29
votes
What home network equipment do you use?
Hey all, I'm interested in going down the rabbit hole with Ubiquiti equipment or other manufacturers, more specifically with access points, routers, and a switch. I want to ween off my ISP-supplied all-in-one equipment as their newer hardware limits basic features such as port forwarding, and I'm interested in re-enabling my self-hosted software. Wi-Fi standards have been moving pretty quickly, as have hardware. What setups do you have established in your homes?
I don't really have a budget in mind, and have a 2.5GbE port I'd like to utilize for media consumption over LAN.
I use unifi and its fine? Don’t seem the most performant but the options are as shallow or detailed as you need.
I will only note that 2.5Gb is a tremendous overkill for media consumption. Transferring media files, sure, but streaming media will be fine at much lower rates.
I run into situations all the time where 1gbe feels slow. Moving large media files around is the big one. Backups are another.
Multi-gig service is also starting to become a thing with a lot of fiber providers, so anyone wanting to make use of that (like say, when downloading games from steam) will need capable networking equipment.
Frankly it's annoying how long consumer hardware has been stuck on 1gbe.
Indeed, unless you're editing a 4k video file off a NAS you won't need that kind of speeds.
Hell, I'd take just wiring my home for Gigabit, but I'm lazy and suck at both running cables and punch downs, so with the exception of my server, I rely exclusively on Wi-Fi at about 250Mbs through the house. Works pretty well for the most part, but I'm not usually transferring large files, only small ones and streaming from my server.
Ubiquiti, Meraki, Aruba and Google are all good.
If you're looking to learn about large enterprise network features - like a home lab to learn networking - Meraki is intended for business deployments, and will likely get as complex as you need it to be.
Google is probably the closest to consumer networking and likely the easiest to use.
You'll find plenty of promotional and support videos made for sysadmins and engineers who want to get to know their equipment. See what appeals to you.
Edit to add: not all gigabit is created equal, you can get better performance out of an enterprise class 100Mb link than a small home router gigabit link. SOHO routers are marketed with gigabit interfaces, but they don't have the supporting hardware (e.g. small buffers, inadequate memory, maybe no QoS support or poor cache, etc) . If the router can't handle network overhead, interface speed doesn't matter.
Enterprise environments measure these metrics, and spend a lot of money (and support) to make sure they get what they paid for.
I'm not sure how comfortable I would be with an advertising company like Google owning all or part of my network stack.
I use Unifi gear. The old USG, an WiFi-6 AP, and a few Flex Mini 5-port switches. All gigabit. Works well enough and I gives me a good enough view into the network, even though I live by myself. I'd like to get a Dream Machine Pro, but that seems a bit overkill for my needs. But really, all of this is overkill already!
I ended up with a Dream Machine Special Edition. "Overkill" is definitely a word for it!
It makes for a pretty compact setup, though, which is what I was after. 1U for a controller, gateway, PoE switch, and NVR. Together with a couple U6 in-wall APs, it more or less runs the place.
I've been wanting to do this for a while, but I need to do some serious de-junking in one of my closets before I can dedicate any space to rackmount equipment. Also, it's a little too expensive for me to do on a whim.
I wonder if IKEA still sell those little tables that are perfectly sized for building cheap homemade server racks.
Pfsense on a cheap (~$150) N5105/4x I226-V box - I’ve seen a few reports that the I226 NICs are a good bit more reliable than the slightly older I225 ones, and pricing is basically the same, so that’s maybe something to look out for if you’re going DIY. Ended up getting another near-identical box as a Proxmox host, too, given how impressed I was.
UniFi U6-Lite for WiFi, which has been all round great for my relatively simple wireless needs (basically just keeping my phone connected, really). Given the difference in overall hardware capability, the fact that the U6 AP + Pfsense box costs less in total than a high end “gaming” router is amazing to me.
I’m now just in the process of adding 10Gbe between a couple of machines that I’ve started needing to regularly work on giant files between - haven’t bought anything there yet, so open to suggestions if anyone has better options than what I’m looking at!
