What's new

Another new member looking for buying advice

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Anric

New Around Here
Hello from an occasional lurker, first time caller.

I would like to ask the learned members of this site for some suggestions as to where I should go with the network for my 100 m2 (1100 ft2) brick built terraced house. As a family we have a lot of tech - currently 60+ devices (connections), split almost 50/50 between wired & wireless, including a growing number of smart devices and the Alexa ecosystem. Ideally I would like to turn off DHCP & only have pre-configured IP addresses handed out so I can keep tabs on what is allowed on the network (did I mention I’m a control freak ), & I also use mac address filtering.

For a few years we had a Buffalo WZR-D1800H running DD-WRT until I killed it trying to update the firmware. Entirely my fault, I knew the moment I did it that I’d clicked/done the wrong thing (can’t remember what now) but it gave me an instant paperweight. :(

The first replacement was an Asus Blue Cave, & I agree with the Smallnetbuilder review that it had good performance and looked better than the average router. The problem was the heat that the review also mentioned; even with very little running through it the temperature was regularly over 50°C (122°F), so warm that it dropped the wan connection. I wasn’t comfortable with the temp & lack of stability so returned it for a replacement but met the same problem & that went back as well (thanks to Amazon).

Currently I have a Netgear R7800 which I put DD-WRT build 41218 on, after it would arbitrarily deny devices internet access, despite me allowing them. DD-WRT does at least allow my washing machine to connect but the USB drive support is not very user friendly, especially after the Asus. I would be grateful if someone could point me towards an idiot proof walkthrough of the easiest way to restore the Netgear to stock firmware, preferably using the user interface (5Ghz not great). I also have an ASUS RT-AC88U on order & due to arrive in the next few weeks that I was wondering about running Merlin on.

I’m open to suggestions about new hardware & firmware, including running a Mesh network or a second router as an access point. As mentioned above I have a lot of devices to connect, & would like to have pre-configured IP addresses only; and have a USB drive connected as a cheap easy nas for media use.


Thanks to everyone who has managed to get this far & I look forward to your replies.
 
sure you could run rmerlin on the ac88u, i do that and it fixes some issues on the original firmware. However i also have other hacks to deal with overheating issues.
On my asus 68U, i have a cheap desktop case fan that uses USB connected to it, really keeps it cool.
For longetivity you'll want to keep your wifi chip below 50C, above 60C wifi can get problematic due to the sensitive nature of its physics in relation to the frequency.
The CPU will work fine up to 105C, so nothing to worry there but thermometer placement can make readings be too high or too low.
Other low quality SoCs have a max tempt of 80C, so i would not worry much either, this isnt for the main chip/CPU but things like ethernet controllers, switch CPUs and so on.

The biggest factor is the PSU. most failures are caused by either PSU or the PSU itself failing. The AC88U should come with an asus laptop PSU so it does well on the PSU side of things. I wouldnt touch netgear for a variety of reasons and cisco because of legality and they're just for show now but at least you're using custom firmware.

I am very happy with my ac88U. out of the 3 asus routers i bought, they all performed really well and are still in use today, even my AC68U. Sadly my Ac3200 got stolen, and that is why its important to have strict business procedure and not to take your employees stuff or rely on their stuff either (me being the employee and somehow the provider) without any reimbursement.

The one annoying bug i had though was with QoS, i could not get manual or auto QoS to work properly, so all my Asus routers are just APs, my main router is mikrotik which gives me far more control over any consumer router. If you truely want control use DHCP with radius, you get more control because without DHCP someone could easily figure out your IP network and just assign themselves an IP and get around your control, which does not work with radius.
 
Hello from an occasional lurker, first time caller.

I would like to ask the learned members of this site for some suggestions as to where I should go with the network for my 100 m2 (1100 ft2) brick built terraced house. As a family we have a lot of tech - currently 60+ devices (connections), split almost 50/50 between wired & wireless, including a growing number of smart devices and the Alexa ecosystem. Ideally I would like to turn off DHCP & only have pre-configured IP addresses handed out so I can keep tabs on what is allowed on the network (did I mention I’m a control freak ), & I also use mac address filtering.

