What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

AC86U vs EdgeRouter

While it has been some time since i have manged and setup enterprise equipment, does not mean that just because I have a home network, and not some huge cooperate office to manage, dont mean that there is any issue with using hardware designed for big and better things in the home. If for anything, just to gain experience in it.
I would have bought the ER-12 already and given it a try, but it is not for sale locally, or on Amazon (by Amazon). Only by Ubiquiti direct and they have a 15% restock fee and have to pay return shipping for a Return. So just buying one to try is a good risk there. And I wont buy it until I have enough confidence it is worth that risk. I have read that even the USG with its 2 core 500mhz cpu can do 1gig WAN fine, for most. But its a mixed bag.

Just because you don't know what you want does not mean it is a bad idea.

Your questions and answers are not of someone that knows networking.
 
QOS is only useful to prioritize traffic on a saturated network with many active users. Or for low bandwidth availability situations. I have only 2 users on my network, less than 20 devices, and hardley ever saturate my 1gig connection. At the most, I would have several torrents running, while media streaming from Youtube Hulu etc, and large file downloads, but those are done very fast, if the server I am downloading them from can even break 500megs (most i see are 350 to 550 megs) so i often still have plenty of bandwidth to spare.



Not according to this: https://help.ubnt.com/hc/en-us/arti...-Deep-Packet-Inspection-Engine-for-EdgeRouter

Says "Compared to the expensive and slow DPI methods in today’s router market, Ubiquiti’s proprietary DPI tool integrates with EdgeRouter’s hardware offload feature. "

My Asus has some sort of Traffic Anyaysis options. I have never messed with it. I would guess that uses DPI as well? No idea if it is HW offloaded though. Ill have to enable it and do some tests. It says that it only "collects network stats every hour on the hour".

QOS is useful on any network when properly implemented. Even underutilized ones.

If you find that QOS brought no benefit, then it was implemented incorrectly, the hardware couldn't keep up with it enabled and/or you may simply be insensitive to those benefits below a certain threshold.

While QOS was very, very important when I had a 15Mbps u/d ISP service not that long ago, it is even more important to me today with Gbps service when compared to how that 15Mbps service ran and how Gbps service runs without QOS for me.

Responsiveness and throughput consistency is what I tune the network toward. Getting closer to paid-for speeds is why more hardware is getting to be increasingly more important to my customers and me.

I think it has been pointed out enough times in this thread that the just above entry level 'enterprise' network equipment you're seeking is not powerful enough to properly power your Gbps connection vs. the consumer router you have now. At least not at a favorable cost/benefit ratio.
 
is not powerful enough to properly power your Gbps connection

I have many posts on various sites from users of the ER-X and ERL who have 1Gig fiber connections and they claim those, older, and less powered products handle their WAN routing fine. The biggest difference I have read, in regards to those models is the X can not do concurrent 1gig routing, where as the Lite can. Those models are quite cheap, can find them even cheaper open box (like $45 for the X, $75 for the Lite) I may pick one up to mess with and try out and see how well i get along with setup and GUI etc. If at the very least, to become more familiar with how the ER products work.

I may just end up pushing of re-doing my network, until I can change a few things over t0 10G NICs.
But 10G switches is still quite expensive.
 
No idea if it is HW offloaded though. Ill have to enable it and do some tests.
Why don't you know it? I already told you it supports HW acceleration.
No. the ER-4 and its reviews are not really fair to compare. It does not have a switch chip and thus would be wired and configured different.

I have googled things..and reviews/stats etc for the ER-12 is very lacking.
Even more so when specifically comparing it to Asus routers and an 1gig WAN connection.
I have found many redit threads that may be of use to me...all F*ing locked and can not comment on to ask further questions on.

If all you are gonna post is "just go google things" and " Ubiquiti is a cult" then kindly stay out of this thread. Or be reported to Admins for trolling or flaming.
Yes the switch chip is different but the routing performance is the same. The routing performance is the same according to the spec sheets. Sure the ER-12 has a bigger switching capacity (Ubnt calls this Line Rate in their specs) but it does not change the simply fact the the CPU is the same and the CPU does the routing - not the switch.

Yes they are lacking. Most combine a smaller router with and external PoE switch in the Ubiquiti world because of the PoE APs.

On reddit you will hear nothing but Ubnt praise. There is a crazy community in there and the bare mention of other brands equals downvotes. Even when you point out the TP-Link EAP225 is objectively better then AC Lite people go bananas. That is why I call it a cult. It is not objectively at all and people use mantras and arguments that cannot be proven. All while trying the persuade others to use the same product. Is this not the definition of a cult-ish behavior?

