Just a general question :)

[G+_Edvardas Rimkus]

Just a general question :)

How often do you typically replace routers at home? 5, 10 years or when it breaks?

[G+_Vinny Trent]

3-5 years unless it breaks or is no longer supported by the company for security updates. Or the router is superseded by advances in tech that make it impossible to resist.

[G+_Geoff Galley]

Every 3 to 5 years or when technology advances but never the first version of the new technology or when the firmware updates stop.

[G+_Jason Brown]

Whenever I could get a new one from the recycle pile at work. After becoming a kita, I also adopted a strict policy of replacing them after the updates stop. I deviate from the herd a little, because I'll use mine until it doesn't work anymore.

[G+_Black Merc]

After mother nature has her 'fun' with it.(zappy zap)

[G+_John Sullivan]

When it breaks.

[G+_Travis Hershberger]

Whenever it stops getting security updates. I have Ubiquity router and AP, so I can replace each individually now. The new ER-4 looks very nice, and I think it would be able to handle gigabit connection speeds, to bad I won't see those for a long time ?

[G+_Edvardas Rimkus]

I have Mikrotik Routerboard RB2011UAS-2HnD-IN (5x 1gig ports, 5x 100mbit ports, and wifi). Not sure when i got it, but updates are still coming for it. I ran out of ports on it so dragged from a cupboard hp procurve 8 port 1 gig switch. After moving to a new place (multiple floors, and big yard) added 2 ubiquity unify mesh access points.

How wife is planning have a work space/office in the basement.

So I was thinking maybe to try to push a replacement of the old router/switch to the new ubiquity stuff, not sure if to go full unify route, or edgerouter and unify switches, or all edge stuff.

[G+_Travis Hershberger]

Edvardas Rimkus I'd recommend the EdgeRouter line over the Unifi line of routers every time. The UNMS might still be in beta, but it works very well. The EdgeRouters just have many more features, and if something isn't available in the gui, then you can probably enable it in the command line. The Unifi routers just don't offer the same features for the price.

 

I have both the UNMS and Unifi (for access points) running in the same VM on my hosted server. Shouldn't have any issues running both pieces of software in the same place. Tho I am using the Docker image for the UNMS portion.

[G+_Tailsthefox Pelissier]

When it breaks.

[G+_Marco van Laerhoven]

Travis Hershberger I'm on the same boat as Travis - switched to Ubiquiti router a while ago and love the control it gives me. I'm quite security focused, so as long as security leaks are patched quickly Idon't expect to replace it soon. Am actually considering the edgerouter 4 as my router is acting as a firewall between 7 subnets - not just the internet traffic. I think the "4" will add enough power to increase the bandwidth for some of the connections.

[G+_Marco van Laerhoven]

Travis Hershberger Are you running UNMS in Docker on a Synology NAS by any chance ? I'm considering the same - would like to hear whether you have any specific recommendations on setting it up ? Did you map volumes, specific ports, etc.

[G+_Travis Hershberger]

Marco van Laerhoven It's running as a KVM VM on a full server box that I rent. In theory, anything that can run a Docker image should be able to run UNMS. The one thing to be aware of is that it uses HTTP and not HTTPS. That isn't a problem for me because I'm using an Nginx reverse proxy in between that handles the HTTPS tunnel.

[G+_Reggie Henneman]

Whenever the internet I pay for is way more capable then the router or when it is no longer supported

[G+_Edvardas Rimkus]

From my reading unifi switches don't do routing between vlans, endgeswitch does it in a very limited way. Is my understanding correct?

[G+_Marco van Laerhoven]

Edvardas Rimkus I am using an edgeswitch, but use it only for layer 2 traffic. Routing is done in my router, fully using its firewall capabilities. Ive setup various vlans in the Edgeswitch too, working nicely. I think there should be no issue routing traffic too , if you don't need a full firewall, is there something specific you think is not supported

[G+_Travis Hershberger]

Edvardas Rimkus Routing between vlans is assumed with vlan support, otherwise it'd be pointless.

 

Edgeswitches can have some speed issues when routing between switch ports. This is the one poor area where they're not great if you don't know about this particular quirk where ports 0 and 1 are full ASIC enhanced routing and ports 2,3, and 4 are all just switches with CPU powered routing. So if you overload the CPU, you can run into speed issues.

[G+_Marco van Laerhoven]

Travis Hershberger I've never seen a 4 port edgeswitch, are you not talking about an edgerouter X instead?

[G+_Travis Hershberger]

Marco van Laerhoven That's 5 ports, the switches label them zero to 4.

[G+_Edvardas Rimkus]

What is minimal number of PoE devices that would warrant buying PoE switch?

[G+_Travis Hershberger]

Edvardas Rimkus It all depends. I'd say 3 generally, but I have 2 and an ER-POE at home, so, yeah.

[G+_Jeff Gros]

Edvardas Rimkus I was thinking about this post, and it occurred to me that in addition to the recommended routers (ER-X, etc), you could buy routers that are known to be compatible with open source distributions. That way, when the manufacturer eventually abandons it, you have the possibility of installing DDWRT, Tomato, etc, and using that instead.

[G+_Brent Vrieze]

I agree, get one that supports flashing with other firmware preferably open source. If you listen to Security Now with Steve Gibson there has been a rash of security holes in the home routers over the past couple of years, hard coded backdoor credentials, allowing WAN side management by default, being easily added to a botnet.

 

"Routers are really coming under attack. I don't know when we've had a week in this podcast when we haven't talked about one or more new or newly discovered or newly exploited or big problems with consumer routers." Steve Gibson, grc.com.

 

I still endorse PfSense.

[G+_Marco van Laerhoven]

Brent Vrieze +1 for security now podcast