For a few years we had a Buffalo WZR-D1800H running DD-WRT until I killed it trying to update the firmware. Entirely my fault, I knew the moment I did it that I’d clicked/done the wrong thing (can’t remember what now) but it gave me an instant paperweight. :(

The first replacement was an Asus Blue Cave, & I agree with the Smallnetbuilder review that it had good performance and looked better than the average router. The problem was the heat that the review also mentioned; even with very little running through it the temperature was regularly over 50°C (122°F), so warm that it dropped the wan connection. I wasn’t comfortable with the temp & lack of stability so returned it for a replacement but met the same problem & that went back as well (thanks to Amazon).

Currently I have a Netgear R7800 which I put DD-WRT build 41218 on, after it would arbitrarily deny devices internet access, despite me allowing them. DD-WRT does at least allow my washing machine to connect but the USB drive support is not very user friendly, especially after the Asus. I would be grateful if someone could point me towards an idiot proof walkthrough of the easiest way to restore the Netgear to stock firmware, preferably using the user interface (5Ghz not great). I also have an ASUS RT-AC88U on order & due to arrive in the next few weeks that I was wondering about running Merlin on.

I’m open to suggestions about new hardware & firmware, including running a Mesh network or a second router as an access point. As mentioned above I have a lot of devices to connect, & would like to have pre-configured IP addresses only; and have a USB drive connected as a cheap easy nas for media use.


Thanks to everyone who has managed to get this far & I look forward to your replies.

A single wireless router ought to cover your area. Your new Asus router will allow you to add a second Asus wireless router as a wireless AiMesh node for extending WiFi coverage.

I would stick with stock firmware until you have proven the hardware healthy and need additional functionality.

The typical firmware install is to wire a PC to the router (on a UPS), download the firmware, reset the router, cycle power, flash the desired firmware, reset the router, and then configure the firmware from scratch.

Assigning static IPs to clients is tiresome and some clients do not permit it. So, I would use the router DHCP server... and/or its manually-assigned IPs (from within its DHCP server IP Pool), if you must. The downside is that firmware updates with re-configuration from scratch will require re-entering all manually-assigned IPs/MACs.

Save the router USB NAS trial until after you have your new network established and stable.

OE
 
System Error Message:
Many thanks for your reply - I think, as the whooshing sound the parts about DHCP with radius made as it flew far over my head was very enjoyable :).

Of the bits that I understood, the temperature problems that I had were with the returned Blue Cave(s), where the external surface temps were frequently over 50C in the area of the heatsinks as reported by an infrared thermometer at 6" so could be viewed as not highly accurate, suffice to say I was uncomfortable with my hand on it for other than a short period of time. Having watched the Asus video on the Blue Cave it seems that they worked hard on heat dissipation, just not sufficiently in my case. I was uncomfortable with a device that ran that hot for so long, and the resulting instability was almost a welcome relief as it helped with the return. It was a shame as when it worked it was good for me.

How I was thinking of running was with the ac88u as the main router, with or without the rmerlin firmware at first, with the r7800 retired while I work on getting the standard firmware back on, then maybe...?

Mikrotik sounds interesting, as it seems to offer easy network expansion, but at the moment seems way beyond my modest abilities.
 
OzarkEdge:
Thanks to you as well. I was hoping that the Asus would be able to cover the house as well as the Blue Cave did when working, which was certainly better than the r7800 seems able to deliver. My concern is with the 'volume' of connections rather than the distance; as stated there are 30ish possible wired connections (house is wired throughout), with another 30ish devices to connect wirelessly including doorbells, cameras, & multiple Alexa, tablet and mobile/handy/cell devices.

With the DHCP server, the manually-assigned IPs is what I was thinking of doing again, rather than setting the clients to static. Previously I reserved all devices a static IP in the router (the dead Buffalo) and then let the clients request a dynamic address, but gave them a static one "any colour you like as long as it's black". I then turned off the server in the belief that any new device would not get an address and thus not be able to connect. I then exported all the MAC addresses to Excel so I could copy and paste them back in if required, and was I glad that I did.
 
