Your Choice for Router in 2023

[mk378]

Comcast (Xfinity) is in the process of converting their networks to "mid-split" cable frequencies. This technology offers faster uplink speeds, but requires the customer use a different type of modem to have those speeds. The bottom line is don't buy a new DOCSIS 3.0/3.1 modem right now if you're on Comcast.

 

[john_pifer]

Hey. Just checking in to see how this is all working out now that it’s almost 9 months later. Has it been reliable? I recently put a TP Link AX 4400 into service, but as a router only. I disabled the Wi-Fi and use some older ASUS routers as Wi-Fi access points scattered around my 3 story home. The APs are hardwired into the new router and the setup is great. Very low latency and excellent performance overall… I have Verizon’s 300 Mbps symmetrical service, so I don’t need hardware with the highest specs…

No issues, but we’re not stressing its capabilities much.

 

[97prizm]

We're still soldiering on with the ubiquitous Linksys WRT54GS V7 that I've had since 2007.

It's been OK since we don't have a lot of devices (just mine and my wife's iPhones, 2 laptops (which we don't use much and are never on at the same time), and a Roku. The kids are still very young (2, 1, and 4 mos), so they don't use devices and won't for a long time.

We do often use the Roku for streaming, and our 2 phones simultaneously.

Since we have a new Mac Mini M2 Pro (still waiting on monitors, though), I'm thinking about investing in a new wireless router to take maximum advantage of the speed of the new M2 Pro.

And while I haven't noticed any hiccups in our streaming (we watch a lot of YouTube), I'm quite sure things could be faster.

Additionally, I've read that the security of the WRT54GS is obsolete, to say the least.

I will say that the WRT54GS has been exceptionally, boringly reliable.

Anyway, what do you use?

What should we get?

We have a single-level, 3BR, 2BA home on approximately 1 acre of land.

PC Mag reviewed the TP Link Archer AXE75. Price doesn't seem too bad for the features, and it has the new wifi 6E, which the M2 Pro has. I also may upgrade my iPhone 11 to the latest iPhone at the end of the year when a new iPhone comes out, and I'm sure it'll have the wifi 6E.

Thoughts?

I've had great luck with my TP Link. They're established now but when I bought mine it was a little more bang for the buck than the netgear which I've had two different ones and both were great.

 

[Y_K]

Firewall Bypass exploits on TP Link Archers is a potty training level

 

[alarmguy]

I've had great luck with my TP Link. They're established now but when I bought mine it was a little more bang for the buck than the netgear which I've had two different ones and both were great.

For the price/performance in the lower to mid tier ($70 to $250) I dont think anything beats TP link and almost all cases excels at most all price ranges. Before I get flamed I am talking residential use by normal people over all the other known brands. Not enthusiasts in here that go into the firmware and settings for fun.
Even though I am using a Motorola MR 2600 right now, almost obsolete at this point (no longer offered) it most likely will be back to a $100 to $200 TP Link in the not to distant future as I am starting to wonder just how much longer the Motorola can run without burning out. It's been years of perfect service getting the full speed I pay for over my Wi-Fi of 300 Mbps up and down.

One thing with all routers that I want to be sure of is not get roped into subscription services which many of them have started for more profit. If any product after I buy it I find out otherwise and it limits what I can do, I will return it.

 

[OVERKILL]

For the price/performance in the lower to mid tier ($70 to $250) I dont think anything beats TP link and almost all cases excels at most all price ranges. Before I get flamed I am talking residential use by normal people over all the other known brands. Not enthusiasts in here that go into the firmware and settings for fun.
Even though I am using a Motorola MR 2600 right now, almost obsolete at this point (no longer offered) it most likely will be back to a $100 to $200 TP Link in the not to distant future as I am starting to wonder just how much longer the Motorola can run without burning out. It's been years of perfect service getting the full speed I pay for over my Wi-Fi of 300 Mbps up and down.

