What's new

1 Gbit/s Fiber (up and down) - Looking for gear. Which router and AP?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

HansCH

New Around Here
Hello guys,

I am getting 1 Gbit/s Fiber at my new place. The most important part for me is that I do not have slowdowns on Ethernet due to bad hardware. Second, I want good WiFi eventually and I am sick of devices disconnecting. Now I am wondering which hardware to get.

Setup: 3-room apartment

Devices for Ethernet

PC

Hue Bridge

Console

AVR (optional)

Nvidia Shield Streaming Box

Devices for WiFi

4 Music Streaming Boxes

3 Smart Trainer Decives

1 Smartwatch

1 Smartphone

1 Tablet

1 Notebook

4 Light via WiFi

TV

About the router I was thinking about a Edgerouter 12. I was also condering a Ubiquiti ER-4 but the price difference in Switzerland is only 50 USD and it saves me the the money and space for a switch. Are there any disadvantages of having the switch integrated into the edgerouter in terms of performance? I want to use the vpn feature of the router to use VPN for specific devices..

Is there any alternative you suggest to the Edgerouter for my requirements?

I am unsure about the Access point. I do not really need speed apart for the Notebook (Dell with Qualcomm QCA61x4A 802.11ac Dual Band (2x2) 802.11ac – Up to 867 Mbps; 802.11n - Up to 450 Mbps) that is connecting to company VPN and accesses network drives. I just want all devices to not disconnect from the WiFi. In particular with the Alexa's this is annoying because they tell you that they have disconnected.

So I am unsure about the Access point. I like the NanoHD, also because of the Skins, but I am unsure how much MU-MIMO really provides these days. Also I do not understand if I can

Also, I understand that I cannot directly connect a NanoHD but need to use the PoE Power Adapter that comes with the NanoHD to get it working. Is that correct?

So what do you think? I that the right router + AP combination for me or should I take something else? Is there any advantage in getting an Unifi USG as well?
 
Use any old router that can handle gigabit service. Almost all of them are NOT SECURE, find one that is actually secure: routersecurity.org . Plug a TP-Link AP into it. Done. If you want to be spied on use Ubiquity, they phone home now with specific data on what you're doing, ALL OF THEM. THis is all documented as fact in the literature, here, and elsewhere. Do the work, read up. btw- I've been to the Jungfraujoch, and it was great!
 
If you think Ubiquiti is the only one with phone home stuff.....They at least declare it and give opt-out options. To note, my link is about UniFi while the OP is asking about EdgeRouters. I don't know nearly enough about that side of the product line to know if it has similar "issues" that the UniFi products have on this phone home stuff. Nor do I know if the UniFi phone home is limited to the hardware or to the management console. Never cared enough to look. I have too many other smart devices in the house that are already doing way more spying.

https://community.ui.com/questions/...llection/f84a71c9-0b81-4d69-a3b3-45640aba1c8b

There are gobs of options for handling Gig Internet these days. You need to define your budget and your operational overhead desires. Just keep in mind with UniFi APs, rarely is anyone impressed with them when using a single AP. That really isn't their sweet spot. If your AP is going to be in the middle of a public space in your house, look at the FlexHD.

Then again, you said you didn't care about WiFi performance, but more about stability. Pick up a pair of UAP-AC-LITE and distribute them across the apartment. No idea how big or little this apartment is....nor if the walls are sheetrock, plaster, brick, or concrete to understand how much attenuation there is room to room.

The majority of your smart/IoT devices are more than likely 2.4GHz only. If the airspace is already saturated, it will be a challenge for some of those devices that are further away from your AP. More APs that are closer to your devices with lower power radio settings may help.
 
The ER12 is a good choice (8 switched ports - 4 routed ports). It will do 1000Mbps symmetrically. I use the ER4 at home, but I use external Edgemax switches, with Unifi controller and AP's. Could care less about the call home stuff. You can opt out if you want, depending on what controller firmware you are running. To get a good Unifi Wireless experience, you need multiple Unifi AP's. The aren't home consumer wireless blasters..
 
Let's leave the intelligence debate out of this and focus on functionality to solve the OP's problem.

The ER-12 will be fine with the integrated switch and for just one or two APs, gigabit PoE injectors ought to be workable enough. Otherwise, get the ER-4 and a solid managed PoE switch. UniFi switch if you go with their APs; otherwise Cisco SG, HPE or refurb enterprise boxes.

As others have said, discrete APs typically aren't coming preset to blast over-amplified, high noise-to-signal all over the place (ala consumer all-in-ones); rather, they're meant to be deployed in numbers as lower power, offering more backhaul and client capacity per unit space than any all-in-one could hope to muster, beyond 2 or 3 radios. Provided, of course, you deploy them properly. Stick with AC Wave 2 hardware. UniFi or Omada should be good enough. Cisco WAP a bit beefier. Full blown enterprise stuff will be rock-solid, but much more costly (Aruba, Ruckus).

