🦗MikroTart | A Jack of All Trades, Master of None 🐜

Ronald BartelsRonald Bartels
6 min read

MikroTik, aka Mikrotart, routers have carved a niche for themselves in the networking world as versatile, cost-effective devices capable of performing a broad range of tasks. They are often lauded for their rich feature set and adaptability, with their RouterOS allowing everything from basic routing to VPNs, firewalls, and network monitoring. However, beneath the surface lies a fundamental limitation: MikroTik’s reliance on CPU-based processing and limited hardware resources. This design choice often cripples the device when handling anything more than basic network tasks, relegating it to a “handyman” or “DIY” status in professional networking environments.

https://hubandspoke.amastelek.com/why-your-telecommunications-links-go-down-faster-than-a-tarts-knickers

The CPU Bottleneck

At the heart of MikroTik’s performance issues is its CPU-centric architecture. Unlike enterprise-grade networking devices that offload specific functions (like encryption or packet processing) to specialised hardware components (ASICs or FPGAs), MikroTik depends almost entirely on its general-purpose CPU to handle all tasks. This creates several problems:

  1. High CPU Usage Under Load
    Even basic functionalities such as routing, firewall rules, or NAT begin to strain the CPU when traffic levels rise. Add advanced features like Quality of Service (QoS), and the device quickly reaches its limits.

  2. SNMP Polling and Telemetry Struggles
    SNMP polling, a critical function for network monitoring and management, can bog down a MikroTik device, leaving it unable to handle normal traffic loads efficiently. Attempts to implement modern telemetry systems for real-time visibility often exacerbate the issue, as the CPU is already overwhelmed by existing tasks.

  3. Encryption Overload
    Encryption is notoriously CPU-intensive, and MikroTik devices often struggle to maintain throughput when encryption protocols like IPsec or SSL/TLS are enabled. This limitation severely impacts their suitability for secure WAN deployments or encrypted overlays like SD-WAN.

The Futility of Overlays & Multi-Functionality

An SD-WAN overlay, which typically relies on real-time encryption, dynamic path selection, and packet optimisation, is essentially a non-starter on MikroTik hardware. The demands of even a basic SD-WAN configuration far exceed what the CPU can handle, resulting in debilitating performance issues, such as:

  1. Increased Latency and Packet Loss
    When the CPU is stressed, latency increases, and packets are dropped, negating the very benefits SD-WAN is supposed to provide.

  2. Unstable Performance
    Running multiple features simultaneously—such as VPN, dynamic routing protocols, and firewall rules—causes the device to choke, leading to unpredictable behaviour and frequent reboots.

  3. Forced Segmentation
    To achieve reliability, users are often forced to split functions across multiple MikroTik devices. For instance, one device handles routing, another handles VPN, and yet another serves as a firewall. This approach undermines the cost-effectiveness of MikroTik, as additional hardware purchases negate the initial savings.

The Handyman’s Toolbox | Good for DIY, Not for Business

MikroTik’s appeal lies in its affordability and versatility, making it an attractive choice for hobbyists, small businesses, or IT enthusiasts experimenting with various network setups. However, its limitations confine it to a handyman role in networking:

  • Basic Networking Tasks: MikroTik excels at handling small-scale tasks, such as managing a home network or providing basic connectivity for a small office.

  • DIY Projects: Enthusiasts who enjoy customising their networks often find MikroTik an appealing platform.

  • Temporary Deployments: MikroTik can be useful for short-term or low-demand use cases, where reliability and performance are less critical.

For enterprises, ISPs, or organisations requiring robust, scalable, and reliable networking, MikroTik simply cannot deliver.

The Alternatives

To overcome the limitations of CPU-based devices like MikroTik, businesses should consider networking equipment designed with specialised hardware and modern software architectures. These alternatives include:

  1. Enterprise-Grade SD-WAN
    Solutions like Fusion SD-WAN offload critical tasks to purpose-built hardware while offering advanced features like packet loss mitigation, WAN optimisation, and centralised management. These solutions are designed for scalability and performance, with no risk of the device “acting up” under load.

  2. Carrier Ethernet Devices
    Designed for high throughput and reliability, carrier-grade devices excel in both performance and resilience.

