15 votes

Looking for recommendations for a high-end / "prosumer" network router (that is not Ubiquiti)

I recently moved apartments. I have a Ubiquiti Edgerouter POE that's served me well over the past few years.

I unplugged the router at my old place, drove over to my new place, plugged it in, and...it failed to boot. I can log in to the web UI, but I immediately get an error that I can't get past. SSH, which normally works, comes back "connection refused" indicating the SSH daemon isn't even running.

There are forum posts about this problem from five fucking years ago. The only solution offered is to do a factory reset. I could do this, and I have a config backup somewhere, but I'm not going to put up with a device so unreliable that a power cycle bricks it.

I was a big fan of Ubiquiti up to now. I have two of their routers, one at my home and one at a vacation home my family owns that I'm the IT guy for, as well as several of their access points. After this, as well as the recent data breach (which didn't affect me personally but gives me a bad taste nonetheless) I think I'm done with them.

So, Tilderinos, any recommendations?

Some specifics:

  • I have gigabit internet so I definitely want something that can handle those speeds and not be a bottleneck

  • I'm knowledgeable about networking and have no problem with "user-unfriendly" setup & configuration.

  • I have a site-to-site-to-site Wireguard VPN between my home, my family's cabin, and a server I run in the cloud. I'd strongly prefer to keep using Wireguard, which effectively limits me to Linux-based options, because FreeBSD support for Wireguard is still WIP. If it weren't for this requirement, something BSD-based like pfSense / OPNsense would be at the top of my list.

  • I'd prefer to keep the router and access point separate rather than go with a typical "all in one" type device. The wifi spectrum at my new place is much less congested than my old apartment building, but I'd still like to keep the option of having multiple APs. I got spoiled by my old apartment being wired for Ethernet so running multiple APs was easy. That's not an option at my new place so I may look into either powerline internet (yes I know it sucks) or mesh wireless.

11 comments

  1. [5]
    Akir
    Link
    Personally speaking, I wouldn't throw any company under the bus for this kind of problem. I can think of any number of reasons why configuration settings may be lost, and the number goes up if...

    Personally speaking, I wouldn't throw any company under the bus for this kind of problem. I can think of any number of reasons why configuration settings may be lost, and the number goes up if it's been taken away from power for a while.

    I say this especially because consumer routers all have terrible reputations for terrible aftermarket support; they stop updating the firmware, which was almost certainly extremely buggy to begin with, and more and more vulnerabilities build up.

    8 votes
    1. [3]
      Amarok
      Link Parent
      I would. If a company had these issues at the enterprise level with their products they'd be out of business before they could blink. It's bush-league bullshit no one should put up with for an...

      I would. If a company had these issues at the enterprise level with their products they'd be out of business before they could blink. It's bush-league bullshit no one should put up with for an instant. It speaks to the laziness and lack of diligence of all of the concerned companies. They want to chuck a few chips together with linux they didn't have to pay for, then toss a sticker on it and sell it as high end for a couple hundred bucks. That's a dangerously irresponsible mindset in something as crucial to any network as the main internet gateway. All it'll take is one little exploit in a popular model to compromise everyone using it.

      You're right as far as I can tell - most devices out there really are this shitty at the consumer level, regardless of company. One can move to using ddwrt or tomato or other more reliable, well tested open source firmware to get around some of these issues, if one can find a model that supports them.

      5 votes
      1. [2]
        Akir
        Link Parent
        Sure, you're right, this kind of behavior might not be acceptable in an enterprise business environment. But we're talking about a home network, where 100% uptime is nice, but not critical. (As a...

        Sure, you're right, this kind of behavior might not be acceptable in an enterprise business environment. But we're talking about a home network, where 100% uptime is nice, but not critical.

        (As a side note, I don't know if OP edited their post or if I just missed it the first time, but I do think the data breach was a much more valid reason to drop them).

        2 votes
        1. spit-evil-olive-tips
          Link Parent
          I did include a mention of the breach originally - I've been following the story since it happened. I personally wasn't affected by it, because it only hit people who had trusted Ubiquiti's cloud...

          I did include a mention of the breach originally - I've been following the story since it happened.

          I personally wasn't affected by it, because it only hit people who had trusted Ubiquiti's cloud service to manage their local hardware, which seems to me like an absolutely absurd thing to do. Having that as a backdrop sure doesn't help my impression of the company, though.

          1 vote
    2. spit-evil-olive-tips
      Link Parent
      In general, I agree...the last straw for me was seeing this exact problem described in a forum post from 5 years ago. And it doesn't seem to be a one-off - in my googling I also found a similar...

      Personally speaking, I wouldn't throw any company under the bus for this kind of problem.

      In general, I agree...the last straw for me was seeing this exact problem described in a forum post from 5 years ago. And it doesn't seem to be a one-off - in my googling I also found a similar error from 6 years ago:

      I also have the same problem right now.

