MikroTik CRS518-16XS-2XQ Management
Management is very similar to what we have seen from other MikroTik CRS series switches. We used RouterOS up to 7.6 for this one. For some, MikroTik has a CLI, and that will be the primary management interface. Still, that is not the defining feature of the CRS518’s management.
Instead, MikroTik offers GUI tools, that are great for power SMB users that may not want to learn the MikroTik CLI, but also want to configure a number of different services. WinBox supports the CRS518. For those who are not familiar, WinBox is a desktop tool to manage MikroTik switches.
Beyond WinBox, there is also a WebFig management interface. This offers largely the same options as the WinBox interface, but is cross platform and does not require additional software.
Here we can see the Marvell 98DX8525 switch chip as well as the Qualcomm Atheros 8227 management processor.
These days we might expect a switch to have basic capabilities like VLANs and such. RouterOS on the CRS518 goes well beyond that. One can do things such as setting up a bandwidth test server, setting a DHCP or NTP time server, or even things like setting up a WireGuard VPN via the GUI.
To us, the powerful GUI management sets this switch apart from many of the SMB peers. Also the fact that one does not need a controller or another box to manage the switch makes it even better. This goes far beyond other switches in its class.
Something that is missing from this switch, which we see on other CRS series switches, is support for SWOS, MikroTik’s switch-focused OS. While we think most users will user RouterOS anyway, it is just a bit of inconsistency in the MikroTik lineup that sometimes these are dual-OS devices.
Next, let us discuss performance.
MikroTik CRS518-16XS-2XQ Performance
In terms of performance, we loaded all of the 100GbE and 25GbE ports up connecting them to several lab machines and ran iperf3. Doing that, we were able to get just under 1Tbps of aggregate bandwidth across the ports without tuning. This is certainly well beyond a 10GbE class of switch.
MikroTik has better test gear than we have (although we are working on a new FPGA-based test platform), and here is its performance figures:
These results are good for this class of switch. MikroTik offers L3 hardware acceleration on this switch as well, but that is one we are hoping to be able to test with the new setup in 2023.
There are a number of features like PFC that help to increase overall cluster performance that are not on this switch. It feels about right to say this is the level of performance for someone looking to build a 25GBE / 100GbE network but without the need for a lot of higher-end features.
Next, let us discuss power consumption.
Rohit, thanks for the review. Do either this switch or the CRS504-4XQ-IN support stacking?
Oof, they went with a MIPS BE CPU core which essentially means no protection against exploiting the software. This practically means that if you have any means to getting into the heap or the stack (including crafted packets to the data plane that go up to the management plane for flow setup) is game over security-wise for this management processor.
Considering the CRS504-4XQ-IN has 4x 100G (or 16x 25G) ports, it seems quite expensive to double the price in order to get 16x 25G plus 2x 100G ports. If you say both units give you 16x 25G plus 2x 100G for $800, then with the unit reviewed here you’re paying another $800 again for an extra eight 25G ports, but no additional 100G ports.
I’m also not sold on Mikrotik’s quality control. The first switch I bought (a CRS309) made a funny hiss and died immediately when I first connected PoE power to it, so I had to get it exchanged for another one. Recently after waiting for months I finally got hold of an RB5009Upr+S+IN which didn’t power up at all over PoE, and it turned out that there was a mistake in their datasheet and it only supports passive PoE on all but one port, not 802.3af like it was advertised as (they’ve now corrected this). So I had to return that for a refund but of course lost money on the shipping. So not very impressed with them at the moment.
Also there’s an Easter egg in the last line of this article, it says “Mirko” instead of “Mikro”.
No mention or testing of MLAG?
It would be really great to see a dedicated article testing inter-vlan routing speeds across different switches…near as I can tell nothing short of enterprise-grade gear can do inter-vlan routing at 10g speeds or higher.
Some of Unifi’s gear advertises itself as L2+ and supporting inter-vlan routing but what it DOESN’T say is that throughput is significantly reduced for traffic crossing VLANs. Hardware from TP-Link’s Omada series does the same thing…
I would love to see this added to the standard STH test suite for switches and, as I said above, an article dedicated to the topic.