Author Topic: Best routers out there ?  (Read 2334 times)

0 Members and 1 Guest are viewing this topic.

Offline free_electron

  • Super Contributor
  • ***
  • Posts: 7160
  • Country: us
    • SiliconValleyGarage
Re: Best routers out there ?
« Reply #75 on: July 11, 2019, 10:55:51 am »
and people ask me why i am grumpy ...

Because they do not see the obvious - that you are in fact old :D Back in the days I was configuring hardware out of my mind, now I am looking for plug & play solutions that just work out of the box - because of different perspective. Now I don't give a **k that SSID of my WiFi is "linksys" (kidding).

i am. realistically speaking more than half of my lifespan is gone. ( i'm turning 49 this year ). time is precious. having to spend part of what remains finding a serial port cable for a port that doesn't exist is very off-putting. And the associated bloodpressure spike will move the needle even faster.

seriously i don't want to deal with stuff like that anymore. nobody should. it is ridiculous. in 30 years nobody came up with a better solution ? they should all be fired !
Professional Electron Wrangler.
Any comments, or points of view expressed, are my own and not endorsed , induced or compensated by my employer(s).
 

Online tautech

  • Super Contributor
  • ***
  • Posts: 15073
  • Country: nz
  • Taupaki Technologies Ltd. NZ Siglent Distributor
    • Taupaki Technologies Ltd.
Re: Best routers out there ?
« Reply #76 on: July 11, 2019, 11:13:06 am »
seriously i don't want to deal with stuff like that anymore. nobody should. it is ridiculous. in 30 years nobody came up with a better solution ? they should all be fired !
New career opportunity !  :P

Oh no don't, not until after I get a Tesla !
« Last Edit: July 11, 2019, 11:15:27 am by tautech »
Avid Rabid Hobbyist
 

Offline Monkeh

  • Super Contributor
  • ***
  • Posts: 5789
  • Country: gb
Re: Best routers out there ?
« Reply #77 on: July 11, 2019, 11:17:52 am »
seriously i don't want to deal with stuff like that anymore. nobody should. it is ridiculous. in 30 years nobody came up with a better solution ? they should all be fired !

It's the backup solution. And some use USB instead, but there's all sorts of driver related backlash, and Windows being truly hilariously bad at handling lots of serial ports (oh yes, this switch was COM26, that one in the other rack is COM72, and the one in the other site is COM12 - seriously, what the shit?) does not help. If you can't use the ethernet interface (and no fancy fallback methods are wise here because the network may or may not be trusted), you need another channel. Serial works.
 

Offline free_electron

  • Super Contributor
  • ***
  • Posts: 7160
  • Country: us
    • SiliconValleyGarage
Re: Best routers out there ?
« Reply #78 on: July 11, 2019, 12:55:11 pm »
seriously i don't want to deal with stuff like that anymore. nobody should. it is ridiculous. in 30 years nobody came up with a better solution ? they should all be fired !

It's the backup solution. And some use USB instead, but there's all sorts of driver related backlash, and Windows being truly hilariously bad at handling lots of serial ports (oh yes, this switch was COM26, that one in the other rack is COM72, and the one in the other site is COM12 - seriously, what the shit?) does not help. If you can't use the ethernet interface (and no fancy fallback methods are wise here because the network may or may not be trusted), you need another channel. Serial works.
yes, serial works. except this model doesn't have a serial port ! a little oversight on their tech supports part too.... that's what irks me. the shoddy support from all these companies.
go read the topic .. it's so funny i could cry . go read the topic ..
try this, try that. no don't do that it won't work ( turns out that it is exactly what was said wouldn't work , did work... )

https://forum.mikrotik.com/viewtopic.php?f=17&t=143728
Professional Electron Wrangler.
Any comments, or points of view expressed, are my own and not endorsed , induced or compensated by my employer(s).
 

Offline free_electron

  • Super Contributor
  • ***
  • Posts: 7160
  • Country: us
    • SiliconValleyGarage
Re: Best routers out there ?
« Reply #79 on: July 11, 2019, 02:49:03 pm »
NEW NETWORK LAYOUT

Thanks to all for the suggestions. I think i will take the risk using mikrotik machines. i will get them from amazon and if they don't behave properly i will kick them back.
any other advice ?
Professional Electron Wrangler.
Any comments, or points of view expressed, are my own and not endorsed , induced or compensated by my employer(s).
 