The current plan is a Microtik CRS305-1G-4S+IN (because it seems to be the only 4 port 10Gbe switch even vaguely in that price range), any used server NIC for the desktop, and then the jankiest setup in history for the laptop: turns out that Thunderbolt NICs are crazy expensive, and that most PCIe breakouts kind of suck, but that there’s one specific new chipset (the AMS2464PD) that does USB 4 to PCIe gen 4x4. But by far the best value device with one of those in it is an NVMe enclosure from a brand called JEYI, so it’ll end up being USB 4->NVMe->Occulink adapter->PCIe slot->X520 NIC (the latter because macOS has native Intel 10Gbe drivers nowadays). Ironically that whole setup is still a good bit cheaper than a Thunderbolt NIC, and while it’s kind of absurd, it does also mean the laptop will then have a general PCIe interface I can use for whatever else might come up and/or upgrade independently as needed.
Love that janky adapter setup!
Rather than that Microtik switch you might consider this TrendNet unit. I've been running the now-unavailable eight port smart version of the switch since 2019 for the 10gbe segment of my network, with zero issues. It's twice the price of your Microtik, but gives more ports and avoids needing SFP to RJ45 adapters.
I recently got a used Sophos XG105 for like $60 shipped from eBay. There were even cheaper options but most didn't come with a power supply so that would've been a wash. I'm using my old Netgear router as an AP and a cheap TP-link switch. I installed OPNsense and so far it's working at least as well as the Netgear router did, but has a lot more flexibility.
I will say though, it really seems like OPNsense (and presumably pfsense but I've never used it) expect you to know what you're doing. For example, I set up a Wireguard VPN and it took hours. Most of that time was spent googling and debugging to figure out why stuff wasn't working (it turned out to be a field that was poorly named, and me not reading the guide clearly enough). It involved setting firewall rules and messing with interface settings. At one point I entered something silly as an IP and it killed traffic for my whole network. Basically, it doesn't seem to really hold your hand, so make sure to read carefully before screwing with stuff.
Yeah, there’s definitely a learning curve for pfsense/opnsense! In a way it reminds me of that whole theory about 90s kids being good with tech because sometimes learning what an IRQ conflict was was the only way to play Quake; nowadays most things are fairly plug and play, but when it comes to networking if you want to go beyond the bare bones you’ve still pretty much got to learn to DIY it (or learn to use commercial grade kit, which often amounts to roughly the same thing).
I feel like that’s almost a feature rather than a bug for a lot of us, too, though - proper router and network security setup is a decent thing to have a handle on in general, just as learning to unfuck a Windows install after downloading
Eminem - Real Slim Shady.bat.exeon Kazaa was back in the day. Then again, I’m still on pfsense rather than the more regularly updated opnsense because I haven’t been able to spare the inevitable debugging time that’ll come with switching, so it’s not all sunshine and nostalgia!Of course, it does also tend to snowball a bit as soon as words like “homelab” start floating around, too… I’m a dev rather than a sysadmin, but my work nowadays does touch on things that need to consider RDMA and the like. When I realised 100 gig between a few machines at home was possible for ~$1000 I did briefly consider it as essentially a professional development cost, despite having absolutely zero practical use for that speed.
I just recently replaced my completely overly expensive Nighthawk Wifi6 router. All of the Ethernet ports started failing after a lightning storm. Not wanting to dump an exorbitant amount of money into another router, I discovered the Mikrotik hAP ax³.
I can't say the coverage is quite as amazing as my previous router, but this thing works wonderfully well. Its easy to set up to get you on the internet. After that, its got every knob and dial you could possibly want to configure it to your heart's content.
It is certainly not for the faint of heart. If you want something super easy to configure, you may want to look elsewhere, but if you aren't scared to dig in, the price + performance + capabilities can't be beat. I haven't begun to scratch the surface on what this thing can do, but I'm super happy with it thus far.
I could easily see me replacing other equipment with Mikrotik gear over time for a consistently configured environment.
I'm surprised there aren't more recommendations for Mikrotik here. The price versus capabilities ratio is outstanding. Where else can you get a $75 USD box that does things like BGP, OSPF, and MPLS? One can do about anything they want with the scripting functionality. As you mention there is a learning curve, but the initial Webfig screen does get one a working Internet router with NAT and DHCP pretty quick.
I have a Mikrotik hAP ax2 that I got to replace the ISP provided rental. The configuration learning curve was a bit steep. At least to do more than just blindly copy a config, but I found it enjoyable and very customizable.
I can't speak to WIFI coverage as I have an Unifi AP U6 Pro that's been working fine in standalone mode mounted more centrally in the house.
