Help me build a Top of the Line Setup

[CrystalLattice]

This is definitely ONLY your opinion. I would go with Cisco gear. I run a pretty high end network at my home. It is a RV340 router with a Cisco layer 3 switch and 3 Cisco wireless APs that roam using 5 GHz only.

I have a Cisco 10 gig layer 3 switch, I just cannot get the high speed internet to go with it.

Of course it's my opinion, anyone could observe that I wrote it in response to his inital request for what a highend network looks like. No one to my knowledge is putting cisco networking into high end homes due to low durability problems.

 

[coxhaus]

Of course it's my opinion, anyone could observe that I wrote it in response to his inital request for what a highend network looks like. No one to my knowledge is putting cisco networking into high end homes due to low durability problems.

There are no durability problems with Cisco. If any thing they are over built.

 

[spiXel]

Sorry about not getting back to the responses, had a death in the family and haven't been able to focus on this. One quick question, is there another recommended switch that has more ports than 10? Maybe 14 at minimum?

 

[coxhaus]

Cisco makes 10, 16,24, 28 and 48 port switches. They make even bigger probably not considered small business. What do you want?

 

[spiXel]

16

Cisco makes 10, 16,24, 28 and 48 port switches. They make even bigger probably not considered small business. What do you want?

 

[spiXel]

Alrighty, I've had some time to look around and learn about some of this stuff. I think I have decided that I do want a real network instead of the mesh system. Also, I have 1 coax that Spectrum ran that goes directly to my networking closet but that's all the coax in my house. It is not ran throughout my entire house.

I am going to get a new switch. I have decided that I want an L3 managed switch with 16 or 24 ports. (I'll save the switch discussion for a separate discussion to simplify). I do also want to replace the router that I got from Spectrum.

So as far as the recommendations given so far, we have:

Option 1: -Cisco RV340 with Cisco APs (unsure of what model is being recommended)
Option 2: -Cisco 345P with Cisco APs (unsure of what model is being recommended)
Option 3: -Mikrotik CCR1009-7G-1C-1S+PC with 2x Ubiquiti Unifi UAP-AC-Pro
Option 4: -Ubiquiti USG Pro 4 with 2x Ubiquiti Unifi UAP-AC-Pro
Option 5: -pfSense AES-NI box (I can't figure out what this even is), with 2x Ubiquiti Unifi UAP-AC-Pro?
Option 6: -2 Asus routers (unsure of what model is being recommended) with 2 TPLinks (unsure of what model is being recommended)

Can I get some clarification on what exact models are being recommended? Also, any more feedback on which of these options that are outlined would work best and why?

Thank you all so much for your help, I really appreciate it!

 

[System Error Message]

Alrighty, I've had some time to look around and learn about some of this stuff. I think I have decided that I do want a real network instead of the mesh system. Also, I have 1 coax that Spectrum ran that goes directly to my networking closet but that's all the coax in my house. It is not ran throughout my entire house.

I am going to get a new switch. I have decided that I want an L3 managed switch with 16 or 24 ports. (I'll save the switch discussion for a separate discussion to simplify). I do also want to replace the router that I got from Spectrum.

So as far as the recommendations given so far, we have:

Option 1: -Cisco RV340 with Cisco APs (unsure of what model is being recommended)
Option 2: -Cisco 345P with Cisco APs (unsure of what model is being recommended)
Option 3: -Mikrotik CCR1009-7G-1C-1S+PC with 2x Ubiquiti Unifi UAP-AC-Pro
Option 4: -Ubiquiti USG Pro 4 with 2x Ubiquiti Unifi UAP-AC-Pro
Option 5: -pfSense AES-NI box (I can't figure out what this even is), with 2x Ubiquiti Unifi UAP-AC-Pro?
Option 6: -2 Asus routers (unsure of what model is being recommended) with 2 TPLinks (unsure of what model is being recommended)

Can I get some clarification on what exact models are being recommended? Also, any more feedback on which of these options that are outlined would work best and why?

Thank you all so much for your help, I really appreciate it!

normally i'd go with mikrotik as my router but you dont have the skills neaded, so i'll pick option 5. You may want to consider a cisco switch though.

