Have wifi coverage issues, looking for advice on what to replace my current setup with.

[GawainXX2]

I'm having issues with coverage in a few spots of my house and am looking to overhaul my network with something that can reach those locations. Mesh would be ideal.

My house is 1800 sqft 2 story house with a Basement and the walls are constructed of Lath and plaster.

I currently have 2X ASUS RT-68U's running in mesh mode for wireless clients. One positioned on the ground level of my house and one in my detached garage.

Two of the rooms upstairs have spotty coverage. I've tried putting a third RT-AC68U upstairs As another node (has hardwired connection to the main router) but I then ran into an annoying issue where clients between the two routers would flap back and forth between then, temporarily losing connection each time. I'm already using a directional antenna for my Ring Doorbell so adding another one isn't an option.

I've looked at newer ASUS routers however they all seem to have issues with the 2.4 or 5ghz radios burning out at some point, making me hesitant to purchase one given their price.

Here's the criteria I'd need in a replacement.
- At least a basic level of IDS/IPS
- Can operate in mesh mode.
- Has 2.4/5ghz band steering.
- Can handle a decent amount of bandwidth and concurrent connections.
- Has at least 4 LAN ports.
- Ability to create Guest WiFi Networks
- (preferable but not mandatory) can failover to 4G.

My own research has lead me towards UniFI hardware, especially as I could then isolate my servers and IoT devices from the rest of the network although that would be a fairly expensive jump.

My other thought is temporarily going with a TP-Link AC4000 for the main unit and putting the Router in my Detatched Garage in Bridge Repeater mode but ultimately saving up the $800 or so I'd need to switch my setup over to Unifiardware.

Any advice is much appreciated.

 

[coxhaus]

If you go to separates for networking then it will save when you have to upgrade in the future.
Plus you end up with a more flexible network to change around. You also have more CPUs working at the same time rather than time slice off 1 CPU.

I am not sure why Unifi hardware would cost $800. I paid less than $800 for my Cisco small business network gear which works great for me.

I don't believe you will ever get band steering to work well. If you need high speed wireless switch to 5Ghz.

 

[Trip]

Going to put a lot of content in here, so please excuse the brevity.

Guidelines:

1. Maximum wired connectivity. 1st + obvious choice: Ethernet. 2nd: MoCa or EOC using coax. Last or Never: Powerline. Crap shoot + connection degradation over time.
2. If running discrete wifi, run discrete everything. eBay the Asus units and go clean slate. You de-pollute your airspace + gain all advantages I've mentioned elsewhere on SNB (search my posts).

Gear:

Route & Switch - High-clock MIPS/Tile/x86 router running a distro than can do modern SQM QoS (Ubiquiti EdgeMax, OpenWRT, Untangle), plus an L2+ PoE switch (a reputable brand: Cisco SG or HPE).

• Router - Ubiquiti EdgeRouter 4 ($175). Run 1.10.x firmware (2.0.x not ready yet). If internet <=400Mb/s aggregate, enable Smart Queue QoS on both Up and Down; if >500Mb/s, enable only on Up. Guides for EdgeMax are all over YouTube, Google, UI's help wiki, forums, etc.
• Switch - Cisco SG350-10P ($200). Can run it in L2 mode to keep it simple (Google it). Match VLAN choices to ER-4 for private/guest traffic to/from the wifi APs. Hookup uplink on port 9 or 10 to eth1 on ER-4. You will then hard-wire one of ports 1-8 on the SG350 to your root (master) wifi AP.

Wireless: Ideally, wired backhaul for all obvious reasons + allows for wire-first/wire-only systems (Omada, regular UniFi, Cisco SMB). If can't wire all APs, then go true mesh product.

• Consumer: Amplifi or Eero Pro (no Beacons), in bridge mode. Orbi maybe, but only in a single root AP "star" topology.
• SMB: For full config and better management. If UniFi, make sure it's Unifi Mesh. Cisco SMB can only run "clustered" by wire, no actual mesh (@coxhaus can correct me on that).
• Enteprise: Most polished in all ways, by far. Go with embedded-controller solutions: Aruba Instant or Ruckus Unleashed (my preference). Ruckus is tops on connection quality, especially for mobiles, especially with interference and/or density.

Opinion on Wifi: If budget is less of a concern vs. getting it right the first time, just go Ruckus. One R710 ($340 B2B pricing) on the first floor and one R310 ($200) in the garage. A second R310 on the second floor if needed (it likely won't be). Setup 710 as Master by wiring to the SG350, browse to its IP and run setup wizard. Enable SmartMesh during setup. Then wire in the R310 to SG350 for auto-adoption; disconnect when finished. Put R710 on the first floor ceiling (low-profile raceway is great for concealing Cat6), or high on a book shelf. Either way, AP top/bottom parallel to the floor. Put R310 on the garage ceiling or high on a shelf, closest to near-house wall to grab enough mesh signal. Then finish Unleashed config of private/guest wifi, match VLANs on switch and router and you're good to go.

