unmesh

I moved from standard consumer wireless routers to flashing OpenWRT on those routers to pfSense and Omada APs. My most recent upgrade was from Omada to used Ruckus Wireless APs running Unleashed firmware and it has been awesome.

I do wired backhaul but got a friend some Ruckus units and he is happy doing wireless backhaul.

st1575

About 6 months in the pandemic, I replaced a Securifi Almond+ with an ASUS RT-AC68U running Asuswrt-Merlin firmware; it's been rock solid and provides a good balance in features. Prior to the Almond+, I had been through a series of LinkSys WRT-54Gs and a TP-Link, all running various open-source firmware replacements dating back to the early 2000s.

z28lt1

I was an avid Netgear user until I purchased the (at the time) top of the line/most expensive consumer router. Netgear quickly abandoned support for it and bug/security fixes that were published would hit all the lesser models, and take a very long time to get to the one I purchased (if at all). They released a slightly scaled down version that they sold at Costco and seemed to throw all the resources at that one, while ignoring the more expensive one. Company policy didn't allow me top open source the firmware and work from home, so I was stuck with whatever Netgear would provide.

I moved over to Linksys EA9500 and while I like the router, they were not reliable at all. Had 2 completely die (replaced under warranty) and the third required a reboot couple of times a week That led me to my TP-Link which has been outstanding so far.

I think my experience with Netgear was unusual and specific only to that router, and the Linksys one I had seemed to have some reliability issues, so I'm more the exception than the rule for these two companies, but I'm more satisfied now with the TP-Link, so hoping it continues...

HDQDD

I would test your DNS servers. A slow lookup behaves exactly like you describe. Sometimes changing DNS servers can make a world of difference. I like to use this tool to test. https://www.grc.com/dns/benchmark.htm By default most ISPs use their own dns servers,..and those are very hit or miss, more miss than hit imo.

I use pfsense as my internal dns server and have it forward requests to 1.1.1.1 or 1.0.0.1. Those are cloud flares dns servers and they have the best speed vs privacy trade off of any of the major providers IMO (although I haven’t “shopped” in a while). I used to use quad9 before that and level 3 before that. I would never use googles servers because Google already knows way too much about me and I don’t need them knowing every Internet address we lookup.

serpens

Thanks for the suggestion. FWIW, I had already set my preferences to the Cloudfare servers (does that mean I don't need to test?), but I don't know what an "internal DNS" server is. Is it a big deal?

StuckInYYZ

Internal DNS is your local DNS server. So when your computer makes a query for an address, it consults its internal DNS service. If the internal DNS service doesn't have the address, for most people their computer checks the router's database. And if the router's database doesn't have the address, then it'll check the external DNS server (so Google or Cloudflare or whoever). Regardless, it's an invisible process for most people.

It's just some tech-heads set up their own internal DNS servers for various purposes (eg, to kill ads, filter out some sort of material, etc.). It requires a bit more effort (in most cases), but gives you more control.

serpens

Is that related to a text file (that I don't recall) that listed sites and IP numbers? I remember editing such a file a couple of computers and several OS upgrades ago.

Back to routers, do most routers allow the router's administrator to edit a list DNS servers? (Looking at my router's web interface, I see a page called Static Routing where I can apparently add server, although I wouldn't know what subnet mask to use.)

More importantly, I have added the Cloudfare servers in my computer's network settings. Does that mean the Cloudfare servers get used even if they are not listed in the router's list of DNS servers? Thanks for the continuing education.

Polytonic

When you browse to "www.google.com" your computer has no notion of what "www.google.com" means. It needs assistance translating the label "www.google.com" to an IP address (i.e. a form of identification an addressing for computers, imagine a postcode). This help comes in the form of a Domain Name System (DNS) server. These are operated by multiple companies, such as your ISP, Google, Cloudflare, etc. Collectively, they provide a service similar to a phonebook for computers.

