[GUIDE] What router should I get?

FNtastic

[H]ard|Gawd
Joined
Jul 6, 2013
Messages
1,419
Purpose: I am hoping this will serve as a reference to all members as to what you should be purchasing based on how comfortable you are with technology, and where you are needing to get your network. The biggest reason for this thread is to help everyone understand that reliable, secure, and better network equipment can be purchased and installed for about half the cost of the higher end consumer-grade routers. I will be repeating some things in all sections. This is intentional as some users may not want to read every word in this post. However, they should still benefit from full disclosure. So, you will see things like "always connect over Ethernet cable if possible" repeated in each section.

Example price comparison for the recommendation I make under the "TL;DR" section for the Ubiquiti equipment:
MSRP of Netgear (R8000-100NAS) Nighthawk X6 AC3200: $260 (not including shipping)
MSRP of Ubiquiti Edgerouter X with Ubiquiti Unifi Ap-AC Lite - Wireless Access Point: $54.75 + $89.00 = $143.75 (not including shipping)

TL;DR
"I just want your most reasonable recommendation for what I should be purchasing to install and setup for my home network. I want to be happy for years, not have to worry about hackers, and have reliable network equipment."
Grab a Ubiquiti Edgerouter X: https://www.amazon.com/dp/B0144R449W
Pair it with a Ubiquiti Unifi Ap-AC Lite - Wireless Access Point: https://www.amazon.com/dp/B015PR20GY

Don't forget to use the [H] referral link if you're going to be purchasing from Amazon (click this link before purchasing on Amazon for it to work) ;) https://www.amazon.com/?tag=hardfocom-20

Video for assistance configuring these devices:




"What qualifies you to offer advice on this subject?"
  • I have years of training with enterprise and consumer-grade equipment. This includes (on the enterprise side of things) Cisco, Sophos, pfSense, ZyXEL, Sonicwalls, and others. This includes almost any type of setup you could possibly imagine; granular firewall rules to block specific protocols, Quality of Service (QoS) rules, Bandwidth Monitoring (BWM) rules, and VPN setup to name a few. On the consumer side, I've touched close to every device on the market as of posting this thread.

"Why does any of this matter?"
  • Because you want a secure network that can't be compromised. This means your information is safe!
  • Because you want a reliable network that you won't have to touch for years to come. Sit back and relax!
  • Because you want to be an informed consumer about what features and options are available to you.
  • Because the landscape for network equipment is so broad. We need some reference points.

"What is all this b/g/n/ac stuff? Why do I care?"
Before I go in to the wireless stuff below, I want to say that if you can run an Ethernet cable to your devices, run the Ethernet cable! You will have a far better experience no matter what you use your Internet connection for! Now on to the wireless overview.
These are wireless "standards". It loosely refers to the frequency that your wireless signal will use to transmit your data over your wireless signal. You care because this can determine if you have weak or strong signal to your devices.
A good rule of thumb is that if you are not able to directly plug your devices in to your router, you will be looking for AC. It's the newest standard and will offer the highest throughput (total amount of data able to be transmitted and received to/from all devices simultaneously). All devices (phones, PCs, consoles) do not have AC compatibility, but don't worry! Your wireless router is backwards compatible with the b/g/n that your device uses, in the case that your device isn't AC compatible. If you get a router with AC, you will almost always end up with 2.4GHz and 5GHz frequencies, so no worries there.

