Wifi router opinions

[fade]

I'm looking to buy a wifi router and I am torn about what to do. There are a ton of good solid older 802.11n routers like the D-Link Dir-615 for like $15 with free shipping. I own no ac devices yet and I know this router is a workhorse and you can install DD-WRT on it painlessly. Or I could invest in a nice new AC router for $100 or more. Not sure which way to swing. I like that the older routers broadcast at 2.4 GHz for less attenuation, but in this neighborhood in a frame house it hardly matters.

Anyway I'm looking for some opinions. Any thoughts?

 

[Shakey]

I just bought a Unifi router, and really like it. It's reasonably priced for what you get, and it's rock solid. My old routers kept choking under heavy load. This works great, and has tons of management features.

 

[GasBandit]

Do NOT buy a DLink. I've had nothing but problems with them for the last few years. Trendnet has served me acceptably well in a home environment for a while. At work we use Unifi access points, but they're not routers - just access points. Our Cisco router handles the DHCP stuff.

 

[PatrThom]

Any reason you wouldn't want to go home-brew?

--Patrick

 

[fade]

Any reason you wouldn't want to go home-brew?

--Patrick

That's interesting but probably a bit more time than I want to invest right now.

 

[Eriol]

I want to replace my ISP's crappy thing with something that can handle wifi from one device on the network to something else without killing the (extremely limited, crappy) connection to the outside world. I have a gigabit switch handling the wired stuff (cheap, but effective netgear) but I want to take the wifi off of the internet router too just to be 100% sure that the old piece of crap isn't limiting me.

Any suggestions? The Unifi link up there is broken for me.

 

[PatrThom]

Any suggestions?

Smallnetbuilder suggests that of the ones they've reviewed, your price/performance champion is going to be the TP-LINK Archer C7 V2 for US$70. The Archer C5 is a close second at US$75 (which is not too surprising, seeing as in reality it is just a detuned/rebadged Archer C7 V1 on the inside).
There may be others better suited depending on your location and intended use (coverage pattern, printer/storage options), but if your primary criterion is the ability to throw files back and forth between other machines on your LAN, the numbers say these should do it for you.

--Patrick

 

[GasBandit]

The thing about Unifi's WAPs is they require a computer on the network in question to be running their management software, which will let you manage and monitor the WAPs and devices connecting to them. It's acutally kinda nifty software in itself, and it installs as a service and you access its controls via browser, but it makes it so that the Ubiquiti Networks equipment (who make the UniFi stuff) isn't quite what you'd call plug and play, compared to most routers where you just plug it in, browse to 192.168.0.1, put in the IP information and go. Nothing you can't handle, I'm sure, just be advised there's an extra few steps involved. Also, the UniFi stuff is power-over-ethernet (and they come with adapters).

Another thing is, most SoHo routers that have wireless capabilities can be converted to WAPs just by turning off their DHCP server functions.

 

[fade]

Just as a followup to my original question, I went with a used Netgear 802.11ac router from ebay, which I sniped for about 30 bucks. So I sort of split the difference.

 

[PatrThom]

most SoHo routers that have wireless capabilities can be converted to WAPs just by turning off their DHCP server functions.

It sounds like his main bottleneck is actually routing performance. If he disables routing on whatever new equipment he gets, he's going to be back to having his ISP box do all the router processing, which would put him right back where he is now, no matter how much improvement he gets with his signal/link speed.

Just as a followup to my original question, I went with a used Netgear 802.11ac router from ebay, which I sniped for about 30 bucks. So I sort of split the difference.

Make sure you let us know how it works for you.

--Patrick

 

[GasBandit]

It sounds like his main bottleneck is actually routing performance. If he disables routing on whatever new equipment he gets, he's going to be back to having his ISP box do all the router processing, which would put him right back where he is now, no matter how much improvement he gets with his signal/link speed.

--Patrick

A lot of ISPs strongarm their customers into using their combination modem/routers, which is what I was assuming was the case here. They combine the modem/router/wireless into one box so they can more easily remotely administrate the whole shebang. That's what I was interpreting Eriol's situation to be. That being the case, any router behind that wouldn't really be doing any routing. But if that's not the case here, then yeah, best just to get the old router out entirely.

 

[Eriol]

A lot of ISPs strongarm their customers into using their combination modem/routers, which is what I was assuming was the case here. They combine the modem/router/wireless into one box so they can more easily remotely administrate the whole shebang. That's what I was interpreting Eriol's situation to be. That being the case, any router behind that wouldn't really be doing any routing. But if that's not the case here, then yeah, best just to get the old router out entirely.

