Should I Change My Network Hardware?

campitel · Mar 7, 2024

Summary: WiFi doesn't penetrate my whole apartment so I am using two TP-Link Routers (one as a hard-wired access point) with two different SSIDs. I am likely going to more permanently affix the network cable (using a cable raceway instead of gaffing tape) and am considering also switching to something like TP-Link Omada or Ubiquiti hardware. Given that what I currently have works, should I just stick with it and not worry about changing anything?

The Details

My current apartment is 100 years old and has thick, lath and plaster walls. I have reasonable WiFi router (TP-Link AX3000), but it cannot provide a consistent enough connection to the farthest bedroom. The rest of the apartment has great WiFi connectivity. To remedy this, I repurposed a smaller router (TP-Link AX1800) to serve as an access point in the problematic room. I run a network cable to it. That access point runs at low power and has its own SSID so the occupant of that room can select that point for their in-room Internet needs. Everything works, and (honestly) works pretty well.

The network cable is held to the wall with gaff tape and the time has come for something a little less crappy looking so I am going to run a raceway and take my first stab at terminating my own cables and using surface mount boxes with network keystones. The landlord is on board with all of this, should I choose to do it. The things I don't like about my current setup are:

The gaff tape
The two SSIDs that must be manually selected
The space required by the additional access point
The fact that the access point needs a separate power brick in addition to the network cable

Since I am going to be doing a bit of cabling, I was thinking about a PoE access point. It could mount to the ceiling, solving the space problem, and I get to lose the separate power connection. Further, the Omada and Ubiquiti setups more gracefully hand off between access points. Wireless mesh is not an option. I don't have anywhere I can put a mesh access point that can both receive sufficient signal to broadcast into the problematic room and plug into power.

Replacing the access point in the room and the main wireless access point cost a bit of money, but that's not too bad. I might also need a new router, which involves additional cost and complexity. I suspect I am looking at something in the vicinity of $400 for all these changes without counting the cost for cabling and the raceway. That could be more if I got beefier router with something like pfsense, which is more complexity yet. I wonder if this is just stupid and if I should just leave my setup as is, put up the raceway, and call it good enough? Any Omada or Ubiquiti users that want to chime in?

campitel · Mar 7, 2024

Also, if it matters, I have Sonic fiber which supposedly supplies 10 Gbit symmetrical to my place. My computer has a 10 Gb card in it that I use to communicate to my NAS, but my current router is just a 1 Gb unit. While it would be cool to have 10 Gb capable hardware throughout, that is not very realistic. Semi-affordable 10 Gb switches, esp RJ45 models without fans in them, just don't seem to exist.

Paladin · Mar 7, 2024

If anything, I would either keep it as it is (but clean up the cable for appearances) or maybe get a second access point that supports PoE but then you need a PoE injector somewhere so you're just shifting the issue around. If you had need of a switch you could get one that does PoE and then run the AP from that, if desired. Ultimately, if it all works well as it is, there is little real need to upgrade anything.

Andrewcw · Mar 7, 2024

Pretty much all "From the Ground up" mesh systems hand off fairly well. And i mean you're not buying Routers that have the ability to become AP's and mesh. Like your router claims it can do so with OneMesh. But i'd rather just spend the money and buy a new mesh system then try to hodge podge it if you had to add another node.

Why you're running two different SSID's i dunno. Both your routers support OneMesh and it should be a duct tape mesh system.

I don't think moving to Omada or Unifi/Ubiquiti's going to help you per say with improving your signal. Though it might help you if your AP's can give your RSSI information from the clients connected. So you can figure out better placements without only relying if the connection feels right or not. As your current router does not have that information readily available from the console.

Also in your situation i would crank the power to maximum for everything until you figure out better placement. Just because of how your walls are. So watching youtube will have a better experience. But anything require for you to upload will still suffer regardless because your client antenna probablly has less penetration.

Kyuu · Mar 7, 2024

Yeah, 10G Ethernet equipment is still expensive, power hungry, and runs hot. 2.5G, on the other hand, is becoming more common and the equipment is somewhat reasonably priced. It also has the added benefit of working on your existing wiring, assuming it's up to snuff (no bad terminations/splices, no excessively long runs, etc.).

If what you have is working, then keeping it is always an option. However, some new equipment that can handle seamless roaming between APs without juggling multiple SSIDs would certainly be an improvement. TP-Link Omada is good stuff (that's what I use at home), but there's also many consumer-grade wireless mesh kits that can do wired backhaul and would also work well.

It's really just a question of if you really want to spend the money or not.

KD5MDK · Mar 8, 2024

You sound like a good candidate for TP Link Deco, or using OneMesh as Andrewcw suggested.