Online Black Phoenix

  • Regular Contributor
  • *
  • Posts: 56
  • Country: cn
Re: Best routers out there ?
« Reply #80 on: July 11, 2019, 02:53:07 pm »
Looks solid to me, I hope that we see a Build Topic with all the interconnects and configs that you gonna do.  >:D
 

Offline Monkeh

  • Super Contributor
  • ***
  • Posts: 5789
  • Country: gb
Re: Best routers out there ?
« Reply #81 on: July 11, 2019, 09:53:05 pm »
seriously i don't want to deal with stuff like that anymore. nobody should. it is ridiculous. in 30 years nobody came up with a better solution ? they should all be fired !

It's the backup solution. And some use USB instead, but there's all sorts of driver related backlash, and Windows being truly hilariously bad at handling lots of serial ports (oh yes, this switch was COM26, that one in the other rack is COM72, and the one in the other site is COM12 - seriously, what the shit?) does not help. If you can't use the ethernet interface (and no fancy fallback methods are wise here because the network may or may not be trusted), you need another channel. Serial works.
yes, serial works. except this model doesn't have a serial port ! a little oversight on their tech supports part too.... that's what irks me. the shoddy support from all these companies.
go read the topic .. it's so funny i could cry . go read the topic ..
try this, try that. no don't do that it won't work ( turns out that it is exactly what was said wouldn't work , did work... )

https://forum.mikrotik.com/viewtopic.php?f=17&t=143728

Okay, that one's an oddity - also it says 'cloud' so it's expected to be crap. Don't buy those.

NEW NETWORK LAYOUT

Thanks to all for the suggestions. I think i will take the risk using mikrotik machines. i will get them from amazon and if they don't behave properly i will kick them back.
any other advice ?

Don't buy the 'cloud' switches - get the normal CRS variant. Personally, forget about the Amplifi router and use a few normal UAPs and an Edgerouter (or something from Mikrotik).
 

Offline free_electron

  • Super Contributor
  • ***
  • Posts: 7160
  • Country: us
    • SiliconValleyGarage
Re: Best routers out there ?
« Reply #82 on: July 12, 2019, 01:00:27 am »
Okay, that one's an oddity - also it says 'cloud' so it's expected to be crap. Don't buy those.
Don't buy the 'cloud' switches - get the normal CRS variant. Personally, forget about the Amplifi router and use a few normal UAPs and an Edgerouter (or something from Mikrotik).
now he tells me ....

The CSS is same hardware as CRS. In the CRS you pay extra for the RouterOs license. the Css only has SWoS.

I went with the amplifi router because there is a couple of other things from ubiquity i want to get and they all play nice together.  I especially like the Teleport. take it with you plug in and you are on your own home network. I have family on the other side of the world (both other sides : Belgium and india). i can just leave one there and connect to my stuff just like i was home.
Professional Electron Wrangler.
Any comments, or points of view expressed, are my own and not endorsed , induced or compensated by my employer(s).
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 6933
  • Country: 00
  • Display aficionado
Re: Best routers out there ?
« Reply #83 on: July 12, 2019, 01:09:20 am »
now he tells me ....

The CSS is same hardware as CRS. In the CRS you pay extra for the RouterOs license. the Css only has SWoS.

I went with the amplifi router because there is a couple of other things from ubiquity i want to get and they all play nice together.  I especially like the Teleport. take it with you plug in and you are on your own home network. I have family on the other side of the world (both other sides : Belgium and india). i can just leave one there and connect to my stuff just like i was home.
That sounds like a basic VPN to be honest.
 

Offline Monkeh

  • Super Contributor
  • ***
  • Posts: 5789
  • Country: gb
Re: Best routers out there ?
« Reply #84 on: July 12, 2019, 01:10:40 am »
Okay, that one's an oddity - also it says 'cloud' so it's expected to be crap. Don't buy those.
Don't buy the 'cloud' switches - get the normal CRS variant. Personally, forget about the Amplifi router and use a few normal UAPs and an Edgerouter (or something from Mikrotik).
now he tells me ....

