What's new

Newbie questions about Ubiquiti EdgeRouter Lite (ERLite-3)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

MartinPC

New Around Here
I regret having to make this kind of post in a forum of specialists -- it's punching *way* above my weight -- but I'm at kind of an impasse. I'm one of those guys who has no formal training in computers but who knows more about them than his friends and who tries to help out from time to time. I'd say I'm an "okay-ish" amateur Windows administrator; I can usually figure out a solution to most problems, but I'm particularly ignorant about networking.

I have a friend with a small home Ethernet network. (He doesn't do wireless at all.) As the speeds of his Internet service and computers have increased, his old router (a 10/100Mbps NETGEAR FR114P Cable/DSL ProSafe Firewall) has become a severe bottleneck in WAN and LAN throughput. On Internet speed tests, he gets ~50Mbps when connected directly to the modem and only ~2Mbps when connected via the router. His FreeFileSync computer-to-computer file transfers via the router top out at around 6Mbps, with 7200rpm SATA3 drives. (Sorry; I didn't think to test FreeFileSync transfer speeds with a direct computer-to-computer Ethernet connection while I was at his place.) Throughput actually seems to have gotten worse in the past couple of months, and I wonder if his Netgear router might be failing or have gotten corrupted in some way...

Regardless, I'm thinking it's time for him to upgrade to a decent gigabit firewall/router and a gigabit switch, and the Ubiquiti EdgeRouter Lite (ERLite-3) seems like a promising candidate for the router. To a networking newbie, however, the ERLite-3's setup looks pretty daunting, so I have some questions:

(1) Will I need a console (rollover) cable to do the setup, or will a regular Ethernet cable suffice?

(2) Would using a console cable make initial set-up or subsequent tweaking easier in any way?

(3) My friend's computers do not have DB9 ports. If I need a console cable, exactly what kind of DB9 adapter do I need? Male USB to Female DB9?

(4) Once it is set up, can the ERLite-3's configuration be exported and, in the event of a router hardware failure, easily restored to a replacement ERLite-3?

(5) Are the wizards that come with firmware 1.7 adequate to set up the ERLite-3 for a SOHO network with a decently performing SPI firewall?

(6) Will a beginner like me be able to set up the ERLite-3 using only the wizards (and, possibly, the GUI)?

(7) If setup is too difficult for a networking newbie, do you have any recommendations for a more consumer-friendly router with decent (and *reasonably* future-proof) throughput and good firewall features? The router must be wired-only or have a WiFi radio that can be fully disabled. My friend doesn't need the content-filtering, anti-spam, or even router-level anti-virus features found in most UTM packages (but he'd probably be happy to have intrusion prevention and detection).

Here's some background on my friend's network set-up, usage, and priorities:

* He has nominal 50Mbps downstream / 5Mbps upstream broadband Internet service, with a dynamically assigned IP address, but his cable modem can handle over 300Mbps downstream and his Internet service package may well increase in speed at some time over the coming few years.

* He doesn't use VPNs; he doesn't game; he doesn't run a server, WAN-accessible or otherwise; he Skypes; he will probably use streaming video services like Netflix and Amazon Prime in the near future; he doesn't currently have a smart TV but *conceivably* could in the future; he doesn't have any Internet of Things devices; he doesn't currently have any NAS devices and I don't see a clear need for one in the future, given his current setup.

* He has two recent, fairly powerful Windows 7 computers between which he syncs data and certain configuration and backup files in real time (using FreeFileSync); he may add a third computer in the future.

* He has three networked multifunction printers (with different features and capabilities) and he is likely to add a networked high-speed page scanner in the near future.

* He tends to keep his gear until it fails or becomes clearly inadequate, so he buys with an eye to future-proofing, which in this case would mean anticipating a possible doubling or tripling of his Internet service speeds, on the WAN side, and eventual replacement of mechanical drives with SSDs, on the LAN side. (He currently has 4TB drives that he maintains bootable clones of, and replacing them with SSDs is economically unfeasible for now.)

* Performance/throughput is important, but security, minimization of downtime, and ease of administration, maintenance, and recovery are even higher priorities. He's a music teacher, not a computer hobbyist, and I've tried to set up his system so that it requires minimal user intervention and tweaking.

