The Services menu configures DHCP servers, DNS, and PPPoE options. With only three physical Ethernet ports and at least one used for a WAN connection, a useful EdgeOS feature for the EdgeRouter Lite is support for 802.1Q VLAN tagging. Via the EdgeOS Dashboard menu, which isn't all that intuitive, you can add subinterfaces for VLAN support. Using the EdgeRouter's LAN interface eth1, I created interface eth1.77 to support VLAN 77, as shown below.
In the Services menu, I then created a DHCP server for VLAN 77 as shown in the below configuration screen.
I connected the EdgeRouter's eth1 to an 802.1Q capable switch port configured as a trunk supporting VLAN 1 and 77. Ports on the switch assigned to VLAN 1 got an IP from the EdgeRouter's DHCP server for VLAN 1 and ports on the switch assigned to VLAN 77 got an IP from the EdgeRouter's DHCP server for VLAN 77, validating the EdgeRouter properly applies VLAN tags. VLAN tagging is a useful feature on a router with only a few physical ports. Connecting the EdgeRouter Lite to an 802.1Q capable switch enables it to be the center of a much larger and more complex network.
Other options in the Service menu include DNS Forwarding and Dynamic DNS (DDNS), as well as configuring a PPPoE server.
In my previous review of the EdgeRouter Pro, I had to use the CLI for both PPTP and IPsec configurations. EdgeOS v1.9 has a configuration menu for PPTP, but it requires setting up a Radius Server for authentication, which is more hassle than I cared to try, and likely more hassle than most SOHO users would try as well.
To test PPTP on EdgeOS v1.9, I instead used the CLI commands listed in the instruction page. I found it was easier to use an SSH client like Putty to login to the EdgeRouter's CLI, then copy and paste the configurations from the instruction page directly into the CLI. You can also access the EdgeRouter's CLI via the GUI, but you can't paste configs, which is a limitation.
I applied my CLI configs via the commit command, added two firewall rules in the EdgeOS GUI per the instruction page using the same method for enabling remote access described previously, and was done setting up the EdgeRouter. I then set up my Windows PPTP client and was able to remotely access a PC on the EdgeRouter's LAN.
Another limitation of the EdgeOS GUI is it doesn't clearly display PPTP status. I had to resort to the CLI to show I had an active PPTP session (screenshot below).
PPTP VPN Status
EdgeOS v1.4 didn't have a GUI menu for IPsec Site-to-Site configuration, but v1.9 does. However, I was unable to get an IPsec Site-to-Site tunnel up and running using the EdgeOS v1.9 GUI, so I again resorted to the CLI. I followed the configurations here to create my configurations using AES-128 encryption and SHA-1 authentication, and was successful in setting up a tunnel between the EdgeRouter Lite and a Linksys LRT224. The EdgeOS does have a display for IPsec status, mysteriously placed in the Wizards menu. The screenshot below shows my active IPsec tunnel.
IPsec VPN Status
I ran a few throughput tests over the IPsec VPN tunnel between the LRT224 and the EdgeRouter Lite. It's important to note that Ubiquiti rates the EdgeRouter Lite IPsec VPN throughput at "around 220 Mbps." The LRT224 is considerably slower. In my review of the LRT224, I measured its peak IPsec throughput at 70.8 Mbps.
Using TotuSoft's LAN Speed Test client and server application, with a file size of 10 0MB, and two PCs running 64-bit Windows with their software firewall disabled, I measured peak throughput over the IPsec tunnel between the LRT224 and EdgeRouter Lite at 51.5 Mbps. This number is slower than I expected, but likely a reflection of the LRT224 and not the EdgeRouter.
QoS and Users
QoS options via EdgeOS v1.9 GUI include the ability to throttle upload and download bandwidth usage by interface, as well as by source/destination IP and application. To test this capability, I first ran a throughput test (again using the TotuSoft LAN Speed Test) from a PC connected to the EdgeRouter Lite's LAN to a PC on the EdgeRouter Lite's WAN. I measured peak throughput of 907 Mbps. I then configured a QoS rule, shown below, to limit bandwidth to 100 Mbps.