 

[spiXel]

Just to be sure, are these the correct links for the router and UAP-AC-PRO?

https://www.amazon.com/dp/B06W534NXP/?tag=snbforums-20

https://www.amazon.com/dp/B015PRO512/?tag=snbforums-20

 

[MichaelCG]

That looks like the correct UAP-AC-PRO...but confirm what price you are getting. When I check it, it is showing at $196 which is about $50-60 higher than it should be.

I can't remember if you were planning to get a PoE switch or not...just be sure to have a plan to power the APs since they do not include injectors anymore.

 

[coxhaus]

Alrighty, I've had some time to look around and learn about some of this stuff. I think I have decided that I do want a real network instead of the mesh system. Also, I have 1 coax that Spectrum ran that goes directly to my networking closet but that's all the coax in my house. It is not ran throughout my entire house.

I am going to get a new switch. I have decided that I want an L3 managed switch with 16 or 24 ports. (I'll save the switch discussion for a separate discussion to simplify). I do also want to replace the router that I got from Spectrum.

So as far as the recommendations given so far, we have:

Option 1: -Cisco RV340 with Cisco APs (unsure of what model is being recommended)
Option 2: -Cisco 345P with Cisco APs (unsure of what model is being recommended)
Option 3: -Mikrotik CCR1009-7G-1C-1S+PC with 2x Ubiquiti Unifi UAP-AC-Pro
Option 4: -Ubiquiti USG Pro 4 with 2x Ubiquiti Unifi UAP-AC-Pro
Option 5: -pfSense AES-NI box (I can't figure out what this even is), with 2x Ubiquiti Unifi UAP-AC-Pro?
Option 6: -2 Asus routers (unsure of what model is being recommended) with 2 TPLinks (unsure of what model is being recommended)

Can I get some clarification on what exact models are being recommended? Also, any more feedback on which of these options that are outlined would work best and why?

Thank you all so much for your help, I really appreciate it!

I think the top of the line will be a Cisco RV340 router with a Cisco layer 3 switch and 2 Cisco APs. But this option will put you over a $1000 dollars. My compromise was to use the Cisco RV345P and 2 Cisco APs. This is pretty good but not the best. I think a Cisco RV345P is about $425 and then you need at least 2 Cisco APs. I bought 3 Cisco WAP371 APs off eBay for about $50 each. I only run 5GHz wireless as I turned off 2.4GHz. Remember you want the best and 5GHz is way better and faster than 2.4GHz. Space your wireless APs so you can roam. The roaming is pretty good not perfect. You can walk around using facetime without losing the wireless call. For a home I did not feel I needed the extra licensing for the Cisco routers. If I ran a business I might.

If you don't know the P on the end of the RV345P means the switch part of the router is POE+ to power the Cisco APs.

The top of the line Cisco WAP581 small business wireless units are starting to get too much for home. I think the WAP581 is more perfect for like a coffee shop type approach. The unit can handle 200 users. It has 2.5 gig connection which it probably needs to run that many users. If you want to go this route you need a 2.5 gig switch. You can run it off a 1 gig connection but it will limit the WAP581 AP's bandwidth.

 

[Trip]

OK, several points to address here.

First off, I see you're thinking about discrete components, which I highly recommend in most instances where the person is of at least intermediate skill. That said, be prepared to invest some time in learning and possibly some trial-and-error. If things get too arduous, I'd dig up the extra cash/beer to bring in someone who can "just handle it" for you.

Now onto the router. If your gigabit connection is actually *symmetric*, you'd need to be able to route 2Gb/s if you actually wanted to max out the line under any circumstances. That said, it's somewhat impractical for most home use cases, and if you don't mind sacrificing a few hundred Mb/s in a small amount of situations, then a high-clock consumer all-in-one or a Cisco RV would suffice. If you are serious, though, then you'll need to look to x86-based options. The most plug-and-play experience would probably be a pre-built pfSense box, or a private vendor solution. Netgate's SG-3100 will do 1Gb/s for $350 (it's still ARM-based) and the Atom-based SG-5100 is $799. I'd actually look at a Sophos XG85 rev. 3, which for under $300 sports an Intel Atom Apollo Lake and can supposedly crank out 3Gb/s of firewall throughput (I'm not sure if that's via some offload scheme that may be disabled if you try to do something, but it may be 3 Gb/s across the board... I'm sure @System Error Message will call that bluff if it is one...) The XG firmware is pretty friendly and I believe there is even a setup wizard; perhaps almost as easy to use as pfSense. A box like Sophos (or equivalent) wouldn't blow your mind for any particular reason, but it should get you to 2Gb+, at probably the least cost with most ease-of-use that I can think of. (And, yes, I'm ruling out Mikrotik and DIY x86 builds as too involved)