The CSS is same hardware as CRS. In the CRS you pay extra for the RouterOs license. the Css only has SWoS.

And you get a console port. Anything 'cloud' is liable to be a pain.

Quote
I went with the amplifi router because there is a couple of other things from ubiquity i want to get and they all play nice together.

Yes, but you can do much better with a dedicated router and APs located suitably.

Quote
I especially like the Teleport. take it with you plug in and you are on your own home network. I have family on the other side of the world (both other sides : Belgium and india). i can just leave one there and connect to my stuff just like i was home.

VPN in a box. Nifty. They're playing segmentation games so it only works with the bloody Amplifi.

You can just use a VPN as normal..
 

Offline free_electron

  • Super Contributor
  • ***
  • Posts: 7160
  • Country: us
    • SiliconValleyGarage
Re: Best routers out there ?
« Reply #85 on: July 12, 2019, 03:19:59 am »

VPN in a box. Nifty. They're playing segmentation games so it only works with the bloody Amplifi.

You can just use a VPN as normal..

exactly.
i really can't be bothered
- trying to learn how to set up a vpn,
- finding the right hardware to take with me
- installing vpn software on my computer
- trying to connect to my home ( i do not have a static ip )
- or having to pay a monthly subscription fee.

this thing you apparently plug into an existing ethernet port and it opens a wifi channel that is becomes an extention of your home network. nothing needed. perfect !
Most likely it is a small linux box that pings a machine at ubiquity that acts as a ddns lookup to find ones router and then sets up a vpn. but i'm ok with that. as long as it works and i don't have to mess with it.

i'll only get grumpy and i already had my dosage of grumpy today ....

My mom is in the hospital in Belgium for knee surgery. She has an iphone with dataplan so she can run facetime with me.
I tried contacting her. No avail.

Turns out there is no cellphone reception in the hospital , you have to stand outside...
The hospital does not have wifi for patients available. They are afraid of hackers.

so i had to buy an international calling card , pay 10 cents a minute + 40 cents connection fee to call the hospital dispatch who then connects me to the room... and then we can talk on a noisy creaky old rotary phone.

It took the better part of half an hour to jump through hoops. What good is all this modern technology if none of it works when you need it ?
I can call backland india using dial91 for 1 cent per minute and enjoy uninterrupted facetime / whatsapp or other video calling.
A big hospital in 'the capital of europe' ? Sorry, that does not work. -urgh- :palm:

Professional Electron Wrangler.
Any comments, or points of view expressed, are my own and not endorsed , induced or compensated by my employer(s).
 

Offline Bassman59

  • Super Contributor
  • ***
  • Posts: 1181
  • Country: us
  • Yes, I do this for a living
Re: Best routers out there ?
« Reply #86 on: July 12, 2019, 03:33:12 am »
hehe.

first of all : let me apalogize if i come over as grumpy. don't take any of it personal.

In the 80's and 90's i did all of that stuff standing on one leg , one hand behind my back , other hand with a finger in my ear and using a pencil and my mouth typing in config files. and i loved it. all of it. All the technical hoops. And we didn't know any better because there wasn't anything else or better.
Then time passes and interests shift and you don't do that stuff for a while for a while and you grow accustomed to other things.

Alas, as i am growing older and time moves on i find myself more and more grumpy and short-fused.
My knee jerk reaction is : are we still dicking around with this 20 years on ? I'll look for something that doesn't need any of this. i am too old for this. i can't remember half of it. do i really need to go and look that stuff up ? again ... ?

Gotta agree with all of this here. I have things to do, I don't need to spend time dicking around with networking issues.
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 6933
  • Country: 00
  • Display aficionado
Re: Best routers out there ?
« Reply #87 on: July 12, 2019, 03:40:25 am »
exactly.
i really can't be bothered
- trying to learn how to set up a vpn,
- finding the right hardware to take with me
- installing vpn software on my computer
- trying to connect to my home ( i do not have a static ip )
- or having to pay a monthly subscription fee.

this thing you apparently plug into an existing ethernet port and it opens a wifi channel that is becomes an extention of your home network. nothing needed. perfect !
Most likely it is a small linux box that pings a machine at ubiquity that acts as a ddns lookup to find ones router and then sets up a vpn. but i'm ok with that. as long as it works and i don't have to mess with it.

i'll only get grumpy and i already had my dosage of grumpy today ....

