What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Asus users, anyone else close to saying "screw it" and moving to Ubiquiti?

hungarianhc

Regular Contributor
I'm curious specifically about fellow Asus users... Asus comes out with these routers that are full of marketing mumbo jumbo that support wireless protocols that aren't available in devices yet. Meanwhile they ship with crap firmware. Then we wait for the firmware to get fixed, then Merlin tweaks it and makes it even better. Then Asus will be focusing on their newer devices, release firmware to fix those, and then it will cause a regression in the device you own, and then next thing you know you're annoyed with your device, looking to roll back firmware, etc. This is me with my 68U, and I know 87 users haven't had the easiest go of it. I'm considering switching to a Ubiquiti EdgeRouter and one of their access points, but I figured I would check and see if any other fellow Asus users are considering the same!
 
This isn't just ASUS but all brands are like that
 
This isn't just ASUS but all brands are like that
No doubt. But as I'm an Asus user in an Asus sub-forum with a pretty savvy set of enthusiasts, I decided to target my message to that crowd. I never said that other consumer router companies were better. I think they're worse! That's why I wouldn't go Asus -> Netgear or something like that.
 
I am considering dumping my Netgear for Ubiquity

Just need to read up on it a bit more. Or maybe it is more I need to read more Posts from ubiquity fans.
 
These all-in-one routers reminds me of all-in-one printers ---Lots of promises, but way too many gotchas and headaches.

I'm moving to pfSense. Just built a mini-pc for it. ASUS will be turned into a dumb access point.
 
But as I'm an Asus user in an Asus sub-forum with a pretty savvy set of enthusiasts, I decided to target my message to that crowd. I never said that other consumer router companies were better. I think they're worse! That's why I wouldn't go Asus -> Netgear or something like that.
If you look into the hardware of the routers you have basically only the choice between Broadcom and Qualcomm Atheros - depending on your needs you might choose one or the other (I would go for Broadcom - based on good experience).

Now the real differntiator comes into play: The firmware!
Looking in my past experience (many brands and DD-WRT), I wold always prefer a very active vendor, who is providing updates and enhancements frequently (like Asus does). The real cream topping you get from enthusiasts like in this forum (Merlin, John, etc.) who enhance the firmware further. But they can only do the job if the vendor release the source code (=open source). Now the choice of routers is limited to... Asus!? ;)

These all-in-one routers reminds me of all-in-one printers ---Lots of promises, but way too many gotchas and headaches.

I'm moving to pfSense. Just built a mini-pc for it. ASUS will be turned into a dumb access point.
Well, nobody forces you to use all features of the all-in-one device (e.g. I never use cloud and AI-stuff on the router) - the stuff I need is working great!
 
I'm curious specifically about fellow Asus users... Asus comes out with these routers that are full of marketing mumbo jumbo that support wireless protocols that aren't available in devices yet. Meanwhile they ship with crap firmware. Then we wait for the firmware to get fixed, then Merlin tweaks it and makes it even better. Then Asus will be focusing on their newer devices, release firmware to fix those, and then it will cause a regression in the device you own, and then next thing you know you're annoyed with your device, looking to roll back firmware, etc. This is me with my 68U, and I know 87 users haven't had the easiest go of it. I'm considering switching to a Ubiquiti EdgeRouter and one of their access points, but I figured I would check and see if any other fellow Asus users are considering the same!
I degraded my Asus to being the router only. The main wifi comes from EnGenius AP ECB1750. Superb coverage.

Ubiquiti is being considered when I am in for a new one.
 
But they can only do the job if the vendor release the source code (=open source). Now the choice of routers is limited to... Asus!? ;)

But that's just it .. even ASUS isn't fully open source. We've got that trend micro stuff calling home even when it's fully disabled, and then there's the binary blobs for the wireless hardware.

Well, nobody forces you to use all features of the all-in-one device (e.g. I never use cloud and AI-stuff on the router) - the stuff I need is working great!

Huh? The product is marketed (and priced) as a feature rich solution without any asterisks stating limitations in using them all. However, what we see here in the forums are complaints about speed issues when X is enabled with no warning that this would happen, or stability issues when nvram gets eaten up because someone wanted to use vpn's and certificates for SSH. Or IPTV routing bottleneck issues where the sirq numbers go through the roof even though the multi-processor hardware is mostly idle.

And then there's the troubleshooting hurdles -- a watered down linux with either watered down executables (dropbear), or the lack of executables (tcpdump) that even when added via entware still doesn't work correctly. It makes for a very frustrating experience.

