Home Routers -- what's everyone using these days?
#61
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,225
I would like to try PfSense but my Ubiquiti EdgeRouters are working fine, and I like the platform. I also don't really want to deal with finding a computer to run PF on.
Ubiquiti just came out and reaffirmed their commitment to the EdgeOS platform (day late and a dollar short if you ask me) but we'll see what happens. I'd also like to check out Mikrotik.
Ubiquiti just came out and reaffirmed their commitment to the EdgeOS platform (day late and a dollar short if you ask me) but we'll see what happens. I'd also like to check out Mikrotik.
#62
Join Date: Jan 2007
Programs: No single airline or hotel chain is of much use to me anymore.
Posts: 3,278
Umm... practically any x86-64 PC that doesn't have an oddball NIC will do nicely, even a lowly decade-old old Atom will push 500 Mbps just fine.
#63
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,225
Sure, but I don't have PCs sitting around unused. And I prefer the small form factor of a purpose-built router. My Edgerouter is hanging on a wall in a closet...
#64
Join Date: Jan 2007
Programs: No single airline or hotel chain is of much use to me anymore.
Posts: 3,278
Fair enough.
I bought one of these when my girlfriend's old Apple Time Capsule died:
Put a UniFi U6-Lite on her bedroom ceiling and another one on her living room ceiling, none of her devices are more than two stream so there was no point going beyond the Lite.
I put a new hard drive in an ancient 2011 vintage Time Capsule with Wi-Fi turned off for her Time Machine backups.
I bought one of these when my girlfriend's old Apple Time Capsule died:
Put a UniFi U6-Lite on her bedroom ceiling and another one on her living room ceiling, none of her devices are more than two stream so there was no point going beyond the Lite.
I put a new hard drive in an ancient 2011 vintage Time Capsule with Wi-Fi turned off for her Time Machine backups.
#65
Join Date: Jan 2015
Posts: 2,911
#66
FlyerTalk Evangelist
Join Date: Jul 2000
Location: in the vicinity of SFO
Programs: AA 2MM (LT-PLT, PPro for this year)
Posts: 19,781
Here ya go. You just need to load the OS/software yourself (as stated).
https://www.youtube.com/watch?v=wUcDg_ms0is
https://www.youtube.com/watch?v=wUcDg_ms0is
A friend of mine just got the i5 version of these: https://liliputing.com/2022/01/add-n...wordpress.html
If you just want a VPN endpoint, the cheapest (by far) small Linux box available with a warranty is a refurbished Wyse 5070 thin client from Dell. Often available under $100 with a similar Celeron or just over with a (barely) faster Pentium silver. Only one LAN port, so you have to forward ports in via the router. Fanless, they seem well built.
I ended up with two of them (they lost one order, I placed another one, and then they found the original) and for ~$120 each (with the bigger CPU, 8GB, and a wireless card) they are pretty neat machines. One is now my son's terraria + minecraft server (with some old laptop RAM to bring it to 16GB) and the other a knock-around/DMZ machine.
Last edited by nkedel; Mar 30, 2022 at 6:23 pm
#67
Join Date: Jan 2007
Programs: No single airline or hotel chain is of much use to me anymore.
Posts: 3,278
The FreeBSD gods will smite me for this blasphemy, but in my real-world experience the ubiquitous $10 RealTek USB Gigabit dongles work just fine.
Last edited by Error 601; Mar 31, 2022 at 12:27 am
#68
FlyerTalk Evangelist
Join Date: Jul 2000
Location: in the vicinity of SFO
Programs: AA 2MM (LT-PLT, PPro for this year)
Posts: 19,781
Interestingly, there are 2.5GbE USB 3 NICs, which makes sense given that 3.0/3.1 Gen 1 goes to 5Gbps. Closer to $60 than $10, though, and I've no experience with whether they're reliable or not.
#69
Join Date: Jan 2007
Programs: No single airline or hotel chain is of much use to me anymore.
Posts: 3,278
I had difficulties in the distant past using an ASIX based USB device with pfSense, but that was only a 10/100 capable device so that isn't by any means representative of a modern chipset.
I have a couple of the Realtek based 2.5GbE adapters, they work fine, although macOS failed to report the correct link speed until recently. They were both about $30 on Amazon last summer.
The Marvell based 5GbE adapters however have the worst drivers of any device I have ever seen and their Mac drivers are so stagnant that both QNAP and Sonnet no longer claim their devices are even compatible with macOS.
I have a couple of the Realtek based 2.5GbE adapters, they work fine, although macOS failed to report the correct link speed until recently. They were both about $30 on Amazon last summer.
The Marvell based 5GbE adapters however have the worst drivers of any device I have ever seen and their Mac drivers are so stagnant that both QNAP and Sonnet no longer claim their devices are even compatible with macOS.
