I've been using an Airport Extreme for many years, but recently I started having trouble with wi-fi quality. I'd been thinking about getting a new router anyway, because I'd like one that can run a DNS server I can use to add a few records only visible to my local network. Which hardware do you use? If its software is customizable, what do you run on it (e.g. OpenWrt)?
[+] [-] ktta|8 years ago|reply
1. Persistent DNS cache using pdnsd (even after reboot because it is on-disk) with a long minimum global TTL. You would imagine this would be a problem, but surprisingly I haven't had any. I've only had to get in once to correct something. You can manually purge a specific domain, and all of them if you think something is wrong.
2. Powerful enough for good OpenVPN settings. Automatically routes through a VPN, and can be disabled for a specific client if needed. The AES instructions (which are on any Intel chip after 2008) help out immensely compared to using just a generic router.
3. Smoother LAN transfers. A cheap gigabit PCIe card (Intel EXPI9402PT - on ebay for about $20) which takes away local transfer rate problems, especially if you have an NAS.
4. Use it as an NAS. It isn't a good idea to mix devices which need good security with non-critical systems, like NAS so be sure about your settings and know what you are doing.
Another cool thing is port forwarding to the remote VPN instance so you can login remotely and check out your network or access any files/media you have on your NAS.
There are more things people can do which give more control and/or better experience, like setting up rate limiting on clients, custom settings for clients with unknown MAC addresses, etc. Traffic shaping is a good one (prioritize specific type of connections over another - example VoIP > Netflix > torrent).
The extra power really opens up the possibilities of what a router can do.
If anyone has any questions, I'd be glad to help out.
[+] [-] ac29|8 years ago|reply
[+] [-] ac29|8 years ago|reply
Be careful, this isn't true... most low end Intel chips (Celeron, Pentium, i3) don't support AES-NI. Starting with Skylake chips (2015/2016-era), the whole processor line supports AES-NI. See https://en.wikipedia.org/wiki/AES_instruction_set
[+] [-] revenz|8 years ago|reply
[+] [-] mucklark|8 years ago|reply
What problem does this solve? Is it a bid to improve privacy?
[+] [-] sgloutnikov|8 years ago|reply
Extremely happy with the performance and quality. I don't know of any router for $180 that can rival this combination overall.
[1] https://www.ubnt.com/edgemax/edgerouter-x [2] https://www.ubnt.com/unifi/unifi-ap
[+] [-] artworx|8 years ago|reply
1, IPv6 is not trivial to setup. In my case I struggled to find documentation on configuring it on a PPoE connection.
2, It can't reach 1 GB/s on WAN.
[+] [-] ReverseCold|8 years ago|reply
Runs arm Linux so I also have a VPN server running on it as well. Very convenient to not need a separate device for things like that.
[+] [-] unknown|8 years ago|reply
[deleted]
[+] [-] feistypharit|8 years ago|reply
[+] [-] L_Rahman|8 years ago|reply
[+] [-] cagey|8 years ago|reply
[+] [-] MrZipf|8 years ago|reply
The wAP ac has a stronger and more reliable signal than any other WiFI unit I've tried (various Linksys, Asus, and BT units).
The Mikrotik gear is rock solid, but not exactly what I'd call consumer friendly. Great if you know or want to know something about real routers. I got fed up with buggy consumer routers and decided to go with either Mikrotik or Ubiquity rather than struggle to get the right hardware and firmware combo for Tomato et al. Nothing wrong with these, but none of my existing hardware had an image on the various options.
[1] https://mikrotik.com/product/RBwAPG-5HacT2HnD, $89
[2] https://mikrotik.com/product/RB960PGS, $79
[3] http://uk.tp-link.com/products/details/cat-18_TL-PA4010KIT.h...
[4] Always, always change the HomePlug network name and password :-)
[+] [-] slacka|8 years ago|reply
[+] [-] gmac|8 years ago|reply
[+] [-] thrilleratplay|8 years ago|reply
https://advancedtomato.com
[+] [-] hetspookjee|8 years ago|reply
[+] [-] homero|8 years ago|reply
[+] [-] toredash|8 years ago|reply
[+] [-] kav2k|8 years ago|reply
[+] [-] nisa|8 years ago|reply
As for the hardware - If you want to use OpenWRT/LEDE you have to be selective about supported WiFi chips. ath9k is battle tested but no ac wifi. ath10k should work reasonable well if you only want to have an access point. Broadcom / Mediatek and others can have issues - stability or signal strength depending on the driver.
Check out kmod-sched-cake and sqm-scripts for the latest in research regarding bufferbloat - https://www.bufferbloat.net/projects/codel/wiki/Cake/ together with airtime fairness - https://linuxplumbersconf.org/2016/ocw/system/presentations/... you can archive some crazy results in good wifi (only on ath9k / mt76 partly on ath10k).
If you want something off the shelf - Mikrotik and Ubiquity and to a degree TP-Link and Asus models get good reviews. In terms of hardware and antennas Mikrotik and Ubiquity are usally better.
