Router Advise for new Home Network

[MG23]

Hi all,

Looking for some advice.

Mainly, is there any cheaper alternative to the Ubiquiti pro 4 security gateway router that offers good performance? Have 500mb from Virgin media and want to utilise the speed.

More info - just finishing off a refurb at the house and need to make a decision on home networking gear, specifically the router (but if you have recommendations for the other gear I'm all ears).

There is 20 cat6 terminations in various rooms which will run a variety of devices (smart TVs, Sonos, PCs, etc).
Everything is terminated in the garage so have got a 12U rack to house modem, router, switch, patch, Sonos Amps (in future), CCTV (in future) etc.

After a lot of reading the Ubiquiti gear seems excellent, however, I just can't justify the cost of all of their gear, especially the 24 port switch which is around £350.

The Unifi security gateway Pro 4 looks good, but is around £300, as mentioned above hoping there is something else out there that is cheaper without losing much performance?

Can I run this router and then an unmanaged switch for the 24 ports?

Any advice would be appreciated as I'm interested in networking but have limited knowledge.

Thanks

MG

 

[Trip]

The only point of running a USG-PRO-4 is if you're also running UniFi for wifi and switching -- for the single point of control over LAN to WAN via a single controller. Otherwise, there is better throughput bang for the buck, for sure, but you're trading dollars for skill level in looking at cheaper but more capable products. So while the likes of a Ubiquiti EdgeRouter 4, Mikrotik RB3011/4011, or pfSense/OpenWRT on x86 hardware will all be cheaper, higher throughput and more capable, they won't be as easy to setup or administer. Everything comes at a cost; whether it's the item itself or the labor/know-how.

If you're having trouble justifying the cost of Ubiquiti gear in general, then I'd suggest looking at the likes of TP-Link for switches and their Omada series for a wireless system, plus perhaps a Linksys LRT214 for a gateway if you need something simpler to operate, otherwise one of the suggestions I gave above.

 

[System Error Message]

he mentioned a lot of alternatives above, but you need to know what features you need. For instance with every router brand there is hardware NAT, but use QoS and it cant be used relying on CPU speeds. Ubiquiti i know suck at non hardware accelerated stuff compared to mikrotik, otherwise you're looking at the hex3 or ERL (make sure to get the latest versions) for hardware accelerated NAT. on the consumer side pretty much every recent broadcom and qualcomm based consumer router will do hardware NAT at 1Gb/s.

if you need features that cant be hardware accelerated, then look at the CPU of the router as sadly i dont think snb measures non hardware accelerated performance.

 

[MG23]

Thanks for the reply / help.

I had read a lot of recommendations of the Unifi equipment so I was going to use the Unifi access points throughout the house, 2-4 of them. I have plenty of cat6 run, but could always swap these out for something else.

Regarding features - ideally the option to run a main network for our normal devices, and then seperate networks for guest and IoT devices as read a lot of information that these should be kept seperate.

Ideally would like it rack mounted but seems this adds a cost as it assumes you're looking at more or a commercial solution rather than residential!

Ultimately, the goal is fast, reliable and secure internet throughout the house wired wired cat 6 and wireless just not sure how to achieve that within a reasonable budget or if I am being unreasonable.

Mike

 

[System Error Message]

Thanks for the reply / help.

I had read a lot of recommendations of the Unifi equipment so I was going to use the Unifi access points throughout the house, 2-4 of them. I have plenty of cat6 run, but could always swap these out for something else.

Regarding features - ideally the option to run a main network for our normal devices, and then seperate networks for guest and IoT devices as read a lot of information that these should be kept seperate.

Ideally would like it rack mounted but seems this adds a cost as it assumes you're looking at more or a commercial solution rather than residential!

Ultimately, the goal is fast, reliable and secure internet throughout the house wired wired cat 6 and wireless just not sure how to achieve that within a reasonable budget or if I am being unreasonable.