Static leases aren't that great as an access control mechanism. You're best off doing that via MAC ACLs and/or VLAN assignment, or ultimately RADIUS auth on top of DHCP, as @System Error Message mentioned. Regardless, I would at the very least implement gear that has native VLAN and ACL capability out-of-the-box.

The above suggestion would mean looking outside of typical consumer stuff; VLAN/ACLs often do work in custom firmwares, but can often be buggy at the least. One of the easier forays into this realm is going all Ubiquiti UniFi; the software controller allows for a single pane of glass over APs, switches and gateways, albeit a bit more basic feature set than other VLAN-capable gear. Nevertheless, a Dream Machine would give you the "all-in-one" starting point, plus having the controller built in means all you'd have to do is add a PoE switch and APs as needed. You could also take a more piecemeal approach via a standalone gateway, like a Ubiquiti EdgeRouter, Mikrotik, Cisco RV or pfSense box, combined with a quality managed PoE switch -- a Cisco SG350 or similar -- and VLAN-capable wifi, like UniFi, TP-Link Omada or an integrated controller product like Aruba Instant On or Grandstream GWN. All of the above can be done also with Mikrotik, but it will be by far the most technical to setup.

So that's the broad overview of beyond-consumer options, if you're thinking of going that route. The one main benefit is that when setup properly, you will not have the flakiness issues you've been experiencing by trying to load all these services on all-in-ones. Your network will run like a Swiss watch in comparison. That is provided, you're willing to spend the time and effort in learning how to set all of this stuff up. I think it's worth it.
 
Last edited:
WOW! Well that certainly extended the boundaries of things that I know nothing about into whole new areas. :D

Funnily enough Trip, your post came just as I had spent an hour trying to educate myself about Ubiquiti products, and liking what I was seeing. Would I be correct in thinking that they offer a more ‘aesthetically pleasing’ solution than Mikrotik do?

I suppose before we go much further I’d better note down what I’ve got at the moment, and what I want to do. As mentioned the house is in a terrace from just before WW1 (1914 is our best guess, although modified by the Luftwaffe in the second) with brick external and internal walls. Downstairs are hallway, 2 rooms and the kitchen, upstairs 3 beds & bathroom. During renovations I wired the house with Cat5, giving 2 ports in each bedroom, one in the loft, 3 in the front room & 4 in the back room.

Internet (76 down/20 up) via ADSL modem comes into the front room, where the current router sits. Connected to the router is a 16 port tp-link Gigabyte unmanaged switch TL-SG1016D, with an assortment of devices. Also connected to the router is the 24 port switch under the stairs that manages all the room ethernet ports - another tp-link, this time a TL-SG1024D. There are computers in two of the bedrooms, a PS4 in one of them, and a Yamaha streamer in the third. In the living room is another 8 port switch for the TV, DVD, htpc, and another Yamaha device.

We all have laptops, tablets, and smart phones, with a few hand held gaming devices. From Ring we have a wireless doorbell, wireless chime & Poe camera. Currently there are 4 Alexa audio devices, 2 Echo Shows, internet enabled washing machine and about six smart plugs so far.

Usage wise, obviously one of the girls likes her gaming, the rest is general internet, internet radio, some downloading and streaming, Netflix, Amazon Prime, YouTube & Spotify.

I like the idea of a ‘fix & forget’ network, but as the Ubiquiti devices have a 20-30% premium in the UK (the Dream Machine comes in at nearly $400), it may be a progressive change – one purchase then add-ons. I understand some basic networking, but have little in depth knowledge & tend to stay in my comfort zones, but at one time I didn’t know what I know now...