For anyone hoping to do anything with station mode, like connect to a phone's hotspot, look elsewhere.
WifiWave2 (used on the hAP AX2 and hAP AX3) doesn't support AP-bridge/station-bridge modes. It's not a deal breaker for me but would have been a nice to have.
I use Ubiquiti Unifi, but am slowly switching away from it. I have their 24 port POE switch, 2 UAP-AC-Pro access points, a couple of Edge router X's where I needed more ports, and the UnifiSecurity Gateway as my router. I also use their legacy Unifi Video software and a few G3 cameras.
They don't offer a self-hosted NVR solution anymore without buying their own NVR or a UDM, so my next camera solution will be something else (haven't figured out what yet). I also bought TPLink Omada AX5400 Wifi 6 APs to replace my Unifi APs (haven't installed yet, they're sitting on my desk). My main switch died about 4 years in and I bought a replacement, but if/when this one dies, I'll probably go with something else. Otherwise, the rest of the hardware has been pretty reliable so far.
I don't have anything over 1GbE and LAN media consumption has been totally fine. I haven't seen a good reason to invest in anything higher at this point.
yeah, I'm moving away from Ubiquiti as well.
the first step was when my Edgerouter started randomly acting weirdly, and then up and died entirely.
that was when I learned that the internal storage of an Edgerouter is just a flash drive, plugged into an internal USB port. they're more or less expected to fail at some point, and you're supposed to open it up, plug in another flash drive, and restore your config from backups.
having that as a single-point-of-failure for my entire home network annoyed me, so I replaced it with a VP2420, which supports both an M.2 and 2.5" SSD. they run in a ZFS mirror, so I can now have one of the drives fail, and all that happens is it sends me an email telling me I should replace it.
then the last straw for me was when I had issues upgrading the NixOS box that runs my Unifi controller. this turned out to be because the Unifi Controller software is basically abandonware, and only supports an ancient version of MongoDB, which NixOS had marked for removal because it was EOL'd upstream.
I'm still on 5ghz wi-fi, due for a upgrade to 6ghz at some point. I haven't decided what brand of APs I'm going to buy, but it's not going to be Ubiquiti.
If you’re looking at Protectli routers it’s also worth checking pricing directly from the source - seems to vary pretty much at random, sometimes it can be pretty similar, others it can be way better to go direct.
This is the problem when moving away from Ubiquiti stuff :) It all just integrates so beautifully. No other customer/prosumer manufacturer does that.
Then you end up with a hodgepodge where APs are one brand, your firewall is a computer running PFSense, your cameras are Fortigate in a VM etc.
TP-Link Omada fills a bunch of these boxes, minus the video surveillance pretty well. Their router/"firewall" is a bit lacking in the "firewall" category, but the rest is all manageable from one console (either a dedicated $75 PoE box or software controller). The hardware is less expensive than Ubiquiti in my experience, and the console is so similar to UniFi, I don't know who ripped off whom.
You can use the cameras in a different mode that doesn't require a Unifi controller or their NVR. It's called RTSP and you can then use something like Zoneminder to do the whole CCTV thing. You maybe interested in a replacement controller for Unifi cameras and this project works: https://github.com/kk7ds/luvs
I've used a single Google Wifi router for years and it's served me very well so far.
Ubiquiti Unifi is probably the easiest for home use with pro tools attached. You can go as simple or complex as you want and there is a reason big venues and stadiums use their products. If you were trying to military grade your home, then no, but you're not.
I use a couple of small Unifi switches and an AP Pro. You can use a controller locally or in the cloud or buy a Dream Machine router. You could also go full home lab and create a mini server with VMs and have the Unifi controller on there instead, but use an OPNSense VM for the actual router. Skies the limit when you play at home.
Everyone's already singing Ubiquiti's praises, but I just wanted to add that they have a consumer brand called AmpliFi. I have their Alien router, which I bought because at the time it was their only WiFi 6 offering. It's been one of the best investments in computing I've ever made. It's got a strong signal that reaches all the way into the driveway, and more importantly it just works. Configuration is almost brain-dead simple and happens through an app.
As a product meant for the home user, it's not as capable or scalable as their UniFi equipment, but it's far more capable than I actually need it to. I really did intend it to be an investment rather than a requirement, and it's been great in that respect.