My mom is in the hospital in Belgium for knee surgery. She has an iphone with dataplan so she can run facetime with me.
I tried contacting her. No avail.

Turns out there is no cellphone reception in the hospital , you have to stand outside...
The hospital does not have wifi for patients available. They are afraid of hackers.

so i had to buy an international calling card , pay 10 cents a minute + 40 cents connection fee to call the hospital dispatch who then connects me to the room... and then we can talk on a noisy creaky old rotary phone.

It took the better part of half an hour to jump through hoops. What good is all this modern technology if none of it works when you need it ?
I can call backland india using dial91 for 1 cent per minute and enjoy uninterrupted facetime / whatsapp or other video calling.
A big hospital in 'the capital of europe' ? Sorry, that does not work. -urgh- :palm:
International calling card? What year is this? Why don't you use pigeons instead? Much more modern.
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 6933
  • Country: 00
  • Display aficionado
Re: Best routers out there ?
« Reply #88 on: July 12, 2019, 03:43:35 am »
Gotta agree with all of this here. I have things to do, I don't need to spend time dicking around with networking issues.
Again, what people overlook is that you replace "dicking around" with a black box which simply obscures the inevitable dicking around required. You're bound to suffer bad performance if you gamble on a magic one button fixes all solution. There's no magic fix and complaining about that won't change a thing. Either deal with the issues at hand or suffer in a hell of your own making.
 

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2236
  • Country: si
Re: Best routers out there ?
« Reply #89 on: July 12, 2019, 06:07:30 am »
Sometimes buying a ready to go solution is the way to go when you don't want to muck around with it and its good enough in the end.

That's most of the reason why my NAS server is ruining UnRaid. Its not free, i had to buy a license to use it. Its just linux with a bunch of fancy software on top, so i could have thrown together something really similar myself after a lot of work, but still set up everything trough a linux terminal instead of a convenient web UI. Its a slow solution when it comes to RAID as there is no speed gain from having a larger number of drives, but my LAN is only gigabit so that's the bottleneck anyway. I could have used FreeNAS but didn't want to deal with its proper raid stuff, here i can just throw more drives at it anytime and the array grows.

I know UnRaid is an expensive solution that performs slower than some of the alternatives. But i just threw it on, clicked a few buttons in a web UI and it worked straight away. Time is worth something too.

These Ubiquity wifi solutions are a similar sort of thing. Yes you are kinda locked into there ecosystem, but if you buy into it then stuff just auto-magicaly works, and works perfectly well enough.
 

Offline sokoloff

  • Super Contributor
  • ***
  • Posts: 1105
  • Country: us
Re: Best routers out there ?
« Reply #90 on: July 12, 2019, 06:37:45 am »
Gotta agree with all of this here. I have things to do, I don't need to spend time dicking around with networking issues.
Again, what people overlook is that you replace "dicking around" with a black box which simply obscures the inevitable dicking around required. You're bound to suffer bad performance if you gamble on a magic one button fixes all solution. There's no magic fix and complaining about that won't change a thing. Either deal with the issues at hand or suffer in a hell of your own making.
There's a school of thought (that is mostly correct) that says the biggest leap in performance occurs at the moment a system goes from "not working at all" to "limping along". I get that.

What terrifies me is the thought of a non-updated box that obscures the VPN details and "just works". It's ultra convenient, which is why it sells. In any system that trades security against convenience, convenience wins every single time. If that box is capable of tunneling into my home network, what else is also capable of tunneling into my home network? Vendors do not have the strongest track record of maintaining security of internet devices.

I think the choice to pay for UnRAID is significantly different. It's more along the lines of choosing to pay Buffalo or Synology for their boxes instead of using the free software upon which they are based directly. Convenience within a framework of security being provided by the NAT isolation is one thing. Convenience in the form of "this things works its magic from anywhere in the world" scares the daylights out of me.
 

