Is the RT-AX88U Pro overkill with PFSense?

[Tekomancer]

My current setup is gig fiber coming into a pfSense box for routing, then out to two T-Mo routers as WAPs flashed to RT-AC68U with wired backhaul. The house is 30 years old, but the builder had the foresight to put in cat5 cable. I have a bit of cash for a tech upgrade and it seems that I'm overdue for some AP love.

I see the RT-AX88U Pro recommended consistently as a solid choice. I know nothing is future proof and the week after I have everything running smoothly, something better for half the price will come on the market. What I'm trying to figure out is if this investment makes sense. I can't really leverage the 2.5Gb throughput both due to cable limitations and because my fiber isn't fast enough for it. pfSense works fine for me, though I have occasional network hiccups I've been unable to diagnose for years (not 100% sure it's in the router, as my wired connection is stable - different convo) and I'm not leverage the platform to its fullest. Some other annoyances like OpenVPN not consistently working leave me open to using the new device as router as well as WAP though it's not a requirement.

If it makes any sense at all, I'd like to keep using the AC68Us to provide consistent coverage in a three story house. I'd appreciate insights, unfounded opinions, or anything else you have to offer on what makes sense here. Thanks in advance!

 

[Tech Junky]

Why would you buy a router to gimp it into an AP?

 

[Tech9]

Yes, get proper APs @Tekomancer with PoE and VLAN support. This router with beta firmware is no good match to your pfSense box.

 

[Tekomancer]

Appreciate the responses. To be clear, it sounds like what I'm hearing is the AX88U is a good fit but the recommendation is to use it as router as well as AP. Am I close?

 

[Tech9]

No, you need an AP only. Get a business class AP and not a home router with just released new firmware.

 

[GHammer]

The AIO home routers that I have had experience with had much better range than business APs that I tried.
IMO business APs are built to handle more connections and not maximize range. Makes sense, more devices in a business area along with more APs.

In my home, the business APs did not provide the same (or even usable for some IoT devices) coverage as my single ASUS AX86U.
The thick, dinner plate size white item on the ceiling also failed the wife acceptance test.

I too run a pfSense box, which I happen to like better than the ASUS/Merlin routing. So, I have the AX86 running in AP mode.

Were it me, I'd find out why the pfSense box is introducing issues and correct that first. Then, I don't know if the AX88 Pro is needed if you are not going to use the additional ports it offers over say an AX86 Pro. In any event, if you are happy with the radios in the existing APs, why change them out now?

If you don't try to use your router as a NAS/bittorrent/ad blocker no reason not to simply use an AIO router as the router. I usually see people having issues when they insist that since ASUS included the ability, then they are darn well going to use it as a NAS, etc. Usually leads to suboptimal results.

 

[Tekomancer]

Thanks. I have a solid unRaid NAS setup and torrenting isn't a needed use case. Ad blocking could be nice but browser extensions are working well enough.

My gut tells me that the intermittent net issues are related to the APs, since my wired desktop has never been impacted. If properly configured, some APs would probably suffice but I do want a mesh network and would prefer to leverage as much current hardware as possible. That being said, I'm here asking because I obviously need the help...

I tried to get Squid/Suricata/etc set up on pfSense but it was probably trying to run before walking and I didn't have the expertise to understand/complete the extended setup processes. I'm generally tech savvy, but networking is about as close to magic as it gets for me from a comprehension point of view

 

[drinkingbird]

Thanks. I have a solid unRaid NAS setup and torrenting isn't a needed use case. Ad blocking could be nice but browser extensions are working well enough.

My gut tells me that the intermittent net issues are related to the APs, since my wired desktop has never been impacted. If properly configured, some APs would probably suffice but I do want a mesh network and would prefer to leverage as much current hardware as possible. That being said, I'm here asking because I obviously need the help...

I tried to get Squid/Suricata/etc set up on pfSense but it was probably trying to run before walking and I didn't have the expertise to understand/complete the extended setup processes. I'm generally tech savvy, but networking is about as close to magic as it gets for me from a comprehension point of view

If you have a PFSENSE box you already have everything except the wireless access point, so as others have said, just get a good AP (or set of APs). Ubiquiti, TP-Link Omada, Mikrotik, etc. I guess if you want a mesh system you can look at some of those but generally they're going to be expensive and include functions you don't need.

That T-Mobile router hasn't gotten updates in years and is very old at this point. You can get one or two very good APs (that will nicely ceiling or wall mount and blend better) for the price of the AX88U Pro. And if you go with one of the brands above (or a few others) they'll even have VLAN support and advanced guest settings, which is all you'd be getting on the "Pro" 88 over the regular 88 anyway.

 

[Tekomancer]

Unfortunately, without a mesh system in my house, there's going to be signal issues. I originally had multiple WAPs (not meshed) and it was a mess. I'd have to disconnect from Wi-Fi and reconnect to get the closer WAP - just not fun. I like TP-Link stuff, but it looks like their mesh system requires a separate controller. After I've bought a couple WAPs and a controller, I'm basically at the cost of the AX88U already. If that's what makes the most sense, then so be it. Maybe it's just taking me a while to mentally shift, but that seems like about as much overkill as just going with the Asus...

 

[Tech Junky]

disconnect from Wi-Fi and reconnect to get the closer WAP

Did you specify opposing channels so the clients would switch based on the stronger signal? That's all mesh does is coordinating the channels. Sadly though mesh systems degraded your speed to provide backhaul to the main node. If you tie in multiple APs wired and then actually configure them properly instead of using the auto settings they work great.