"I am a tinkerer and don't necessarily want the most expensive equipment, but I do want all the cool features like packet capture, VLAN, security, granular control, QoS, BWM, and all the other cool features that enterprises get in their expensive equipment! I must have it!!!"
Welcome to the tricky world of controlling every little detail of your network traffic! You will have a few really nice options to choose from here.
Wireless disclaimer: Keep in mind that most of this hardware (just like the recommendation at the beginning of this thread) doesn't include WiFi out of the box. You must purchase a separate Access Point (AP), which is essentially a wireless antenna that connects to your router/firewall over Ethernet cable, in order to add WiFi to your network. If you already own a wireless router, you might be able to turn it into a wireless access point, thus avoiding the need for an additional purchase. Check your manufacturer's documentation for this feature before purchasing a separate AP if you're looking to save money.
  • My first recommendation starts at free*:
*pfSense is completely free if you have spare/unused hardware lying around that you don't currently use. It's also possible (although I personally wouldn't recommend running it long-term in this configuration) to run pfSense in a Virtual Machine (VM) on your existing computer. This would require your existing computer be the main device plugged in to your modem, and all other devices passing through it. I won't cover this here, as it isn't recommended. However, there are guides out there if you truly just want to tinker and explore the feature set.
pfSense hardware for purchase also exists. I will link their site directly for reference. You can check out their offered devices here: https://www.netgate.com/products/appliances/ Again, remember these devices don't have WiFi built-in. Check "Wireless disclaimer" above.​

  • Next recommendation is the recommendation I made at the beginning of the thread. This offers, at a very low entry cost, many great features, and top-notch security with very little configuration needed. As this combo comes in around $130 for the two, it's second in the list. There's still plenty of tinkering, options, features, etc available to you as the advanced user. While the combo does include the AP that gives you wireless, if you only purchase the Edgerouter, you will not have Wi-Fi built-in.
The following I will put here as a reference point for anyone looking to get in to true business hardware/software. This is what you will typically see in the small and medium business environment.
Some of these devices require a subscription for certain features. Do your research on these devices prior to purchasing to ensure you are getting the features that you need for the price that you want.
This is a good entry-level enterprise option. This also comes in options with built-in WiFi, so you won't need to purchase or setup a separate AP.
Manufacturer link: https://www.zyxel.com/us/en/products_services/usg20_vpn_usg20w_vpn.shtml?t=p
Don't forget to use the [H] referral link if you're going to be purchasing from Amazon (click this link before purchasing on Amazon for it to work) ;) https://www.amazon.com/?tag=hardfocom-20

These are a solid option. They are a bit more expensive, and require paid subscriptions to gain access to the additional features in the software.
Manufacturer link: https://www.sonicwall.com/en-us/products/firewalls/entry-level
[H] Amazon referral link https://www.amazon.com/?tag=hardfocom-20

These are also a solid option. They are cloud-managed, and offer a lot of features. Just like with any of these higher end recommendations, you should check all the features and do your research on what you're getting.
Manufacturer link: https://meraki.cisco.com/products/appliances/mx64
[H] Amazon referral link https://www.amazon.com/?tag=hardfocom-20


If anyone has questions, recommendations, requests, or any other input that would help make this a better thread, please speak up and let me know!

The following sections are going to be left as a work-in-progress for me to build upon when I have time.
Live streaming services such as DirecTVnow, PSVue, Sling, and others (IPTV falls in to this category)

Traditional streaming services such as Netflix, HBOGO, Hulu

Video games (console and PC) - wired/wireless

Facetime, Skype, Discord, Steam voice chat, VVoIP/video phones - wired/wireless

Security cameras - wired/wireless

Honorable mention - The DD-WRT stuff is worth mentioning here. The drawback, and why it wasn't featured above, is that you are still stuff on lower-end consumer-grade hardware.

3rd party references and reading material:
-https://arstechnica.com/gadgets/2015/10/review-ubiquiti-unifi-made-me-realize-how-terrible-consumer-wi-fi-gear-is/
-https://www.troyhunt.com/ubiquiti-all-the-things-how-i-finally-fixed-my-dodgy-wifi/
 
As an Amazon Associate, HardForum may earn from qualifying purchases.
So how do you plan on powering the EdgeRouter X you're recommending? I'm guessing you'll be using port 5 of it to power the Unifi Ap-AC Lite?
 
So how do you plan on powering the EdgeRouter X you're recommending? I'm guessing you'll be using port 5 of it to power the Unifi Ap-AC Lite?
The Edgerouter X comes with a power adapter to power itself. The easiest way to power the Unifi Ap-AC Lite is over Power over Ethernet (Poe) with an Ethernet cable, yes. I included the best video that I could find on YouTube. If you still have any questions, feel free to ask!
 