Last edited by Error 601; Mar 31, 2022 at 10:54 am
#70
Join Date: Jan 2007
Programs: No single airline or hotel chain is of much use to me anymore.
Posts: 3,278
About that Edgerouter...
How much do you trust it?
Some friends are having their 1980's vintage Centrex service (PBX hosted on the Telco's switch) discontinued and are squeamish about the change fearing the infrastructure costs to achieve a high-level of resiliency could be burdensome. The reason they went with Centrex in the first place was because they're in the middle of nowhere and the "phone guy" would never be close at hand.
I have assured them that this need not be the case and bullet-proof Nortel and Avaya switches are available for practically nothing but knowing these are not people who want to hear me prosthelytize about pfSense I don't have a router suggestion readily at hand and a redundant WAN would be a must.
How much do you trust it?
Some friends are having their 1980's vintage Centrex service (PBX hosted on the Telco's switch) discontinued and are squeamish about the change fearing the infrastructure costs to achieve a high-level of resiliency could be burdensome. The reason they went with Centrex in the first place was because they're in the middle of nowhere and the "phone guy" would never be close at hand.
I have assured them that this need not be the case and bullet-proof Nortel and Avaya switches are available for practically nothing but knowing these are not people who want to hear me prosthelytize about pfSense I don't have a router suggestion readily at hand and a redundant WAN would be a must.
#71
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,225
About that Edgerouter...
How much do you trust it?
Some friends are having their 1980's vintage Centrex service (PBX hosted on the Telco's switch) discontinued and are squeamish about the change fearing the infrastructure costs to achieve a high-level of resiliency could be burdensome. The reason they went with Centrex in the first place was because they're in the middle of nowhere and the "phone guy" would never be close at hand.
I have assured them that this need not be the case and bullet-proof Nortel and Avaya switches are available for practically nothing but knowing these are not people who want to hear me prosthelytize about pfSense I don't have a router suggestion readily at hand and a redundant WAN would be a must.
How much do you trust it?
Some friends are having their 1980's vintage Centrex service (PBX hosted on the Telco's switch) discontinued and are squeamish about the change fearing the infrastructure costs to achieve a high-level of resiliency could be burdensome. The reason they went with Centrex in the first place was because they're in the middle of nowhere and the "phone guy" would never be close at hand.
I have assured them that this need not be the case and bullet-proof Nortel and Avaya switches are available for practically nothing but knowing these are not people who want to hear me prosthelytize about pfSense I don't have a router suggestion readily at hand and a redundant WAN would be a must.
if I were in the market today I’d be looking at Mikrotik, PFSense, or Sophos.
#72
Join Date: Jan 2007
Programs: No single airline or hotel chain is of much use to me anymore.
Posts: 3,278
Sorry, what’s your question? I’ve had this router for about 7 years (EdgeRouter X SFP) and it has just worked. I would probably think twice about buying more EdgeOS devices because Ubiquiti seems to have abandoned the platform - though they released a statement a couple months ago saying they weren’t.
if I were in the market today I’d be looking at Mikrotik, PFSense, or Sophos.
if I were in the market today I’d be looking at Mikrotik, PFSense, or Sophos.
The question would be whether or not you would trust the Edgerouter product for something that has to work and has to fail-over to another WAN elegantly.
Their anxiety is that replacing their existing legacy phone solution (which is entirely managed by the telco) will require expensive hardware to have the same level of resiliency that their Centrex solution has. You can buy a used enterprise grade PoE switch for practically nothing, VOIP phones aren't necessarily expensive but I have no informed opinion about traditional routers in this space. I have been using pfSense forever.
The EdgeRouter family is not expensive and Ubiquiti markets them as a carrier grade solution - but I think most people take Ubiquiti's self-placement with a grain of salt.
#73
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,225
I'm sorry if I was unclear.
The question would be whether or not you would trust the Edgerouter product for something that has to work and has to fail-over to another WAN elegantly.
Their anxiety is that replacing their existing legacy phone solution (which is entirely managed by the telco) will require expensive hardware to have the same level of resiliency that their Centrex solution has. You can buy a used enterprise grade PoE switch for practically nothing, VOIP phones aren't necessarily expensive but I have no informed opinion about traditional routers in this space. I have been using pfSense forever.
The EdgeRouter family is not expensive and Ubiquiti markets them as a carrier grade solution - but I think most people take Ubiquiti's self-placement with a grain of salt.
The question would be whether or not you would trust the Edgerouter product for something that has to work and has to fail-over to another WAN elegantly.
Their anxiety is that replacing their existing legacy phone solution (which is entirely managed by the telco) will require expensive hardware to have the same level of resiliency that their Centrex solution has. You can buy a used enterprise grade PoE switch for practically nothing, VOIP phones aren't necessarily expensive but I have no informed opinion about traditional routers in this space. I have been using pfSense forever.