Then there's the updated firmware issues -- roll the dice and wait to see what breaks next. It used to be companies would release updated firmware to fix issues ONLY. ASUS keeps adding features along with that and these new features almost always cause new problems. Oh and best 30/30/30 your router any time you do this, otherwise unstability galore.

Finally there's the lag time before getting updates -- openssl exploit? Gotta wait weeks to months to get patched. Want to expose the web gui on the wan interface? Prepare to get owned because it's running some custom binary as root.

These embedded devices aren't necessary anymore. Memory and cpu power are cheap now -- nvram? Still? We don't need to hobble the executables so that everything "fits" either. It should be okay to have a battery to save the date and time between reboots... none of these sacrifices are needed now.

Getting a small mini-itx setup with a full os on them just makes more sense. No worries about manufacturers abandoning your equipment for next years models, no worries about security exploits not immediately getting patched, no worries about the lack of executables to troubleshoot issues, and no mysterious performance issues no matter what software you've got running. Finally you can run your own private cloud software like owncloud, or a webserver, etc because nothing is locked down.
 
Once you have had experience with Ubiquiti, I think you will realize that no product is perfect.

I use pfSense as my router primarily as a learning experience. I will soon switch to a EdgeRouter X for the same reasons. Maybe I am just easy to please, but I have rarely had any networking device that I angrily had to replace aside from when the device dies.

I am simply happy to have so many good options.
 
Huh? The product is marketed (and priced) as a feature rich solution without any asterisks stating limitations in using them all. However, what we see here in the forums are complaints about speed issues when X is enabled with no warning that this would happen, or stability issues when nvram gets eaten up because someone wanted to use vpn's and certificates for SSH. Or IPTV routing bottleneck issues where the sirq numbers go through the roof even though the multi-processor hardware is mostly idle.

And then there's the troubleshooting hurdles -- a watered down linux with either watered down executables (dropbear), or the lack of executables (tcpdump) that even when added via entware still doesn't work correctly. It makes for a very frustrating experience.

Then there's the updated firmware issues -- roll the dice and wait to see what breaks next. It used to be companies would release updated firmware to fix issues ONLY. ASUS keeps adding features along with that and these new features almost always cause new problems. Oh and best 30/30/30 your router any time you do this, otherwise unstability galore.

Finally there's the lag time before getting updates -- openssl exploit? Gotta wait weeks to months to get patched. Want to expose the web gui on the wan interface? Prepare to get owned because it's running some custom binary as root.

These embedded devices aren't necessary anymore. Memory and cpu power are cheap now -- nvram? Still? We don't need to hobble the executables so that everything "fits" either. It should be okay to have a battery to save the date and time between reboots... none of these sacrifices are needed now.

Getting a small mini-itx setup with a full os on them just makes more sense. No worries about manufacturers abandoning your equipment for next years models, no worries about security exploits not immediately getting patched, no worries about the lack of executables to troubleshoot issues, and no mysterious performance issues no matter what software you've got running. Finally you can run your own private cloud software like owncloud, or a webserver, etc because nothing is locked down.

The problem with a full OS is that you must have a damn good understanding of iptables and/or pf/ipfw and there is no GUI. Learning those things from scratch and setting up a secure network is not a quick or easy task. Also, it's just my opinion but, gateway routers should run as few services as possible (from a security & stability perspective) since that device is literally the most vital node on the LAN. Run Plex, owncloud, webservers, etc from a device behind the gateway router.

Embedded devices are quirky, but they do have their place. Even pfSense, IPFire, and most of the other router-focused systems are not full OS installs, but instead they are very slim installs with limited functionality beyond the included router-related services & functionality.


It is interesting to note that the recent glibc getaddrinfo vulnerability did not affect embedded or lightweight systems that used uClibc or musl.


Personally, I agreed with your position a year or so ago, but now I realize it's good to have options, even if I do not understand them. As Sal Glesser says "All good, just different". Honestly, I am much more impressed by what my "all-in-one" $100 Asus RT-N66U can do than by what my over-powered x86 pfSense PC can do, all things considered.
 