I, too, have an AmpliFi Alien and I'm happy with it. I've had other Ubiquiti gear over the years, various Apple Airports (which were always pretty good), and my previous router was a modular Turris Omnia (an open source router based on OpenWRT, but mine was older and the board couldn't take Wifi6 cards). The Alien is the closet to an Airport with it's simplicity and reliability. I have no need or desire for a complex home networking setup. I went with the Alien over the DreamMachine for the Wifi6 and the cool touchscreen panel. I value minimalism and small form-factor devices and the Alien fits all that perfectly. Great device. I just wish they had a dedicated iPad app instead of having to scale the iPhone app.
UniFi here. My isps router in modem mode into the usg. Then a couple of usw-8 with poe, two ACs just the older WiFi 5 one long range for downstairs to reach the garden.
I run the cloud key thing in docker on my NAS.
I have a write-up on my blog about my setup: https://danangell.com/blog/posts/10gbps-router-for-fun/
This is the right question for me!
Recently I spent around 700€ buying 305m of UBNT heavy duty Cat5e, Mikrotik CRS (24x 1Gbit + 2x SFP+) and two Ubiquiti AP (U6 lite or something like that). I have wired all the PCs and TVs and have some spares and I still have to find reall good places for APs, as my actual coverage is not that good. Oh... and I still need around 80 more meters of that cable!
Why I went 1Gbit and Cat5e? I don't have anything with 2.5Gbit socket and Cat5e is good forb10Gbit up to 45 meters which effectively means everywhere for me (futureproofing a bit).
I have DIY NAS running Core i5-4670, currently 8GB of RAM, GTX 750 (for on-the-fly re-encoding) and RAID5 from 3x 4TB HDDs (7.3TB total). I run TVheadend on it, Jellyfin and users' home directories. Gentoo Linux, other home PCs are also Gentoo linux.
Why 24port switch you may ask. Count with me:
And we simoly come over 16 ports which is the lower count. So 24 was just about right for me :-) As I said, someof them are not connected as I lack cable.
And if you need more, fiber transcievers are really cheap. You can just run a 10Gb fiber from your main switch to, say, your AV cabinet and distribute it from there using a normal switch.
That's what I did :D Mostly because it was a lot simpler to run a thin fiber line than trying to get a CAT5e cable run cleanly.
I have wired Cat5e everywhere I wanted and have extras. If I ever need higher speed, I will use SFP+ or new router for already existing wired connection. The problem is that I can't run optical cable because I have conduits already full of Cat5e wiring :-D And those are not coming out anytime!
I went for the "real deal" cable because I wanted all the shielding and toughness I could get for reasonable money. I could have bought standard Cat5e for like 60-70%, but I want to wire it once and forget for the rest of my life.
For access points I have 3 TP link omada eap 225. They are powered by a Cisco 50-200g switch I got for $40 like 5 years ago. I had apc laying around after my grandma passed away that I threw opnsense on it. So it's a bit of a hodge podge but it's insanely reliable. I'm snake to have vlans and an awesome firewall. All in, it cost me less than $300.
I have an eero system. It is certainly not as exotic or feature rich as some of the other items listed in this thread. But it has been insanely reliable. I have been using these for years and have not had a single issue in all that time. I can’t say the same for the unifi hardware I have used in the past.
I like my eero, but it really bugs me that I need to use a phone app to configure it. I would really prefer a web gui
i just got two deco 6e's, one as a router and one as an access point for my computer mainly. works perfect.
I installed three Deco M4s in my brother in law's place, and he loves them. The wired backhaul makes for a really smooth experience. We'd have put four of the things in but it turned out that one of the ethernet cables in his walls was faulty, so we just jiggled three around and him and his partner get great coverage now.
I use UniFi equipment. I have a USG and a few of their access points. Everything is glued together with a few unmanaged switches (a mix of netgear and linksys).