The QoS rule clearly worked, as peak throughout was now only 83.65 Mbps, as you can see in the below screenshot.
QoS Test Result
Lastly on feature menus, the User menu in EdgeOS is a simple menu for adding user names and passwords to allow users to log into the router and access the network remotely.
This menu option in EdgeOS is kind of hybrid between the EdgeOS GUI and the CLI. In this menu, you can view and change configuration options in a "tree" layout. For example, a portion of the QoS changes I applied above appear as below in the Config Tree menu.
I found the Config Tree menu an interesting way of trying to bring all the CLI options into the GUI, but at the same time, somewhat confusing.
Testing and analysis by Tim Higgins
I ran the ErLite through the Revision 10 process with v184.108.40.206 firmware loaded. If you buy an ERLite, make sure you upgrade. The sample I purchased from Amazon had v1.2.0 installed. v220.127.116.11's release notes say it has no new features from v1.9.1, just security fixes.
|Test Description||Ubiquiti EdgeRouter Lite|
|WAN - LAN Throughput (Mbps)||941|
|LAN - WAN Throughput (Mbps)||937|
|HTTP Score - WAN to LAN (%)||61.4|
|HTTP Score - LAN to WAN (%)||61.6|
|Bufferbloat Score- Down Avg.||522|
|Bufferbloat Score- Down Max.||6|
|Bufferbloat Score- Up Avg.||1011|
|Bufferbloat Score- Up Max.||725|
|CTF Score (%)||13|
Table 2: Routing performance summary
The WAN - LAN and LAN - WAN throughput benchmarks are the least meaningful, since most products can hit these numbers due to the common use of Cut Through Forwarding. The ERLite turned in typical values of 941 Mbps WAN-to-LAN and 937 Mbps LAN-to-WAN.
I compared the ERLite's HTTP scores against the ASUS RT-AC5300 and GT-AC5300; the previous highest-rankers for these benchmarks. The A and B benchmarks with smaller file sizes push routers the hardest. The ERLite holds its own against the much more expensive (> $300) RT-AC5300, which sports a Broadcom BCM4709C0KFEBG dual-core CPU @ 1.4 GHz. The winner of the bunch is the ASUS GT-AC5300, which runs on a Broadcom BCM4908 64 bit quad-core @ 1.8 GHz.
HTTP Score comparison
Plot key file size: [A] 2 KB, [B] 10 KB, [C] 108 KB and [D] 759 KB file
Bufferbloat uplink results were great, with the ERLite topping both average and and maximum charts. But three downlink tests I ran produced maximum results of 164, 1108 and 1057 ms. I used the lowest result for the Charts, which put the ERLite at the top of the Bufferbloat average downlink chart, but at the bottom of the maximum downlink chart. Still, with average delays of 1-2 ms, the ERLite has the least delay of any router tested with the Revision 10 process to date.
Finally, the Cut Through Forwarding tests showed the ERlite throughput takes a big hit when Smart queue QoS is engaged, slowing down to around 120 Mbps from 940. This landed the ERLite at the bottom of the CTF Score chart.
Ubiquiti is moving in the right direction by enhancing the EdgeOS and EdgeRouter Lite, but they still have far to go before I would be comfortable recommending the ERLite to the average router buyer. The Traffic Analysis tool is a step forward, but the EdgeOS GUI configurations and menus are still sometimes confusing, redundant and/or lacking intuitiveness. Further, I found that VPN and other configurations and status displays still require the CLI.
Overall, I still think the EdgeRouter Lite is a pretty interesting router with many features and impressive throughput. At still below 100 bucks, it certainly is priced to appeal to the masses. But it still earns our "not for networking newbies" warning.