Offline free_electron

  • Super Contributor
  • ***
  • Posts: 7160
  • Country: us
    • SiliconValleyGarage
Re: Best routers out there ?
« Reply #91 on: July 12, 2019, 06:47:58 am »
exactly.
i really can't be bothered
- trying to learn how to set up a vpn,
- finding the right hardware to take with me
- installing vpn software on my computer
- trying to connect to my home ( i do not have a static ip )
- or having to pay a monthly subscription fee.

this thing you apparently plug into an existing ethernet port and it opens a wifi channel that is becomes an extention of your home network. nothing needed. perfect !
Most likely it is a small linux box that pings a machine at ubiquity that acts as a ddns lookup to find ones router and then sets up a vpn. but i'm ok with that. as long as it works and i don't have to mess with it.

i'll only get grumpy and i already had my dosage of grumpy today ....

My mom is in the hospital in Belgium for knee surgery. She has an iphone with dataplan so she can run facetime with me.
I tried contacting her. No avail.

Turns out there is no cellphone reception in the hospital , you have to stand outside...
The hospital does not have wifi for patients available. They are afraid of hackers.

so i had to buy an international calling card , pay 10 cents a minute + 40 cents connection fee to call the hospital dispatch who then connects me to the room... and then we can talk on a noisy creaky old rotary phone.

It took the better part of half an hour to jump through hoops. What good is all this modern technology if none of it works when you need it ?
I can call backland india using dial91 for 1 cent per minute and enjoy uninterrupted facetime / whatsapp or other video calling.
A big hospital in 'the capital of europe' ? Sorry, that does not work. -urgh- :palm:
International calling card? What year is this? Why don't you use pigeons instead? Much more modern.
Exactly ! Do you have any idea what is the cost of a direct phone call from the US to Europe ? It's frightening ! Especially from Cell to Cell . That's why you need a calling card.
Everybody is after our money.
Professional Electron Wrangler.
Any comments, or points of view expressed, are my own and not endorsed , induced or compensated by my employer(s).
 

Offline free_electron

  • Super Contributor
  • ***
  • Posts: 7160
  • Country: us
    • SiliconValleyGarage
Re: Best routers out there ?
« Reply #92 on: July 12, 2019, 07:16:34 am »
Gotta agree with all of this here. I have things to do, I don't need to spend time dicking around with networking issues.
Again, what people overlook is that you replace "dicking around" with a black box which simply obscures the inevitable dicking around required. You're bound to suffer bad performance if you gamble on a magic one button fixes all solution. There's no magic fix and complaining about that won't change a thing. Either deal with the issues at hand or suffer in a hell of your own making.
There's a school of thought (that is mostly correct) that says the biggest leap in performance occurs at the moment a system goes from "not working at all" to "limping along". I get that.

What terrifies me is the thought of a non-updated box that obscures the VPN details and "just works". It's ultra convenient, which is why it sells. In any system that trades security against convenience, convenience wins every single time. If that box is capable of tunneling into my home network, what else is also capable of tunneling into my home network? Vendors do not have the strongest track record of maintaining security of internet devices.

I think the choice to pay for UnRAID is significantly different. It's more along the lines of choosing to pay Buffalo or Synology for their boxes instead of using the free software upon which they are based directly. Convenience within a framework of security being provided by the NAT isolation is one thing. Convenience in the form of "this things works its magic from anywhere in the world" scares the daylights out of me.

You set up the router to only connect that tunnel to one of the vlans. And you expose only what you want. Ubiquity keeps their stuff up to date.

In order to have true security you would have to inspect all the source code of everything carrying your datastream. Onsite and offsite. every single bit of code , including the bootloaders and even the hidden microware in the processors themselves. Look at the trouble intel got into with the security holes in their management processors code. Are you really sure that none of the chips , somewhere in a closet are not 'leaking' or 'altering' your data ? And whereall does your data travel ? Some rogue state may be snorting all it can. The only safe way is to disconnect your computer from the network , glue all its communication ports shut , power it off and remove its batteries. There are toolchains that can sniff data by listening to the rf spectrum being emitted by a machine. there are viruses that transmit data using imperceivable clicks of the speaker , or by performing data seeks on harddisks. ( you can pick up the energy from the voice coil. they are basically transmitting morse code using disk seek operations.) . Rowhammer and other mechanisms can be exploited to sniff ram. And someone figured out that dram retains enough charge after a few seconds to be recoverable... powerdip the machine and take over the processor using a piece of firmware installed in the bios and you can dump all ram content. Few weeks ago they found a security hole in Infineon Trusted platform chipsets. Anything made in the last 8 years can be bypassed... oopsie.

so where do you draw the line ?