My ISP gave a modem/router/wifi. 10/100. Right away just put a gigabit switch on it for local wired traffic. Want to replace its wifi now. Maybe even an extra layer of NAT just so that the ISP has no clue whatsoever of what's happening inside of my network. All I want it for is to go to the net and handle nothing more. New device to do everything inside of my house. MAYBE keep it as a DHCP server (so no extra NAT layer) or maybe not (probably simpler not to).[DOUBLEPOST=1459180577,1459180396][/DOUBLEPOST]

Smallnetbuilder suggests that of the ones they've reviewed, your price/performance champion is going to be the TP-LINK Archer C7 V2 for US$70. The Archer C5 is a close second at US$75 (which is not too surprising, seeing as in reality it is just a detuned/rebadged Archer C7 V1 on the inside).
There may be others better suited depending on your location and intended use (coverage pattern, printer/storage options), but if your primary criterion is the ability to throw files back and forth between other machines on your LAN, the numbers say these should do it for you.

--Patrick

Nice suggestions. Will strongly consider. And I'll look at that website too.

 

[GasBandit]

My ISP gave a modem/router/wifi. 10/100. Right away just put a gigabit switch on it for local wired traffic. Want to replace its wifi now. Maybe even an extra layer of NAT just so that the ISP has no clue whatsoever of what's happening inside of my network. All I want it for is to go to the net and handle nothing more. New device to do everything inside of my house. MAYBE keep it as a DHCP server (so no extra NAT layer) or maybe not (probably simpler not to).

That's what I thought was the case. In that situation, then, yeah, I'd say pick up an inexpensive (not D-Link) wifi/router, plug one of its "internal" ethernet jacks into your switch and leave the "uplink" port unconnected. If you already have something in your network on its default IP, you might want to change it, if only temporarily, and then browse to the new router, go into its configuration, setup the wifi encryption/speed/pwd/internal IP etc, then turn off its DHCP. It is then a wireless access point - whatever devices connect to it will get on your internal network, and whatever is assigning addresses (right now, your ISP's router) will assign it addresses like any other device. Naturally you can change any of this later.

 

[Eriol]

That's what I thought was the case. In that situation, then, yeah, I'd say pick up an inexpensive (not D-Link) wifi/router, plug one of its "internal" ethernet jacks into your switch and leave the "uplink" port unconnected. If you already have something in your network on its default IP, you might want to change it, if only temporarily, and then browse to the new router, go into its configuration, setup the wifi encryption/speed/pwd/internal IP etc, then turn off its DHCP. It is then a wireless access point - whatever devices connect to it will get on your internal network, and whatever is assigning addresses (right now, your ISP's router) will assign it addresses like any other device. Naturally you can change any of this later.

That's one way of doing it definitely (and I've done related in the past. Remember to do that config disconnected from the rest of the network though, since if you have TWO DHCP servers on the same network, madness can result). The other way is to use the uplink and have that the ONLY thing connected to the ISPs router, and then the ISP can't read anything off of my network. Not because I worry about the ISP per-se, but more that the thing is ancient and probably riddled with security holes. Might be better to "quarantine" it as much as possible from the rest of my devices.

 

[GasBandit]

That's one way of doing it definitely (and I've done related in the past. Remember to do that config disconnected from the rest of the network though, since if you have TWO DHCP servers on the same network, madness can result). The other way is to use the uplink and have that the ONLY thing connected to the ISPs router, and then the ISP can't read anything off of my network. Not because I worry about the ISP per-se, but more that the thing is ancient and probably riddled with security holes. Might be better to "quarantine" it as much as possible from the rest of my devices.

My only caveat on that second one is that when I've tried it in the past, there were port-related oddities. Might have just been the particular router I was using at the time. Also, the more things that you put between your switch and your modem, the more things you have to check/troubleshoot when, at some point in the future, the internet "stops working."

 

[Eriol]

My only caveat on that second one is that when I've tried it in the past, there were port-related oddities. Might have just been the particular router I was using at the time. Also, the more things that you put between your switch and your modem, the more things you have to check/troubleshoot when, at some point in the future, the internet "stops working."

Fair point to make no doubt, but as I said, isolating from ISP is probably worth it in the bargain. Either way, I have options.

Thanks again @PatrThom for your help picking. It's a solid suggestion.

 

[PatrThom]

A lot of ISPs strongarm their customers into using their combination modem/routers, which is what I was assuming was the case here.
[...]
My only caveat on that second one is that when I've tried it in the past, there were port-related oddities.