Arty50 · Mar 8, 2024

Agree with everything said so far. There's very little reason to build out a full 10G network right now, and a mesh system would work really well. With that said, Sonic is renting out Eero Max 7 mesh hardware if you want to go 10G.

And if you keep an eye on Craigslist, you can occasionally find used 10G hardware. For instance, there's a Unifi USW-FLEX-XG on CL in the Bay Area right now for $200. It has 4 10G ethernet ports and can be powered via a 1G PoE port or a 5V USB-C adapter.

BigLan · Mar 8, 2024

KD5MDK said:
You sound like a good candidate for TP Link Deco, or using OneMesh as Andrewcw suggested.

I'm a fan of Deco. It doesn't have the bells and whistles of Unifi or Omada, but is cheaper and Just Works. Plug it in, get the app, set the ssid and password and pretty much forget about the system.

But it won't come close to using all of a 10gig connection.

campitel · Mar 8, 2024

Andrewcw said:
Why you're running two different SSID's i dunno. Both your routers support OneMesh and it should be a duct tape mesh system.

While they support OneMesh, they do not support doing so with Ethernet backhaul, which is what I am using. As I mentioned above, wireless mesh won't work for me. For reasons of both having no good place to put the access point and lack of power outlets, I cannot position the other access point in a way that would get to the back bedroom. Running a network cable is actually easier in this case. Using separate SSIDs is necessary so that the occupant of that bedroom can explicitly select the access point for that room. Again, because I cannot use OneMesh here, this is the workaround. I also don't know if the AX3000 and the AX1800 would hand off properly based on signal since they are not one of the fancier OneMesh offerings from TP-Link. When I was looking into this around two years ago, I could not find a great answer to that. I suspect they exhibit more normal access point behavior, where the device holds on to the access point pretty stubbornly, because their other OneMesh offerings explicitly mention that they do the graceful handoff thing.

Andrewcw said:
I don't think moving to Omada or Unifi/Ubiquiti's going to help you per say with improving your signal.

I am not looking to improve my signal. My goals have more to do with logistics and getting hardware into less obtrusive positions. I have good coverage with the current setup. I am considering if it makes sense to take the AX1800 out of the equation and replace it with a ceiling mounted access point in the back bedroom that pulls power over Ethernet. That would allow me to eliminate the need for an extra power cord and power transformer. Also, getting the access point on the ceiling frees up the occupant from having to work the access point into whatever else they have in the room.

Andrewcw said:
Also in your situation i would crank the power to maximum for everything until you figure out better placement.

The main access point is going full power, but there is no need to crank the secondary one in the bedroom. There are no meaningful obstructions there, and no one else needs to use it.

campitel · Mar 8, 2024

Arty50 said:
a mesh system would work really well.

Unfortunately, wireless mesh system will not work for me here for reasons I detail above. A Deco system might work because it looks like it does work with Ethernet backhaul. It still requires a separate power cable, but it is an option I had not considered.

Arty50 said:
With that said, Sonic is renting out Eero Max 7 mesh hardware if you want to go 10G.

I will wire things up with Cat 6 and my cable runs will be within the limits to run 10 Gb, but I agree that full 10 Gb connectivity is not needed or even really that feasible at the moment.

Arty50 said:
And if you keep an eye on Craigslist, you can occasionally find used 10G hardware. For instance, there's a Unifi USW-FLEX-XG on CL in the Bay Area right now for $200. It has 4 10G ethernet ports and can be powered via a 1G PoE port or a 5V USB-C adapter.

That is an interesting device. Even new, they are $300. That is one of the few 10 Gb switches I have seen that has 4 x 10 Gb ports but does not have a fan in it.

campitel · Mar 8, 2024

Oops. Accidentally quoted myself instead of making an edit.

BigLan · Mar 8, 2024

campitel said:
Unfortunately, wireless mesh system will not work for me here for reasons I detail above. A Deco system might work because it looks like it does work with Ethernet backhaul. It still requires a separate power cable, but it is an option I had not considered.

Yes, the decos support wired backhaul - the units usually have 2 ethernet ports, and will fallback to wireless mesh mode if the cable isn't connected. They do need a power connection with a wall wart.

Paul Bartz · Mar 8, 2024

Take a look at the TP-Link SX1005. It's available new for under $300, has five 10GBaseT ports, and is fanless.

Arty50 · Mar 8, 2024

campitel said:
Unfortunately, wireless mesh system will not work for me here for reasons I detail above. A Deco system might work because it looks like it does work with Ethernet backhaul. It still requires a separate power cable, but it is an option I had not considered.