I know 87 users haven't had the easiest go of it
That's why I resisted the urge to buy it with all my willpower, cause I read all the bad things about it on this forum, and subconciously I did understand that 2 different chips in one product will bring problems one way or another, until the AC88U appeared in my area, 3,5 months after release.
I wanted a new router, cause D-Link DGL-5500 died on me less than half-a year of operating.
After logging in to nice asuswrt interface, I was already happy as a child, because it is another world from my D-Link previous routers (DIR-855 (2011), DIR-860), and that ultra laggy interface of DGL-5500.
And after installing RMerlin's miracle (alpha3) from source (spent 2 nights fighting with my VPS and Debian, but well worth it, every second of it), and installing FreeRadius server through EntWare for WPA2-Enterprise...
Well, saying I was happy does not say enough.:D
The only thing I regret now, that I spend 5 years of my life on USELESS D-Link products.:mad:
P.S. And it does even get Wi-Fi to my bus stop, which is at around 50 meters, or even more.:)
 
With such powerful consumer routers I am annoyed. Its like smartphones.

Smartphone: Must have greater DPI, faster CPU, bigger camera, much much more bloatware/spyware and must have a smaller -non replaceable battery!
Me: Why not go the opposite? Be the fisrt to have smartphone that can last 2 weeks on a charge with moderate usage..

Router: Must have anti virus, must have a sheathed dagger, must also share everything (what!).
Me: How about including tcpdump, dnscrypt, or scramble XOR patch on openvpn for users in other parts of the world. How about going to a module system, want trendmicro?, download it. (I can't stand that trendmicro keeps showing up in my log)

I am glad for RMerlin/John/HGG around here, I am going to stay for a while longer. Without a steady developer through I would head over to pfsense.

I would like to see a poll on why people bought these routers for. Security, AC/gigabit ISP or LAN speed, the box looked pretty, ability to install RMerlin/Tomato, ....
 
With such powerful consumer routers I am annoyed. Its like smartphones.

Smartphone: Must have greater DPI, faster CPU, bigger camera, much much more bloatware/spyware and must have a smaller -non replaceable battery!
Me: Why not go the opposite? Be the fisrt to have smartphone that can last 2 weeks on a charge with moderate usage..

Router: Must have anti virus, must have a sheathed dagger, must also share everything (what!).
Me: How about including tcpdump, dnscrypt, or scramble XOR patch on openvpn for users in other parts of the world. How about going to a module system, want trendmicro?, download it. (I can't stand that trendmicro keeps showing up in my log)

I am glad for RMerlin/John/HGG around here, I am going to stay for a while longer. Without a steady developer through I would head over to pfsense.

I would like to see a poll on why people bought these routers for. Security, AC/gigabit ISP or LAN speed, the box looked pretty, ability to install RMerlin/Tomato, ....

I wonder what type of cell-phone those squirrel-suit wearing badasses use...

Honestly, why would they do such a thing, if not for Facebook likes.
 
I would like to also say as I am mostly a noob, I am guessing trendmicro operates like firefox "block reported attack sites". So this feature just destroys openvpn.
Exaample:
router: 192.168.1.1 WAN
PC: 192.168.1.2 VPN

PC web browser wants to go to bakingcupcakes.com, router goes wait a sec, "I need to check trendmicro to see if I should allow that." "Yep its safe proceed..." (or maybe trendmicro is just interested in ip address's after firefox gets it resolved)
PC goes through VPN to bakingcupcakes.com

Anybody see what just happened there? trendmicro now knows someone likes cupcakes at your ISP's IP (router). However the cupcake web site doesn't know that.

Forgive me I am completely wrong and your pulling your hair out at me. Please correct me if I am wrong. :) This is why I don't like bloatware.
 
It's not just an Asus problem, it's pretty much the same with all consumer grade routers...

It's a matter of priorities - seems like most prioritize Features, Performance, and Security and Stability take a back seat and get patched whenever something pops up (sometimes). And this is typically where things fall apart - more features, more opportunities for bugs and security issues to creep in. And much of the code is old and brittle, with features/capabilities tagged on top of what is essentially related to the old WRT54G GPL release from years back.

Moving from one vendor to another, this only changes the set of problems/concerns one has to deal with - at least within the Asus community, there are multiple options - RMerlin's excellent work, along with John's fork, and there's always DDWRT/OpenWRT for those that want to explore things there.

Most vendors actually do a decent job with the wireless side - since the WiFi is largely driven not by the OEM, but by the chipset vendor - so most are at most, within about 10 percent of each other, differences driven largely by RF considerations (antenna, board layout, choices of different front end components).