This is the situation I was assuming as well. Most ISP-provided routers will at a minimum allow some kind of DMZ or "default host" passthrough setting even if it insists on being in control of all the DHCP. If that's the case, you just set your router to be the DMZ/default host of your ISP's router and set your internal network to be on a different subnet than the one the ISP router wants you to be.
So:
-If the ISP router is configured to give your equipment a public IP address, you just plug the WAN port from your router of choice into the ISP router and set your router up however you want.
-If the ISP router is configured to give your equipment a private IP address (192.168.x.x/10.x.x.x/172.16.xx.xx thru 172.31.xx.xx) then you still plug the WAN port of your router into the ISP router but then you have to configure your new router to also give the equipment behind it a private range, just not the same private range as the one your ISP router is giving you.

Once the proper one of the above two is done, you will need to set up any port forwarding you need to do whatever else you want to do. I've had to do both of these at one time or another so I've had experience with both. Both methods will successfully isolate your internal network from the ISP.

--Patrick

 

[Eriol]

This is good FYI for others guys, but my day job... I know (somewhat beyond basic) network stuff. Nothing new here. I actually use an extra router to isolate my work PC from the rest of my network, and have a route set up for a specific service from that machine through the NAT, even while the VPN from that machine is up with the corporate network. So I can appreciate doing the hand-holding for others here, but I'm not one who "needs" it. But a good reference nonetheless.


On the port forwarding thing, I remember doing that back in the 90s for various things in my parents' house for SSHing and such in from high school (and later university) so I could grab stuff from my home PCs. Fun times.

 

[GasBandit]

Yeah, most things we were saying I think were for the "studio audience" and in case some desperate googler ends up here trying to find help with the same issue.

 

[Eriol]

Yeah, most things we were saying I think were for the "studio audience" and in case some desperate googler ends up here trying to find help with the same issue.

If they end up here rather than StackOverflow (or Superuser, or whatever on that network) for network advice, then God Go With Them.


On that note, I saw a comment the other day that being an administrator for StackOverflow would really suck, because if it goes down, they can't google for the answer on StackOverflow. Which I thought was a really great point!

 

[GasBandit]

 

[fade]

Oh man, this. Especially with scientific code. Because most of the people doing that (a) work in an arena populated by scientists who kind of know how to code, but not really (b) create coding problems that "real" coders don't run into because of point a (c) ask in forums when no "real" coder dares tread.

 

[Eriol]

Oh man, this. Especially with scientific code. Because most of the people doing that (a) work in an arena populated by scientists who kind of know how to code, but not really (b) create coding problems that "real" coders don't run into because of point a (c) ask in forums when no "real" coder dares tread.

You're stretching the definition. I've seen code by masters students in CS who have NO idea how to code. And that was when I was an undergrad in engineering. And I look at my undergrad code now and (most of the time) go "wtf was I THINKING???"

So no, not "kind of" at all. They just don't know. Like, anything.

 

[Dei]

From the things I hear my husband say, I swear he spends 50% of his day at work wondering wtf people are doing. And these are definitely CS/CE people.

The same with our friend who works at SpaceX.

 

[fade]

You're stretching the definition. I've seen code by masters students in CS who have NO idea how to code. And that was when I was an undergrad in engineering. And I look at my undergrad code now and (most of the time) go "wtf was I THINKING???"

So no, not "kind of" at all. They just don't know. Like, anything.

If I read you correctly, I meant scientist as in not computer scientist. Like physicists.

On the other hand, I've known some people who are really good coders who have never taken formal classes. In fact, there's a whole job title called "scientific programmer" for them. They usually have Ph.D.s or Masters in the subject matter, but for whatever reason have also become coding experts. Not to tell you anything you probably already know...

 

[PatrThom]

I can appreciate doing the hand-holding for others here, but I'm not one who "needs" it. But a good reference nonetheless.

The trouble with trying to keep track of everyone on the forum is that there are so many. Without external aids (or constant updates to the Halforum wiki), it is almost impossible to know what people are "good" at (especially people with a total post count only 1/20th that of our most prolific posters), and therefore difficult to tailor a technical post wide enough for ALL audiences.
That said, do you have anything to add? Any info about whether the ISP treats the machines on your LAN like second-class Netizens?

being an administrator for StackOverflow would really suck, because if it goes down, they can't google for the answer on StackOverflow. Which I thought was a really great point!

--Patrick

 

[bhamv3]

This is why when I asked on the Dwarf Fortress forums about a snippet of code I'd need to mod my game, and a bunch of other forumites worked it out for me, I made sure to edit my original post to include the finalized code segment, just in case anyone searched for this particular mod in the future.