For buying Ruckus, if you don't mind no phone support (usually not necessary), but still free firmware updates + downloads, working-pull off eBay is a great way to save, or gray-market new off Amazon. In my experience, their radios almost never die, so DOA's from eBay are very low. If you want full support for whatever reason, go with authorized distributors. ProVantage or PCNation are both phenomenal and very aggressive on price.

If you buy smart, you can probably meet your budget. Since our networks are arguably becoming more relied-on than ever, try and think value, as opposed to just cost.

 

[coxhaus]

Opinion on Wifi: If budget is less of a concern vs. getting it right the first time, just go Ruckus. One R710 ($340 B2B pricing) on the first floor and one R310 ($200) in the garage. A second R310 on the second floor if needed (it likely won't be). Setup 710 as Master by wiring to the SG350, browse to its IP and run setup wizard. Enable SmartMesh during setup. Then wire in the R310 to SG350 for auto-adoption; disconnect when finished. Put R710 on the first floor ceiling (low-profile raceway is great for concealing Cat6), or high on a book shelf. Either way, AP top/bottom parallel to the floor. Put R310 on the garage ceiling or high on a shelf, closest to near-house wall to grab enough mesh signal. Then finish Unleashed config of private/guest wifi, match VLANs on switch and router and you're good to go.

.

I heard good things about Ruckus APs. And you recommend them a lot. How well does the roaming work? Can it handle Wi-Fi calling roaming or do you lose a few words like my Cisco small business APs do?

My roaming in my house. An iPad doing FaceTime will not drop a call all over my house roaming across 3 Cisco small business APs. Using a voice call there is only a spilt second delay of a few missed words when the voice call roams.

 

[Trip]

Yeah it's solid stuff, as seems to be the consensus almost universally. A quick glance at SpiceWorks, reddit/r/sysadmin and /r/networking and across most networks of IT pros, corroborates that very well.

Truth be told, they're in a bit of a state of flux as a company, being bough/sold for the third (or fourth?) time in fairly recent history (now owned by CommScope, who acquired Arris, who originally acquired Ruckus). And they don't have the slickest software stack in the world, versus Ubiquiti, AeroHive, etc. Nor do they have as good of vertical integration as HPE Aruba or Cisco. But for the actual first hop, nothing I've seen does as well, especially indoors (reference point being a few dozen installs, not a lot, but enough to compare and contrast with most stuff out there).

With roaming, I'd say it works as well as one could ever want it to, presuming you've nailed the physical setup and your network config. Versus consumer and much of the SMB space where standards implementation is often flakier, and/or real-time optimization is lacking or missing altogether, it can be a notable difference. One of the better explanations I've seen, in almost layman's terms, came from /u/gusgizmo on reddit, when comparing it to UniFi, which I'll quote here:

Unifi hardware-- off the shelf wifi chipset and SoC, take the reference design, strip it of any components possible to drive down build costs. Linux firmware phones home to the "controller" which is really a management server that collects log data and pushes configuration. The ruckus connects back to the controller with a GRE tunnel, and the controller handles control and data flow in realtime for all AP's on the network to extensively coordinate and manage the user experience. Packets don't just vaporize in transit when a client roams from AP to AP, and you get consistent low latency hand off.

Pop open two similarly specced units side by side. Inside the ruckus you find a 6 axis CNC machined antenna of proprietary design. Shielding. Capacitors and resistors to isolate circuits. Little touches to add a dB of sensitivity and selectivity here and there. In the unifi you find that the antenna is a cheap piece of sheetmetal origami. In place of isolation recommended in the SoC reference design, you find bare circuit traces that were "engineered out" via trial and error rather than analysis. "Good enough" sensitivity and selectivity rules the day.

The experience is night and day when it comes to applications intolerant of packet loss and intermittent connectivity. Aka anything enterprise oriented. VoIP. Legacy applications. High user density.

In either case I applaud anyone stepping up from SMB unmanaged gear to managed systems. Can't improve without data, and at least Unifi can deliver that.

I think he was perhaps a bit harsh on Ubiquiti, but you do still have somewhat of a better mousetrap with Ruckus. Hard to believe in the day and age where everything becomes so commoditized so quickly, but they've simply performed better for me, and I suspect that to continue, at least until we approach the end of their patent holds (probably well before then, but I digress). So yeah, I think they're a great value, as I've had just too many times now where I've put it in and the problems just stop. As always (especially at SNB), your mileage may vary.

 

[GawainXX2]

Wow thank you for your detailed reply.

