<div dir="auto">pfsense. a quad core box can do all that and Snort on a gigabit connection easily. <br><br><div data-smartmail="gmail_signature">Sent from my mobile. Please excuse the brevity, spelling, and punctuation. </div></div><div class="gmail_extra"><br><div class="gmail_quote">On Feb 10, 2017 12:05 PM, "Dustin Priest" <<a href="mailto:dustin.h.strickland@gmail.com">dustin.h.strickland@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I'd go with the pfSense unit, personally, if for no other reason than I have experience with it and I know it will handle whatever I need it to do. No clue about the Edgerouter.<br>
<br>
<br>
On 2/10/2017 11:55 AM, Derek Atkins wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi,<br>
<br>
I got my fiber upgrade installed the other day and it looks like my poor<br>
Mikrotik router just can't keep up. When I connect my laptop directly<br>
to my AT&T router <a href="http://speedtest.net" rel="noreferrer" target="_blank">speedtest.net</a> gives me 500/950 (don't ask me why it's<br>
only getting 500 down -- I plan to ask). However, when I connect<br>
through my Mikrotik I get limited to about 150-200 up/down.<br>
<br>
So I'm looking to replace the Mikrotik, but looking for suggestions.<br>
The two options I'm considering at the moment are a Ubiquiti Edgerouter<br>
Pro 8 [0] for $316, or pfSense installed on a 4x1Gb quad-core celeron[1]<br>
with 8G RAM and 64G mSATA SSD for $310.<br>
<br>
My requirements:<br>
<br>
1) sustained 1Gbps throughput, even via NAT, tunnels, or other routing<br>
2) GRE tunnel support (used to tunnel my class-C network)<br>
3) IPIP (protocol 41) tunnel support (used for HE's IPv6 tunnelbroker)<br>
4) Some VPN solution (IPsec/OpenVPN/PPTP, for when I travel)<br>
5) IPv4 policy based routing so I can route my class-C over the GRE<br>
tunnel and my RC1918 network via NAT (I'm pretty sure everything<br>
does this)<br>
6) IPv6 policy based routing so I can have some machines on the IPv6<br>
tunnel and other hosts on an ISP-supplied IPv6 network and ensure<br>
packets get routed out the correct method. (my mikrotik doesn't<br>
support this!)<br>
7) Multiple IPs (both v4 and v6) on an interface (I run both my class-C<br>
and RFC1918 networks on the same LAN)<br>
<br>
What do you all think about these options? Which would be more likely<br>
to support my requirements?<br>
<br>
Thanks!<br>
<br>
-derek<br>
<br>
[0] <a href="https://www.amazon.com/Ubiquiti-Networks-Edgerouter-Router-ERPro-8/dp/B00IA5J8M8/ref=sr_1_1?s=pc&ie=UTF8&qid=1486741909&sr=1-1&keywords=edgerouter+pro" rel="noreferrer" target="_blank">https://www.amazon.com/Ubiquit<wbr>i-Networks-Edgerouter-Router-<wbr>ERPro-8/dp/B00IA5J8M8/ref=sr_<wbr>1_1?s=pc&ie=UTF8&qid=148674190<wbr>9&sr=1-1&keywords=edgerouter+<wbr>pro</a><br>
[1] <a href="https://www.amazon.com/dp/B01MEGSMRZ?psc=1" rel="noreferrer" target="_blank">https://www.amazon.com/dp/B01M<wbr>EGSMRZ?psc=1</a><br>
</blockquote>
<br>
______________________________<wbr>_________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org" target="_blank">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/li<wbr>stinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/li<wbr>stinfo</a><br>
</blockquote></div></div>