The EdgeRouter family is not expensive and Ubiquiti markets them as a carrier grade solution - but I think most people take Ubiquiti's self-placement with a grain of salt.
EdgeOS is the only non-consumer router platform I've used. I'm impressed at the feature level. I used to work at a telecom infrastructure design/build firm and the guy who ran the group that did cool point to point and wifi things sneered at me when I asked his opinion of Ubiquiti, saying "It's the Walmart brand". They market it as enterprise/carrier equipment but it really isn't, and I think that's largely because of the total lack of support Ubiquiti provides. True, unlike Cisco and its ilk they don't lock you into service contracts - because there are no service contracts. Support is very much self-service using their online forum (community.ui.com). If you're ok with that, and with the only real solution to "my device broke and I can't resuscitate it" being ordering a new one, then Ubiquiti is a good option.
As far as carrier-grade...I'm not totally sure how that's defined. I know there are a ton of people (mostly WISPs and fiber ISPs in the developing world) who use Ubiquiti throughout their networks and seem very pleased with it. My old company used Ubiquiti Airmax PTP to get a 800 Mbps connection to an island across 17 miles of open sea.
That said, I'd be leery of buying new EdgeRouters now. It has been a year or more since Ubiquiti issued a significant firmware release for them. They are in process of issuing version 2.0.9 hotfix 3, which fixes some old security issues but EdgeOS still runs on an old kernel that is EOL next year. EdgeRouters were hard to find in stock even before the current supply chain issues, and it has been three or more years since they released a new model. They have a habit of letting product lines languish like this and then suddenly announcing they're EOL. To many, it seemed the writing was on the wall. But a few months ago they went to the trouble of issuing a statement saying that they remain committed to the platform. I'll wait until they start releasing new models or firmware upgrades that include new features and major improvements before feeling comfortable with the platform going forward..
If it were me and I wanted a router like an EdgeRouter now, I'd look at Mikrotik or PfSense. Or, if you don't mind running Ubiquiti's Unifi controller (free download), or you can pay them to host an instance for you) then there are several Unifi routing options that are as solid as the Edge platform and support dual WAN. I use Unifi APs for wifi everywhere and it is also very solid.
edit: just looked at my router and it has been up for 3.5 months now. I think I unplugged it accidentally then. Back in the days when Ubiquiti issued major firmware releases every six months I'd have six months of uptime when I went to upgrade it.
Last edited by gfunkdave; May 28, 2022 at 9:39 am
#74
Join Date: Jan 2007
Programs: No single airline or hotel chain is of much use to me anymore.
Posts: 3,278
Thanks.
At my old company there was a lot of rancorous discussion about "enterprise support" since we were self-sufficient in most matters and we were either paying a lot to get rapid turnaround on the most mundane of requests or we were paying a lot and still doing the heavy lifting when we did need support.
I am okay with the trade-off Ubiquti offers, I have never contacted them for any reason other than for RMAs that if not fulfilled quickly were at least approved quickly.
I'm not really sure what the right answer in this use case is, hopefully when the time comes that the plug is pulled there should be some clarity and improved availability on all the platforms. I think pfSense on the PCEngines APU2 might be the best alternative in this instance. I haven't used the APU2 but we did use a PCEngines ALIX based appliance at my old company and those had ridiculous uptimes.
I have a couple instances of the UniFi controller running on VPS hosting, my personal access points and cameras are running on the CloudGen Gen2 Plus. It probably isn't the way I want to go to manage a grand total of one or two UniFi devices.
At my old company there was a lot of rancorous discussion about "enterprise support" since we were self-sufficient in most matters and we were either paying a lot to get rapid turnaround on the most mundane of requests or we were paying a lot and still doing the heavy lifting when we did need support.
I am okay with the trade-off Ubiquti offers, I have never contacted them for any reason other than for RMAs that if not fulfilled quickly were at least approved quickly.
I'm not really sure what the right answer in this use case is, hopefully when the time comes that the plug is pulled there should be some clarity and improved availability on all the platforms. I think pfSense on the PCEngines APU2 might be the best alternative in this instance. I haven't used the APU2 but we did use a PCEngines ALIX based appliance at my old company and those had ridiculous uptimes.
I have a couple instances of the UniFi controller running on VPS hosting, my personal access points and cameras are running on the CloudGen Gen2 Plus. It probably isn't the way I want to go to manage a grand total of one or two UniFi devices.
#75
Join Date: Nov 2003
Location: San Jose, CA
Posts: 460
For the truly paranoid, you may want to bypass DNS servers and use your own recursive caching DNS resolver to help avoid something called a DNS poisoning attack. I'm not particularly paranoid but did it for fun on my pfSense box. They use an implementation called "unbound".
Understanding DNS
Unbound