JesterEE Posted January 23, 2020 Share Posted January 23, 2020 So it's time to upgrade. I have an ASUS RT-N66U Dark Knight that I have been using since 2013 currently on a 01/2019 version of DD-WRT. It's been a good workhorse, having lots of firmware flashed to it over the years (Asuswrt-Merlin, Shibby Tomato, BrainSlayer DD-WRT) but it's starting to show it's age. It has 256MB RAM, so it handles a lot of concurrent connections well in the routing table, but something in DD-WRT isn't behaving and it drops network connectivity after about a week of up-time till I (hard) reboot it. It's on the fringe of active firmware support being so old, and honestly, I don't want to be bothered trying to fix it flashing yet another firmware. I think I got my moneys worth by now 🤣. I'm looking for community recommendations (please)! I don't need anything crazy, just stable. I toyed with the idea of a small pfSense box + TBD WiFi AP, but for me, right now, that is SUPER overkill. That route quickly approaches $400+ for a "tiny" solution. That's like 3x what I want to spend, plus, it would have the WiFi AP decoupled from the router which is not ideal for me. Also, I only need about 1000 sqft. of WiFi coverage and I have a centrally located location for the router, so really, any router will be fine for coverage; no need for a mesh. Here's my want list: <$150 new or used. Lower is obviously better. Stable! Maybe a scheduled soft reset once a week. Great stock firmware. Bells and whistles included! Standard stuff like static port mapping, port forwarding, and DMZ More advanced stuff like VLANS, bandwidth monitoring, traffic logging (RFLOW), blocklists, WiFi "client mode", etc. Standard sized residential oriented router no virtualized solutions, no re-purposed PCs 4+ port GbE switch 1 GHz+ dual+ core CPU Fair amount of RAM (128 MB+) Dual band 2.4 GHz 802.11n and 5 GHz 802.11ac support The newer 802.11ax [WiFi 6] is good too, but I don't need it and don't really want to pay the early adopter tax MU-MIMO WiFi Not needed, but it's good tech ... I'd like it if possible. Basically, a solid 2018-2019 router: ASUS RT-AC series, Neargear Nighthawk series, TP-Link Archer Series, etc. I haven't personally used any of their firmware, so it's hard to know what boxes they all tick even if the hardware specs are good. And you can only troll so much YouTube looking for hints in year old videos. Anyone have experience with any pro-sumer router equipment that likes it and wants to throw out a recommendation? Thanks -JesterEE Quote Link to comment
klipp01 Posted January 23, 2020 Share Posted January 23, 2020 This is what I replaced my 66n with a few years back.https://www.amazon.com/dp/B0752FD3XJ/ref=cm_sw_r_sms_apa_i_woDkEbN1DRN87I've seen some bad reviews in later 2018 might have been some manufacturing issues but mines been solid and I bought it January 2018.The 5ghz radios range is amazing.Sent from my Pixel 2 XL using Tapatalk 1 Quote Link to comment
uldise Posted January 23, 2020 Share Posted January 23, 2020 what are expected total bandwidth? do you need some hardware supported VPN? Quote Link to comment
Hoopster Posted January 23, 2020 Share Posted January 23, 2020 (edited) 1 hour ago, JesterEE said: <$150 new or used. Lower is obviously better. Stable! Maybe a scheduled soft reset once a week. Great stock firmware. Bells and whistles included! Standard stuff like static port mapping, port forwarding, and DMZ More advanced stuff like VLANS, bandwidth monitoring, traffic logging (RFLOW), blocklists, WiFi "client mode", etc. Standard sized residential oriented router no virtualized solutions, no re-purposed PCs 4+ port GbE switch 1 GHz+ dual+ core CPU Fair amount of RAM (128 MB+) Dual band 2.4 GHz 802.11n and 5 GHz 802.11ac support The newer 802.11ax [WiFi 6] is good too, but I don't need it and don't really want to pay the early adopter tax MU-MIMO WiFi Not needed, but it's good tech ... I'd like it if possible. I personally have a UniFi USG router and separate switches and APs which is way overkill for your needs. However I can highly recommend the Netgear Nighthawk (an R6700 or R7000). I also used an Asus RT-N66U for many, many years. It was a true workhouse, but, I eventually retired it a couple of years ago. In the interim before moving to the Ubiquiti gear, I used a Netgear