From the network I would like something stable that requires minimal maintenance, with a level of upgradeability – dual band ac for now, as we have nothing yet that requires ax; that is able to support the large number of devices that we currently have, with perhaps more in the future. App management would be handy, but nowhere near essential, as I prefer to work through a web interface & we're never far from a device. I used the static leases as a means of having a type of MAC filter on wired connections, so nothing that I was unaware of could connect easily to the network. Qos I also employ to permanently restrict some devices (users) to a fixed share of the bandwidth, after all I pay for it & if they are too comfortable they might never leave again. :)

Sticking with Ubiquiti for now, the Dream Machine does seem a good option, as it seems to tick all the boxes, with options for expansion – I assume it’s not Poe out of the box, but would need an additional switch? (not essential as have only 1 device). Would the Amplifi also be option, as SWMBO likes the looks of them, particularly the Alien – but this is not yet available here.

Thanks for reading this far, & over to you for any and all suggestions.
 
Well, I asked for buying advice & got it, so it would be rude not to act upon some of it...
Courtesy of the fine folk at NetXL of Guildford here in the UK and their magnificent next day efforts, I am now the proud keeper of a Ubiquiti Secure Gateway (USG), and 2 UAP-AC-LITE. I discussed with them the UDM option, but giving what I had already they felt that the USG & 1-3 access points would be the best solution (cheaper too).

Installation was mostly a breeze - apart from the Unifi Controller refusing to let me log in, possibly as I was running it on a PC and not a cloud key, eventually solved; me misunderstanding what the LAN2 connection did; and finally one of the UAPs getting the sulks during some cable swapping and refusing to play; but now we have 2 flying saucers glowing blue nailed to walls. The WiFi appears to be much better, and certainly more stable than 24 hours ago, so thanks for your suggestions.

Two things I have yet to work out: access control and traffic shaping, one I think is a matter of learning, the other may be beyond the USG's capabilities. As mentioned we have an assortment of devices, that I want on the same LAN so I can grab any device to sort out the others (sorry if my network management is a bit unorganised). That combined with use of my existing switches for the time being seems to rule out VLANs. Can access control lists be used with the USG, & if so can someone point in the direction of a good starting point? What I would like is for only known, configured clients to be able to connect wired or wirelessly, I don't mind the admin to add & remove each time.

When I researched the USG before buying I was delighted with the User Groups feature, and the bandwidth limits it offered seemed ideal. It was one of the first settings that I rushed to thinking that I could create one group, add the required machines and voila. If only it was this easy... Apparently Ubiquity have decided that these restrictions will only apply on wireless clients - I can sort of see why, as if you have plugged into the network you probably belong there so why restrict? In my consumer environment being able to restrict our tame bandwidth hog is essential, & if I'd known that the USG would fail utterly in this area I wouldn't have bought it. I like very much how it looks and operates, despite the steep learning curve many of its capabilities require, but fundamentally it fails in one of my crucial areas.
I have previously used a script in dd-wrt to restrict speeds, but as the USG has no command line I can't use this (providing I can find a tool to help me write it), & me trying to edit and insert a JSON file is a disaster in the making :)

I am currently considering my options:
1. Go back to the R7800 - now reset and loaded with the latest Voxel firmware & see if this does any better than stock/DD-WRT, using the Unifi UACs for wireless, & USG as paperweight;
2. Configure spare Asus RT-AC58U as router, UAC & USG as above;
3. Wait until Asus RT-AC88U arrives (now before end Jan) & then as above;
4. Buy new device like Edgerouter X5 or TP-Link TL-R600VPN - Edgerouter has command line, TP-Link seems to do it natively.
 
I have about the same number of devices all running behind a r7800 on hynman master openwrt. Works great!

For internet (76 down/20 up) via ADSL modem a top level consumer router like a r7800 is plenty. If you want to distribute the wifi load you could put another hardwired 4x4 access point on opposite end of the house and have the wifi devices roam between (used r7800s are getting cheap).

Static IPs and MAC filtering - tremendous amount of time for a feature that adds no performance benefit / can easily be spoofed.

I’d focus your efforts on traffic shaping. Consider openwrt if you want to use something like SQM.
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top