I've found some of their documentation to be very poor. For example, some of their routers have a physical button labeled MODE. They simply do not document what it is configured to do by default anywhere.
Yeah, agreed. I ran into a few cases where the documentation is either outdated or incomplete - for example, references to using "?" that no longer apply in RouterOS v7, without any mention of the change.
It is especially hard with scripts, which you might learn in part 2. I've had bad experiences with scripts breaking between version upgrades. Easy if you keep up with it, but making a big version jump might give you some troubleshooting. I haven't loved the syntax, but it gives you a lot of power. I had one network I was admining where a user was intentionally bypassing our filtering by swapping which router was plugged into the Internet. He thought it was clever, but he neglected to turn off the intended router. So I wrote a script that ran every minute which watched for the WAN interface to go down, if it went down, it dropped the wireless interfaces and started using them to scan for active wireless networks nearby, and was able to confirm which user and device was active when it happened. It worked nicely. The follow-on which I didn't do because the user finally admitted what he was doing and stopped, was to attempt to connect our router as a client to the intruder network, which I suspected I knew the password for, to give us WAN connectivity again and a VPN interface inside the intruder network.
I standardized on Mikrotiks a decade or so ago due to the power you get for the price. They give you all the power to shoot your foot off if you don't know what you're doing, but that also means if you do know what you're doing you have great hardware for the price. I probably reset my first one 3 or 4 times the first time I set it up due to various mistakes (DON'T disable the default user before you have a new user account created), but it was a lot of fun to learn.
Sadly, it's hard to compete with Mikrotik, since Ubiquiti abandoned the EdgeMax line. The only thing that comes close is VyOS on an inexpensive small x86 computer. They definitely know this and they have a complete stranglehold on the Wireless ISP (WISP) market, along with some developing markets.
What's special about the MikroTik? On a glimpse the specs seem similar enough to other widely available open devices like the GL.iNet GL-MT6000 (Flint 2). I am not familiar with the MikroTik devices so I might be missing something obvious.
I'm not familiar with GL.iNet devices, so we'll hopefully meet in the middle.
I appreciate Mikrotiks after buying my first ~10 years ago because they ship basically the same OS on everything from the smallest dongle (WiFi router roughly the size of a matchbox) to large core routers (not large large core, but large enough that small ISPs can easily use these). You have tons more functionality than most SOHO routers offer. It basically seems like Cisco-level configuration at half the price.
For the same price as the GL-MT6000, you can have a RB2011UiAS-2HnD-IN with 10 ports (5 GB, 5 FE) and an SFP cage. Admittedly, that model only has 2.4GHz Wifi onboard, but I actually don't use its Wifi, I have multiple WAPs running together using CAPSMan to basically serve them all from the central router, the SFP cage was more important to me. I believe it should be good up to 10Gb optics (I always toyed with but never got around to pulling in optical in my house).
The GL-MT6000 looks more oriented to a single-router home, with a lot of Wireless devices, which is just not my use case. I have a central router, then some switches and WAPs to cover the ground I want to and have more control over what talks where.
MikroTik is an amazing piece of hardware and software. I've used it for a few years before moving to alternatives, however if I ever need to setup a router without a hassle or recommend anything good and cheap, or tell a friend what router to check if they want to tinker with it a bit - it's always MikroTik
I've been using Mikrotik for home and homelab since 2009 or so when I replaced DDWRT/Tomato on Linksys and Netgear and minipc's running OpenBSD or NetBSD with multiport NICs. I later used their kit at a small office with two remote locations. It works great, it's cost-effective, it's reliable, but you're definitely accepting the price and capability vs. time and frustration trade-off when you buy into them and that makes it hard to recommend unless you like that (I do, I suspect a lot of us do).
One also needs to step away from the WebUI after initial setup-- WinBox and the TUI are the best way to configure it until you get a CAPSman setup working (and maybe even after)-- and delve in the documentation and forums, then follow the changes and discussions. Coming from a Cisco background helps but things are done just differently enough to make getting it right the first time difficult. I keep older kit around to test configs before applying because I don't do it often enough and it's frustrating finding the info you need. Also features arrive when they arrive with no communication and it's usually a good idea to wait for a following release or two before using them.
If you have AT&T Fiber keep in mind you will need to do extra setup to essentially pretend to be the ISP’s equipment (yoinking a cert from your unit, another unit, or buying one from a guy on eBay who does the same thing)
hjvt | 15 hours ago
I've found some of their documentation to be very poor. For example, some of their routers have a physical button labeled MODE. They simply do not document what it is configured to do by default anywhere.