  3. ASIC-Driven Routers
    Routers with dedicated hardware for packet processing, encryption, and telemetry provide unmatched performance and stability.

The Human Effort Tax of Using MikroTik Routers

MikroTik routers have long been praised for their affordability and feature-rich firmware, RouterOS. However, this low-cost advantage comes with a significant hidden cost: the human effort tax. This tax represents the time and resources spent manually managing and configuring MikroTik devices due to the lack of robust, scalable orchestration tools. Unlike modern network solutions that emphasise automation and centralised management, MikroTik’s ecosystem falls short, creating inefficiencies that can overwhelm IT teams.

Single-Instance Focus | The Limitation of Winbox

Winbox, MikroTik's flagship configuration tool, is a prime example of the single-instance focus that characterises their approach. While Winbox provides a powerful and intuitive interface for configuring a single router, it becomes impractical when managing multiple devices across a distributed network. Key limitations include:

  • No Centralised Management: Each MikroTik router must be accessed and configured individually.

  • Inconsistent Configurations: Without a standardised, automated way to push configurations, network admins risk introducing errors and inconsistencies.

  • Lack of Automation: The absence of scripting or automation tools in Winbox makes it unsuitable for large-scale deployments.

In an era where automation and orchestration are essential for efficiency, this approach feels outdated and labour-intensive.

Cultural Resistance to Third-Party Solutions

While third-party solutions exist to address some of these gaps—such as orchestration platforms that offer limited MikroTik support—the company and its community exhibit a cultural resistance to adopting such tools. This resistance is compounded by MikroTik's apparent unwillingness to pay for or invest in developing a stable, native orchestration solution. The result is:

  • Fragmented Ecosystem: Network administrators are forced to rely on unofficial or open-source tools, which often lack support, stability, and scalability.

  • Limited Integration: Third-party tools rarely integrate seamlessly with MikroTik devices, leading to compatibility issues and additional overhead.

This "go-it-alone" philosophy isolates MikroTik from the broader advancements in network management, making it an increasingly challenging option for modern, scalable deployments.

No Scalable Deployment Framework

Perhaps the most glaring deficiency in MikroTik's ecosystem is the absence of a stable and scalable solution for deploying and managing routers at scale. Unlike competitors who offer robust SD-WAN platforms or centralised management systems:

  • No Native Deployment Tools: MikroTik offers no built-in framework for provisioning or managing fleets of devices.

  • Manual Configuration Overhead: Every new router requires manual setup, which can be time-consuming and error-prone in large-scale rollouts.

  • Lack of Scalability: This manual effort does not scale well as the network grows, creating bottlenecks and increasing the potential for misconfigurations.

The Hidden Cost of Affordability

While MikroTik’s low price point is appealing, the hidden cost of managing these routers—measured in human effort and operational inefficiency—often outweighs the upfront savings. Organisations relying on MikroTik must weigh these hidden costs against the benefits of choosing more modern, scalable solutions that prioritise automation and centralised management.

Wrap

While MikroTik devices can “do it all” in theory, their CPU-dependent architecture and limited resources mean they can’t handle multiple tasks at scale. Attempting to use them for advanced networking functions, such as SD-WAN, encryption-heavy workloads, or high-frequency telemetry, leads to significant performance degradation and operational headaches.

MikroTik is a fantastic tool for DIYers and small-scale deployments, but for businesses requiring reliability, performance, and scalability, the handyman’s toolbox isn’t enough. Investing in enterprise-grade solutions ensures that your network infrastructure is built to withstand the demands of modern networking, delivering performance and stability when it matters most.

Wrapping up, the lack of orchestration capabilities and cultural resistance to third-party tools make MikroTik a less viable option for organisations aiming to scale efficiently and adopt modern networking practices. To truly thrive in larger, distributed networks, MikroTik must rethink its approach, embracing the importance of automation, scalability, and integration with the broader networking

https://www.linkedin.com/posts/ronaldxbartels_you-struggling-to-configure-a-mikrotik-router-activity-7275761958291664897-ptt1?utm_source=share&utm_medium=member_desktop
10
Subscribe to my newsletter

Read articles from Ronald Bartels directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Mikrotert#MikrotikinternetDIY

Written by

Ronald Bartels
Ronald Bartels

Driving SD-WAN Adoption in South Africa