R6400. It was a solid router that I never had to reboot. I bought an R6700 for my sister's house, but, it ended up not working well with their crappy ISP gear (not a Netgear problem), so I gave that one to my son a couple of months ago. They love the R6700 as it provides good coverage throughout their 4000 sq. ft. home (very open two-story + basement) including to basement apartment they rent out. They said it was a much better router than their prior ISP supplied garbage. The R6700/R7000 are basically the same hardware (other than an additional USB port on the R7000) and meet all of the above requirements other than supporting VLANs, ax WiFi, and MU-MIMO. For a price reference, the R7000 is $133 on Amazon https://www.netgear.com/home/products/networking/wifi-routers/R7000.aspx If you want MU-MIMO here are the Netgear models that support that: https://www.netgear.com/landings/MU-MIMO/ Edited January 23, 2020 by Hoopster 1 Quote Link to comment
JesterEE Posted January 23, 2020 Author Share Posted January 23, 2020 10 minutes ago, uldise said: what are expected total bandwidth? do you need some hardware supported VPN? 150Mbps WAN (Verizon Fios in my area). 1Gbps LAN. 10Gbps LAN can be on my next upgrade 🤤. I do VPNing in Unraid. I used to do it on my router, but it would really tax the 600 MHz Broadcom chip in the N66U. The Unraid Wireguard support is really good for incoming connections, and I have dockers for outgoing connections ... I don't see going back to using the router for VPN. -JesterEE Quote Link to comment
1812 Posted January 23, 2020 Share Posted January 23, 2020 so.... why not virtualize your firewall on your server via pfsense or sophos/etc...? thats 20-40 dollars for a dual or quad port Nic, then spend 60-80 on a wifi point. Quote Link to comment
JesterEE Posted January 23, 2020 Author Share Posted January 23, 2020 22 minutes ago, 1812 said: so.... why not virtualize your firewall on your server via pfsense or sophos/etc...? thats 20-40 dollars for a dual or quad port Nic, then spend 60-80 on a wifi point. I'm hesitant to do that because the network will do down if the array goes down. Not that it would be a huge deal, but a concern. But if I'm already going to buy a NIC and WiFi AP ($80-$120), why not just buy a slightly better WiFi AP that does enough of the router stuff to make me happy? At that point, another $25 will give me a dedicated appliance. I think that's worth the money. If I intend to go to a more commercial grade firewall in the future, I will surely virtualize it first to get my feet wet. Quote Link to comment
uldise Posted January 23, 2020 Share Posted January 23, 2020 53 minutes ago, JesterEE said: 150Mbps WAN (Verizon Fios in my area). 1Gbps LAN. 10Gbps LAN can be on my next upgrade 🤤. I do VPNing in Unraid. I used to do it on my router, but it would really tax the 600 MHz Broadcom chip in the N66U. The Unraid Wireguard support is really good for incoming connections, and I have dockers for outgoing connections ... I don't see going back to using the router for VPN. -JesterEE then i would recommend a Mikrotik products, like https://mikrotik.com/product/hap_ac2, much cheaper than your budget. it can do about 1Gbit WAN, have at least 200Mbit Hardware accelerated Ipsec VPN, some wifi - for me i have a cable on all devices that required more than 50Mbit traffic, so not a big deal.. and if you are familiar with Mikrotik ROS, you have so many configuration options.. 1 Quote Link to comment
jumperalex Posted January 23, 2020 Share Posted January 23, 2020 Honestly I can't recommend anything other than a ubiquity unifi security gateway or edgerouter (pick the model right for you, I have a Lite), plus the AP of your choice (I have a nanoHD) Or a Dream Machine if you want an all in one solution.Sent from my SM-P205 using Tapatalk Quote Link to comment