For the file you edited, you're likely referring to the hosts file, which can be used to override specific hostnames either to assign an IP address or redirect to (or block) a different address (a hostname being a human-readable label for a computer).

Your computer will attempt to resolve the domain name "google.com" by querying in the following order -- each level can be considered an "override" and takes precedence, so in other words, resolution occurs as follows:

1) hosts file (if any entries apply for the current query, otherwise fallback to local DNS server)
2) local DNS server (if set on your computer's network interface, otherwise fallback to router DNS server)
3) local network DNS server (if set in your router configuration, otherwise fallback to your ISP's DNS server)

Every router I've ever touched has allowed you to set the DNS server addresses. Static Routing is slightly different -- if a packet (i.e. computer message) has a destination of A, you can set a static route such that your router instead sends that packet to a destination of B. Imagine if say, you physically moved a computer from one building to another, and it has a new IP address.

Anyway, I'm sure some networking nerd will find something in my description to nitpick, but hopefully this helps give you a better understanding of how this works at a high level.

StuckInYYZ

I'm assuming you mean the hosts file. That's kinda like an override... The "when you type this, I want you to go here" file. It's not the same, but serves a related purpose.

Most older routers (stock firmware) would let you redirect from your ISP's DNS servers to one of your choice, Custom firmware did allow you. If memory servers, there were some routers which would not let you, but that was a long time ago. Static routing is not the same thing. Static routing has a specific purpose.

You mean as primary/secondary DNS? Yes, they should. There are tests out there you can use to confirm that.

serpens

Thank you both.

Yes, that was it.

Thanks, that answers the question.

HDQDD

I would run the test anyways. Couldn’t hurt. Maybe you’ll see another that’s faster.

Internal dns is for high tech rednecks like me who need to test application software on different stacks at home. I have 6 VLANs about 200 hosts and I use an internal dns server so they can communicate with each other by hostname. Some of the devices are wireless and to simulate customer environments, I need them to reach each other via internal dns. I also use it for privacy reasons.

Xero

I am a big fan of the Eero.

Devices seem to roam between nodes extremely well. Also, certain models support DFU channels, which few routers support due to the additional government regulations associated with these channels. This is great if you live in a crowded area such an apartment.

Also, Eero works great if you have a lot of Apple HomeKit devices.

Though even with Eero, if you can do a wired backhaul via ethernet, do it. It makes the wifi experience so much better. Hardwire whatever you can and try to minimize your wifi devices.

KRSW

Wow, lots of discussion on this! Thank all of you! I ended up going with a pair of Asus AC1900P (AC68U) routers. Bought one new & one refurb off Amazon, with the new one being the master, and the second one being the extender. Wireless mesh since hardwiring them is out of the question. $140 total for both units. I ended up loading Merlin & Skynet on them and life's good. They only have a 200Mbps/10Mbps connection so these are complete overkill and are working well.

I can't see spending more than $140 on consumer gear. At that point Ubiquiti's UniFi system is more capable and more reliable. I've put Ubnt's AirMax gear through hell & hurricanes and only lightning seems to be able to stop it. I've been using PFSense since 2006 and other than one dodgy update in 2021, it's been flawless. I can't even count how many PFSense systems I've deployed over the years. Largest one was 7,000+ users running on a consumer-grade computer and it worked amazingly well. Lately I've been using Dell R210 II servers for this. Complete overkill but they're cheap enough and reliable enough.

nkedel

Asus here as well. RT-AX89X as my main router, and then an RP-AC56 and my old main router (RT-AC86U) as access points ("mesh nodes" with wireless backhaul)

HDQDD

Thise A68Us are an oldie but a goodie. I use two of those for trade shows and training sessions for sales. Work great, but I did have to offload DHCP/DNS to a separate raspberry pi.

I can’t say it enough, PfSense is awesome. I can pull speeds at 35MB/s (not Mb/s) using a pfsense ESXi VM on a 10+ year old server using WireGuard. VPNing in and out.