      The cause is that I had to move the powercable, and after that, it's not possible to login and use again.

      Someone who works at Ubiquiti replied...suggesting a factory reset. This means Ubiquiti has been aware of this issue for years and has not fixed it. That's the part I find unacceptable.

      I can think of any number of reasons why configuration settings may be lost, and the number goes up if it's been taken away from power for a while.

      It was without power for...about 18 hours? I think it's reasonable to expect it to survive that long unpowered. If I had left it unplugged sitting in a closet somewhere for months, then yeah I wouldn't hold it against them if it failed to boot up with its saved config.

      I suppose it's possible that the non-volatile flash in the device is going bad, but that seems unlikely. Assuming Ubiquiti has done their job correctly, writes to the flash should be minimal and wear shouldn't be a significant concern. If it was a possibility, I'd expect a better answer from Ubiquiti than "do a factory reset" because the degradation of the drive will just keep happening.

      I say this especially because consumer routers all have terrible reputations for terrible aftermarket support; they stop updating the firmware, which was almost certainly extremely buggy to begin with, and more and more vulnerabilities build up.

      This is definitely true, but part of the reason I chose Ubiquiti in the first place, several years ago, is they have a reputation for being less crappy than the average consumer router. That seems to have become less and less true over time.

      3 votes
  2. [2]
    Greg
    Link
    I was looking at this last year, and I came across two interesting looking options: Turris Omnia which pitches itself as capable, extensible hardware with well supported open source software. You...

    I was looking at this last year, and I came across two interesting looking options:

    • Turris Omnia which pitches itself as capable, extensible hardware with well supported open source software. You can plug in boards with fiber or cable modems, for example, and the guts of the system seem well reviewed.
    • This DIY guide from arstechnica. The performance numbers surprised me, and if you're doing your own config anyway then throwing Linux on a modern SoC might not add that much extra work.

    That said, these are just bookmarks I kept for when I revisit the question. For a variety of relatively boring reasons, I ended up with a Draytek router that's just about doing the job - it supports VLANs, multiple WAN, VPNs, etc. so I can't complain, but it's clunky and irritating in that kind of not quite OSS not quite proprietary way, so I wouldn't recommend it.

    7 votes
    1. Eric_the_Cerise
      Link Parent
      A Turris Omnia has been my primary router for at least 3 years. I'm just a tinkerer, not an expert, but it's been the best router I've ever used (in 20+ years). It is open source (based on...

      A Turris Omnia has been my primary router for at least 3 years. I'm just a tinkerer, not an expert, but it's been the best router I've ever used (in 20+ years). It is open source (based on OpenWrt), I think the hardware is open source, too. At any rate, it's highly customizable, expandable, tinker-friendly, has many capabilities that aren't normally associated w/a router, etc.

      I also have a Turris MOX (their Gen-2 router), which is probably also great, but the Omnia has been getting the job done so well, that the MOX is still in its box.

      5 votes
  3. Happy_Shredder
    Link
    I've got a mate with one of these https://teklager.se/en/products/routers/APU2E0-open-source-router. They have a bunch of options that might suit. (once my current one dies I'll probably pick one up)

    I've got a mate with one of these https://teklager.se/en/products/routers/APU2E0-open-source-router. They have a bunch of options that might suit.

    (once my current one dies I'll probably pick one up)

    4 votes
  4. Amarok
    (edited )
    Link
    I'm interested in this too. One of the main drawbacks to pfSense is that it is geared towards wired networks. That's still my firewall of choice, but I can't purchase a minicomputer geared towards...

    I'm interested in this too.

    One of the main drawbacks to pfSense is that it is geared towards wired networks. That's still my firewall of choice, but I can't purchase a minicomputer geared towards being a firewall/router with wifi that works with pfSense. I just run an attached wifi and bridge it in with a crossover cable as a separate zone. My current wifi ap is an absolutely ancient netgear, a beta of the first model they offered with 5G support before that standard was even finished. :P It works great, but it's long in the tooth and it'll die on me within a couple years I think. It's running ddwrt.

    It'd take some seriously good router firmware to make me give up pfSense, though. When it's a trust issue I like my bsd-based systems, and the feature set pfSense offers is hard to match. Updates and backup/restore of complex configurations are utterly painless. I'd be ticked off if I'd lost my firewall setup too, that stuff takes time to rebuild.

    4 votes
  5. [2]
    Akir
    Link
    This might be a dumb question, but why not just use an old computer? I don't know if Ubiquiti uses any kind of special tools under the hood, but if you're already administrating your network over...

    This might be a dumb question, but why not just use an old computer?

    I don't know if Ubiquiti uses any kind of special tools under the hood, but if you're already administrating your network over SSH, it seems like a pretty ideal solution to me.

    1 vote
    1. babypuncher
      Link Parent
      Purpose built routers are generally much more energy efficient than an old computer.

      Purpose built routers are generally much more energy efficient than an old computer.

      6 votes