Yeah, sorry. I should have been more clear since I’m a member of the wire everything as much as possible camp (especially APs). Most of the mesh systems provide wired backhaul also like BigLan mentioned about the Decos. Theoretically, any devices in the furthest bedroom should connect to the AP you put in there even if it’s broadcasting the same SSID.

malor · Mar 11, 2024

There are starting to be NUC-alike Intel boxes that come with multiple SFP+ ports, which would let you accept and deliver 10G networking. You'd split your networking services into your firewall/router box, with the SFP+ ports, and then your wireless routers, in bridge mode, probably hanging off 1G copper ports.

You'd have to custom-build the box, but something like OPNsense should make that a somewhat reasonable proposition. (you can also do it by hand in Linux, which is what I do, but you need a pretty solid grasp of Linux networking to start from zero and end up with a firewall/router.)

Fiber 10G is noticeably cheaper than copper, especially if you're willing to go for used gear. You can get fiber SFP+ modules quite cheaply; EBay is full of Brocade SR modules for about $8 each, and you can get brand-new ones from fs.com for like $25.

Copper SFP+ ports tend to cost a lot more. The last time I looked, the recommended units I saw were $75 each. I ran the numbers, and buying used Mellanox cards and used transceivers was somewhat cheaper than trying to use copper, while running way cooler, so I switched to fiber. Even with used gear, everything has been perfect. I did have a problem where I mistakenly ordered a long run of single-mode fiber (which is narrower), and tried to use it with my multi-mode transceivers. This kind of worked, but had a lot of packet loss, because the SR optics were meant for the thicker multimode fiber. As soon as I replaced that run with multimode, it became flawless. All my fiber connections have been perfect ever since.

Right now, getting an x86 box with SFP+ ports is easiest from Alibaba, but they're likely to start showing up on Amazon soon. Servethehome was pointing at a unit that was about $250 barebones from there: it had four SFP+ ports and four copper ports. (You'd probably only need to use two SFP+ ports, and would connect to a switch that had more.)

Even if Sonic is delivering 10G over copper, you can buy a single $75 transceiver for that and then stick with fiber on your other ports.

It's not exactly cheap to set up a 10G backbone, but it's a heck of a lot cheaper than it was just a few years ago. My chokepoint for the NAS now has become the spinning drives I'm using, instead of the gigabit link. An expansion is tempting.

Arty50 · Mar 11, 2024

We're getting there slowly but surely! The only catch is that I've read that pfSense and OPNsense struggle with 10G connections. Netgate claims this is one of the reasons why they developed TNSR. It's possible you can throw hardware at the problem, but I haven't really found anything that recommends the minimum hardware needed to do so. Meanwhile there are tons of stories of people running pf/OPNsense that are only routing about 50-60% of their 10G connection.

steelghost · Mar 12, 2024

OPNsense (well, Deciso) sell an appliance that has 14Gbit of advertised throughput. Its bigger brothers scale to 17Gbit, so it would appear it's not an OPNsense problem per se. That said, these things run from 1299€ to 1799€ and use a quad-core embedded EPYC CPU, so yeah, they are throwing quite a bit of hardware at the problem.

There's a Mikrotik option, the snappily named CCR2116-12G-4S+ at around $1000, or you could look at the TP-Link BE-900 for ~$700. It has 10Gbit WAN and LAN ports but actual throughput info is conspicuous by its absence, so whether it can actually manage 10Gbit is something you'd want to investigate, I haven't been able to find any real reviews of it.

Honestly feels like a hex-core latest gen build from either Intel or AMD (14600k or 7600X) with the right NIC for BSD support would probably do the trick, assuming BSD can run on hardware of that generation (not necessarily a guarantee). Such a machine would have significantly higher throughput, both single threaded and in aggregate, than the embedded EPYC CPU in the Deciso appliance.

This Reddit thread suggests that multigig routing isn't too hard for a very 'ordinary' CPU - the results without intrusion detection are actually pretty close, and that's a quad-core Ivy Bridge part.

I can tell you what my super cheap hardware can do, and I have the 10Gbit/s Internet connection.
Firewall:

Opnsense 22.7_4-amd64

Intel(R) Core(TM) i5-3550 CPU @ 3.30GHz (4 cores, 4 threads)

Biostar H61MHV2

8064 MB of RAM

120 GB SSD

Intel X520-DA2 82599ES (SFP+)

Without Intrusion Detection ->
View: https://imgur.com/a/AZFethJ

With Intrusion Detection -> 1.7Gbit/s DOWN / 4.6Gbit/s UP

The question then is whether you want to have IPS/IDS or any kind of UTM features on your router, or if you're just looking for straight firewalling / NAT, as the achieveable throughput is of course going to differ considerably.