Next, switching. If 24 ports is your number, great. My main question, though: why L3 managed? Unless you specifically need layer 3 capabilities, like inter-VLAN routing, or enterprise-level protocols (both of which I highly doubt), I would think a web-managed L2+ switch would be plenty of capability, while saving potentially significant cost. Yes, there are some cheaper "L3" switches out there, like Mikrotik CRS, UBNT ES Lite or Cisco SG-300 running in L3 mode, but the former 2 are still a bit flakey and the latter is best left in L2+ mode, for which it functions perfectly fine. So, I would just be safe here go L2/2+ on a more solid, lower features-to-cost platform. Something like an Cisco SG-200 or 300 series, or HPE 1820 or 1920S. Should be able to do something for $250 or less.

Lastly is wifi. If you and your residents are only apt to want to connect to your individual hotspots, forgoing seamless handoff or centralized management, then separate standalone APs may work. If roaming/coverage/central control is of interest, then I would just bite the bullet and do a 3-pack of Eero Gen2, full-size units at $499 (all 3 full-size, so wired backhaul is an option for all APs). Ubiquiti UniFi is more configurable if you wanted to do stuff like different VLANs for each resident, etc., and I might suggest it if you were thinking of going all-Ubiquiti for route/switch/wifi, but short of that and even with a Cloud Key, it's just not as plug-and-play for a home user nor as beneficial in a mixed-vendor environment as I'd like it to be. So stick with Eero for now.

So there you have it. For $1,000 you'd have yourself a solid and supported entry-level enterprise router/firewall, entry-level enterprise switch and arguably the best home mesh product. The biggest challenge will be getting the router/firewall up and running, and then interconnecting all three systems, but it shouldn't be too hard. The only higher level I would go to from there would be Ruckus Unleashed for wifi, but only if you've tried at length to make your home mesh product work and it just isn't performing, for whatever reason, and you're double-sure it's the wifi product that's at fault. So start with what I've suggested and I think you'll be pleasantly surprised.

 

[tannebil]

if networking is where you want to spend your time and money, there are lots of good ideas here.

If you have other interests, I’ll stand by my advice (modified only to take into consideration the advice to avoid Spectrum combo units). I actually prefer a módem to a combo but Comcast no longer offers that option in my area. The combos can be reconfigured into bridge mode but it was another complication so I didn’t suggest it and it does make tech support harder as support is far less familiar with that configuration. As a general rule, you get the best support with the most common configuration. That doesn’t mean it will be good but it likely means it will be less bad. That’s the only reason I waste $10/monthon renting a device that can be bought for under $100.

 

[tannebil]

MoCA 2.0 bonded is as fast as wired GB although the latency is higher. But MoCA and powerline need active units with introduces complexity and reliability issues compared to UTP.

One thing to keep in mind with wired mesh units is that they may not be happy with flaky wired connections. I used to use it with my Plume pods but threw in the towel when MoCA hiccups appeared to cause my whole network to go wonky. I think it all depends on the manufacturer and the firmware. I still use MoCA, just not with my access points.

 

[Trip]

One thing to keep in mind with wired mesh units is that they may not be happy with flaky wired connections. I used to use it with my Plume pods but threw in the towel when MoCA hiccups appeared to cause my whole network to go wonky. I think it all depends on the manufacturer and the firmware. I still use MoCA, just not with my access points.

This is exactly why I lean towards enterprise products for use-cases where the feature sets haven't matured enough in their consumer counterparts; in this case: auto-healing between wired backhaul and wireless multi-point peering. Ruckus is one such product. It just works. Period. And that's the way it should be. Yes, it's WAY overkill for the average home use-case, I get that, but enterprise stuff if bought smartly can be a viable option versus the consumer beta-ware equivalents. Just something to keep in mind if you ever get to the point where you want something working badly enough to just say, "screw it".

 

[RogerSC]

As a side note, @RogerSC - did I read that right? Eero has added "smart queuing", as in fq_codel + HTB?! Like the way UBNT does it in the EdgeRouters? Because if that's true, that would be sweet.