Same to you. You are free to not response. But since you claim all the "enterprise vs consumer" mantras you are already throwing unsupported claims into the thread and of course they should be challenged! Nobody should just accept lies or "alternative truth".
 


Thank you for the links. I read those threads again just now and feel that my decision to give up on pfSense (see post 28 in this thread) is not just because I'm not fluent in networking setups via cli methods or basic theory.

I thought, as has been suggested, that I am just not knowledgable enough to run such a setup. While that still may be true, the downfall to that argument for me is that pfSense running on the barest, out of box defaults, gives varying network responsiveness on an overpowered i5 box that is not seen with my RT-AC3100 with my 1000/1000 ISP connection. That makes me think that something is inherently wrong with such a platform, at least with the expectations I have based on using Asus+RMerlin routers/firmware for so long now.

What Asus + RMerlin + all the great scripts available for this platform offers us today is far more than anything else discussed in the 3 or 4 other threads mentioned so far and here in this thread too.

The above statement is most true when considering stability, reliability, configurability, ease of use and overall cost in money and time.

The biggest take away to me is that when I asked in this thread for objective benchmarks of capable Gbps routing performance (but not just routing duties performed on the router) for the EdgeRouter products, I got none. On the contrary, Trentors actually suggests the opposite, which is what I have already expected from the underpowered CPU used in those products.

All of this is not to say I am blind to the benefits these other products offer in specific network environments.

I just feel that to get all those benefits you need to overhaul every aspect of your consumer gear, but depending on what consumer gear you are currently running and how (and how much) your network is utilized, it can easily be a sideways or even a downgrade, move.
 
All our local ISP's DNS are usually the fastest, by default. Doesn't mean they are the best to use though. ;)

In my experience, I failed to find any benefit to me in using 3rd party DNS...with my current ISP anyway, before, when I had CenturyLink DSL, hell yes, 3rd party DNS was needed)

Alternate DNS did ad blocking, (I still use that for my grandparents) but it was laggy to load pages at times, and it blocked some things that caused issues on certain cites, and was not controllable.
I had used Cloudflare DNS since it came out, but it started to act weird, sites would fail to resolve, YouTube in particular had issues. Dealt with that for 2 months, before i got tired of it.
DNS Bench said all the other popular DNS service were WAY slower than I cared for.
I learned that My ISP DNS is much more private and secure than your typical big ISP like comcast etc is.
My ISP (a local and privately owned company) actually care about security and privacy.
And I just noticed that it supports DDNSEC, so I now have the enabled in my Asus router.
ANd ran online tests to confirm it is working.
 
In my experience, I failed to find any benefit to me in using 3rd party DNS...with my current ISP anyway, before, when I had CenturyLink DSL, hell yes, 3rd party DNS was needed)

Alternate DNS did ad blocking, (I still use that for my grandparents) but it was laggy to load pages at times, and it blocked some things that caused issues on certain cites, and was not controllable.
I had used Cloudflare DNS since it came out, but it started to act weird, sites would fail to resolve, YouTube in particular had issues. Dealt with that for 2 months, before i got tired of it.
DNS Bench said all the other popular DNS service were WAY slower than I cared for.
I learned that My ISP DNS is much more private and secure than your typical big ISP like comcast etc is.
My ISP (a local and privately owned company) actually care about security and privacy.
And I just noticed that it supports DDNSEC, so I now have the enabled in my Asus router.
ANd ran online tests to confirm it is working.

DDNSEC is defined as
"The Domain Name System Security Extensions is a suite of Internet Engineering Task Force specifications for securing certain kinds of information provided by the Domain Name System as used on Internet Protocol networks. It is a set of extensions to DNS which provide to DNS clients origin authentication of DNS data, authenticated denial of existence, and data integrity, but not availability or confidentiality."

That last sentence is very telling that 'privacy' is not included with DDNSEC. ;)
 
DDNSEC is defined as
"The Domain Name System Security Extensions is a suite of Internet Engineering Task Force specifications for securing certain kinds of information provided by the Domain Name System as used on Internet Protocol networks. It is a set of extensions to DNS which provide to DNS clients origin authentication of DNS data, authenticated denial of existence, and data integrity, but not availability or confidentiality."

That last sentence is very telling that 'privacy' is not included with DDNSEC. ;)

Confirmation who u are and not spoofed to me is part of privacy, but i see your overall point.
My isp does not keep logs and does do other things for privacy that Comcast and CL do not do, what exactly that I cant recall atm.