Last edited:
I'm more interested in their Amplifi stuff that doesn't appear to be half baked yet. I already have an Edgerouter Lite that I don't use, no sense in buying any more devices that won't be used either because I don't want to beta test for them.
 
I find pfSense works quite well as a VM, I have been running it for years in ESXi 5.5/6.0/6.5 without any issues.

Having said that:

  • Run pfSense on a Type-1 hypervisor, it is way easier than doing so on a Type-2. In other words make sure you have a dedicated server.
  • Use NICs with paravirtualized drivers eg. Intel to get near bare-metal performance. That avoids passthrough issues.
  • One major pain is that when you down your hypervisor (maintenance, upgrades, etc.) it kills your Internet connection. If you are lucky enough to have a modem/router combo (I use Bell Fibe's Homehub 3000) that you connect thru the DMZ then you can easily bypass pfSense if something goes wrong and you need help from the Internet.
  • If you are planning on using Ubiquiti WAPs then the nice thing about running a hypervisor is that you can create a separate VM to run Ubiquiti's control software.
Of course all this advice is for a serious network nerd, I wouldn't advise pfSense let alone a Type-1 hypervisor for anyone not willing to do a lot of dirty work on their own.
 
Do you have any experience with the other end: the network adapter?

I never gave it much thought until I got a Tplink T9E for my desktop, then another for a sibling. It blew away my ac USB adapter in transfer speeds and general stability, and seemingly muscled through the sibling's bad dorm wifi setup... And that's an ancient card with an ancient chipset now.


Unfortunately, 3-antenna USB adapters seem to be non-existant, unless I'm looking in the wrong places.
 
Do you have any experience with the other end: the network adapter?

I never gave it much thought until I got a Tplink T9E for my desktop, then another for a sibling. It blew away my ac USB adapter in transfer speeds and general stability, and seemingly muscled through the sibling's bad dorm wifi setup... And that's an ancient card with an ancient chipset now.


Unfortunately, 3-antenna USB adapters seem to be non-existant, unless I'm looking in the wrong places.
I have experience with those as well. It's possible to still get some really good 1 and 2 antenna adapters with their own stand and lengthy USB cable (if desired). The ones I'm recommending are known to be very strong in their general categories. If you absolutely want signal strength, and nothing else, I recommend the Alfa AWUS036NHA. Absolutely great signal strength. It's only b/g/n. Which shouldn't be a hindrance, as your router supports one of those already. As a suggestion to the adapters that you currently have, namely the ac one, be sure you try connecting to the 2.4GHz and 5GHz frequencies and see what gives you best performance. Generally 2.4GHz signal travels further, while 5GHz is overall faster and able to transmit more data. The whole "faster and transmit more data" thing is relative. If you are using it for regular web browsing, schoolwork, check on work emails, watch YouTube, and the like, you probably won't notice any difference between your usage of the two frequencies. The obvious difference is typically the signal strength.
The ones I have had the best experience with signal strength are:
Without ac, but still very strong signal strength and speed:
- Alfa AWUS036NHA https://www.amazon.com/dp/B004Y6MIXS [H] Amazon referral link https://www.amazon.com/?tag=hardfocom-20
With ac, a little more pricey, but with their own stands, and USB cable so that you can position them as needed:
- Alfa AWUS036ACH https://www.amazon.com/dp/B00VEEBOPG [H] Amazon referral link https://www.amazon.com/?tag=hardfocom-20
This TP-LINK has different price points and options for different requirements. If you don't need ac, select the cheaper model. If you do, you can get a pretty strong WiFi adapter for around $30. Remember these only plug in to the USB port on your PC and can't be moved (except their most expensive model):
- TP-LINK TL-WN722N https://www.amazon.com/dp/B00UZRVY12 [H] Amazon referral link https://www.amazon.com/?tag=hardfocom-20
 
As an Amazon Associate, HardForum may earn from qualifying purchases.
What are your thoughts regarding Meraki equipment (other than pricing)?
 