Best of luck.
 
Let's leave the intelligence debate out of this and focus on functionality to solve the OP's problem.

The ER-12 will be fine with the integrated switch and for just one or two APs, gigabit PoE injectors ought to be workable enough. Otherwise, get the ER-4 and a solid managed PoE switch. UniFi switch if you go with their APs; otherwise Cisco SG, HPE or refurb enterprise boxes.

As others have said, discrete APs typically aren't coming preset to blast over-amplified, high noise-to-signal all over the place (ala consumer all-in-ones); rather, they're meant to be deployed in numbers as lower power, offering more backhaul and client capacity per unit space than any all-in-one could hope to muster, beyond 2 or 3 radios. Provided, of course, you deploy them properly. Stick with AC Wave 2 hardware. UniFi or Omada should be good enough. Cisco WAP a bit beefier. Full blown enterprise stuff will be rock-solid, but much more costly (Aruba, Ruckus).

Best of luck.

The router will be in my living room. There I wanted to have my AP. However, I just realized that maybe the router will be close to the TV Setup (not sure on which side of the wall the fiber connector is) and I can hardwire all devices (TV, Streaming Box, Console, AVR, Hue Bridge) but one Alexa.
Then I will have a cable to my home office room and connect devices there via Ethernet. Also there will be at least two WiFi Lights.

Should I always put a (managed) switch behind my router (e.g., ER-4) or will I feel no difference when I go ER-12 (with internal Switch), connect all living room devices and a AP via Ethernet to it (e.g., Ubiquiti AC Lite).

I also have a D-Link DGS-105 unmanaged Switch here in my old place. Could I connect an AP to the D-Link switch as well? Currenctly I use it to connect all the TV stuff to my current router via one long Ethernet cable (Router <-> Switch <-> Devices). For that purpose it is totally fine here I do not care if there is a bottleneck. Not sure if it will work in another node of the network at my new place as well. In a ER-4 <--> Managed Switch <-> D-Link <-> PC Szenario, I would would connect the D-Link to a managed switch and use it as my hub to connect all devices in my home office room (e.g., PC).

Which UniFi Switches can you recommend and what exacly is the advantage of combining their AP and Switch when my router is an Edgerouter? Can I use the Unifi UI to configure them when I have a managed Unifi Switch? Is the Ubiquiti USW Flex Mini an option or do I need to go at least with a US-8-60W? I assume the US-8-60W is superior to the US-8?

AP wise you recommend going multiple UniFi AC Lite AP insted of one NanoHD or Pro?

The NanoHD Skins do not fit on other APs I assume?

Would there be any benefit of connecting switches between rooms via fiber cable (SFP Port)? Looks like a slimmer and easier to hide cable to me...
 
Last edited:
@HansCH : all of the equipment you are considering is compromised. Expect to be hacked as sure as you can expect to be run over by a speeding bicyclist in Zurich ! Bon chance
 
@CrystalLattice - May we trouble you to propose a list of alternate equipment that isn't compromised?

@HansCH - Your endpoints won't likely feel any difference if your core switch is discrete or gateway-embedded. If you're cool with a PoE injector or two, no big deal sticking with the ER-12. However, neither the ER-12, nor the 12P, nor any EdgeRouter or USG (other than the old and under-powered ER-5-POE) support regular 48V PoE, so if you wanted to source and control PoE all on the same box, that's when you'd consider a discrete switch. An added benefit is the discrete switch would also offload processing overhead from the router itself, for at least most local layer 2 responsibilities, or local layer 3 as well if you were to buy a L3-managed switch (not necessary, and often overkill/over-complexity for most home networks).

Regarding your idea of your switching topology, if you can, you want to keep your switching fabric as "flat" as possible -- ie. as few cascading, daisy-chained switches as you can get away with. In a perfect world, you'd home-run all endpoints and APs into the same core switch -- instead of, say, three cascaded 8-port switches, you'd run a single 24-port PoE for a "collapsed core". If you can't do that, an errant access switch here or there isn't the end of the world. Do note, though, that if you get into access-layer VLANs, or anything requiring management from endpoint to gateway, you'll need to rip and replace all the unmanaged switches in between with managed equivalents, in order to keep control of the traffic all the way up and down the path.

As far as UniFi switch choices in particular, the Flex Mini only offers PoE-In (to power it) on one port, and no PoE out, so that won't suffice as a PoE source. I would look at the US-8-60W or US-8-150W as a starting place.