While on the topic of security and privacy...this device was recommended to me by some trusted contacts:
https://www.indiegogo.com/projects/vektor-secure-wifi-network-connected-devices/x/3536506#/

Their company is VERY commutative via FB. Impressed.
I would get one, but, even they say it will cause a bottle neck for someone like me who has 1gig wan, since all network traffic ends up getting routed, inspected, and then sent back out that device via only 1 eth port. It is all cpu based for its features it seems. Has a beefy cpu, AllWinner H5 (ARM Coretex-A53) 4core 1.8ghz. But still, I am not looking to take a performance hit. (i am actualy quite curious as to others thoughts on this such device, and others like it, vs a traditional or enterprise firewall device, like sonicwall etc, as well as the USG, but I guess that should be it own seperate thread)
 
Last edited:
Confirmation who u are and not spoofed to me is part of privacy, but i see your overall point.
My isp does not keep logs and does do other things for privacy that Comcast and CL do not do, what exactly that I cant recall atm.

While on the topic of security and privacy...this device was recommended to me by some trusted contacts:
https://www.indiegogo.com/projects/vektor-secure-wifi-network-connected-devices/x/3536506#/

Their company is VERY commutative via FB. Impressed.
I would get one, but, even they say it will cause a bottle neck for someone like me who has 1gig wan, since all network traffic ends up getting routed, inspected, and then sent back out that device via only 1 eth port. It is all cpu based for its features it seems. Has a beefy cpu, AllWinner H5 (ARM Coretex-A53) 4core 1.8ghz. But still, I am not looking to take a performance hit. (i am actualy quite curious as to others thoughts on this such device, and others like it, vs a traditional or enterprise firewall device, like sonicwall etc, as well as the USG, but I guess that should be it own seperate thread)

Those types of products may very well do what they claim, but I don't see the value of not trusting what I can run myself vs. giving all the details of my network to an unknown entity to 'secure' me.

Commutative via FB? Scary (to me). A former head of security for FB? Even scarier. To me, this is a flag, not an endorsement.

The more widely used this device becomes, the more it may draw interest from the people that are willing to hack a single 'system' to access millions, rather than hack individuals, one by one.

The simpler the security that is implemented, the more effective it is. The more complex the security, the easier it is to find ways to make it fail.
 
The biggest difference I have read, in regards to those models is the X can not do concurrent 1gig routing, where as the Lite can.

that limit is due to specific design choices made for the erx-sfp (and the erx as a side effect) - mt7621 itself can do closer to 2gig if implemented ‘right’, as other designs based on it prove (obvious one being the mikrotik rb750gr3)
 
Huh. been digging around.....this device, the UniFi Dream Machine looks quite promising.
https://forums.overclockers.co.uk/posts/32578828/
ne2iado7nyl21.jpg


An AIO device, an is 1.7ghz core cpu, 2gb ram

Was gonna pick up at my local MicroCenter, just to try out, the USG Pro device, but in reading forums on how that model handles 1gig routing, this new, unreleased device came up.
 
That looks like a beta (alpha?) hardware program at this stage from that link.
 
That looks like a beta (alpha?) hardware program at this stage from that link.
Yes. It is free and easy to sign up for the beta forums, and access to the Beta store.
 
Last edited:
Yes. It is free and easy to sign up for the beta forums, and access to the Beta store.
But I do not see ANY products listed to buy on there...darn.

Buy? If they gave them free I might use them, to spend my money for one is inconceivable!
 
Buy? If they gave them free I might use them, to spend my money for one is inconceivable!

Actually, difference between Beta, and early Access.
EA is past the beta stage of testing.
Limited public release, before full release.
The Dream Machine is selling out within 1 min of it being stocked, others are telling me...so...yea.
 
Actually, difference between Beta, and early Access.
EA is past the beta stage of testing.
Limited public release, before full release.
The Dream Machine is selling out within 1 min of it being stocked, others are telling me...so...yea.

Ok. I was wrong. the Dream is very much still a work in progress...mainly firmware and feature wise. Hardware is good though it seems.

https://community.ubnt.com/t5/UniFi...tures-for-Initial-Early-Access/m-p/2717510#M3
 
Buy? If they gave them free I might use them, to spend my money for one is inconceivable!

I learned that the early release prodctus are half the cost. So, $299 for the device, now, and have to deal with some buggy firmware for a short time, but have the same product in the end...or, wait, and pay $599 for it.
 
I don’t want to wade in too hard on UBNT and I am EXTREMELY frustrated with them at the moment but if you read the release notes they’ve COMPLETELY rewritten the controller and firmware in something called UBios. As a result, pretty much every ‘feature’ you’d expect on a basic consumer router is missing. Yes, it’s Beta, and they’re releasing it so they can test the hardware but realistically how much ‘testing’ can you do if the kit barely works?

Doesn't seem worth considering, even at half price.

A very proprietary and unappealing feature set for what may be a very long time already spend on this 'product' so far.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Back
Top