The official Ubiquiti Devices Q&A Thread

skyw4lk3r

Well-Known Member
Joined
Apr 2, 2020
Messages
192
Please stay away from the RB4011. I'm not saying it because I'm a "hater", I'm saying it because my RB4011 is not exactly the best router out there from Mikrotik. At the price point its good, but if you don't need a single 10Gb port (there is only one) you are better off with just a Hex S or RB750Gr3. If you really need 10Gb and you have a 10Gb switch you are better off with a CCR1036 (Can't remember if the CCR1016 has a variant with two sfp+ ports)
Just bought the RB3011 second hand.. How does it compare with the other options?
Bit confusing that the cheaper router fairs as well as something much higher in price
 

powermzii

Expert Member
Joined
Jun 4, 2007
Messages
4,860
I just sold my UDM Pro , unfortunately it couldn't do bandwidth limits for wired clients, nor per vlan. So with a voip setup needing guaranteed bandwidth it wasn't up to the task. Still using unifi APs and switches with a cloud key, the switching and APs are great , but the routing doesn't have the features needed for business.
What did you switch to? No pun intended
 

skyw4lk3r

Well-Known Member
Joined
Apr 2, 2020
Messages
192
Well I don't know how to configure it lol, but at least we have some capable mikrotik approved consultants on their website who are willing to do the job.
 

Genisys

Honorary Master
Joined
Jan 12, 2016
Messages
11,017
Just bought the RB3011 second hand.. How does it compare with the other options?
Bit confusing that the cheaper router fairs as well as something much higher in price
The RB3011 is a decent router. Some reports of flapping network ports on them but otherwise very stable routers, lots of memory and just great overall. The RB4011 has more processing power but the RB3011 will still do Gigabit speeds.
 

PsyWulf

Honorary Master
Joined
Nov 22, 2006
Messages
12,433
Just bought the RB3011 second hand.. How does it compare with the other options?
Bit confusing that the cheaper router fairs as well as something much higher in price
Mikrotik's own testing for pure ethernet transfer caps the 3011 out at ~780Mbps
The 2011 goes to ~130Mbps
4011 ~2800Mbps
 

PsyWulf

Honorary Master
Joined
Nov 22, 2006
Messages
12,433
Nvm, saw your post above

Are you finding that the Tik can do what you wanted, i.e. Bandwidth management per vlan for wired drives
As long as you are specific with your queues setup and bind them correctly to the interfaces,and not skipping rules with some Fastpaths anywhere unexpectedly you can hard-limit things very efficiently
One error many people make is not change the Queue Type to PCQ as well
1617815969050.png
 

powermzii

Expert Member
Joined
Jun 4, 2007
Messages
4,860
As long as you are specific with your queues setup and bind them correctly to the interfaces,and not skipping rules with some Fastpaths anywhere unexpectedly you can hard-limit things very efficiently
One error many people make is not change the Queue Type to PCQ as well
View attachment 1048565
A bit of a thread derail, maybe we should move these to the Tik thread. Was also running queues when i still had LTE but since i got fibre havent needed to
 

ItherNiT

Senior Member
Joined
Jan 31, 2011
Messages
746
Any of you guys running cloudflare warp/wireguard on a vlan?

I tried setting it up over the weekend but didn't have any luck.
 

ItherNiT

Senior Member
Joined
Jan 31, 2011
Messages
746
So I got it working. Created corporate network with VLAN 40 (IP 192.168.40.0/24). Installed the WireGuard adon added the json file to retain settings with restarts and BAM!