I believe that I would at a minimum need a UniFI USG, 8 Port switch and UAP-AC-M-Pro in order to get started with UniFI hardware.
Given my network topology I think a long term goal would be to gut and redo my entire network, trunking everything to the basement with only the Fiber modem and USG and maybe a switch in the entertainment center on the ground floor.

I "think" My ideal long term solution would be as follows.
1X USG
1X US-24 (Basement)
1X US-8-60W (Garage)
1X US -8-150W (Basement)
2X UAP-AC-M-Pro (one at center of house, ground level, one in garage)
1X UAP-AC-M (For side of house if coverage in yard is weak).

I would then run new cat6 through my house and trunk everything to the basement.
The benefits to this is that I would then be able to have isolated subnets and better cabling practice, it would just be expensive and a PiTA to set up.

Here is a diagram of my current network topology. (I forgot to add the 4G failover USB modem)
https://imgur.com/a/cr0Lvt3

Short term I'm thinking I should replace the RT-AC68U i'm using for the main with either a TP-Link A20 or NightHawk X8 and run the router in the garage as a bridge or Bridge/Repeater opposed to a Mesh node.

Going to put a lot of content in here, so please excuse the brevity.

Guidelines:

1. Maximum wired connectivity. 1st + obvious choice: Ethernet. 2nd: MoCa or EOC using coax. Last or Never: Powerline. Crap shoot + connection degradation over time.
2. If running discrete wifi, run discrete everything. eBay the Asus units and go clean slate. You de-pollute your airspace + gain all advantages I've mentioned elsewhere on SNB (search my posts).

Gear:

Route & Switch - High-clock MIPS/Tile/x86 router running a distro than can do modern SQM QoS (Ubiquiti EdgeMax, OpenWRT, Untangle), plus an L2+ PoE switch (a reputable brand: Cisco SG or HPE).

• Router - Ubiquiti EdgeRouter 4 ($175). Run 1.10.x firmware (2.0.x not ready yet). If internet <=400Mb/s aggregate, enable Smart Queue QoS on both Up and Down; if >500Mb/s, enable only on Up. Guides for EdgeMax are all over YouTube, Google, UI's help wiki, forums, etc.
• Switch - Cisco SG350-10P ($200). Can run it in L2 mode to keep it simple (Google it). Match VLAN choices to ER-4 for private/guest traffic to/from the wifi APs. Hookup uplink on port 9 or 10 to eth1 on ER-4. You will then hard-wire one of ports 1-8 on the SG350 to your root (master) wifi AP.

Wireless: Ideally, wired backhaul for all obvious reasons + allows for wire-first/wire-only systems (Omada, regular UniFi, Cisco SMB). If can't wire all APs, then go true mesh product.

• Consumer: Amplifi or Eero Pro (no Beacons), in bridge mode. Orbi maybe, but only in a single root AP "star" topology.
• SMB: For full config and better management. If UniFi, make sure it's Unifi Mesh. Cisco SMB can only run "clustered" by wire, no actual mesh (@coxhaus can correct me on that).
• Enteprise: Most polished in all ways, by far. Go with embedded-controller solutions: Aruba Instant or Ruckus Unleashed (my preference). Ruckus is tops on connection quality, especially for mobiles, especially with interference and/or density.

Opinion on Wifi: If budget is less of a concern vs. getting it right the first time, just go Ruckus. One R710 ($340 B2B pricing) on the first floor and one R310 ($200) in the garage. A second R310 on the second floor if needed (it likely won't be). Setup 710 as Master by wiring to the SG350, browse to its IP and run setup wizard. Enable SmartMesh during setup. Then wire in the R310 to SG350 for auto-adoption; disconnect when finished. Put R710 on the first floor ceiling (low-profile raceway is great for concealing Cat6), or high on a book shelf. Either way, AP top/bottom parallel to the floor. Put R310 on the garage ceiling or high on a shelf, closest to near-house wall to grab enough mesh signal. Then finish Unleashed config of private/guest wifi, match VLANs on switch and router and you're good to go.

For buying Ruckus, if you don't mind no phone support (usually not necessary), but still free firmware updates + downloads, working-pull off eBay is a great way to save, or gray-market new off Amazon. In my experience, their radios almost never die, so DOA's from eBay are very low. If you want full support for whatever reason, go with authorized distributors. ProVantage or PCNation are both phenomenal and very aggressive on price.

If you buy smart, you can probably meet your budget. Since our networks are arguably becoming more relied-on than ever, try and think value, as opposed to just cost.

 

[Trip]

While, truth-be-told, Unifi isn't my favorite in certain instances, it's mostly for "IT nerd" reasons (as detailed above), and tends to work well enough for most folks. It really shines when you run a full UniFi "stack", so that all gear, from AP to switch to gateway, can be managed via a single pane of glass in one control panel, as you've proposed. I would say then it would be worth it, as that's its primary strength (and why so many MSP IT shops love it, as well).