Regarding switch interconnect via SFP and fiber, it's of course lower-latency than copper, but not really on runs that short. It's also a benefit for any switches that support stacking, but UniFi switches don't, and you don't really need stackable stuff TBH. Also, you have to be careful with fiber, as it has a minimum bend radius under which the glass can/will break.... leaving you with an expensive, dead patch cable. (Granted, you have to be fairly clumsy to do it with such small radii, but nonetheless, something you have to be careful of -- you can't just yank and pull fiber cable the way you can sometimes do with copper...)

AP choice and number all depends on the coverage area, client density, client capability and total fronthaul bandwidth you want to offer your client population. If you only have a handful of clients and not many AC Wave 2 clients at all, a cluster of AC-Lite's, placed smartly enough to where their overlapping broadcasts are roam-friendly (-75 to -60 dB), would probably suite you well enough. If you have dozens of clients (IoT, etc.) and/or AC Wave 2 in a bunch of them, then the NanoHD / FlexHD may be better choices, presuming you don't mind the price.
 
Last edited:
@CrystalLattice - May we trouble you to propose a list of alternate equipment that isn't compromised?

@HansCH - Your endpoints won't likely feel any difference if your core switch is discrete or gateway-embedded. If you're cool with a PoE injector or two, no big deal sticking with the ER-12. However, neither the ER-12, nor the 12P, nor any EdgeRouter or USG (other than the old and under-powered ER-5-POE) support regular 48V PoE, so if you wanted to source and control PoE all on the same box, that's when you'd consider a discrete switch. An added benefit is the discrete switch would also offload processing overhead from the router itself, for at least most local layer 2 responsibilities, or local layer 3 as well if you were to buy a L3-managed switch (not necessary, and often overkill/over-complexity for most home networks).

Regarding your idea of your switching topology, if you can, you want to keep your switching fabric as "flat" as possible -- ie. as few cascading, daisy-chained switches as you can get away with. In a perfect world, you'd home-run all endpoints and APs into the same core switch -- instead of, say, three cascaded 8-port switches, you'd run a single 24-port PoE for a "collapsed core". If you can't do that, an errant access switch here or there isn't the end of the world. Do note, though, that if you get into access-layer VLANs, or anything requiring management from endpoint to gateway, you'll need to rip and replace all the unmanaged switches in between with managed equivalents, in order to keep control of the traffic all the way up and down the path.

As far as UniFi switch choices in particular, the Flex Mini only offers PoE-In (to power it) on one port, and no PoE out, so that won't suffice as a PoE source. I would look at the US-8-60W or US-8-150W as a starting place.

Regarding switch interconnect via SFP and fiber, it's of course lower-latency than copper, but not really on runs that short. It's also a benefit for any switches that support stacking, but UniFi switches don't, and you don't really need stackable stuff TBH. Also, you have to be careful with fiber, as it has a minimum bend radius under which the glass can/will break.... leaving you with an expensive, dead patch cable. (Granted, you have to be fairly clumsy to do it with such small radii, but nonetheless, something you have to be careful of -- you can't just yank and pull fiber cable the way you can sometimes do with copper...)

AP choice and number all depends on the coverage area, client density, client capability and total fronthaul bandwidth you want to offer your client population. If you only have a handful of clients and not many AC Wave 2 clients at all, a cluster of AC-Lite's, placed smartly enough to where their overlapping broadcasts are roam-friendly (-75 to -60 dB), would probably suite you well enough. If you have dozens of clients (IoT, etc.) and/or AC Wave 2 in a bunch of them, then the NanoHD / FlexHD may be better choices, presuming you don't mind the price.

Let's say my budget was 500 USD. What would you buy for my network? Here is a map of my Place. TV rack has all the HiFi Stuff. Room with desks is where the PC is standing. Bathroom and Kitchen have an Alexa. I am also annoyed by the placement of the fiber socket. That's why I was thinking about putting fiber cable from one room to another because I assumed that it would be easier to place.

 
Thanks for the layout. Total apartment square footage only appears to be 500 to 600. You should be able to cover that with a single, well-placed AP, and I don't think it's super necessary to move the fiber drop, as it's in a pretty central location already.

With a $500 budget, for route and switch you could do an ER-12 ($225), presuming it offers enough switch ports (8 total). For wireless, I'd do a single TP-Link EAP245v3 ($90), which gives you quality 3x3 Qualcomm-based AC Wave 2 with VLAN capability, and comes with a gigabit PoE injector. I'd ceiling-mount the AP if you can, concealing the ethernet cable via some discrete raceway ($11) if you want. From there, I'd either pocket the remaining ~$150 or invest it into ethernet runs, and/or access switch(es) in any distant locations with several wired devices where a single 1Gb uplink wouldn't be a bottleneck. If you do need access switches, go with L2 web-managed models, as they're really not that much more costly and will ensure manageability for all your traffic -- Netgear GS100E series are fine for the price.