Awesome info. Thanks! I'm in the market for a new router and I had everything you listed in my amazon cart. I seem to have bad luck with routers dying after a year or two. I have very basic needs (couple 4k tvs hard wired running netflix 24/7, couple cell phones, tablets)..... Then I watched the YouTube video..... Yea, way over my head :(
 
Last edited:
Awesome info. Thanks! I'm in the market for a new router and I had everything you listed in my amazon cart. I seem to have bad luck with routers dying after a year or two. I have very basic needs (couple 4k tvs hard wired running netflix 24/7, couple cell phones, tablets)..... Then I watched the YouTube video..... Yea, way over my head :(
The YouTube videos are there because you can do it! No need to feel that you need to have an intimate understanding of all the features. Most won't use all of the features, but can benefit from the inexpensive high quality hardware. You got this! And, if you don't, we're here for questions for this exact scenario!
 
The YouTube videos are there because you can do it! No need to feel that you need to have an intimate understanding of all the features. Most won't use all of the features, but can benefit from the inexpensive high quality hardware. You got this! And, if you don't, we're here for questions for this exact scenario!

Ordered. Should make for an interesting weekend. Thanks
 
I can second everything the OP is preaching! I work for an extreme rural ISP in East TX and we use Ubiquiti products almost exclusively for WiFi applications. I'm also a BIG fan of MicroTik. We use them for a lot of our back-end. Both are feature packed, and at a fraction of the cost of the 'Name Brands'
 
I just wanted to say Thank you! Wasn't nearly as hard as I thought. I got everything up and running after about an hour. (Referencing videos)

I bought the Ubiquiti Edgerouter X and Ubiquiti Unifi Ap-AC Lite - Wireless Access Point you suggested. Everything is running great!
 
I just wanted to say Thank you! Wasn't nearly as hard as I thought. I got everything up and running after about an hour. (Referencing videos)

I bought the Ubiquiti Edgerouter X and Ubiquiti Unifi Ap-AC Lite - Wireless Access Point you suggested. Everything is running great!
That's exciting! Thanks for stopping back in with an update! Glad you're happy with it! (y) should last you a good long time. And, you will have features available to you should the need arise in the future. Which, for me, always seems like it does :LOL:
 
I picked up a Ubiquity ER-X a few weeks ago to replace my TPLink and installed it today.

Setup seemed pretty easy and performance seems pretty good so far. Currently copying a few Terabytes from one workstation to another and I'm averaging ~115MB/Sec.
 
I picked up a Ubiquity ER-X a few weeks ago to replace my TPLink and installed it today.

Setup seemed pretty easy and performance seems pretty good so far. Currently copying a few Terabytes from one workstation to another and I'm averaging ~115MB/Sec.

2.2Tb data copy finished and I went to bed at around 0300 Sunday morning.

Woke up later Sunday morning and I had no internet or network at all.

Couldn't ping any machines on my network nor the ER-X, and when I checked I wasn't even pulling an IP from the ER-X's DHCP server (had a 169, not a 192).None of the other machines were pulling IP's either...

My internet cable runs through my UPS's surge suppressor to prevent spikes which could damage the cable modem, and the ER-X is on a UPS with the cable modem, so I don't think it could have had a hiccup through the cable itself.

Reinstalled my TPLink and I could ping and access the router and the other machines on the network, but not access internet...

Left everything unplugged for the rest of Sunday and grabbed a book to read, instead.

Woke up this morning, reset the ER-x to factory defaults, went through the setup process again, and I'm back online. Odd.

Called in a Leave day so I can test to see WTF happened. I can go 1 day without internet. Not two, lol.
 
2.2Tb data copy finished and I went to bed at around 0300 Sunday morning.

Woke up later Sunday morning and I had no internet or network at all.

Couldn't ping any machines on my network nor the ER-X, and when I checked I wasn't even pulling an IP from the ER-X's DHCP server (had a 169, not a 192).None of the other machines were pulling IP's either...

My internet cable runs through my UPS's surge suppressor to prevent spikes which could damage the cable modem, and the ER-X is on a UPS with the cable modem, so I don't think it could have had a hiccup through the cable itself.

