Dark mode
USA
Catalog   /   Computing   /   Networking   /   Routers & Firewalls

Comparison MikroTik RB5009UG+S+IN vs MikroTik RB4011iGS+RM

Add to comparison
MikroTik RB5009UG+S+IN
MikroTik RB4011iGS+RM
MikroTik RB5009UG+S+INMikroTik RB4011iGS+RM
Compare prices 1Compare prices 6
TOP sellers
Main
Runs the RouterOS v7 L5 operating system. Passive cooling. An optional rack mounting kit is available. Multiple power options, PoE, external adapter and 2-wire external connection. Ports reassignable WAN/LAN.
Typerouterrouter
Mountrack-mountrack-mount
Ports
Connections
Ethernet
optics (SFP/SFP+)
Ethernet
optics (SFP/SFP+)
Fast Ethernet5 pcs
Gigabit Ethernet7 pcs5 pcs
2.5 Gigabit Ethernet1 pcs
SFP (optics)1 pcs
SFP+ (optics)1 pcs
USB ports1
Console port
Features
Control
SSH
Telnet
Web interface
SNMP
 
Telnet
Web interface
 
Basic features
DHCP server
load balancing
channel reservation
port forwarding
МАС address cloning
VPN
DDNS
DHCP server
load balancing
channel reservation
 
 
 
 
Hardware
CPU88F7040AL21400
CPU cores44
CPU speed1.4 GHz1.9 GHz
RAM1 GB1 GB
Flash memory1 GB512 MB
Security
Security
MAC address filtering
DoS protection
web content filtering
DMZ
 
 
 
 
PoE
PoE (input)802.3af+
PoE (output)+
General
PSUexternalexternal
Power consumption14 W
Operating temperature-40 °C ~ +60 °C-40 °C ~ +70 °C
Dimensions (WxDxH)220x125x22 mm228x120x30 mm
Added to E-Catalogjanuary 2022june 2019

Fast Ethernet

The number of standard RJ-45 network connectors of the Fast Ethernet format, provided in the design of the device.

Fast Ethernet is the most modest of the wired connection formats over a twisted-pair network cable in our time - it provides data transfer rates up to 100 Mbps. Nevertheless, even this speed is often enough for relatively simple tasks that are not associated with large amounts of data.

As for the number of connectors, it corresponds to the number of network devices that can be connected to the "switch" directly, without the use of additional equipment.

Gigabit Ethernet

The number of standard Gigabit Ethernet RJ-45 network connectors provided in the device design.

As the name suggests, these connectors provide data transfer rates up to 1 Gbps. Initially, Gigabit Ethernet was considered a professional standard, and even now the real needs for such speeds arise mainly when performing special tasks. Nevertheless, even relatively inexpensive computers are now equipped with gigabit network adapters, not to mention more advanced technology.

As for the number of connectors, it corresponds to the number of network devices that can be connected to the "switch" directly, without the use of additional equipment. At the same time, it is worth noting that in some "switches" individual connectors of this type are combined with optical SFP or SFP +. Such connectors are marked "combo" and are taken into account both when counting RJ-45 and when counting SFP / SFP +.

2.5 Gigabit Ethernet

The number of standard network connectors RJ-45 format 2.5 Gigabit Ethernet, provided in the design of the device. These ports are backwards compatible with lower speeds. This type of ports can be used in conjunction with NAS servers or, for example, with routers that support Wi-Fi 6/6E, where this format has also become widespread.

SFP (optics)

The number of optical network ports of the SFP standard provided in the design of the device. We emphasize that we are talking about "ordinary" SFPs; SFP+ data is usually listed separately.

Specifically, in switches, the marking “SFP” usually means a connector for fiber with a connection speed of 1 Gbps. Technically, this is not much compared to RJ-45 speeds; however, this connection format has a number of advantages. One of the main ones is a greater effective range: the mentioned gigabit standard works with a cable length of up to 550 m, and by the standards of optical fiber, this is still very little. True, the cable itself is sensitive to kinks and requires quite delicate handling; on the other hand, it is completely immune to electromagnetic interference. On the other hand, in general, the SFP format is noticeably less popular in network equipment than RJ-45; therefore, there are few ports of this type even in advanced devices ( 1 port or 2 ports, less often more). It is also worth considering that there may be so-called combo connectors that combine SFP and RJ-45; the presence of such ports is specified in the notes, they are taken into account both in the calculation of RJ-45 and in the calculation of SFP.