I shall not question what you can even do on the internet to actually achieve even 5Gbit of throughput, nevermind 10!

w00key · Mar 12, 2024

Huh? Fast path processing is basically infinite throughput (allow established, related) or hw nat / offloading, and routing itself with a tiny routing table doesn't cost anything either. What are people doing to bottleneck their router at the CPU level?

Mikrotik hits 7+ Gbps on a lame quadcore ARM board (RB4000s). Any x86 should be faster. I didn't know DPI is a thing in home networks, it's only really useful with a threat detection subscription and HTTPS inspection imo so you can filter on urls and block zero days / new threats before antivirus definitions are updated.

steelghost · Mar 12, 2024

Stuff like ZenArmor and Untangle exists and definitely has a big impact on CPU usage when you start ticking boxes.

As per the Reddit link I posted, in straight throughput you can see 7+Gbit throughput even with an old Ivy Bridge CPU....assuming there's no inspection etc.

Keljian · Mar 29, 2024

Late to the party.

Unifi works well for the majority of home users who want a bit more than the basics. I have been on Mikrotik for a while and am slowly converting over to Unifi, having used their access points for a while.

no, you won’t get 10 gig unless you go rackmount, but the average consumer doesn’t need even 1gig.

my new setup is going to be:

Unifi cloud gateway ultra
usw-lite-16 (Unifi switch lite 16 port) already running (recently)
U6 mesh x 2 (already running)

That is more networking than I would argue the average home needs

JohnCarter17 · Apr 29, 2024

I am in the same boat (to some degree) as OP.

Current using T-mobile 5G as ISP.
Netgear GS108, D-Link DIR-880L AC1900 Dual Band router, D-Link DAP-1650 AC1200 range extended.
Poor reception upstairs (2 story house)

So since both my PC and Synology NAS have 1G ports, I see no reason to upgrade the switch yet.

A friend recommends Eero mesh setup. I have seen recommendations here for the TP-Link Deco.

I would think I could upgrade to a 3 piece mesh setup.
I already was running a wired Cat 6a line to the living room TV, so use that to the 2nd mesh unit for backhaul and have the 3rd upstairs.

I think from reading here WiFi 6 is what I should be looking for.

I made a cable order from Monoprice, with Cat 8 for all the office room short runs (pc/gateway/switch/NAS/other boxes) since it was only a buck or so more/cable than getting Cat 6a and 3 longer (25'/40') runs in Cat 6a.

continuum · Apr 29, 2024

JohnCarter17 said:
I would think I could upgrade to a 3 piece mesh setup.
I already was running a wired Cat 6a line to the living room TV, so use that to the 2nd mesh unit for backhaul and have the 3rd upstairs.

Seems reasonable. Eero Pro or Orbi or Asus Zen Wi-Fi or TP-Link Deco all in the Wi-Fi 6 or 6E variants if you need to buy right now (or want both performance and cost effective) would be the way to go... Might be a competitor or two I'm missing there.

Xelas · Apr 30, 2024

Regarding power - be aware that passive PoE splitters exist. They take standard network with PoE power and split it out into a network cable and a separate power cable. They are commonly sold with 12V barrel tips or with 5V USB tips. They typically max out at about 1 - 1.5A, so basically up to about 10-15W, but that's enough for a small device. This might open up some possibilities for a mesh device, for example, to be placed away from a power outlet. Of course, if you are using a "real" WAP, then it should have PoE baked in.
We use a ton of these in retail (several hundred deployed, not for WAPs):

View: https://www.amazon.com/UCTRONICS-Splitter-Compliant-1000Mbps-Raspberry/dp/B0BLBX1795

Here is a 12V, 2A version:

View: https://www.amazon.com/REVODATA-12V-2A-Surveillance-PlugPS5712TG/dp/B08HS4NT13/

This TrendNet one is selectable 5/9/12V. Useful, but a bit clunker. It comes with a cable that has 2 barrel tip sizes:

View: https://www.amazon.com/TRENDnet-Splitter-Mountable-Adjustable-TPE-104GS/dp/B00MOIDXZ0/

... etc.

Should I Change My Network Hardware?

Ars Centurion

Ars Centurion

Ars Legatus Legionis

Ars Legatus Legionis

Ars Tribunus Militum

Ars Legatus Legionis

Ars Scholae Palatinae

Ars Tribunus Angusticlavius

Ars Centurion

Ars Centurion

Ars Centurion

Ars Tribunus Angusticlavius

Ars Praefectus

Ars Scholae Palatinae

Ars Legatus Legionis

Ars Scholae Palatinae

Ars Praefectus

Ars Praefectus

Ars Praefectus

Ars Centurion

Ars Praefectus

Ars Legatus Legionis

Ars Praefectus