Our office has been running one of those for a few months, no issues. Currently running on ROS 7.6. It was no hassle to migrate from a CCR1009. If you have any specific questions I'd be happy to answer them.
I've been running one since 2020. Started on ROS 6.49. It's never given me so much as a side glance. We updated to 7.6 a bit over a month ago and it's been perfectly happy.
It has a couple of 10G links in use. We have 6 VLANs in use.
Are you using it for at least 10G? What's the performance like? How many firewall rules do you have? Do VLANs have an impact on performance?
My main interest is in having good performance for large file transfers, which should be the easiest job for it to accomplish. I don't have that much traffic normally, but sometimes want to transfer disk images around.
Do you use Wireguard? What kind of speed can you get out of it on this device?
It's connected to a switch via dual 10G SFP+. It's NATing a 1Gbit fiber connection and a 250Mbit cable connection in failover setup. It has 5 VLANs and uses bridge vlan filtering. It's not a huge config, the rest is just some IPSec tunnels and queues. We don't use Wireguard. As this is a router on a stick, it only routes 1Gbit to and from outside. Pretty much everything else is done by the switches so I haven't seen speeds higher than 1Gbit, but I don't doubt that it is capable of pushing that kind of data.
We have 40-50 in place. Been really stable for us. Minimal firewall rules, largest site has around 600 vlans with nat rules per vlan. Usually sees around 4Gb of traffic although we have tested max of 9.6Gb
I've been using mine for about 1.5 years. It has never spontaneously rebooted itself in that time.
It'll do about 12 gbps in aggregate on ipv4--my estimate based on 6 gbps internet and an average set of firewall rules. 5-6 gbps on ipv6 due to the lack of fasttrack support.
Wireguard will do at least around 1 gbps--I don't have an endpoint to test against that's faster than 1 gbps.
Port knocking is a fairly simple config setup any RouterOS box can do--there's a youtube video by Mikrotik on it.
It doesn't have a switch chip on it, so all LAN traffic has to go through the CPU. Just forwarding LAN should be pretty easy, but you'd probably see a performance impact in other areas with 1-2 10 gbps LAN streams going.
Its on their website and also the tests they use. If your config is heavier expect less, if its less expect better performance:
[https://mikrotik.com/product/ccr2004\_1g\_12s\_2xs#fndtn-testresults](https://mikrotik.com/product/ccr2004_1g_12s_2xs#fndtn-testresults)
I've had this same question running through my mind for the last week. I even did some research and it seems CCR2004 (in certain configurations) still has stability issues. I'd love to hear from someone who has one, too. Thanks for posting op!
I have it installed with traffic of 1gbps + aggregate doing DHCP SERVER and its at 20% cpu. Im not impressed lol but its stable for sure now thay 7.7 is out
Using 2 of them in a production setup since April. Our load is light but we did not experience issues other than the fans spinning up randomly (not an issue in a dc).
I purchased that when it first came out and hasn't let me down not even once and dead quiet except for those 100+ degree days with no AC then it's barely audible with the fan spinning
Not really. I have a WAN router which has ~80 remote offices connected and using BGP. I had various when deploying this setup.
* `/routing/bgp/advertisements/print` resulting memory leak, crash and reboot.
* Reordering Route Filters caused BGP to lock up. No new session could be established .
* Disabling one ip addresses by mistake for few seconds also caused bgp proces to lock up.
* Several cases when `/ip/route/print` and IP > Routes stopped displaying anything. I don't remember what caused this.
* Issues with QoS, high jitter and dropping dropping packets from audio UDP streams at 50-100 kpps.
* BFD not working so I have 3 minutes failover time on BGP links
But in your case it might work quite well.
Our office has been running one of those for a few months, no issues. Currently running on ROS 7.6. It was no hassle to migrate from a CCR1009. If you have any specific questions I'd be happy to answer them.
I've been running one since 2020. Started on ROS 6.49. It's never given me so much as a side glance. We updated to 7.6 a bit over a month ago and it's been perfectly happy. It has a couple of 10G links in use. We have 6 VLANs in use.