If anyone's curious, it was a mod to make my magma smelters generate honey.

 

[Eriol]

If I read you correctly, I meant scientist as in not computer scientist. Like physicists.

Initially I meant "given that CS should be better than everybody else, and since CS students are horrific, the regular scientists are probably even worse when they try, thus you have my sympathy having to deal with it."

On the other hand, I've known some people who are really good coders who have never taken formal classes. In fact, there's a whole job title called "scientific programmer" for them. They usually have Ph.D.s or Masters in the subject matter, but for whatever reason have also become coding experts. Not to tell you anything you probably already know...

This is my experience. Most people who've worked with code (nearly) every day for years are OK at the least. Maybe not the most forward-thinking, but usually don't epically screw up. Not always of course (just look at www.thedailywtf.com for examples), but usually experience gets you to an OK level. But the really talented ones are just good regardless of formal training. They "get" it on a level most others don't.

 

[PatrThom]

the really talented ones are just good regardless of formal training. They "get" it on a level most others don't.

Well that's a relief.

--Patrick

 

[Eriol]

My personal thing to look out for a good programmer in a large meeting: (s)he's the one googling the answer to the discussion the "important" people are having, and when somebody wants an idea from, already has a prototype in mind.

My personal measure of an epically bad situation: in almost all cases, (s)he's the one who thinks they can do better than the well-tested and well-known library. It's always a disaster from that point on if they have influence.

 

[fade]

I find it phenomenally difficult to convince the other scientists here to use libraries. Especially in linux. There is some justification to their fears in that you have to rely on the end user to install the library, but for better or worse, that's a POSIX environment for you. I also find it tough to convince them that the Fortran code they wrote by directly transcribing their equations into fortran works (and indeed works the way Fortran was intended to work), but it sucks from an efficiency point of view. There's a reason, doctor, that your code needs 96 GB of RAM, and it's not because you're a god of numerical modeling. It's because your memory handling is extremely naive. Not to mention no one but you knows what "d" means here because you have one letter variable names with no comments, all in the global namespace.

Woo sorry. I could rant about this for a long time. I'm a research scientist, but I'm also a good programmer. I'll be damned if I let some crap out the door with either a bad implementation of the science from the pure devs or a bad implementation of the program from the scientists.

 

[Eriol]

I find it phenomenally difficult to convince the other scientists here to use libraries. Especially in linux. There is some justification to their fears in that you have to rely on the end user to install the library, but for better or worse, that's a POSIX environment for you. I also find it tough to convince them that the Fortran code they wrote by directly transcribing their equations into fortran works (and indeed works the way Fortran was intended to work), but it sucks from an efficiency point of view. There's a reason, doctor, that your code needs 96 GB of RAM, and it's not because you're a god of numerical modeling. It's because your memory handling is extremely naive. Not to mention no one but you knows what "d" means here because you have one letter variable names with no comments, all in the global namespace.

Woo sorry. I could rant about this for a long time. I'm a research scientist, but I'm also a good programmer. I'll be damned if I let some crap out the door with either a bad implementation of the science from the pure devs or a bad implementation of the program from the scientists.

You might want to learn some basic packaging, so that you can use apt (or yum, whatever) to install their programs on destination machines, and automatically get dependencies. Might be worth the time from the sounds of it.

As for the rest, I can only imagine working WITH them to do this kind of thing, as opposed to being handed the stuff so I can change as I wish (that one-letter variable thing is common). Did that years ago and that was bad enough. I can only imagine what you go through daily.

 

[GasBandit]

 

[Eriol]

I only wish the "large company" one was similar to where I work. You forgot the copious number of log messages that are out-of-date for what's actually happening, and the single corner case that for no conceivable reason the function just doesn't work.

I liked the comments from the start-up one though. REALLY liked it.

 

[fade]

You might want to learn some basic packaging, so that you can use apt (or yum, whatever) to install their programs on destination machines, and automatically get dependencies. Might be worth the time from the sounds of it.

As for the rest, I can only imagine working WITH them to do this kind of thing, as opposed to being handed the stuff so I can change as I wish (that one-letter variable thing is common). Did that years ago and that was bad enough. I can only imagine what you go through daily.

We do use packaging for what we can, but that requires the dependencies to be in the repositories. A lot of the repos don't have current enough versions of libs. I have custom scripts that will test for and install dependencies, but they're not foolproof. I also can't yum everything, because it's high performance stuff, and the user might have an architecture specific MPI libs or math libraries, which could be dozens of times faster than anything in the repos.