What are they going to steal off my nas ? family pictures and movies , a few text documents and a bunch of altium files containing my hobby projects. Nothing important. There's nothing useful or valuable. Does't mean i don't want to protect it. but my protection stops at someone else trying to delete or alter it. I don;t care if they can find out that my thermostat is set to 24 degrees or i am playing lady gaga on the radio in the kitchen. as long as they can't alter the setting or change the music to back street boys : i'm fine.

All i want is to be able to get to my files so i can show grandma -in-law some pictures or work a bit on one of my things when not home.
I don't want to become a network expert, vpn guru or drag along a home-brew contraption that weights 3 kg's to do all that stuff. Little box, size of a power adapter. works. kept up to data by its manufacturer. manufacturer with good reputation. i'm happy. Other people insist on having a totally open source hardware laptop with the source to all software and firmware . That is their right. I am ok buying a ready made machine. ( Have you seen LG's new laptop. That thing is fenomenally light and powerful, even has 4k display ). I trust that HP has done all they can to make it secure. If it were a Sony ... they have effed up in the past with drm to the point i don't trust them. Not after blu-ray (That format needs to die ! other story...)

I agree, If this was a business : different scenario.

Anyway. this thread started all because i simply wanted to upgrade my network to have higher bandwidth ( on my lan, the wan is a different thing ) and have more wifi coverage ( as in area , not in speed. i have dead zones ).
Security wise i am good (i think) . The reason for choosing ubiquity is they have a mesh system. so does google but those guys already have too many fingers everywhere. i don't want their routers ... and the others are 'too young' for my feeling. Ubiquity has been doing this much longer than anyone else. ( apart from real networks with mulitple access points like cisco et al, but that is not for home use. Too complicated to set up).

It's a balance. effort, convenience,price, security. i try to keep it reasonable. It's already cost me 800$ for the new hardware (two routers , three switches, some cables , two sfp modules ( yikes those are pricey !)... that's enough.
then again , it is the first time in roughly 10 years i upgrade my network. so i got all the life out of it that i could.
Professional Electron Wrangler.
Any comments, or points of view expressed, are my own and not endorsed , induced or compensated by my employer(s).
 

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2236
  • Country: si
Re: Best routers out there ?
« Reply #93 on: July 12, 2019, 04:03:08 pm »
Yeah i think security should be far enough that automated attacks or random script kiddies can't get in.

If you get an experienced hacker targeting you specifically then good luck keeping him out. With enough determination they will find some point of entry and eventually get trough the network. Unless you have made some bad enemies in the wrong places these are the sort of attacks that a typical user should not be worried about.

The fact that you can get in from anywhere in the world is the point of a VPN. There is nothing truly secure anyway. If nothing else the US government is spying on all the traffic going out of that cable modem.
 

Offline Nominal Animal

  • Frequent Contributor
  • **
  • Posts: 663
  • Country: fi
    • My home page and email address
Re: Best routers out there ?
« Reply #94 on: July 12, 2019, 05:49:43 pm »
TL;DR: Split your needs into separate devices, and look for devices with OpenWRT support (here, under Special user views, Ideal for OpenWRT).



I've had a somewhat similar situation on my hands for over a year now, and I've been looking at the alternatives.  I'd prefer affordable off-the-shelf devices running some derivative of Linux, but all the existing options are either expensive (> 250€) or require too many compromises, so I've resigned to build my own. In my case:
  • Most of the time, I am physically over 1000 km away from the installation
  • Internet connection is through a 4G/LTE modem, and I want a good firewall with a fail2ban or ban-if-trying-certain-ports rules
  • A couple of devices streaming TV off internet directly
  • A few CCTV cameras
  • A couple of local devices with access to CCTV cameras and the internet
  • A local server for intrafamily document sharing
  • Guest devices with internet access

Because of 1, I do need remote access myself.  Using a fixed IP address increases the monthly cost quite a bit, and I'd rather avoid that; instead, I want to use an actual modem.  USB dongles like ZTE823 (that I now use) are typically not bridging, but have a small Linux installation, and a NAT.  Some routers, like Asus RT-AC51U, do support publishing the router IP address to dyndns-like services, but that won't work with non-bridging dongles.

