- Up to 300Mbps Wireless Data Rates
Flexible but difficult configuration 03/19/2014
Extremely flexible configuration. Any ethernet port can be connected to any network, be it WAN or LAN. Multiple WAN uplinks are possible, and their use can be conditionally specified in RouterOS firewall for load balancing. This also includes the wireless radio, which can serve as an access point, bridge or station for uplinking to another wireless network. Wireless can be fine tuned to use frequencies below the public 2.4 GHz ISM band (with appropriate license) at manually specified Tx power up to the strong 27 dBm. Mikrotik devices can use the NV2 protocol among them for increased speed and security.
Router is managed from Winbox, a special utility, which runs on any Windows version and is supplied on the router itself, telnet, SSH, and Web browser. All confugration interfaces have a similar layout. I am primarily using Winbox because its GUI is clear and responsive, and a telnet terminal for CLI access can be opened within Winbox at any time. This is useful to set some options not exposed via the GUI, such as changing of MAC addresses, or to export lengthy configuration parameters, such as firewall rules, for reference or loading into another unit.
RouterOS includes advanced diagnostic tools, such as Packet Sniffer, Ping, Traceroute, IP scanner, Wireless frequency scanner, connections monitor, which run from the router's perspective are handy for troubleshooting problems.
The throughput of the device is high, and depends on the number of active firewall rules. It will range between 150 and 300 MBit/s. The two sets of ethernet ports can be separately switched together, and will then work at wire speed without loading the CPU. I've reached 900 MBit/s over Cat 5E. By default only the Fast Ethernet ports are switched. Activity of each port in a switch group can still be monitored.
Thermal management of the unit is good. The 600 MHz Atheros AR9344 CPU and the AR8327 switch have decent heatsinks. Wide range of accepted power voltage (8-28 V). Configuration changes don't require a reboot, except overclocking and firmware upgrade.
Strong Cons are few. No 5 GHz radio transceiver and expansion slot for one, to use the less crowded band. This is partially compensated by the ability to select custom frequencies, but then all devices must be able to broadcast on those.
Setup requires itermediate knowledge about IP networking. The RB2011 comes with a default configuration where WAN is on ether1, radio disabled, remaining ethernets bridged as one subnet, which will get basic connectivity. But this setup might not be optimal, such as if the uplink is only 100 MBit, or admin wants to power the device by PoE not in the uplink. Port forwarding is also difficult.
Activity LEDs are not near network interfaces, and blink at a lower frequency than normal with NICs, which makes it more difficult to see and pinpoint activity. The design of the red plastic front panel feels cheap, especially around LEDs and the micro-USB port. The blue power LED is too bright making it difficult to see the green programmable activity LED next to it.
Socks 4 proxy instead of Socks 5. Micro-USB is too tiny and fragile.
I've been using RouterBoard products for several years. My first RB532A from 2007 is still in working condition, but doesn't quite meet the performance demands of today. These devices hardly ever need rebooting or reset if working properly. As another reviewer put it, the RouterBoard is a real geek's router for those who are eager to learn, or a professional device. No functionality is deliberately locked down. But the CPU and RAM limit the number of functions that can be active simultaneously. The online wiki manual for RouterOS is easy to understand, as it uses clear technical language, and doesn't hide behind marketing buzzwords. The manual gives examples as telnet commands, which are closely mirrored in the menus of GUI tools.
I always start configuring a Mikrotik with Winbox, and don't bother with the Web UI. If connected directly to a PC, or via an L2 switch, WinBox can access the router by MAC even if IP addresses are not set up correctly. In the RB2011, I started with disabling the default firewall rules, and enabling WinBox MAC server on all interfaces, to avoid locking myself out from the router. The chosen WAN ports can be secured later.
The Web UI is useful for monitoring traffic or system resources. I always enable that via Graphing, and disable webUI configuration access for all users (including full/admin) to harden security.
The touchscreen is helpful for monitoring Wlan activity and CPU usage. To execute drags/swipes on the resistive touchscreen, one must press hard on it for the whole duration of the drag. I also set the touchscreen to read-only in WinBox to prevent accidental changes to the configuration.
The RB2011 was tested upgraded with RouterOS v6.10.
4 people found this review helpful. Did you? Yes / No Thanks for the valuable feedback you provided!