What's new

Picking the best router

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

L

lucas.robb

Guest
Hello All,

I'm in a dilemma. I've got a problem with an infinite number of solutions that each have their pros and cons.
The Dilemma:
* I have a PFSense box which is starting to "break down", with in-place upgrades and installing and removing packages the configuration changes I make won't stay
The Environment:
* modem -> router (pfsense box) -> Cisco Catalyst switch -> AP, ESXi server, etc.
* multiple 802.1q vlans
* Router Hosted OpenVPN with LDAP authentication
*PFSense basic port forwarding, DHCP, ACLs, and inter-vlan routing (nothing extensive)

Some of the options:
* Edgerouter X/Lite
*Unifi Security Gateway
* format and reinstall PFSense box (a lot of work with limited overlap for fail-over)

Would appreciate all the help I can get, also open to other options, but would love to keep in line with what I've offered and capable of supporting what I need it to run
 
The Edgerouter X ( I like the ERX SFP, as I use the fiber port) would be my first go to router. Decent price point. The ERL is getting long in the tooth.. If QoS is what you are looking for, you will take a performance hit. If you can wait a while The Edgerouter ER4 - https://www.ubnt.com/edgemax/edgerouter-4/ is now GA and is supposed to be shipping to stores. I am waiting to get my hands on one.
 
Sounds like you are an expert. In that case I would use https://lede-project.org/docs/user-guide/security-guide-for-the-paradoid [sic] as a basis. Lede/OpenWrt gigabit routers(used, 600mhz proc., 16mb flash, 64mb ram, e.g. netgear wndr3700) are about $10 on ebay. The switch(smart) is about $20 new. Just add the APs of your choice. Exotic admin network components not necessary unless you are running web servers. If the main firewall slows down with too many added OpenWrt packages like
Smart Queue Management (SQM), just add another Lede router after it inline.Minimal linux knowledge is hardly required. Easier to use than Ubiquity products. Great fortune in your quest for a new network! :)
 
I'm in a dilemma. I've got a problem with an infinite number of solutions that each have their pros and cons.
The Dilemma:
* I have a PFSense box which is starting to "break down", with in-place upgrades and installing and removing packages the configuration changes I make won't stay

Rebuild the pfSense box - pfSense 2.4 and going forward, there's a fair amount of change, and this is also impacting the 3rd party packages...

pfSense 2.4 - on Intel - 64bit required
pfSense 2.5 - AESNI is also required

Once one has gone down that path with pfSense, and have a good solution going - one is likely not going to be happy with OpenWRT/LEDE or an EdgeRouter X...
 
Rebuild the pfSense box - pfSense 2.4 and going forward, there's a fair amount of change, and this is also impacting the 3rd party packages...

pfSense 2.4 - on Intel - 64bit required
pfSense 2.5 - AESNI is also required

Once one has gone down that path with pfSense, and have a good solution going - one is likely not going to be happy with OpenWRT/LEDE or an EdgeRouter X...

Jim Salter finds that "pfSense is pretty... tweaky. I've actually been hammering at it on various hardware off and on for a couple of months now, and it's frustratingly inconsistent. " OpenWrt displays better throughput waveforms, and can do much more.
 
Test out opnsense for a couple hours before you reinstall pfsense if you choose that option.
 
The Edgerouter X ( I like the ERX SFP, as I use the fiber port) would be my first go to router. Decent price point. The ERL is getting long in the tooth.. If QoS is what you are looking for, you will take a performance hit. If you can wait a while The Edgerouter ER4 - https://www.ubnt.com/edgemax/edgerouter-4/ is now GA and is supposed to be shipping to stores. I am waiting to get my hands on one.
I really like the ER4, only question is the console port the same as cisco? Secondarily, what is the expected price point? (relative the ER-x +/-)
 
Sounds like you are an expert. In that case I would use https://lede-project.org/docs/user-guide/security-guide-for-the-paradoid [sic] as a basis. Lede/OpenWrt gigabit routers(used, 600mhz proc., 16mb flash, 64mb ram, e.g. netgear wndr3700) are about $10 on ebay. The switch(smart) is about $20 new. Just add the APs of your choice. Exotic admin network components not necessary unless you are running web servers. If the main firewall slows down with too many added OpenWrt packages like
Smart Queue Management (SQM), just add another Lede router after it inline.Minimal linux knowledge is hardly required. Easier to use than Ubiquity products. Great fortune in your quest for a new network! :)
I've worked with OpenWRT and DD-WRT in the past, but I wasn't sure if the interfaces on the routers (and I'm sure this is a cas-by-case problem) are setup with independent interfaces or if they are setup as 1 interface and 1 switch.
 
Rebuild the pfSense box - pfSense 2.4 and going forward, there's a fair amount of change, and this is also impacting the 3rd party packages...

pfSense 2.4 - on Intel - 64bit required
pfSense 2.5 - AESNI is also required

Once one has gone down that path with pfSense, and have a good solution going - one is likely not going to be happy with OpenWRT/LEDE or an EdgeRouter X...
looking at my setup/configuration I really find that I'm not using a lot of PFSense specific stuff, moreso, that I'm using very basic features (port forward, DHCP reservation, etc.) the only thing that I really am needing to be aware of as I make the move is that I really like the OpenVPN server and client export built into this setup that I would have to find a way to replicate (which is basically just client auth OpenVPN with an LDAP authentication back-end).
 
Yes, the ER 4, has a Cisco like console port - https://www.ubnt.com/edgemax/edgerouter-4/

It's somewhere around $200. https://community.ubnt.com/t5/EdgeMAX/EdgeRouter-4-ER-4-now-available/td-p/2129910/page/4 - There's a link on the last page, for $183. These are supposed to be quicker tahn tthe ER8's. They are just starting to ship. If you can wait , you should be able to find one, hopefully, early in the New Year. When these routers were in Beta, they were routing ports only, no switch chip. But that may (might have) change(d).
 
Does anyone know the hit on the ER 4 when using Smart Queue yet?

I have a ER Lite and ER X, both perform very well when Smart Queue is not used but Buffer Bloat is an issue. When I enable Smart Queue the Lite drops my 350Mbps connection to 100Mbps and the X drops to 200Mbps so obviously I use my X now.

The ER 4 is shipping now but there seems to be a high demand so if you have a chance to get one and you really want one, get it!

I am REALLY interested in the 4 but I want to know the Smart Queue results or would I be better of just building a PFSense box.
 
Does anyone know the hit on the ER 4 when using Smart Queue yet?

I have a ER Lite and ER X, both perform very well when Smart Queue is not used but Buffer Bloat is an issue. When I enable Smart Queue the Lite drops my 350Mbps connection to 100Mbps and the X drops to 200Mbps so obviously I use my X now.

The ER 4 is shipping now but there seems to be a high demand so if you have a chance to get one and you really want one, get it!

I am REALLY interested in the 4 but I want to know the Smart Queue results or would I be better of just building a PFSense box.


I would ask any ER4/6 related questions here: https://community.ubnt.com/t5/EdgeRouter-4-EdgeRouter-6/bd-p/ER-4-6
 
I am running my old Cisco RV320 router with my Cisco layer 3 switch. My Cisco switch handles all the VLAN routing and DHCP. The RV320 router paints web pages pretty fast. I quit using my pfsense server since they introduced a web page slow down on my system with their updates and my RV320 was faster. The RV320 can be had cheap used.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top