Because of 2 (and partially 1), I want the router with the firewall to have enough memory and CPU oomph to run my own rules, and allow me to connect to it and the network remotely.  (Specifically, I haven't seen any router, even OpenWRT, have a good banning module, so I'm resigned to do my own.  I run fail2ban on this particular machine, and it keeps a lot of the attacks at bay; I'd love to have it on a router.)  If it has half a gigabyte of RAM, I can run vanilla fail2ban with custom port knock banning rules.

Because of 3, 4, 5, I'd also like to subdivide the local wired networks into three subsets, but this is semi-optional.

Because of 6, I'd like to have a small Linux SMB with a couple of hundred gigabytes of storage, for exchanging family stuff that people are not willing to send over email; my family members aren't savvy enough to be trusted to use encryption.  (If they were, this would not be an issue at all.)  Again, this is optional, but from the start I've known this would be completely up to me to set up and maintain.  I only included it in this list to point out how complicated this setup has already evolved into.

To solve this, I've decided to split the router into two.

First router is an Odroid HC1 or La Frite SBC, with an USB WWAN/miniPCIe adaptor and a Huawei ME909s-120 4G/LTE modem appropriate for my region.  I like the HC1 hardware more (octacore big.little architecture, Samsung Exynos 5422), but have a La Frite (Amlogic AML-S508X) as a backup if that falls through. I intend to run straight vanilla upstream kernels, not vendor kernels.  I would have used OpenWRT, if I'd found suitable hardware within my tiny budget.

Second router handles the wireless connections, and is directly connected to the first router, and the local wired subnets.  This is much simpler device.  For now, I'm using an Asus RT-AC51U running OpenWRT, although it has only 100Mbit/s Ethernet, and it might lack 5 GHz support (I haven't checked 18.06.4, if it includes the MT7610EN support yet).  Another option is Mikrotik hAP ac running OpenWRT, which has triple-chain dual-band WiFi and five GbE ports.

The idea is that the second router manages the local wireless network, and the weak firewall/routing between the local wired network and wireless network (networks, I want both 5 GHz and 2.4 GHz, because reasons).  The firewall here is just to stop accidents, really.

The first router is the lynchpin.  I've mentioned here I have worked on a carrier board for a Teensy 3.2 to be connected to the HC1 (via 1.8V UART), to hold a small display and a few buttons, for non-technical users to see whether the network is okay or not.  Plus voltage and power measuring and shutdown control, as mains voltage losses and hickups are not rare there, and I don't want to spring for an UPS.  I already have a WD Green 240G SSD for the HC1, and I think I'll just setup Apache or Nginx on it to provide my minimal local server needs too.  I'm waiting for my 2.8" IPS display and gesture sensors for arrive, before I commit to the "final" version of the carrier board.  (I'm working on a variant of the Samsung serial driver that allows multiplexing the serial terminal with application data (essentially exposing two or more serial device nodes for the one hardware port, with kernel separating and escaping the data streams properly to keep them separate), so that I can use the display for a simple boot terminal if I want, or connect the Teensy via the USB connector to another computer for full serial terminal access, but I'll have to see if I have the mental werewithal to finish that and try and push that upstream.)

Splitting the functionality into separate parts meant I don't need to look at >$250 USD hardware, and can upgrade parts piecewise.  If something breaks, partial operation can easily be restored.  Right now, that network uses ZTE MF832 and Asus RT-AC51U, which works, but isn't that secure, and lacks the features I want -- but it is usable.
 

Offline Monkeh

  • Super Contributor
  • ***
  • Posts: 5789
  • Country: gb
Re: Best routers out there ?
« Reply #95 on: July 12, 2019, 09:46:25 pm »
TL;DR: Split your needs into separate devices, and look for devices with OpenWRT support (here, under Special user views, Ideal for OpenWRT).

As much as I am a fan of, and some-time developer for, OpenWRT, it is not the tool free_electron is looking for.
 