Here is the json config file:
JSON:
{
    "firewall": {
        "modify": {
            "SOURCE_ROUTE": {
                "rule": {
                    "10": {
                        "action": "modify",
                        "description": "Wireguard",
                        "modify": {
                            "table": "10"
                            },
                            "source": {
                                "address": "192.168.40.0/24"
                                }
                    }
                }
            }
        },
        "source-validation": "disable"
    },
    "interfaces": {
        "ethernet": {
            "eth1": {
                "vif": {
                    "40": {
                        "firewall": {
                            "in": {
                                "modify": "SOURCE_ROUTE",
                               "name": "LAN_IN"
                                }
                        }
                    }
                }
            }
        },
        "wireguard": {
            "wg0": {
              "address": [
                "192.168.40.1/32"
              ],
              "mtu": "1420",
              "peer": {
                "******Insert peer public key here******": {
                  "allowed-ips": [
                    "0.0.0.0/0"
                  ],
                  "endpoint": "engage.cloudflareclient.com:2408"
                }
              },
              "private-key": "****Insert here****=",
              "route-allowed-ips": "false"
            }
          }
        },
    "protocols": {
        "static": {
            "table": {
                "10": {
                    "interface-route": {
                        "0.0.0.0/0": {
                            "next-hop-interface": {
                                "wg0": "''"
                                }
                            }
                        }
                    }
                }
            }
        },
    "service": {
        "nat": {
            "rule": {
                "5004": {
                    "description": "masq to vpn wg0",
                    "destination": {
                        "address": "0.0.0.0/0"
                        },
                    "outbound-interface": "wg0",
                    "type": "masquerade"
                }
            }
        }
    }
}
 

TedLasso

Expert Member
Joined
Feb 23, 2016
Messages
2,469
Any of you guys running cloudflare warp/wireguard on a vlan?

I tried setting it up over the weekend but didn't have any luck.
Can I ask what the benefit of this is? Does it mean all traffic from that LAN is automatically sent via a VPN tunnel or similar?
 

ItherNiT

Senior Member
Joined
Jan 31, 2011
Messages
746
Can I ask what the benefit of this is? Does it mean all traffic from that LAN is automatically sent via a VPN tunnel or similar?

All my traffic from vlan is router through the VPN. I have a wifi network for that vlan and route my mibox through that so I get great speeds to my Plex server in EU. That being said I max out my usg3p's cpu at 60mbps.
 

TedLasso

Expert Member
Joined
Feb 23, 2016
Messages
2,469
All my traffic from vlan is router through the VPN. I have a wifi network for that vlan and route my mibox through that so I get great speeds to my Plex server in EU. That being said I max out my usg3p's cpu at 60mbps.
Ok cool. But isnt Plex traffic secured by default, I am certain on my server it's configured only to allow secure remote connections. Some of my friends connect to my plex server and now I am hoping it's all secured.
 

TedLasso

Expert Member
Joined
Feb 23, 2016
Messages
2,469
All my traffic from vlan is router through the VPN. I have a wifi network for that vlan and route my mibox through that so I get great speeds to my Plex server in EU. That being said I max out my usg3p's cpu at 60mbps.
Ok cool. But isnt Plex traffic secured by default, I am certain on my server it's configured only to allow secure remote connections. Some of my friends connect to my plex server and now I am hoping it's all secured.
 

ItherNiT

Senior Member
Joined
Jan 31, 2011
Messages
746
It should all be secure, I have my plex behind a traefik docker container so I can only access it from plex.domain.com, so all my plex traffic is routed through a CDN. Sometimes the connection gets a bit flaky, and CF warp+ helps to get great speeds.
 
Last edited:

medicnick83

Paramedic
Joined
Aug 23, 2006
Messages
20,728
Morning all, question - I can't seem to see the user usage anymore...
Have i missed a setting or what?
Under clients - just connected time/duration.
Insights it only shows me wifi scanner
 

ItherNiT

Senior Member
Joined
Jan 31, 2011
Messages
746
Morning all, question - I can't seem to see the user usage anymore...
Have i missed a setting or what?
Under clients - just connected time/duration.
Insights it only shows me wifi scanner
On what version is your controller software? Also are you using the new UI or old UI?
 

TedLasso

Expert Member
Joined
Feb 23, 2016
Messages
2,469
Controller Version 6.1.71

New UI it seems... But there is no option to even include the data anywhere.
I think it's under this : system settings / site

Another thing possibly is that your log retention is very short which means it's not saving anything Screenshot_20210513-080356.jpg
 
Top