 

[Tekomancer]

Did you specify opposing channels so the clients would switch based on the stronger signal? That's all mesh does is coordinating the channels. Sadly though mesh systems degraded your speed to provide backhaul to the main node. If you tie in multiple APs wired and then actually configure them properly instead of using the auto settings they work great.

This is mixing states In the older state, I had multiple APs but unmeshed, which is where I had to manually switch - no, I wasn't aware of how to properly coordinate the channels to do this more seamlessly. In the current state, the meshed Asus APs use a wired backhaul, so there should be no degradation of speed.

If the recommended future state is to go all-in on WAPs, then so be it. The need for a separate/dedicated mesh controller is new to me and I don't love it but I can accept it. If anyone has a system they like, I'm all ears.

 

[Tech9]

IMO business APs are built to handle more connections and not maximize range.

Most business APs are built to work in groups. Home AIO routers work on max power as single AP. May provide better range, but support less clients, have external power adapter, external antennas for show and lack important VLAN support when used with VLAN capable router/firewall. The new Asuswrt Pro firmware offers VLAN support, but on very early stage to tell how well it works. Also hardware and software are better with business APs.

I originally had multiple WAPs (not meshed) and it was a mess.

What do you think AiMesh is apart from fancy marketing name?

 

[Tech9]

the meshed Asus APs use a wired backhaul

Nothing is "meshed" there. Just two APs with the same settings and minimum control. Marketing meshed.

 

[Tech Junky]

The need for a separate/dedicated mesh controller

If you manually set things you don't need a controller. If you want them to coordinate with each other then a controller automates some of it and adjust things for coverage and clients.

When 2.4 was the go to you set them on 1/6/11 as they don't overlap. With AX though depending on the spectrum you choose you really only have low/high channels to assign. If you go for speed and 160mhz bandwidth it bonds 6 channels into one leaving you with 2 usable ends of the spectrum in 5ghz but, 6ghz offers more. The problem with 6 though is cheap devices and old devices don't support it at all. The penetration of 6 is less and requires more APs to reach all corners.

Most APs offer a controller option and it's cheaper with some brands and outrageous with others. Some offer HW and others a web based subscription. It depends on which makes more sense to you though.

 

[Tech9]

If you go for speed and 160mhz bandwidth it bonds 6 channels

80MHz is 4x 20MHz, 160MHz is 8x 20MHz.

 

[Tech Junky]

80MHz is 4x 20MHz, 160MHz is 8x 20MHz.

OK! I was going off the top of my head and not doing math or looking at a config. Either way it consumes all of the channels pre/post DFS on 5ghz. That's the point.

 

[Tekomancer]

Well, I appreciate the advice and am now properly overwhelmed. Rather than a binary "Should I get this or not" the question has evolved to building and tuning a technical ecosystem. Guess I'll just let the existing system limp along for now, until I have time for night classes in networking

 

[drinkingbird]

Well, I appreciate the advice and am now properly overwhelmed. Rather than a binary "Should I get this or not" the question has evolved to building and tuning a technical ecosystem. Guess I'll just let the existing system limp along for now, until I have time for night classes in networking

If you have two old AC APs now, you may very well be able to get by with a single AX or better one placed centrally and up high. May simplify your setup. If not, having two devices and setting their minimum RSSI (asus calls it roaming assistant, others call it other things) to force roaming (or setting roaming to aggressive on your clients/phones) should take care of the manually switching.

None of it is perfect with current roaming technologies. If a mesh system is attractive to you to try and minimize how much you have to intervene, certainly worth a try. A pair of Asus is going to be expensive and overkill, you can look at the various "pod" setups out there, many like them as you can just pop them on a shelf and they aren't as ugly, but they also typically aren't the best performers either.

Then again if you're happy with the way Aimesh works and don't want to get into other things, then a pair of Asus may be your best bet (or like I said, a single one may be plenty). Just don't waste money on the top of the line "Pro" unless you need VLANs and the extra more advanced guest network setup. Heck even if you do need VLANs, the standard Asus create a couple by default for the 1st guest network so that may be sufficient.

Maybe what is causing some of the confusion is that you're running a fairly advanced setup with PFSENSE but looking to use standard off the shelf home routers so it's sort of a contradiction, the assumption is if you're going semi-pro on the router it would make sense to match on the APs (and have them only be APs, not routers where you won't use most of the features).

 

[Tech9]

If you have two old AC APs now, you may very well be able to get by with a single AX or better one placed centrally and up high.

Only if the two APs overlap a lot and not placed properly. Two RT-AC68U at -60dBm apart (whatever distance this translates to in the specific environment) will beat any other single AP in range, AX or BE. I read stories around how 2x AC units were replaced with single AX unit, but this only tells me the AC units were not placed in optimal locations. One central AP with better range may cover the house, but what used to be outdoor range will be lost.

Can't beat Wi-Fi physics with imagination.

 

[Tech9]

I see the RT-AX88U Pro recommended consistently as a solid choice.

If Asus, I would get 2x RT-AX86U Pro. More compact design, Pro firmware. Wired in AP Mode, no AiMesh.

I can't really leverage the 2.5Gb throughput both due to cable limitations and because my fiber isn't fast enough for it.

Why paying for more 2.5GbE ports on the router you won't use anyway then? Waste of space and money.