Mike

both ubiquiti and mikrotik have rackmounted routers and at a cheaper price too. For both brands its just the form factor really, just like you can find rackmounted and non rackmounted variants for various mikrotik lines.

both routers will do what you want, only that i have a biased preference towards mikrotik. I have both brands but as both router and AP i prefer mikrotik for their configurability and performance when using CPU however i've not tried ubiquiti switches yet so i cant compare mikrotik with ubiquiti on the switch level. I've used both edgerouter and ubiquiti APs and they have pretty interfaces in comparison but feature and configurability i prefer mikrotik over ubiquiti.

For routers the easiest way to decide is that mikrotik is dedicated towards being a router, ubiquiti is a jack of all trades device master of none. Its not as good as mikrotik as a router, not as good as a regular debian VPS or dedicated server for use as a linux server. By not as good i mean feature and configurability as you can install htop on an edgerouter, squid and such but not everything will install/run from it.

 

[Trip]

[...]I'm interested in networking but have limited knowledge.

Appreciate your honesty there, as this is nothing to jeer at and certainly something to heed as you look at your options. If UI UniFi products give you some hesitation, then I would urge caution when considering UI EdgeMax, even extreme caution when looking at Mikrotik and RouterOS. Ease-of-use decreases just about as fast as the learning curve goes up, and both of those products are more or less meant to be used by people with at least intermediate (EdgeMax) or semi-pro (Mikrotik) levels of know-how. Not that UniFi is a walk in the park, either. And yes, you could probably Google, blog, wiki, YouTube and trial-and-error your way to success with any one of those products. But there's a very real added cost to all of that. Generally, that cost tends to go up as the price of the gear goes down, unless you're already coming in with specialized knowledge/experience on the platform(s). (There are exceptions, of course, such as Cisco RV/SG/WAP, which at 2x to 10x the cost of TP-Link equivalents is just as hard to setup, if not harder, for novices, although it's more solidly built and supported)

With the above factored in, I would perhaps reevaluate your stance on the cost of that UniFi switch. You're paying more for the switch, perhaps, but getting a single control plane already setup for you, for free. And for the pundits, yes, for certain fringe UniFi features, you may need to jump into the command line nonetheless, and yes, the whole single control thing might be a moot point, especially for set-and-forget setups (which these micro-sized networks largely tend to be). But there's still an added layer of complexity in management, that with certain decisions on gear can be minimized, if not altogether eliminated.

One additional layer would be support, which I touched on earlier with the Cisco small biz stuff. Comparatively, both Ubiquiti and Mikrotik are dirt cheap across the board, as the one thing you're not paying for is the employee overhead and support systems that come with a big-vendor name. But that has its place, too, usually more so for businesses, but still, you can call Cisco and get a level-whatever tech on the phone at 2AM on a Sunday (provided your support plan covers that). With Mikrotik, no such luck, at least not directly (you can get that level of support, but you must do so from a channel partner).

So it's as much about doing your due-diligence on all aspect of these products, as it is just looking at the MSRP for what it appears you get in features. And please know, again, I have no overarching bias on brands here, as there's a place for all of the products I've mentioned. In this instance, though, I see the free single control plane adding some ease and actual cost savings to your use-case.

 

[CaptainSTX]

Hi all,

Looking for some advice.



Any advice would be appreciated as I'm interested in networking but have limited knowledge.

Thanks

MG

1. I don't know where you live but garages tend to be dirty and not climate controlled. Service life of electronics placed there will probably have a shortened life span. At the very least I would move the router into a climate controlled area and use one or two of your Ethernet cables to feed from a LAN port on the router to an uplink port on your switch.

2. My standard recommendation regardless of how and where your network is setup is add a UPS to the mix.

 

[coxhaus]

I would recommend the Cisco small business routers, wireless, and switches. They will cost a little more but will be easier to configure than either ubiquiti and mikrotik. I would buy a Cisco RV340, SG350 switch, and a couple of WAP581 wireless or WAP571 wireless. IF you want to compress the switch and router into 1 then a RV345P router. Personally I like running a separate switch. This is all rack mount equipment. I have a thread on how to setup the SG350 switch. Adding a IoT VLAN will be easy to my thread which I can help with. https://www.snbforums.com/threads/home-network-design-help-with-l3-switch.59818/

The Cisco wireless above is real easy to setup as they have a wizard for multiple AP setup which is called single point setup. The router has a wizard also to make it easy to setup. This is all small business grade equipment.