[OP] setevoy | 15 hours ago
Yeah, agreed. I ran into a few cases where the documentation is either outdated or incomplete - for example, references to using "?" that no longer apply in RouterOS v7, without any mention of the change.
thesnarky1 | 8 hours ago
It is especially hard with scripts, which you might learn in part 2. I've had bad experiences with scripts breaking between version upgrades. Easy if you keep up with it, but making a big version jump might give you some troubleshooting. I haven't loved the syntax, but it gives you a lot of power. I had one network I was admining where a user was intentionally bypassing our filtering by swapping which router was plugged into the Internet. He thought it was clever, but he neglected to turn off the intended router. So I wrote a script that ran every minute which watched for the WAN interface to go down, if it went down, it dropped the wireless interfaces and started using them to scan for active wireless networks nearby, and was able to confirm which user and device was active when it happened. It worked nicely. The follow-on which I didn't do because the user finally admitted what he was doing and stopped, was to attempt to connect our router as a client to the intruder network, which I suspected I knew the password for, to give us WAN connectivity again and a VPN interface inside the intruder network.
I standardized on Mikrotiks a decade or so ago due to the power you get for the price. They give you all the power to shoot your foot off if you don't know what you're doing, but that also means if you do know what you're doing you have great hardware for the price. I probably reset my first one 3 or 4 times the first time I set it up due to various mistakes (DON'T disable the default user before you have a new user account created), but it was a lot of fun to learn.
Look forward to part 2.
kazaii | 11 hours ago
Sadly, it's hard to compete with Mikrotik, since Ubiquiti abandoned the EdgeMax line. The only thing that comes close is VyOS on an inexpensive small x86 computer. They definitely know this and they have a complete stranglehold on the Wireless ISP (WISP) market, along with some developing markets.
jrc | 10 hours ago
Don't forget these guys https://pcengines.ch/apu2.htm
cultpony | 10 hours ago
PCEngines’ APU2 is going EOL, so I don’t think this is viable long term.
kazaii | 9 hours ago
I haven't seen these in a long long time.
donio | 4 hours ago
What's special about the MikroTik? On a glimpse the specs seem similar enough to other widely available open devices like the GL.iNet GL-MT6000 (Flint 2). I am not familiar with the MikroTik devices so I might be missing something obvious.
thesnarky1 | 37 minutes ago
I'm not familiar with GL.iNet devices, so we'll hopefully meet in the middle.
I appreciate Mikrotiks after buying my first ~10 years ago because they ship basically the same OS on everything from the smallest dongle (WiFi router roughly the size of a matchbox) to large core routers (not large large core, but large enough that small ISPs can easily use these). You have tons more functionality than most SOHO routers offer. It basically seems like Cisco-level configuration at half the price.
For the same price as the GL-MT6000, you can have a RB2011UiAS-2HnD-IN with 10 ports (5 GB, 5 FE) and an SFP cage. Admittedly, that model only has 2.4GHz Wifi onboard, but I actually don't use its Wifi, I have multiple WAPs running together using CAPSMan to basically serve them all from the central router, the SFP cage was more important to me. I believe it should be good up to 10Gb optics (I always toyed with but never got around to pulling in optical in my house).
The GL-MT6000 looks more oriented to a single-router home, with a lot of Wireless devices, which is just not my use case. I have a central router, then some switches and WAPs to cover the ground I want to and have more control over what talks where.
I hope this helps!
rplacy | 10 hours ago
MikroTik is an amazing piece of hardware and software. I've used it for a few years before moving to alternatives, however if I ever need to setup a router without a hassle or recommend anything good and cheap, or tell a friend what router to check if they want to tinker with it a bit - it's always MikroTik
ThatsInteresting | 10 hours ago
I've been using Mikrotik for home and homelab since 2009 or so when I replaced DDWRT/Tomato on Linksys and Netgear and minipc's running OpenBSD or NetBSD with multiport NICs. I later used their kit at a small office with two remote locations. It works great, it's cost-effective, it's reliable, but you're definitely accepting the price and capability vs. time and frustration trade-off when you buy into them and that makes it hard to recommend unless you like that (I do, I suspect a lot of us do).
One also needs to step away from the WebUI after initial setup-- WinBox and the TUI are the best way to configure it until you get a CAPSman setup working (and maybe even after)-- and delve in the documentation and forums, then follow the changes and discussions. Coming from a Cisco background helps but things are done just differently enough to make getting it right the first time difficult. I keep older kit around to test configs before applying because I don't do it often enough and it's frustrating finding the info you need. Also features arrive when they arrive with no communication and it's usually a good idea to wait for a following release or two before using them.
Edit: fix typo
dubiouslittlecreature | 8 hours ago
If you have AT&T Fiber keep in mind you will need to do extra setup to essentially pretend to be the ISP’s equipment (yoinking a cert from your unit, another unit, or buying one from a guy on eBay who does the same thing)