Router recommendation for sports bar?

[k8_fan]

I'm in charge of technology for a sports bar - TVs, projectors, satellite systems, security DVR, computers, you name it. If it plugs in, I'll usually have something to do with it.

In recent years, more and more of the obscure sporting events that bring in loyal customers are only available on the Net. To that end, I've built computers to display streams on the TVs and projectors.

Right now, we have a 50 megabit connection from Time-Warner. We used to have a back-up DSL system from AT&T, but that never was a good backup. We're very lucky in that we're in a Google Fiber area, and both Time-Warner and AT&T are just about pooping their pants in worry - so when we were getting annoyed at poor cable service, TW ran a whole new RG-11 line to our place and assigned a team of engineers until we got the promised speed.

The problem is our router. We have a Linksys/Cisco RV042 Dual Wan/VPN router that was originally for the hot fail-over between the cable and the DSL systems. But, typically for them, Linksys has not updated this product in years, and I believe it is the weak point in my system. I need to stream multiple games at once, and have been getting poor performance.

I need reasonably fine-grained control of which device on my network gets priority on streaming both down and up (I have a Slingbox which streams to another location).

Good statistics on performance for troubleshooting the network would be nice as well.

I'd also like to make this device reasonably future-proof, or at least ready for a post-Time-Warner world when Google Fiber starts offering gigabit business connections.

A wired-only router would be fine, but if a wireless router is available that will perform as needed, that would be a bonus. I have two WiFi systems in the place, one for customers, one for staff. I'd like to leave the customers on 2.4 and move the staff to 5.

So, if you were in my situation, what would you purchase?

 

[thiggins]

I would not try to do wireless and wired with one device. Keeping them separate splits the processor load and lets you locate the wireless independently of the wired.

Take a look at some TP-LINK and ZyXELs. Here's a TP-LINK
http://www.smallnetbuilder.com/lanw...festream-gigabit-dual-wan-vpn-router-reviewed

 

[AdvHomeServer]

I don't have any experience installing commercial networks so read my answer from that perspective. I'll try to stay within my limits.

As the previous reply mentioned, splitting wired and wireless into different devices make good sense. Each wireless router becomes an access point with the option to use different SSIDs on each. One or more might be for customer use. Another might be for employee use. Dedicated wireless access points that use power over Ethernet throughout the building for customer use might be an option. It's my belief that bandwidth can be more precisely controlled among users using commercial level access points that require POE.

For your employees, I would suggest a radius server. This permits users to sign in using a user id and password as opposed to a general password for all to know. DD-WRT allows you to easily merge a Radius Server with a router, but I would avoid that option for anything other than hobby purposes. A radius server separate from the router allows you to control access to file shares more easily. Radius servers on NAS boxes are fairly easy to set up.

 

[Trip]

Hi k8. First off, I would definitely recommend going with SMB-class (or higher) gear across the board, as opposed to monkeying around with big-box all-in-one consumer devices and/or methods of shoe-horning features into those products to make them "work". On that note, it may be worth consulting a local IT outfit and getting them involved; using a pro on-site often yields unthought-of solutions, which, while possibly incuring a higher up-front cost, could save you plenty of operational headaches down the line.

That said, I would concur with separating routing/firewalling from wireless. If you want to stay in the Cisco world, perhaps a RV325 wired to whatever mix of APs would work. Some pros might even suggest IOS-level Cisco gear and Aironets right off the bat -- quite pricey, but at least you'd know the stuff would work (provided it's setup properly by a CCNA-level person or higher). Otherwise, there are plenty of others vertical solutions offering potentially more bang for the buck, such as the SMB gear from Ubiquiti or ZyXel. Each have their weakness, too, whether it be on the support/documentation end or sometimes slightly flaky functionality, but there's plenty of good gear to be found from those and others like them. I know that many are loving the EdgeRouter Lite/PoE + UniFi these days, so perhaps that's worth a look. Also worth a look is Peplink's Balance line of multi-WAN routers. Maybe even CradlePoint is you're looking to perhaps bring in some 3G/4G LTE connectivity for extra additive bandwidth and/or failover.

Hope some of that helps!

 

[k8_fan]

The staff does not need access to files, so Radius server might be overkill. We just want them to access the shared printer from their laptops and iPads. No more than 3 staff members are ever on their WiFi at a time.