I also agree a UPS is a good idea.

 

[MG23]

Thanks again for the help guys, much appreciated.

My reservation about the Cisco gear is;
1. I've heard you need to buy a license / subscription?
2. The 24 port switch is around 470 - that's just too much to justify right now and I need 24 port switch.

Is an unmanaged switch a massive no no? Presumably this will mean I cannot seperate the IoT devices on seperate network?

Ideally if I could buy some kit now to get going (I'll definitely need to buy the switch and access points for WiFi in the house and switch to connect all points) maybe I could use the virgin media router for now and upgrade later?

Most of my wiring is at plug socket level so are those Cisco APs ok working at that level?

Mike

 

[CaptainSTX]

The 24 port switch is around 470

Look at the TP-Link Smart switches. They will let you simply set up either port based VLANs or 802.1Q VLANs using the GUI. No they won't do everything a fully managed switch will do but if all you want is VLANs and some rudimentary traffic shaping they will work.

Price is right also:

8 Port $28
16 Port $60
24 Port $113

Since you are planning on using the switch in your garage if it fails after a couple of years it won't hurt your wallet as badly.

I use a couple of of these routers to run a 802.1Q VLAN and they they have been rock solid.

 

[Trip]

My reservation about the Cisco gear is;
1. I've heard you need to buy a license / subscription?
2. The 24 port switch is around 470 - that's just too much to justify right now and I need 24 port switch.

1. That's more or less exclusive to big-boy Cisco gear, ie. Catalyst switches, Aironet wireless, ISR services routers, etc. We're talking about their small business line of gear here -- RV routers, SG switches and WAP wireless APs -- all of which come pre-licensed for all their functionality and include their basic support tier, which is usually 90 days or 1 year or phone support, plus lifetime hardware replacement; you only need add on extra amounts of phone support and/or advanced hardware replacement if you want to (which IMHO isn't usually necessary, especially for home use).

2. If you're willing to drop down to a layer 2 switch (that's what UniFi switches are anyways), the SG250-26HP is only a bit over $300. That's all you really need to get your network properly segmented anyways, and will still have 80+% of the features of the 350. It would of course lack certain L3-only stuff like running a DHCP server on the switch or doing inter-VLAN routing, but honestly you could do mostly all of that on the gateway (router) itself and for your level of traffic flow it probably would be fine. So you get the cost savings, plus not a whole lot given up on the feature set.

Is an unmanaged switch a massive no no? Presumably this will mean I cannot seperate the IoT devices on seperate network?

Basically correct. To segment the network properly, your core switch needs to be managed, and ideally all your switches downstream from there (if you have any), so as to be able to mark VLAN traffic from the moment it's onboarded onto your network, and have that traffic be treated properly all the way to the internet and back.

Ideally if I could buy some kit now to get going (I'll definitely need to buy the switch and access points for WiFi in the house and switch to connect all points) maybe I could use the virgin media router for now and upgrade later?

Only if your Virgin router supports VLANs and ACLs (access control lists - a firewall feature) to properly keep the network isolated and be able to masquerade all VLAN traffic out to internet and back, separately. As with most ISP gateways, I would presume that's not the case. If you wanted to stay with a Cisco RV and drop the price a fair amount, you could look at the RV260, which is only $181 and offers roughly 75-85% of the throughput and connection handling capability of the RV345 that @coxhaus mentioned.

Most of my wiring is at plug socket level so are those Cisco APs ok working at that level?