1812 Posted January 23, 2020 Share Posted January 23, 2020 21 minutes ago, JesterEE said: I'm hesitant to do that because the network will do down if the array goes down. Not that it would be a huge deal, but a concern. But if I'm already going to buy a NIC and WiFi AP ($80-$120), why not just buy a slightly better WiFi AP that does enough of the router stuff to make me happy? At that point, another $25 will give me a dedicated appliance. I think that's worth the money. If I intend to go to a more commercial grade firewall in the future, I will surely virtualize it first to get my feet wet. I was worried about that too, but after a few years its not a big deal. plus I'm using otherwise wasted cpu cycles, can upgrade or downgrade ram in a flash. I don't have to worry about how much a vpn will tax the processor, or any other performance wall that standard consumer appliances can face without spending hundreds of dollars. the flexibility is also nice to have, not being locked into "this is it, this is all it will ever be." AND the ability to have a variety of different firewall software choices with typically more robust support. but, to each his own. simplicity can also be worth the price Quote Link to comment
JonathanM Posted January 23, 2020 Share Posted January 23, 2020 34 minutes ago, JesterEE said: I'm hesitant to do that because the network will do down if the array goes down. For planned outages of any length, it's easy to just temporarily stand up your current router for the duration of the maintenance. Hopefully there are no unplanned array stops, I've never had my pfSense VM stop or my array crash, but I am running server grade hardware. 1 Quote Link to comment
JesterEE Posted January 24, 2020 Author Share Posted January 24, 2020 @klipp01 @Hoopster Thanks for sharing your recommendations for the ASUS and Netgear Nighthawk. How is the UI these days on those units? How "advanced" are the advanced configuration options? I haven't used a stock firmware in 10 years, partially because they have always been rather dumb and feature starved even for relatively "commonly needed" things. Hoping not to have that issue in the next purchase. @uldise I have never used a Mikrotik or looked at RouterOS. I know the company has a good reputation with networking people but I always thought they were more pro than pro-sumer in pricing. After looking at their website when you posted, I was surprised that they have some pretty affordable options geared toward a home consumer. In your opinion, what sets the hardware and software apart from what companies ASUS and Netgear are offering? Are the RouterOS features the same on all the hardware variants or does it scale up/down with hardware complexity/price-point? I'd likely go with the router you recommended ... the features seems to be inline with what I want and the price is certainly right at <$75 USD! I see they have an x86 image of RouterOS available. I might try to spin it up in a VM and test out the interface. @Hoopster @jumperalex Ya, the Ubiquity ecosystem looks nice, but is way more than I need or plan on needing in the immediate future. I think of them as the Apple of the networking world ... in both good and bad ways 🙄. Maybe one day when I have a 30,000 sqft. castle with need of a dozen APs. 😋 @1812 @jonathanm I see where you're going and I think you both have a point. I think this may be an issue for me because I'm still fairly "new" to Unraid only migrating my server ~6 mos ago. I seem to be continuously modifying configurations for both dockers and VMs, and I tend to need to reboot the server or stop the VM manager semi-frequently while I get stuff ironed out. This would completely sever my connection to the local network if I were running a VM router. I typically only interface with the server via a SSH or WebUI so this could cause some issues with locking myself out. I could do a second video card and add a monitor for terminal access, but I'm trying to avoid that and run administration headless. This is more a physical/PITA concern than anything else. Also, if I need another video card, I would be out of PCIE ports on my motherboard (16x/8x VM dedicated GPU, 4x HBA, 8x currently empty) ... so no Ethernet NIC card! Also, OT, I may want to add another video card for Unraid anyway to dedicate to CUDA tasks on the host, so the PCIE might all be spoken for anyway. My motherboard does have 2 Ethernet NIC adapters and 1 WiFi NIC adapter though so it may be doable. In your experiences, does VFIO pass-though work well with pfSense VMs? I envision I could use the motherboard for the router and AP (pass-through 1 Ethernet NIC and the WiFi NIC) and a managed switch for the WAN and LAN. Is using a wireless NIC device as an AP possible in pfSense? I'd also have to see how good the wireless signal is but like I said, I have no WiFi range concerns currently. A single dipole antenna would probably be just fine. I have never run pfSense personally, and configuring it has always scared me to be honest 😲. It's also way more than I think I need ... like using Thor's hammer for a 1d nail! I always wanted to spin up a VM and dive into what it can do, but this has been so far off the back-burner it will likely never happen unless I need to do it. Maybe now's the time... Thanks everyone! -JesterEE Quote Link to comment