You probably want 802.11ac and 5GHz - at the moment 802.11ac Wave2 is probably not worth the money because you need support on the client side and that is rare.
TP-Link Archer C50 would be my budget pick (30€) and runs LEDE - no Gigabit through. Archer C7 for Gigabit.
If you don't mind soldering a serial console and flashing LEDE using the bootloader get a used Cisco Meraki MR18 / MR24 without licence and wall mount kit for a few $ from ebay - top notch hardware and antennas (but ath9k not ath10k) and lot's of CPU / memory.
[+] [-] sml156|8 years ago|reply
I would probably be more happy with ubiquiti unifi
[+] [-] xmodem|8 years ago|reply
[+] [-] manmal|8 years ago|reply
Apart from the Unifi centric hardware, I have an Asus router that currently handles all the routing (also DHCP), and a cable modem.
[+] [-] praveenster|8 years ago|reply
[+] [-] bmelton|8 years ago|reply
For some odd reason, after moving to a new house, the Powerline networking in my office degraded from the consistent 300-400Mbps in the old house to < 10Mbps in my new office.
The new house is old, with thick walls, and I wasn't getting good throughput with the old pair of OnHubs I was using, but I figured that enough mesh points would overcome that, and as one of the mesh points is in my office, I've found plugging the desktop ethernet output directly into the ethernet input on the Mesh unit to be extremely performant.
[+] [-] oDot|8 years ago|reply
https://en.wikipedia.org/wiki/Ubiquiti_Networks#Open-source_...
[+] [-] nisa|8 years ago|reply
[+] [-] ReverseCold|8 years ago|reply
"In 2015, Ubiquiti revealed that it lost $46.7 million when its finance department was tricked into sending money to someone posing as an employee."
How does that even happen?
[+] [-] givemefive|8 years ago|reply
I'd rather have my wifi be a black box that just works and my router be a little more just raw hardware with openbsd or linux or pfsense.
[+] [-] nicolas314|8 years ago|reply
[+] [-] toredash|8 years ago|reply
[+] [-] songzme|8 years ago|reply
I bought a cheap gigabit router (from craigslist for around $30) and then bought a wireless range extender ($60) for the far end of the house. The router is not connected to the modem (so obviously no internet). We built our own server to host all the code, exercises, videos, as well as a DNS server. Our gitlab repository is resolved to google.com, so they usually get a kick out of pushing their code to 'google'. We have our own internal q/a site that resolves to facebook.com. Everybody gets to pick their own domain name to host their own projects.
We experience 0 downtime (unless there is a power outage), pushes to our repository is almost instantaneous, and tests run blazing fast on our speedy i7 desktop with 62GB Ram (that I got for $600 on craigslist). Also, students are not limited to their machines, they can code on whichever device they want (as long as it runs chrome or ssh) because code is hosted on the server. This way, we don't have to deal with people's installation problems.
I didn't touch the router's firmware at all. Our server acts as a dns server. However, everybody would have to modify their dns records on their wifi settings to add our server's ipaddress.
[+] [-] traviscj|8 years ago|reply
Why can't you just push it over dhcp? (This is what I've always done for this use case...)
[+] [-] r3vrse|8 years ago|reply
It has USB 3, GigE, wireless speed has been fine etc... certainly one of the best home tech purchases I've made in the last couple years.
[1] http://www.netgear.com.au/home/products/networking/wifi-rout... [2] https://advancedtomato.com
[+] [-] 5_minutes|8 years ago|reply
At one point, the Asus started to become unreliable and unstable so I disabled it and put the $40 TP Link instead.
Now, about 3 years later, I completely forgot about my router setup and this TP link is rocking it every day. I'm really impressed by the brand. I only had to pull the powercord to quickly reset it once, during several years. I can not say this of most other brands I've worked with in the past.
You can run OpenWRT etc on it. It's quite similar to the legendary WRT54G.
I also bought a Wifi 4G portable router from TP Link later, and this is also high quality hardware at affordable prices.
https://www.amazon.de/TP-Link-TL-WR1043ND-Ultimate-Anschluss...
[+] [-] cloudengineer|8 years ago|reply
[+] [-] zeroxfe|8 years ago|reply
Current router: ASUS AC3100
[1] https://asuswrt.lostrealm.ca/
[+] [-] wcfields|8 years ago|reply
[1] https://www.amazon.com/dp/B01AJEJG1A/
[+] [-] fencepost|8 years ago|reply
I'll likely replace it with one of the newer Mikrotik routers soon, mostly because we've started using them at work and for clients and it'd be good to have another spot to get and stay familiar with them. That said, while RouterOS is powerful it has a not insignificant learning curve. I've also seen firmware images and wiki entries indicating that you can run OpenWRT on some models, but I'm not sure how well supported that is.
[+] [-] untog|8 years ago|reply
[+] [-] untangle|8 years ago|reply
[+] [-] nodomain|8 years ago|reply
[+] [-] heehsum|8 years ago|reply