IMHO - it's the routing side, along with the Management interfaces that need the most work moving forward - we're at the point where the first vendor that puts in the effort to start from scratch just might have the competitive advantage, but this is a huge effort, taking time and money.
 
This isn't just ASUS but all brands are like that

Not only in consumer world, in professional world and other industry too. Every thing has their share of issues more or less. If every thing works perfect out of box, I bet there will be MANY who will be unemployed...., LOL! Go to Ubiquiti user forum and see. Every thing is rosy there?
 
One thing we all forget is that any technology company builds products which will sell to a large volume and to a large number of users. Given that technology in these routers is fairly complex it is quite simple that manufacturer are trying to give with maximum to the consumers at the lowest price point.

If we drew a normal distribution of the users, the highly technical users of this forum will constitute the top 2% of the overall population of users. So we can debate over the bits and bytes, features, throughput, but for real world users it does not count. What counts is pure simple plug and play performance.

Apple is famous for doing just this. Hide the technology to make it look easy.
It still has issues like with IOS 9.3 and others but that is the nature of the technology beast.



Rtr8
 
And personally, I don't understand why so many people are raving about pfsense. I experimented with it one afternoon at work, and was left rather unimpressed by it. And I could never get snort to work correctly with it (it refused to update itself, claiming I had no ruleset defined when I definitely did have one GPL ruleset enabled). So things aren't perfect there either.

A few days later I experimented with ipfire, which allowed me to get snort working within a few minutes, however the lack of ability to create outbound firewall rules was a deal breaker. So I'll be sticking with CentOS + Shorewall for our firewall at work.

This is a widespread issue across virtually any software in 2016. Lots of legacy code, features shipping broken, plenty of useless features implemented while others actually useful but not great bulletpoint in a marketing presentation are missing.

My personal opinion? Software has grown too complex, and shipping deadlines aren't delayed to accommodate for this fact. Many companies see software as a necessary evil to justify selling a box. Lots of companies ship great hardware, but horrible software.

So no matter which solution you chose, someone has to compromise somewhere.
 
Most companies are shipping equally bad hardware and software. The time it would take to get all the pieces correct , run through QA and make sure every test case is run correctly is impossible to turn around , if you want to launch a product every year.

No product is perfect today so if you want to get a perfect product one . One should buy a product which is at least 1 year old and is market tested and real world tested. As a technologist i know this is the way it is.

It is for one reason even though I want to buy a shiny new router ( MU- MIMO) router. I know it will take the vendors at least 6/8 months to get to a place where they will be able to fix all their firmware issues , radio issues and also the chip issues, before it is real world ready .

So if i buy it now, it will be a cheapest AC1900 which gives me the best price performance. And even if I go and plonk the $250 dollars on a new one , it will be just a shiny new toy and I will possibly see the best MU-Mimo performance 6 months from now on. And then the cycle will continue again .

So if you really think that the ubiquiti edge router will resolve your problem , please test it and give us the result. We will just curse ourselves and say i should hv bought that one and live with the buyers remorse.









Sent from my iPad using Tapatalk
 
And personally, I don't understand why so many people are raving about pfsense. I experimented with it one afternoon at work, and was left rather unimpressed by it. And I could never get snort to work correctly with it (it refused to update itself, claiming I had no ruleset defined when I definitely did have one GPL ruleset enabled). So things aren't perfect there either.

A few days later I experimented with ipfire, which allowed me to get snort working within a few minutes, however the lack of ability to create outbound firewall rules was a deal breaker. So I'll be sticking with CentOS + Shorewall for our firewall at work.

This is a widespread issue across virtually any software in 2016. Lots of legacy code, features shipping broken, plenty of useless features implemented while others actually useful but not great bulletpoint in a marketing presentation are missing.

My personal opinion? Software has grown too complex, and shipping deadlines aren't delayed to accommodate for this fact. Many companies see software as a necessary evil to justify selling a box. Lots of companies ship great hardware, but horrible software.

So no matter which solution you chose, someone has to compromise somewhere.

I prefer FreeBSD (pfSense) because kernel & userland utilities are developed as a single system vs the separate development of the Linux kernel & GNU userland utilities. The evolution of FreeBSD is slower and more conservative (safer?) when compared to Linux. A router should be boring and featureless... no unneeded services.

Many people consider the FreeBSD TCP/IP stack to be the best available. I think FreeBSD was the first OS to support IPv6; https://en.wikipedia.org/wiki/KAME_project



Thankfully, we have numerous options out there. :)
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Back
Top