SFP+ (optics)

The number of SFP+ optical ports provided in the device design.

The general advantages of fiber optics over regular Ethernet cables are longer communication ranges and insensitivity to electromagnetic interference. Specifically, SFP+ is a development of the original SFP standard; Such connectors operate at a speed of 10 Gbit/s as standard. As for the number of such ports, despite all its advantages, optical fiber in network equipment is still used quite rarely and most often there is only 1 port(less often 2 ports or more). It is also worth considering that there may be so-called combo connectors that combine SFP+ and RJ-45; the presence of such ports is specified in the notes; they are taken into account both when calculating RJ-45 and when calculating SFP+.

USB ports

The number of USB ports provided in the design of the router. USB is a universal interface used in computer technology to connect peripheral devices for various purposes. One of its uses is to connect a 3G modem (if provided, see “Data entry (WAN-port)”), but this is not limited to this: in fact, the options for using USB ports directly depend only on the capabilities specified in the router firmware. So, in some models, you can connect a flash drive or an external hard drive to this connector — to update the firmware or even organize an FTP server directly on the router. And for other peripherals — printers, cameras, etc. — USB connection can be used to work as network devices (however, such functions are rare in standard firmware).

Console port

The presence of a console port in the router. This connector is used to control the device settings from a separate computer, which plays the role of a control panel — a console. The advantage of this format of operation is that access to the functions of the router does not depend on the state of the network; in addition, special utilities can be used on the console that provide more extensive capabilities than a regular web interface or network protocols (see "Management"). An RS-232 connector is often used as a console port, but in modern routers this role can also be played by a separate Ethernet input (not used for any other purpose).

Control

Management methods and protocols supported by the router.

SSH. Abbreviation for Secure Shell, i.e. "Safe shell". The SSH protocol provides a fairly high degree of security, because. encrypts all transmitted data, including passwords. Suitable for managing almost all major network protocols, but requires a special utility on the host computer.

Telnet. A network management protocol that provides configuration via a text-based command line. It does not use encryption and does not protect transmitted data, and is also devoid of a graphical interface, which is why in many areas it has been supplanted by more secure (SSH) or more convenient (web interface) options. However, it is still used in modern network equipment — in particular, as a means of managing FTP servers.

Web interface. This function allows you to open the router's management interface in a regular Internet browser. Thus, to access the settings, you do not need special software — just a regular computer or even a smartphone / tablet is enough (modern mobile browsers are close to desktop ones in terms of capabilities).

SNMP. Abbreviation for Simple Network Management Protocol, i.e. "simple network control protocol". It is a standard part of the common TCP/IP protocol on which both the Internet and many local networks are built. I...t uses two types of software — "managers" on control computers and "agents" on managed computers (in this case, on a router). The degree of security is relatively low, but SNMP can be used for simple management tasks.

Note that this list is not exhaustive — some routers have other, more specific management capabilities (such as the EEM event manager in Cisco devices).

Basic features

The basic capabilities of the router — that is, the functions directly related to the work for the main purpose. The most common of these features are DHCP server, load balancing, link reservation, port forwarding, MAC address cloning, VPN and DDNS support. Here is a detailed description of each item:

— DHCP server. A feature that makes it easy to assign IP addresses to devices connected to the router. An IP address is necessary for correct operation in TCP / IP networks (and this is the entire Internet and the vast majority of modern “local sites”). In the presence of DHCP, this process can be carried out completely automatically, which makes life much easier for both users and administrators. However, the administrator can also set additional DHCP options — for example, specify a range of available IP addresses (to prevent errors) or limit the time of using one address. If necessary, you can even manually enter a specific address for each device on the network, without automatically adding new devices — DHCP also simplifies this procedure, as it allows you to carry out all operations on the router without delving into the settings of each subscriber device.