Absolutely, you could certainly put them flat on a shelf or piece of furniture if needed; I would suggest that over a wall-mount to keep the "saucer" parallel to the floor (the optimal planar arrangement for its antennas). The perfect ideal is ceiling mounted only because the elevation broadcast is usually more "above" the top of a saucer-style AP than it is "below" the bottom, and flipped around on a shelf it will be broadcasting slightly more into the ceiling and the base of the floor above than perhaps desired, but it's not the end of the world if you have to run it that way.

So, an RV260 and SG250-26HP would be under $500. For wifi, WAP581's at $250-300 a pop get spendy, even if only two are needed. IMHO, too spendy when TP-Link EAP225's are $69, plus $85 for the OC200 controller, and deliver enough baseline wifi to at least suffice for now. That RV/SG/Omada combo is probably the best budget combo of everything we've talked about for a blend of ease-of-use with stability and capability.

Hope that helps Mike!

 

[coxhaus]

You can run multiple networks on a dumb switch if your router supports multiple IPs per interface. Most consumer gear will not do it. If you run multiple networks on a dumb switch they are isolated at layer 3 but not layer 2.

 

[MG23]

Thanks again for all of the comments/help guys, much appreciated.

Going to go for the following; slightly more than I wanted to spend, but at least this should allow for all of the upgrades and future expansion I have planned without the need to upgrade anything!

Strangely enough the RV340 was cheaper than the RV260?

Cisco RV340 - £170
Cisco SG250-26HP - £344
TP-Link EAP225 (X3) with free OC200 controller - £185
Total £699

 

[Trip]

Strangely enough the RV340 was cheaper than the RV260?

That may be due to there being a lot more "old" stock of the 340 series out there than the 260, as it's roughly 2 years older. Fear not, though; Cisco supports their SMB gear for roughly 7 to 10 years, so you should have firmware updates for the 340 well into the 2020's.

Cisco RV340 - £170
Cisco SG250-26HP - £344
TP-Link EAP225 (X3) with free OC200 controller - £185
Total £699

Nice work on spotting the 340, plus the Omada combo kit.

The nice thing about a "stack" of discrete components is modularity. You can swap out single pieces for upgrades in the future, while leaving everything else in place.

Come back one it's all installed and let us know how it worked out!

 

[MG23]

That may be due to there being a lot more "old" stock of the 340 series out there than the 260, as it's roughly 2 years older. Fear not, though; Cisco supports their SMB gear for roughly 7 to 10 years, so you should have firmware updates for the 340 well into the 2020's.Nice work on spotting the 340, plus the Omada combo kit.

The nice thing about a "stack" of discrete components is modularity. You can swap out single pieces for upgrades in the future, while leaving everything else in place.

Come back one it's all installed and let us know how it worked out!

Will do! Hoping to make a start at the weekend with terminating all of the cables and patching in so probably a week or so but will report back!

Thanks again guys, have a good new year's!

 

[coxhaus]

Thanks again for all of the comments/help guys, much appreciated.

Going to go for the following; slightly more than I wanted to spend, but at least this should allow for all of the upgrades and future expansion I have planned without the need to upgrade anything!

Strangely enough the RV340 was cheaper than the RV260?

Cisco RV340 - £170
Cisco SG250-26HP - £344
TP-Link EAP225 (X3) with free OC200 controller - £185
Total £699

If you are paying in pounds then I would assume you are buying the European version? The Cisco units will have EU on them instead of NA signify Europe instead of North America.

I ordered a Cisco switch off US eBay and it was not a North American version so I sent it back. Make sure you get the correct model.

 

[MG23]

If you are paying in pounds then I would assume you are buying the European version? The Cisco units will have EU on them instead of NA signify Europe instead of North America.

I ordered a Cisco switch off US eBay and it was not a North American version so I sent it back. Make sure you get the correct model.

Thanks for the heads up I'll make sure it's Eu version; as yes, ordering in the UK

 

[ColinTaylor]

The EU models actually have a G5 suffix. https://www.cisco.com/c/en/us/produ...datasheet-c78-742350.html#OrderingInformation

 

[coxhaus]

Thanks ColinTaylor, EU is now under G5 suffix.