* WiFi is out of the question.

* Budget is an issue. He's not going to drop $800 on a router and $250 a year on UTM subscriptions.

* His current download speeds and streaming media performance are driving him nuts!

Any answers, tips, or feedback at all would be much appreciated!
 
You can set up the ERLite with just a static IP on Eth0
Set your PC to 192.168.1.100
Log in to 192.168.1.1
Update it to 1.7 and off you go with the wizards.

From what you are telling us though you will also need a switch.
DO NOT USE THE ERLite as a switch.

If you want a managed switch
try the HP 1620-8G or Linksys LGS308

For unmanaged the tried and true netgear GS108 works fine.
 
I really appreciate your taking the time to respond. Your answer gives me more confidence to give the ERLite-3 a shot. I realized I would need a switch, and I appreciate your specific recommendations for those as well.
 
You can use the ERLite as a switch as it has hardware acceleration but i wouldnt recommend the router itself unless it uses flash base storage for OS and doesnt have issues after updates. With the ERLite it can perform wirespeed bridging of ports but there arent really many ports for you to bridge with it. The edgerouter series has a web and ssh interface so theres no need for complicated console setups.

The ERLite has a NAT throughput of between 800-1300Mb/s so it is not good for symmetrical gigabit internet which requires 2Gb/s of NAT throughput. Among mikrotik, ubiquiti and pfsense, pfsense is actually the easiest to configure, mikrotik is the hardest but the most flexible hardcore router while ubiquiti is flexible in a sense that you can use it as a dual core MIPS server since it runs debian packages compiled for MIPS64. The embedded routers like ubiquiti and mikrotik quote layer 3 routing but not NAT. NAT is much slower than routing since all routing do is forward packets using ip address just like a switch but using ip address such as routing between segments and such. ISPs use these numbers but not normal internet users.
 
I have tested an ER3 with the NAT masquerade and SPI firewall enabled to 1890mb/s at 512 packet size.
This was between two Xeon e5-2690v3 based servers. The servers were connected to an HP 2920 switch on a 10gbe card over SFP+ DAC.
The first server was tagged on VLAN 10 with the second tagged on VLAN 20. The ER3 was connected to eth0 (WAN) to port 2 (VLAN 10) on the switch. Eth1 (LAN) was connected to Port 4 (VLAN 20).
Bother servers were running CentOS. The tests were done using iperf.
 
I have tested an ER3 with the NAT masquerade and SPI firewall enabled to 1890mb/s at 512 packet size.
This was between two Xeon e5-2690v3 based servers. The servers were connected to an HP 2920 switch on a 10gbe card over SFP+ DAC.
The first server was tagged on VLAN 10 with the second tagged on VLAN 20. The ER3 was connected to eth0 (WAN) to port 2 (VLAN 10) on the switch. Eth1 (LAN) was connected to Port 4 (VLAN 20).
Bother servers were running CentOS. The tests were done using iperf.

Did you happen to try 1500 or 1492 packet size?
 
Did you happen to try 1500 or 1492 packet size?
Yes, I did 1392 as well. All three were a bit higher but not by much.
I do remember it was not 100% wirespeed (patching from one port of the switch out to another got me that confirmation) but def above 95%.
 
Sounds pretty good. Maybe I should have bought one.

I found a Cisco RV320 cheap cheap so I am now debugging it for Cisco. It will not work with my layer 3 switch structure. I am waiting for a firmware fix. But it got me thinking about building a router VLAN structure for my layer 3 switch. This way the router VLAN does not have to share the broadcast domain with other devices and can just process traffic for the router. This will end up being a high speed internet VLAN only so to speak.
 
Sounds pretty good. Maybe I should have bought one.

I found a Cisco RV320 cheap cheap so I am now debugging it for Cisco. It will not work with my layer 3 switch structure. I am waiting for a firmware fix. But it got me thinking about building a router VLAN structure for my layer 3 switch. This way the router VLAN does not have to share the broadcast domain with other devices and can just process traffic for the router. This will end up being a high speed internet VLAN only so to speak.
I wouldnt hope for a fix, despite the fact that both use the same CPU. It took ubiquiti a lot of effort just to get the firmware stable for it. If cisco were to put the same effort it would make the cisco rv very expensive.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top