Home Lab Network Redesign With Mikrotik Routers

I currently have two cable connections from Virgin Media coming into my house due to some annoying contract problems while moving.

I originally had one line on the 60 Mb/s package, and the other on 100 Mb/s, but when Virgin Media upgraded me to 120 Mb/s I downgraded the 60 Mb/s line to 30 Mb/s to reduce costs.

Since I got into this strange arrangement with Virgin Media, I have been using two separate routers for the connections. A Cisco 1841 Integrated Services Router on the 30 Mb/s line, and a Cisco 2821 Integrated Services Router on the 120 Mb/s line, but I found that I wasn’t able to max out the faster line using the Cisco 2821 ISR. Looking at Cisco’s performance sheet, the Cisco 2821 ISR is only really designed to support lines of up to around 87 Mb/s, and that’s without NAT!

So it was time to upgrade! Initially I wanted to get a faster Cisco router, but looking at the second generation ISRs, it’s a bit too expensive for a home lab!

I did actually upgrade all my 7204 VXRs to have NPE-400 modules, which according to the performance sheet should do around 215 Mb/s, but the 7204s are extremely loud, so I only switch them on when I am playing with them.

A few of my friends have mentioned good things about Mikrotik routers, so I figured since a new Cisco ISR isn’t possible, I’ll give Mikrotik a chance. I ended up buying two RouterBOARD 2011UAS-RM from WiFi Stock.

To integrate the the RB2011UAS-RM boxes into my network, I decided I was going to restructure my network a bit. I will be making a series of posts discussing my re-designed network.

My goals for the redesign were as follows:

  • The RB2011UAS-RM boxes will only function as edge routers, encapsulating traffic in GRE tunnels, and that’s all.
  • There will be a link between both edge routers, with a BGP peering for redirecting traffic should one of my lines go down.
  • They will have GRE tunnels to all my dedicated servers/VPSs.
  • I will use Quagga on all dedicated servers, and VPSs outside my network to create BGP peerings with my edge routers.
  • I wanted to route all my internet out of a server I currently have hosted with Rapid Switch, so BGP on the RapidSwitch machine will have to push down a default route.
  • I wanted to use a Cisco ASA 5505 Adaptive Security Appliance as a firewall between the edge routers and the rest of my internal network.
  • I recently bought a Cisco 2851 Integrated Services Router, which I will use as a “core” router.
  • I wanted as much redundancy as possible.

In my next post I will create a diagram of what I will be doing, and discussing the setup of the server I have hosted at RapidSwitch.

As I have never used Mikrotik routers before, I will also attempt to document my experiences of RouterOS so far as I go along.

Posts in this series

Related Posts