— Load balancing. A feature found on models that have two or...more channels to connect to the Internet (and other external networks); most often these are two or more WAN ports, but there is another option — one port, supplemented by support for 3G / 4G mobile networks. Anyway, the idea of balancing is to use several channels for external connection at the same time, dividing the load between them in one way or another. This allows you to increase the efficiency of the connection, achieving maximum data transfer speeds and at the same time avoiding unnecessary congestion. For example, a channel for online games can be separated from the rest of the connection, minimizing lags and reducing the likelihood of failures. As for load distribution, it can be either automatic (when the router itself determines the optimal channel for each device, depending on the current traffic consumption), or manual (when specific channels are prescribed for different network devices, applications, or even types of traffic).

— Channel reservation. Another feature related to the simultaneous use of several channels to connect to the Internet (or other external network). In redundancy mode, the router constantly uses the main channel (or several channels) for external connection, and in case of failures on this channel, it automatically switches to the spare (spare). This relieves the administrator of the need to manually organize the connection when the main connection fails; and the spare channel works only when it is indispensable, which in some cases allows you to avoid unnecessary costs. A typical example of working with redundancy in everyday life is the use of a wired Internet connection as the main channel and a 3G / 4G modem as a spare; although, of course, other, more specific options are possible.

— Port forwarding. The ability to redirect traffic from the router's own ports to the address of a specific computer (or other device) on the local network. When working in this mode, such a computer “outside” will look like it is connected to the Internet directly, without a router. This mode may be needed to use some specific functions — for example, working in HTTP server mode or participating in P2P networks.

— Cloning the MAC address. The ability to copy the MAC address of one of the devices connected to it to the router — so that when accessing the router, it is the address of this device that is visible, and not the router itself. The MAC address is a unique identifier assigned to each device with a WAN port. And the need to clone this identifier arises from the fact that some Internet providers use not only a login / password, but also the MAC address of a specific computer connected directly to the network to authenticate users. If, however, such a computer is supplemented with a router, then the provider's equipment will see a new, unfamiliar device, and will not give access to the network. Cloning the MAC address allows you to fix this situation as quickly and simply as possible.

— VPN support. Support for the VPN function of the router — virtual private networks. One of the key principles behind this feature is the transmission of encrypted data over open networks, primarily the Internet. A VPN is used mainly in two formats:
  • Creating virtual networks based on an Internet connection. Thus, it is possible, for example, to combine branches of one company located in different cities or even countries into one logical network. At the same time, thanks to traffic encryption, the entire network remains closed to outsiders, although data is transmitted over an open channel. For this format, devices of the Firewall type (see "Type") are mainly used, while such a device actually plays the role of a VPN server.
  • Internet connection through an external VPN server. The functions of such a server are in many ways similar to a proxy: it serves as an "intermediary" in the exchange of traffic and replaces the user's IP address with its own address. The latter, in particular, allows you to bypass regional restrictions: nowadays, servers with IP addresses related to almost any country in the world are available. However, a VPN server, unlike a proxy, additionally encrypts the traffic transmitted to the user — this, again, has a positive effect on security and privacy. This mode is also available in regular routers.
Note that the connection to the VPN server can also be “raised” on individual devices on the network (for example, through tools in some Internet browsers). However, using this feature on a router is often more convenient: you only need to set up a VPN once, you don’t have to fiddle with options for each individual subscriber, and any network device can use such a connection (including those that do not have their own VPN tools) . On the other hand, the connection speed when working through a VPN can drop noticeably, and enabling and disabling this feature on a router is usually more difficult than on user devices.

— DDNS. Short for Dynamic DNS — "dynamic DNS". This feature allows you to assign a permanent domain name to a device with a dynamic IP address. A domain name is the name of a device on the local network or the address of a site on the Internet (for example, m.ua or e-katalog.ru). An IP address is service information in the form of a digital code; it is thanks to her that network equipment can find the desired device and issue the required data from it. Actually, IP is the primary network "coordinates"; however, remembering addresses as a sequence of numbers is quite difficult, so domain names appeared — they are much more convenient for a person. Both on the Internet and in local networks, the connection between a domain name and an IP address is responsible for the so-called DNS servers: for each domain in the database of such a server, its own IP is registered. However, for technical reasons, situations often arise when the router has to use a dynamic (changing) IP; accordingly, in order for information to be constantly available on the same domain name, it is necessary to update the data on the DNS server with each IP change. It is this update that the DDNS function provides.
MikroTik RB5009UG+S+IN often compared
MikroTik RB4011iGS+RM often compared