It's worth noting that your router does not need a 2.5 gbe port in order for you to get 2.5gbe speeds between local clients. Just make sure every switch between client A and client B support the speeds you need.
gigabit cable -> SB8200 modem -> Ubiquiti ER-X router -> ethernet to a couple of devices and to Ubiquiti Unifi AC-AP-LR -> 2nd AC-AP-LR meshed with the first for full wireless coverage inside and outside (they're way overkill range-wise for me inside but my place has metal external walls so, have to really push to get outside them)
currently planning to replace ER-X with a tiny pc / thin client that is far more powerful and set it up as a homegrown PFsense box.
also considering replacing my APs... even with AC / Wifi 5, it seems the wifi performance mostly maxes out on any of my devices at about 200mbps- which is fast, but with gigabit internet i'd prefer to have more available bandwidth across my APs, especially on the meshed one (faster wireless backhaul would be nice)
not sure what i'm going with for replacement APs yet... Omada? Ruckus? Aruba Instant-On? No idea what the truly best option will be. If anyone's used all sorts of APs and has done their own comparisons, I'd love to hear what the best options are
Preface: I'm an amateur, I live with 1 other person at home, and a cheapskate, so I use my ISP provided gateway (Hitron cable modem with Wi-Fi 6) and I feel lucky that it's been reliable and fast both wireless and wired (usually around 500+ Mbps). I install Tailscale VPN with Quad9 DNS on all my device if I want to do remote stuff. Example: I have my Apple TV be the Tailscale server exit node, so I can use public Wi-Fi and VPN to my Apple TV it also doubles as my region unblocker when I'm out of the country. I also have a cheap Samsung Galaxy Book Go (uses a Qualcomm CPU - sips very little power) acting as a file sharing server with Tailscale, so I can access my media files wherever I go.
Add TP-Link Omada to your research list. Their gear has a pretty good parity with UniFi (except for video surveillance) and is less expensive. Warranty support is the same (pulling teeth) but the only time I had to use it was after a lightning strike which I can't exactly blame on the gear.
I have a 16-port PoE main switch that has spf+ ports for fiber uplinks, 8 of the 16 ports support 10Gb with PoE, supporting 2.5Gb to the 660HD AP. The router is ok, it does vlans and all the stuff a pro-sumer should want; the firewall is barely there but provides VPN. A hardware controller to manage it all, but could be replaced with the free software version.
It's something to consider.
I have an AVM FritzBox router/modem for my ADSL, and in total 3x 5port Netgear switched used to keep everything connected with gigabit ethernet.
On top of that I have an old Raspberry that runs pihole as my adblocking DNS server, and an old... WD MyCloud I think I use as a backup drive from two machines.
I'm using an old wyse 5070 I picked up off ebay for $50 along with a eap225 access point
the router runs opnsense, which is very easy to configure compared to the time I tried Unifi in the past
Not my personal experience, but the other day I came across this (somewhat dated) deep dive into using Ubiquiti equipment for a thoroughly over-the-top home network setup: https://arstechnica.com/information-technology/2018/07/enterprise-wi-fi-at-home-part-two-reflecting-on-almost-three-years-with-pro-gear/
My setup is a Netgear Nighthawk (CM2000) modem with three Amplifi Alien routers across the house on a gigabit internet connection. I've been really pleased with this setup and haven't regretted skipping the 2.5Gb port.
My story might be a little different once faster internet options pop up in my area, but don't see it on the horizon yet.
My WAN connection comes straight into a Lenovo Tiny that I've installed OPNsense on and thrown in an Intel NIC for a few more ports.
That works as my firewall and router in a single low power appliance that I fully control. From there I have switches and a WiFi access point, but I keep it pretty simple.
It allows me to have custom DNS black holes for adblocking/tracker blocking (think a super pihole), and there's plenty more functionality if I choose to use it. It's also been flawlessly reliable and a great way to learn about networking.
Disclaimer: I'm a cybersecurity engineer and this approach isn't for everyone. There are times when games or programs don't work and you have to allow a few more ports, which takes time, and it's very easy to open too much and leave yourself vulnerable.
I've had OPNsense in my plans for awhile but I've kinda been lazy and not switched. Currently running untangle but not making much use of it because they changed plans around a lot and then recently I think were bought by Arista so it's not really friendly for my budget/usage anymore.
I'm curious, is this something in particular to OPNsense? Obviously opening ports can be an expected thing for some services or games depending on what one wants to do, but this line made it seem like OPNsense might have more unique requirements for some reason.
If I do end up going through with my plans, I planned on setting up Tailscale in OPNsense so that I could make devices in my network that don't support installing Tailscale remotely available.
It's not specific to opnsense, it's just a reality of managing your own firewall. Most changes are actually pretty harmless if you know what you're doing, but it gets risky when you're just changing stuff because a guide said to do it.