Reinstalled my TPLink and I could ping and access the router and the other machines on the network, but not access internet...

Left everything unplugged for the rest of Sunday and grabbed a book to read, instead.

Woke up this morning, reset the ER-x to factory defaults, went through the setup process again, and I'm back online. Odd.

Called in a Leave day so I can test to see WTF happened. I can go 1 day without internet. Not two, lol.
Agreed. Odd. Hopefully just a one-off
 
Friend of the family is asking me questions about his house. What equipment would you guys recommend for a 2000sqft house. 400mbps from ISP. 2 story. Everything is wireless. 3 4k tv's, tablets, laptop and smart phones? I'm kinda trying to push him towards a mesh system.
 
Last edited:
Friend of the family is asking me questions about his house. What equipment would you guys recommend for a 2000sqft house. 400mbps from ISP. 2 story. Everything is wireless. 3 4k tv's, tablets, laptop and smart phones? I'm kinda trying to push him towards a mesh system.
I've gotten over 2000 sqft on one level from a Ubiquiti AP Lite... I'd say go with the same thing you went with.
Mount the AP physically as close to the middle (between all 4 corners of the home) as possible on the second floor ceiling. Test signal strength over a couple weeks, upstairs and downstairs. If it's sufficient, stop here. If not, continue.
Grab another AP, install it similarly to the center of the ceiling, but on the first floor. Configure it as a repeater. You now have your mesh network with Unifi APs

 
I've been operational since Monday so it would seem that my woes were a one-off occurance.

I plan to connect my old Archer C7 to the ER-X solely for providing wireless connectivity (I only use wireless to update/patch my phone's OS/apps and to download books to my Transformer Prime)
 
I plan to connect my old Archer C7 to the ER-X solely for providing wireless connectivity

If it can easily be put into 'Access Point' mode with the default firmware that should do it, if not you might look to see if you can put a -WRT variant on it for the purpose.
 
If it can easily be put into 'Access Point' mode with the default firmware that should do it, if not you might look to see if you can put a -WRT variant on it for the purpose.

I'm pretty sure it has that mode. If not I have an older DLink I can use which I'm certain has that mode. Like I said, I only use it long enough to grab OTA updates to my phone and to download Kindle purchases, then turn it right back off.
 
Hooked up today OP, thanks for the guide. Only issues I had was I needed to upgrade java in order to get the unifi controller app to work. Otherwise has been smooth.
 
Thanks to OP. Changed to U ERX with older Asus rt-ac66u as AP (and print server). Slicker than snot on a doorknob.
 
Well my setup lasted almost 2 years problem free. My Edgerouter X took a crap. Tried trouble shooting. Router is dead can't log in or ping.
 
Well my setup lasted almost 2 years problem free. My Edgerouter X took a crap. Tried trouble shooting. Router is dead can't log in or ping.

Make sure it's not the power brick that's the issue. My Edgerouter Lite started acting up a year or two ago, turned out the PSU was dying. Replacing it with another compatible unit I had around solved the problem.

Any power brick will do, so long as:
  • It is a DC (not AC) PSU of the same voltage as the original. Less will not be able to drive the router, greater will fry it.
  • Its amperage rating is equal to or greater than the original. Less will potentially lead to a overheating PSU and premature failure.
  • The connector is the same size, and the polarity for the center and sleeve match the original.
All that info will be on the PSU's label.
 
I run the Edgerouter ER-X-SFP with 4 cheap UniFi AP's running off the POE ports and then a DAC (?) cable going from the SFP port out to the SFP port on an overkill 48port Netgear gig switch to run to my various wired hardware (PC's, XBOX, etc).

I have the AP's spread out for great coverage of my house and into my yard ..been very happy with my older Ubiquiti products (..and you too Netgear (y) )

I got a hold of an old Dell Dorce10 S60 to try and configure some 10gb networking some day (when I can get a hold of some cheap 10gb nics of some kind) to hook up my PC and FreeNAS box at least to get faster transfer speeds between the two .. but that's down the road a bit I'm afraid...

Anyhoo .. Thanks for taking the time to put this thread together :cool:
 
Back
Top