From their lack of support on the existing device, I've eliminated Linksys from further consideration - although the consumer WiFi side is on Linksys WRT54GL I've upgraded to DDWRT.

Based on reading other reviews on this site, I'm looking at the Mikrotik Routerboard RB2011, which looks like some serious bang for the buck.

 

[AdvHomeServer]

The staff does not need access to files, so Radius server might be overkill. We just want them to access the shared printer from their laptops and iPads. No more than 3 staff members are ever on their WiFi at a time.

From their lack of support on the existing device, I've eliminated Linksys from further consideration - although the consumer WiFi side is on Linksys WRT54GL I've upgraded to DDWRT.

Based on reading other reviews on this site, I'm looking at the Mikrotik Routerboard RB2011, which looks like some serious bang for the buck.

Having a radius server for business users will keep the riff raff off the business network. it's basic security. Especially if certificates are required and the policy is enforced by the server. Anyone who guesses or is told the wifi wpa2 password has the keys to the kingdom if the network being used is on the same subnet as the business computers.

If you don't understand what I just said, you need a network pro to help you set it up ... not Joe your friend who has a nice home network who you also trust. Someone with an android tablet and a couple of free downloads from Google Play could potentially have free access to your entire system otherwise. I'm not exaggerating.

A lot of people don't understand certificates. Think of one as a key that only allows specific devices to attach to the network. The server must enforce the policy. If your pro says you don't need one, find a new pro unless they provide a solid plan to keep the riff raff away. Drunks in a bar are the last people I would trust to behave, especially one who has taken Networks 101 in school. OpenSSL can be used to generate the certificates, and it's free. The know-how to use it properly isn't.

Or, you can put the employee network somewhere that has no conceivable access to the main network.

I haven't even approached the possibility of the police asking you questions about your public wifi being used for questionable downloads. Personally, I would prefer the FBI to look at your network, rather than mine (just speaking figuratively).

 

[Trip]

Based on reading other reviews on this site, I'm looking at the Mikrotik Routerboard RB2011, which looks like some serious bang for the buck.

Chances are you'll be investing plenty of your own time figuring out RouterOS. As a primer, I'd recommend Greg Sowell's video on Mikrotik basics. If you get partway in and it all seems like Chinese, then I'd definitely recommend *not* going with Mikrotik and choosing a more user-friendly alternative (Peplink, etc.). I would strongly urge you look at up-front price difference of a few hundred dollars as negligible in the grand scheme of things.

 

[Cloud200]

my recommendation is to get the following as a system:

1. router that supports multi-WAN, 802.1q VLAN
eg.
Cisco RV320
Linksys LRT224
Ubiquiti ERLite-3
Mikrotik RB2011UiAS
Netgate APU4

2. POE smart switch that supports 802.1q and 802.3at
eg.
ZyXEL GS1900-8HP
EnGenius EGS5110P
TRENDnet TPE-1020WS
LINKSYS LGS308P

3. managed access points that can support multiple SSID across VLAN and powered by POE
eg.
Ubiquiti UAP-Pro
Linksys LAPN600
EnGenius EAP600
Zyxel NWA1123-NI

 

[newjockey]

Have you considered a firewall distribution? Something like pfSense or IPFire? You could buy or build a mini PC and add an extra NIC and you'd be set. If you need extra LAN ports, just plug the LAN NIC from the PC to a 5-7 port gigabit switch. With any decent hardware (multi-core Atom or Celeron Ivy Bridge, 4GB RAM, 500GB hdd or ssd) you'll have more horsepower than any comparably priced router. I have used both pfSense and IPFire and they are remarkably easy to set up--about what you'd expect from a typical router web interface. Plus you have the advantage of automated updates. Both pfSense and IPFire automatically update software packages for security/bug fixes. I've used both port forwarding, firewall blocking, and VPN in both systems and they are surprisingly easy to set up. Just another option for you to consider.

Good luck!

 

[netwalker0099]

+1 pfsense sure. Build one from an old desktop or purchase one from pfsense.org, the purchased devices come with 1 year of commercial support. I'd recommend a ubiquti router but at the end of the day the only support is the forum and if you have a critical issue sometimes that isn't fast enough.