Hoopster Posted January 24, 2020 Share Posted January 24, 2020 7 minutes ago, JesterEE said: Thanks for sharing your recommendations for the ASUS and Netgear Nighthawk. How is the UI these days on those units? How "advanced" are the advanced configuration options? Below are a couple of links that may help you regarding the Netgear Nighthawk R7000. The tutorials in the first link and the manual in the second link should give you a good idea regarding the features of that particular router if it of interest to you. https://www.netgear.com/support/product/r7000.aspx#page-1 http://www.downloads.netgear.com/files/GDC/R7000/R7000_UM.pdf The Ubiquiti gear is overkill in my house, but, I still love the idea of separate router/firewall, switches and APs. I have one USG, two PoE switches (16-port and 8-port) and three APs (two on ceiling and one in-wall). Quote Link to comment
BRiT Posted January 24, 2020 Share Posted January 24, 2020 Using separate router/firewall and access points is the way to go. You get the ability to upgrade and scale the WIFI portion as needed without having to redo/replace the router. Getting a ubiquity or mikrotik router should serve you well, being able to handle Gigabit or even multi Gigabit ISP connections. Price wise, it's not even more expensive compared to the higher-end consumer wifi all in one routers. Using dedicated router and separate WIFI APs was the best upgrade I ever did for myself, my parents, and sister's family. Quote Link to comment
uldise Posted January 24, 2020 Share Posted January 24, 2020 40 minutes ago, JesterEE said: I have never used a Mikrotik or looked at RouterOS. I know the company has a good reputation with networking people but I always thought they were more pro than pro-sumer in pricing. After looking at their website when you posted, I was surprised that they have some pretty affordable options geared toward a home consumer. In your opinion, what sets the hardware and software apart from what companies ASUS and Netgear are offering? Are the RouterOS features the same on all the hardware variants or does it scale up/down with hardware complexity/price-point? I'd likely go with the router you recommended ... the features seems to be inline with what I want and the price is certainly right at <$75 USD! I see they have an x86 image of RouterOS available. I might try to spin it up in a VM and test out the interface. i have no experience with ASUS or NETGEAR equipment, and yes, RouterOS are all the same for all hardware - it just depends on hardware which processes you can offload on hardware, and which ones are done by CPU. RouterOS is very rich on features on routing switching side. if you would like to try ROS, yes they have and CHR images - see here: https://wiki.mikrotik.com/wiki/Manual:CHR and it have 60 day trial version with unlimited speed interfaces. according to configuration - ROS have builtin web interface, but more recommended is their Winbox tool - can run it on Linux too. Quote Link to comment
Harro Posted January 24, 2020 Share Posted January 24, 2020 I have been looking at a new router also. Went on amazon for the neatgear router and wondering how do they interpret the amount of devices. Is this just for the wireless devices or for all connections? Quote Link to comment