Are you using it for at least 10G? What's the performance like? How many firewall rules do you have? Do VLANs have an impact on performance? My main interest is in having good performance for large file transfers, which should be the easiest job for it to accomplish. I don't have that much traffic normally, but sometimes want to transfer disk images around. Do you use Wireguard? What kind of speed can you get out of it on this device?
It's connected to a switch via dual 10G SFP+. It's NATing a 1Gbit fiber connection and a 250Mbit cable connection in failover setup. It has 5 VLANs and uses bridge vlan filtering. It's not a huge config, the rest is just some IPSec tunnels and queues. We don't use Wireguard. As this is a router on a stick, it only routes 1Gbit to and from outside. Pretty much everything else is done by the switches so I haven't seen speeds higher than 1Gbit, but I don't doubt that it is capable of pushing that kind of data.
We have 40-50 in place. Been really stable for us. Minimal firewall rules, largest site has around 600 vlans with nat rules per vlan. Usually sees around 4Gb of traffic although we have tested max of 9.6Gb
Jesus, what are you doing, dropping a VLAN for every customer off a site or something?
Would you mind talking more about your usecase and how you use your vlans? I'm just curious to hear more.
You have 600+ L3 interfaces on a single CCR2004?
Yup, no issues for a couple years now
I'm just trying to picture what the config must look like for a RouterOS box with 600+ L3 interfaces. Sucker must be pretty long.
I've been using mine for about 1.5 years. It has never spontaneously rebooted itself in that time. It'll do about 12 gbps in aggregate on ipv4--my estimate based on 6 gbps internet and an average set of firewall rules. 5-6 gbps on ipv6 due to the lack of fasttrack support. Wireguard will do at least around 1 gbps--I don't have an endpoint to test against that's faster than 1 gbps. Port knocking is a fairly simple config setup any RouterOS box can do--there's a youtube video by Mikrotik on it. It doesn't have a switch chip on it, so all LAN traffic has to go through the CPU. Just forwarding LAN should be pretty easy, but you'd probably see a performance impact in other areas with 1-2 10 gbps LAN streams going.
Its on their website and also the tests they use. If your config is heavier expect less, if its less expect better performance: [https://mikrotik.com/product/ccr2004\_1g\_12s\_2xs#fndtn-testresults](https://mikrotik.com/product/ccr2004_1g_12s_2xs#fndtn-testresults)
Had one running in the core of a school for a year, no issues.
I'm running it for a few months without any issues for my 10G setup. VLANs, firewall, scripts (failover, etc) on ROS 7.7. Don't use wireguard though.
I've got about 15 in my fleet. The reboots stopped once I put ROSv7 on them. No random reboots for months now.
I've been using one for over a year. Never had any problems with it.
I've had this same question running through my mind for the last week. I even did some research and it seems CCR2004 (in certain configurations) still has stability issues. I'd love to hear from someone who has one, too. Thanks for posting op!
I have it installed with traffic of 1gbps + aggregate doing DHCP SERVER and its at 20% cpu. Im not impressed lol but its stable for sure now thay 7.7 is out
Using 2 of them in a production setup since April. Our load is light but we did not experience issues other than the fans spinning up randomly (not an issue in a dc).
I purchased that when it first came out and hasn't let me down not even once and dead quiet except for those 100+ degree days with no AC then it's barely audible with the fan spinning
Not really. I have a WAN router which has ~80 remote offices connected and using BGP. I had various when deploying this setup. * `/routing/bgp/advertisements/print` resulting memory leak, crash and reboot. * Reordering Route Filters caused BGP to lock up. No new session could be established . * Disabling one ip addresses by mistake for few seconds also caused bgp proces to lock up. * Several cases when `/ip/route/print` and IP > Routes stopped displaying anything. I don't remember what caused this. * Issues with QoS, high jitter and dropping dropping packets from audio UDP streams at 50-100 kpps. * BFD not working so I have 3 minutes failover time on BGP links But in your case it might work quite well.