Adventures in Networking: MikroTik Edition

The deficiencies we’ve listed with respect to Ubiquiti Networks’ not-quite-ready-for-prime time Dream Machine Pro resulted in the proverbial straw that broke the camel’s back. Although some of the errata may (hopefully) be addressed this month for the even more neglected Dream Machine, we can say with certainty that problems experienced within the community are not isolated events. Whether it involves the internet disconnecting randomly, network freezes for firewall rule modifications or other missteps that don’t occur with consumer-grade equipment, the product stack and reliability of its underlying code base brings into question the strategic direction of this organization.

In discussions with peers, they bought into the UniFi ecosystem when the company was more serious about appealing to the enterprise markets. The days long-term support releases coexisting alongside stable, release candidate and beta firmware has been replaced with a mess of updates that require updates for the update. Enabling default opt-in data collection policies for unannounced telemetry and following that up with releasing not-ready-for-production products is a slap in the face to customers that helped the company gain its current position in the market. To follow up the misstep of the UDM Pro with the product that the community actually wanted (aka the UNG UXG-Pro) inspired us to see how the other side lives.

Prior research on all things MikroTik had recurring themes related to comprehension of network concepts, some period of time being required to get acclimated with the multiple management methods and the robust nature of RouterOS. The initial ingestion of information available in the company’s forums, wikis and other fairly solid sources of information may be overwhelming. However, it’s rewarded with incredibly well thought out and purpose-optimized gear at very reasonable costs. In a fairly close to comparable configuration, the $1800 USD worth of UniFi gear that comprised our network has been replaced with $650 worth of MikroTik gear. In this process, we’ve actually gained additional 10Gb network connectivity through additional SFP+ ports on the switch.

This up-front cost savings does incur a back-end cost related to time to set things up correctly. Advanced filtering and firewall rules, development of VLANs, creation of address pools and the unique nature of the CAPsMAN wireless management platform requires a level of care versus the more graceful and automated provisioning and allocation processes within the UniFi ecosystem. While there is a Safe Mode available within Winbox to test scripts and changes prior to application, individuals who throw caution to the wind and operate with a “real people test in production” mentality may ultimately lock themselves out of the hardware. We’re expecting to go live with the new setup this weekend. The side benefit of this endeavor is that a few lucky people are going to be able to get their hands on some gently used UniFi gear at a nice price.