FYI, for wireless I chose Omada over UniFi primarily due to cost, plus you'd be running a non-UniFi gateway and switch with only one AP, basically nullifying any would-be benefits from the UniFi control plane and/or scalability (Omada just as scalable for our purposes, anyways). Additionally, Omada allows its APs to be run standalone and web-managed, whereas UniFi requires the phone app or the controller be present, even for just a single device.

Hope you find that agreeable!
 
Last edited:
I want to use the vpn feature of the router to use VPN for specific devices.

Any details about this VPN you are planning to use? Because ER-12 may not be exactly what you are looking for.
 
Any details about this VPN you are planning to use? Because ER-12 may not be exactly what you are looking for.

Basically, I want to run 1-2 devices on VPN all the time or on request to avoid Geo Restrictions in Streaming. Mostly Pandora Radio which is not available outside of the US unless you use a VPN. The devices do not come with their own VPN Menu. Hence the workaround via Router for these specific devices.
 
If you want to selectively route VPN traffic and you can't run a VPN client on the endpoints themselves, you'll either need to run a VPN proxy device behind the main gateway, then connect the desired devices to that when you want to route them out via VPN, or use only the single gateway with policy-based VPN access. Presuming you're connecting those devices via wifi, the extra hardware approach (all-in-one setup as a VPN client "proxy") is a bit messy, as it impedes upon the airspace of your main wireless. The latter method is more best-practice and can be done two ways: 1) routing policies per endpoint MAC ID, which are manually enabled/disabled on the router as needed, or 2) policy-based route based on VLAN, mapped to a unique SSID on your wireless gear; you simply switch the device(s) in question to that wireless network name when you want to route their traffic over the VPN. The last method would be the best combo of greatest ease-of-use with the least amount of gear, provided you have the chops to set it up properly.

While the above are possible with an ER-12, you'll definitely be typing a lot of command line to pull it off. If that's off-putting, may might be able to do it with consumer gear and custom firmware, ala Merlin on Asus hardware plus some pre-made scripts, or OpenWRT on a Qualcomm all-in-one, but of course neither will be supported, other than wiki's, forum and YouTube. Next level would be a GUI-based firewall OS with better documentation for what you're looking to do, like pfSense or Untangle, on cheap x86 hardware. Barrier to entry there is the learning curve, for sure, but nothing that can't be solved with enough time, documentation and how-to's on YouTube. Maybe @Val D. has something else in mind as well.
 
Last edited:
While the above are possible with an ER-12, you'll definitely be typing a lot of command line to pull it off.

Exactly. Most commercial VPN services use OpenVPN and setting it up on ER-12 is quite a process.

Maybe @Val D. has something else in mind as well.

I'm not sure why we need to go so complicated. Reading the thread I actually missed the fact the place is a small apartment. I usually lean towards router/switch/AP approach, but in this case it's just not needed. A single RT-AX88U router covers all the requirements. It is a consumer router indeed, but it has a pretty good reliability rating based on user feedback and it can do everything from the WebUI, including like up to 250Mbps speeds on OpenVPN with selective routing. I don't see why there is devices disconnecting concern. I expect excellent signal strength in every corner. If the clients itself have no compatibility issues, they should stay connected forever. I would just disable potentially issues creating WiFi features like Beamforming, MU-MIMO, Airtime Fairness, 160MHz/DFS channels, etc. None of that is needed in this small place with not so many clients anyway.

Sorry, @HansCH probably expected to hear something else, but consumer routers in some specific situations are just a better choice. I believe I can walk with a hardwired device in my hands in this place, come on. Ethernet cable 10m long, maximum performance guaranteed all the time. :)
 
Last edited:
Haha re- walking around with a cable attached. ;) But yeah I'm apt to agree. Perhaps I (we?) started down the rabbit hole of discrete gear a bit preemptively. An AX88U running Merlin + scripts could likely pull it off. If not, he'll probably find out in short order and then it's a quick factory-default and Amazon Prime return and onto another approach, at least having given it a shot with what is arguably the best all-in-one for the job.
 
An AX88U running Merlin + scripts could likely pull it off

Everything @HansCH needs is available in Asuswrt-Merlin firmware. Scripts are optional, only if he needs something extra like ad-blocking on the router, IP blocking for extra security feel/satisfaction, separated SSIDs for VPN/WAN, etc. I probably wouldn't even bother with scripts just because I don't want my system to be as reliable as the USB stick used in the process. Just RT-AX88U router (this specific one) + Asuswrt-Merlin and problem solved.
 
Yeah, if you can forgo them and the potentially flaky single point of failure (the USB stick), all the better.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top