If you do go all-UniFi, make sure to buy Gen2 CloudKey, if you do go CloudKey for the controller (as opposed to running it in a VM, or on one of your physical computers). And come back and share with us how it's worked out for you after it's been running for a while.

 

[coxhaus]

So do you have any idea on how well does Wi-Fi calling roam using Ruckus? What about UniFi and Wi-Fi call roaming? I have never used either of these products.

Cisco pro wireless gear works much better than their small business gear. It is just too expensive for home use.

Are we saying the Cisco small business wireless is the best for roaming in small scale?

 

[GawainXX2]

It looks like Ruckus could be a route to go with, It seems that they do support VLAN tagging so it'd give me the ability to expand to having a different SSID for IoT vs mobile devices in the future.
https://forums.ruckuswireless.com/ruckuswireless/topics/tagging_vlan_per_ssid

Yeah it's solid stuff, as seems to be the consensus almost universally. A quick glance at SpiceWorks, reddit/r/sysadmin and /r/networking and across most networks of IT pros, corroborates that very well.

Truth be told, they're in a bit of a state of flux as a company, being bough/sold for the third (or fourth?) time in fairly recent history (now owned by CommScope, who acquired Arris, who originally acquired Ruckus). And they don't have the slickest software stack in the world, versus Ubiquiti, AeroHive, etc. Nor do they have as good of vertical integration as HPE Aruba or Cisco. But for the actual first hop, nothing I've seen does as well, especially indoors (reference point being a few dozen installs, not a lot, but enough to compare and contrast with most stuff out there).

With roaming, I'd say it works as well as one could ever want it to, presuming you've nailed the physical setup and your network config. Versus consumer and much of the SMB space where standards implementation is often flakier, and/or real-time optimization is lacking or missing altogether, it can be a notable difference. One of the better explanations I've seen, in almost layman's terms, came from /u/gusgizmo on reddit, when comparing it to UniFi, which I'll quote here:



I think he was perhaps a bit harsh on Ubiquiti, but you do still have somewhat of a better mousetrap with Ruckus. Hard to believe in the day and age where everything becomes so commoditized so quickly, but they've simply performed better for me, and I suspect that to continue, at least until we approach the end of their patent holds (probably well before then, but I digress). So yeah, I think they're a great value, as I've had just too many times now where I've put it in and the problems just stop. As always (especially at SNB), your mileage may vary.

 

[coxhaus]

It looks like Ruckus could be a route to go with, It seems that they do support VLAN tagging so it'd give me the ability to expand to having a different SSID for IoT vs mobile devices in the future.
https://forums.ruckuswireless.com/ruckuswireless/topics/tagging_vlan_per_ssid

A network VLAN is probably the better way to go but if you have ACL, access control lists, you could group your IoT devices together in an IP range and create a subnet for your IoT devices and control access to them under 1 network.

 

[GawainXX2]

After having experimented with Demo UI's for various routers, I'm thinking that UniFi Might be the only way to go aside from rolling the dice with ASUS.
TPLink routers seem to lack ability to set VLAN tagging on WAN port and disable WPS.
The NetGear Genie OS is fairly clunky in my opinion, it isn't clear whether you can disable WPS and the method of tagging/bridging a VLAN to the WAN port is fairly convoluted.

I like the ASUS routers as AIO's the most feature wise but they've had a horrible track record for the reliability of the 2.4GHZ co-processors.

Taking my current topology into consideration, I'm thinking that what I want to do first and foremost is resolve the signal issues in the upper reaches of the house. And replace the functionality of my ASUS RT-AC68U but keep the other devices in place until I can afford to replace them.
https://imgur.com/a/cr0Lvt3


I'm split between the USG and USG 4P, on one hand the 4P hs significantly more functional if the beta IDS/IPS features are enabled, on the other hand it's 3X the price of the USG.

US-8 switch

I'm then not certain which AP would be best as my initial one,
based off what I'm reading the UAP-AC-Pro may be ideal to have as my initial one. I could use the ASUS router in my garage in bridge mode, later on swapping it out for a UAP-AC-M-PRO. It looks like you can bridge a connection between a UAP-AC-Pro and UAP-AC-M-Pro according to the topology requirements page 4. http://dl-origin.ubnt.com/guides/UniFi/UniFi_AP-AC-M-PRO_QSG.pdf


This would give me the ability to leverage VLAN tagging and multiple SSIDs enabling me to segregate most of my clients as well as selectively enable UPNP. I would then gradually replace my switches with UniFi ones and then Install a few more APs or Mesh nodes.

Would a VM running on ESX be fine for the management station?