uldise Posted January 24, 2020 Share Posted January 24, 2020 9 minutes ago, BRiT said: Using separate router/firewall and access points is the way to go. You get the ability to upgrade and scale the WIFI portion as needed without having to redo/replace the router. Getting a ubiquity or mikrotik router should serve you well, being able to handle Gigabit or even multi Gigabit ISP connections. Price wise, it's not even more expensive compared to the higher-end consumer wifi all in one routers. Using dedicated router and separate WIFI APs was the best upgrade I ever did for myself, my parents, and sister's family. i agree with you, but it all depends - i have a flat with three rooms and in this case all in one router like i mentioned before Mikrotik Hap AC2 works very well. But when you live in house with two floors then separate router like https://mikrotik.com/product/hex_s and several AP is a way to go. and you can always add one more AP, other than buy one super duper Wifi device.. 1 Quote Link to comment
Hoopster Posted January 24, 2020 Share Posted January 24, 2020 (edited) @JesterEE as mentioned by @jumperalex you might want to check out the Ubiquiti Dream Machine (UDM) as a good all-in-one alternative. It's a middle ground between the inexpensive consumer grade routers and the more expensive separate networking component approach. It has VLAN and MU-MIMO support and a 4-core 1.7 GHz CPU for handling IDS/IPS/, DPI and other advanced features. It is double ($299) the amount you said you wanted to spend, but, it does everything you were seeking in a combined router/firewall/controller, 4-port gigabit switch, and access point package (other than WiFi ax support). It is a good introduction to the Ubiquiti UniFi ecosystem. And here is an interesting read comparing several home networking options include the UDM, mesh systems and a traditional Netgear router. Edited January 24, 2020 by Hoopster 1 Quote Link to comment
JonathanM Posted January 25, 2020 Share Posted January 25, 2020 5 hours ago, uldise said: and you can always add one more AP, other than buy one super duper Wifi device.. The problem with trying to extend coverage with a single super duper Wifi is that the radio communication is two way. Antenna gain at the AP end can only get you so much sensitivity, you also have to deal with the radio and antenna of the client. Sometimes it's just way more effective to add an AP to gain coverage. The beauty of the Unifi AP setup is that you get single point management for all your AP's that just works, as long as you stay on the LT branch of the controller software. Quote Link to comment
uldise Posted January 25, 2020 Share Posted January 25, 2020 6 hours ago, jonathanm said: The problem with trying to extend coverage with a single super duper Wifi is that the radio communication is two way. Antenna gain at the AP end can only get you so much sensitivity, you also have to deal with the radio and antenna of the client. Sometimes it's just way more effective to add an AP to gain coverage. The beauty of the Unifi AP setup is that you get single point management for all your AP's that just works, as long as you stay on the LT branch of the controller software. by adding one more AP i mean connect it to a router/switch by CAT 5e/6 cable, so AP won't work as repeater on single radio. and BTW Mikrotik has also centralized management called CAPsMan - you simply choose which device would be central manager and connect all other AP to this. Quote Link to comment
TobiRh Posted January 25, 2020 Share Posted January 25, 2020 I also believe in separating Wifi and Router/Firewall if your budget allows. With $ 150 you are at the tipping point. I would like to throw in the classic one-two-punch Ubiquiti EdgeRouter X ER-X together one Ubiquiti UniFi UAP AC Long Range UAP-AC-LR Access Point which would come in just little above your budget. They do NOT work together via Unify, so you have to manage them separately, but you are also not immediately "sucked" into the Unify world and stay flexible. The ER-X Router is a solid device and pretty inexpensive for what it can do. You can use a more powerful / less expensive MikroTik instead or a solution via Unraid. The UAP-AC-LR Access Point I would advice not for sending long range but rather because the improved antennas supposedly help with receiving signals from the client. And since it is only 20 bucks more then the Lite Version, one might as well... Quote Link to comment
bally12345 Posted January 29, 2020 Share Posted January 29, 2020 I have the exact same router with asuswrt-merlin running, mine is still rock solid and really doesn't need upgrading but LTS has stopped and as already have some Unifi APs I am thinking of getting the UniFi USG router instead. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.