Yes, "Smart queuing" is a "Beta" feature, along with "Band Steering" and "Local DNS Caching". I don't know what algorithms are being used, but when I turn off "Smart queuing", I get a "D" or lower for bufferbloat in the dslreports speed test. When I turn on "Smart queuing", I get an "A" for bufferbloat. Which is typical of when I've played with QoS. I don't really have any use for QoS myself, other than to play with it and see the effect on bufferbloat *smile*, since I'm not a gamer and have enough internet speed to go around as well.

I also don't use the Local DNS Caching, since I use OpenDNS to block the ads on the Roku's that we have. If I do local DNS caching, that goes around the OpenDNS functionality. Luckily, OpenDNS does fast enough DNS even while doing ad blocking. I'm only having it block a couple of ad sources, and that's enough to catch what I want to block on the Roku's.

 

[Trip]

Very nice, on all features mentioned. Definitely something to keep in mind as pluses for Eero. Thanks for the follow-up post.

 

[coxhaus]

Next, switching. If 24 ports is your number, great. My main question, though: why L3 managed? Unless you specifically need layer 3 capabilities, like inter-VLAN routing, or enterprise-level protocols (both of which I highly doubt), I would think a web-managed L2+ switch would be plenty of capability, while saving potentially significant cost. Yes, there are some cheaper "L3" switches out there, like Mikrotik CRS, UBNT ES Lite or Cisco SG-300 running in L3 mode, but the former 2 are still a bit flakey and the latter is best left in L2+ mode, for which it functions perfectly fine. So, I would just be safe here go L2/2+ on a more solid, lower features-to-cost platform. Something like an Cisco SG-200 or 300 series, or HPE 1820 or 1920S. Should be able to do something for $250 or less.

L2 switching is fine IF you are running 1 network. If you are running a guess network and maybe a isolated smart home network then L2 switching is not the best. We are talking the best here. Once you have a real network with different networks then using local ACLs and local routing adds to the load a router needs to handle. The L3 switch offloads all this over head and leaves the router to focus on internet traffic. As you push packets around the local network all traffic needs to be filtered for what is allowed and not.

 

[Trip]

@coxhaus - Indeed, and those would be my points as well. Only challenge was a $1K total budget... which is why I suggested a solid L2/2+ choice versus a cheaper "faux" L3 option for similar cost. If the OP doesn't mind increasing budget a bit, then yeah, absolutely 24 L3 ports become an option. Something like a Cisco SG350X-24 for $550-600 would get him probably everything he would need, and offer 10-Gig uplinks and stacking for expanding the fabric down the road. If money was really no object we could go big-boy Catalyst, or HPE L3 dynamic series, Ruckus (Brocade) ICX, etc.

 

[coxhaus]

Key here is the BEST.

I agree the stated budget $1000 was not enough as I stated in my top post. It is why I switched to a RV345P router instead. I think it needs to be mentioned though because we are talking the best. It is what I run at my house. So it is not a pie in the sky kind of thing.

If you buy used then you can come in under a $1000.

The Cisco SG-350X-24 sounds like an excellent choice. It will be one of my future purchases.

 

[Trip]

Yeah the SG350X appears a pretty good value, and actually appears to be designed to actually perform at L3, unlike the SG300. In the switch department, even SMB-class stuff, Cisco still has a decent foothold.

That said, though, routing is different story. If we're looking at best for the given use-case and for the price, I'd have to call an RV345P, or any RV series, into question. As an aside, PoE on the router when we're already thinking of an SMB or enterprise-class switch is misplaced. It should be delivered from the switch. Perhaps nice to have it in 2 places as a backup, but most likely unnecessary. More relevant though is price. At ~$400, a myriad of things absolutely destroy it for throughput and features per dollar. Off the top of my head, a UBNT EdgeRouter-4 for roughly half the price, a Mikrotik CCR-1009-PC for similar cost, or Pentium/i-core x86 at similar cost running a firewall distro of choice, open-source (pfSense) or private (Sophos, etc.). If we're still focusing more on pure ease-of-use and direct vendor support, then I could maybe see it, but otherwise there are just so many better alternatives if we're going to drop $400 on a wired router and have someone with intermediate of better skill set perform the config.