Hi. I'm looking for a wired router that is rack mountable and compatible with OpenWRT. It needs to support gigabit on WAN and LAN connections.
The Mikrotik RB2011iL-RM looks like it might be an option. However, the hardware page seems to show 19.07.10 as the "current" release. Are these devices still supported? Is there another brand/model I should consider?
This is a bit ambiguous, as having 1000BASE-T ports does not necessarily imply being able to route up to full wirespeed - and AR9344, as in the RB2011, cannot - not at all (~150 MBit/s max).
No.
You have basically given yourself the answer here already, x86_64 is an options - especially if you want to achieve 1 GBit/s line speed (and other high performance features, e.g. SQM, VPN).
Devices like these (the later ones in that thread, not the AMD jaguar based ones) might come in handy.
just to let you know, i have a 1Gbps/1Gbps Fiber, and the last time i used a RB2011 (with RouterOS) it was not able to download faster than 850Mbps if i remember well. i guess it will be worse with openwrt.
..
AR9344 in the TL-WDR4300 (albeit clocked at 560 MHz, vs 600 MHz in the rb2011) can achieve ~175 MBit/s in my testing, but it's very choppy and laggy (at 100% CPU utilization) - so the effective throughput needs to be lower (~150 MBit/s max.). These tests have been done with plain ethernet/ DHCP (no PPPoE, no SQM, no software flow-offloading). The OEM firmware uses proprietary hardware NAT of the AR8327N switch and can push those limits, but that only works for the easy cases - and is not available for OpenWrt (source is technically available, but no one has gone through the final bits and pieces to get it merged).
i'm pretty sure about what i'm saying, I did several speedtests and I was around 850Mbps.
btw someone else had the same result as me here :
https://forum.mikrotik.com/viewtopic.php?t=138895#p686529
I'm not questioning the results with hardware NAT enabled, just that hardware NAT isn't available for OpenWrt (and probably never will be). Just mentioning that AR9344 is quite dated (over a decade) by now and over its head for 1 GBit/s wirespeed.
Forget about qualcom hw accelerated packet processing in openwrt, only crapy mediatek got it - this is main reason why i droped openwrt from my home network gateway and use pfsense plus on nice supermicro gear, now i have all i need and with nice gui.With a ceiling accesspoints is same thing - cheap broadcom device work ten times faster than highly priced qualcom devices with ofw ...
I have gigabit internet and use a Nanopi R4S. It is able to operate at full speed, with SQM. WireGuard performance is also decent. They are very small and not rack mountable, but you could always just put it on a rack shelf.
If you opt for x86, make sure you buy something that will actually receive firmware updates. Exposing x86 hardware to the internet mandates that you stay on top of that. Personally, I only trust hardware that is supported by LVFS. In that regard, Dell are the best vendor, by far.
The usual suspects come to mind.
Trustwave TS-25
Cyberoam CR/15/25/35/(W)ing
Sophos SG and XG series
Barracuda F12a1
To name a few.
Some of those start at $25 used, on ebay, $50 new.
Thanks. I am actually looking at a NanoPi R6S. As you mention, it's not going to be rack mountable but a shelf will probably work.
Thanks for the list of ideas. Are all those OpenWRT compatible?
So, basically you're advocating pfSense over OpenWRT?
They're x86, OpenWRT runs on "all" x86.
@spuds1 I'm on a RB5009UG+S+IN and very happy with it but I haven't got near gigabit speeds. It's way more powerful than the RB2011iL-RM you're looking at though.
At this point it is supported entirely out of tree because of MikroTik's shenanigans (and those are plenty), but this PR might change that.
Thanks. That will be cool if the PR works out. Mikrotik has some interesting hardware. I have a couple of the RB750Gr3 routers. I think they are reasonably well supported but I haven't used them recently.