Offline Nominal Animal

  • Frequent Contributor
  • **
  • Posts: 663
  • Country: fi
    • My home page and email address
Re: Best routers out there ?
« Reply #96 on: July 12, 2019, 11:04:20 pm »
As much as I am a fan of, and some-time developer for, OpenWRT, it is not the tool free_electron is looking for.
You're right -- it is definitely exactly the opposite: the kind of do-it-yourself stuff free_electron (and others) would like to avoid.

However, I have not found a single vendor I could trust to provide non-crap router firmware.  So, having hardware that has OpenWRT support means that if the vendor drops the support to the floor, you can fall back to using OpenWRT on it, instead of turning it into an expensive paperweight. Of those, the Linksys EA8300 looks particularly interesting, albeit outside my personal budget.  If you're dead set on not doing it yourself -- that is, if you'd rather drop some requirements than do it yourself --, then that is not useful either.

My point was more that I think it unlikely that off-the-shelf stuff will fulfill the needs.  It did not for me, and I've been looking for over a year.  If you can split the required functionality, then it becomes somewhat easier.  In my case, I can run the RT-AC51U on stock firmware (if I skip the LAN stuff), and just have that oddball firewall 4G/LTE custom router handle my other needs.
 

Offline NiHaoMike

  • Super Contributor
  • ***
  • Posts: 5237
  • Country: us
  • "Don't turn it on - Take it apart!"
    • Facebook Page
Re: Best routers out there ?
« Reply #97 on: July 12, 2019, 11:32:37 pm »
DD-WRT is an alternative for "daily drivers" as its name suggests, even though nowadays OpenWRT is just as usable.

Something I really like about OpenWRT and DD-WRT is that they expose pretty much all the wireless configuration details the hardware supports, allowing for fine tuning. For example, pretty much all of my 2.4GHz Wifi devices support 802.11n, so I set up 2 of my 3 2.4GHz APs to n only/"greenfield" mode. The third one I put on mixed g/n mode just in case I want to connect an 802.11g device. (I intentionally left out 802.11b since that's ancient and I'm not aware of one that would be compatible with WPA2 anyways.)
Cryptocurrency has taught me to love math and at the same time be baffled by it.

Cryptocurrency lesson 0: Altcoins and Bitcoin are not the same thing.
 

Offline free_electron

  • Super Contributor
  • ***
  • Posts: 7160
  • Country: us
    • SiliconValleyGarage
Re: Best routers out there ?
« Reply #98 on: July 12, 2019, 11:44:54 pm »
Monkeh is right.

i simply do not want to deal with homebrew anymore. i have no interest in it. There is too much to learn , too many decisions to find hardware and endless tinkering. Not my field of interest.
I use screwdrivers, i don't make them. i go to the store and find a good quality reasonably priced screwdriver. i use that screwdriver to get my work , in my field of interest done.

Of course, if you want to make screwdrivers : be my guest. I'm not stopping you.

anyway, stuff arrives today. report will follow.
Professional Electron Wrangler.
Any comments, or points of view expressed, are my own and not endorsed , induced or compensated by my employer(s).
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 6933
  • Country: 00
  • Display aficionado
Re: Best routers out there ?
« Reply #99 on: July 13, 2019, 12:50:42 am »
\
There's a school of thought (that is mostly correct) that says the biggest leap in performance occurs at the moment a system goes from "not working at all" to "limping along". I get that.

What terrifies me is the thought of a non-updated box that obscures the VPN details and "just works". It's ultra convenient, which is why it sells. In any system that trades security against convenience, convenience wins every single time. If that box is capable of tunneling into my home network, what else is also capable of tunneling into my home network? Vendors do not have the strongest track record of maintaining security of internet devices.

I think the choice to pay for UnRAID is significantly different. It's more along the lines of choosing to pay Buffalo or Synology for their boxes instead of using the free software upon which they are based directly. Convenience within a framework of security being provided by the NAT isolation is one thing. Convenience in the form of "this things works its magic from anywhere in the world" scares the daylights out of me.
The point is that magic one button solutions don't exist. Everyone promises these, but sooner or later the magic in the black box breaks and you need to correct it but this time with one hand tied behind your back. I don't know how many times people said they want things to "just work". If any company was able to make things that "just work" others wouldn't exist. Yet they do. There's a lesson in there.
 
The following users thanked this post: NiHaoMike


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf