So my trusty EdgeRouter LITE died a sad death recently. No data on the console and the ethernet ports flash green and then stick amber. This of course meant this site was down for a few days.
This is a 3 port router. Each port handles 1 Gigabits of traffic. It’s perfect for connecting your ISP with your LAN with a spare port left over. This is a router for technical people, it’s not for others as the setup is tricky. The Web UI is very dated but functional. It’s good enough to get things going. For more exotic things like say a VPN you need to use the command line and use the custom configuration tool.
Internally the CPU is a dual MIPS64 Cavium Octeon with 512Mb RAM and more importantly a removable USB drive which houses the OS. Which means we can put any OS on we want :) I had a lot of fun working on NetBSD with this, making things tick for MIPS64 and the exotic 64-bit kernel with 32-bit userland compat gunk.
But as a performance router, anything other than the stock OS is a bad choice as you then forgo Hardware Offloading which is a massive hit. I get 200mbs down with my ISP, but with NetBSD I was only getting about 80mbs. You have been warned.
So anyway, it died. I was sad. No shop sold a new ERLite either! I replaced it with a Unify Security Gateway which ironically enough is the same hardware as the ERLite, just in a different casing.
The USG is the one with the bright blue square at the top. And yes, my cable management is lacking!
The big difference between the ERLite and the USG is the software. The ERLite runs EdgeOS you need to configure it on the router directly. The USG needs to be setup by a Unify Controller which is a Java application that can be hosted anywhere. I of course host mine on my NetBSD server! You can also use a smartphone application as a controller or even better - talk to your existing one so you don’t leave the sofa. Now, you only need the controller for setup, you don’t need to leave it running all the time unless you’re interested in collecting metrics of your network over time.
I already used the controller to manage my UAP-AC-Pro for quite a while so I’m quite used to it. The Web UI is always being improved and it’s the most reliable Wireless Access Point I’ve ever had. Once you use this, nothing else will simply do! For reliable home use anyway. I can play football with the kids on the common land next to my house and still enjoy good wireless!
Anyway, the USG integrates with this. First off the bat, don’t use the beta interface. Unlike the UAP, the USG setup is poor here as the firewall setup is in two places which is odd. Also, there is an issue setting up IPv6 with a tunnel related to the firewall. Using the classic setup with the v6 controller you can do pretty much all this aside from the tunnel.
As on the ERLite, my IPv6 tunnel needs to be setup on the commandline. This time around, I used a provisioning script to setup the tunnel AND the needed parts in the firewall for it just incase I use the beta screens again.
Coupling the USG with the Unify 8-Port Managed Gigabit Switch and my UAP-AC-Pro wireless point I get nice metrics on the Unify Controller about the state of my network. And I do like a good network :)
But what about the performance? Well, here’s the interesting part. Even though it’s the same hardware I consistently hit my ISP limits a lot more than with the ERLite. I would like to think it’s due the the software it runs as it’s different, but it’s also likely to be some configuration issue on my part. Or it could have been a sign that the ERLite was already failing somehow. Either way, I’m very very happy with this!
Now, this is not a cheap setup. However, because I self host, I cannot use my ISP’s router. So this is my solution, mainly due to being burned with useless access poinst over the years and I just went with Ubiquiti from there. The company itself basically sells near enterprise level devices at SOHO prices making itself very attractive to people like me.