing so.).
Figured out the slow speeds. turns out I needed to plug the cable from the wan into the sfp+ port and plug the lan cable into 1 of the 2.5 gb ports to get the correct speeds apparently. Will get a dac for going from the new router to the switch and then see how fast I learn getting that up and running.