One thing with all routers that I want to be sure of is not get roped into subscription services which many of them have started for more profit. If any product after I buy it I find out otherwise and it limits what I can do, I will return it.

CVE - Search Results (mitre.org)

 

[alarmguy]

CVE - Search Results (mitre.org)

Yeah, I understand that but what do the search results show for the others?
Then also just the shear volume (sales) of routers and devices TP Link has on the market (world wide) would mean you have to search by model number. These reported issues also cover range extenders and mobile devices. Is there a device on the market from any makers that doesnt get a security patch at some point?

Here is Netgears list and I am sure the others the same.
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=netgear

Then we have to think about all the weaker security issues using the Wifi network. Cameras, Security systems, thermostats, washing machines, dryers, garage doors, etc

 

[OVERKILL]

Yeah, I understand that but what do the search results show for the others?
Then also just the shear volume (sales) of routers and devices TP Link has on the market would mean you have to search by model number.

The models are listed in the CVE's, and multiple models are affected by a single CVE because they use the same software. Sales volume is inconsequential, and so is the number of models if those models are running the same firmware.

Ubiquiti has 38 results in comparison.

But it's not just the number of CVE's, though that may represent the "attack surface". It's whether they are patched in a timely manner or even patched at all.

 

[Y_K]

MikroTik is another epic failure in the cheap department. But it is a great pacifier for the delusional micro-control freaks.

 

[Rand]

I voted UDM PRO again.. although this time the SE version since its going to be running 3 or 4 POE WAPS.
Wire mesh plaster walls .. bleh.

 

[alarmguy]

The models are listed in the CVE's, and multiple models are affected by a single CVE because they use the same software. Sales volume is inconsequential, and so is the number of models if those models are running the same firmware.

Ubiquiti has 38 results in comparison.

But it's not just the number of CVE's, though that may represent the "attack surface". It's whether they are patched in a timely manner or even patched at all.

I see you mention that brand a lot but I dont see very many (to none) offerings for the home. I certainly am not interested in enterprise equipment. I would expect with a limited line of consumer products that you will only see a fraction of the security issues vs companies with lines many times greater. Yet I am not doubting your knowledge at all.

I take reasonable (more than most the population) precautions with everyday name brand equipment, there are much, much better fish to go after than me. I always tend to buy a router after its been out 2ish years and price reductions due to the newest Wifi standard coming out when I am happy with ac, sure next one will be an AX, its unavoidable. Anyway, range is most important to me and why I hesitate to get rid of the MR2600, it's flawless in that regard. Enthusiasts would cringe at the limited UI of the router, heck it even upset me at first *LOL* but it does what it does very well.

My MR2600 is now out of production and for fun Im tempted to get a new router after having this one for three going on 4 years will be Nov 2024. This would be a preemptive move, I mean the thing has to fail sooner or later. Though I still have an older TPlink that I replaced as an emergency back up should it fail I could use it until buying a new one. (wife works from home so back up important)

I actually hesitate, its been so dead on reliable with incredible range and the price always boggled my mind, just always works, never needs reset, get within a few percent of the 300/300speed we pay for over WiFi throughout the house on so many devices I get tired of counting them. Therein I think is more concerning than the router. The devices themselves I see as a security risk. However I am not nor is it my field like yours so have no idea what I am talking about, expect Im more aware and informed then the Joe next door.

Anyway, not jumping into anything, might wait until Nov or whenever but I typically look to buy one standard+ older routers meaning $200 to $250 routers for around $130 to $160. when the "new" line up comes out. I find the Archer AX55 interesting which is stupid cheap right now at $94. The other extreme is the bargain priced Archer AX6000 but in reading it says it runs hot I think and not power efficient ... anyway, just a small sample of what I am looking at. I am not going to be roped into a subscription service by any router company. I read, I think NETGEAR it terrible about this, along with privacy concerns.

It's amazing how Antennas can make a router look beefy. *LOL*
https://www.amazon.com/TP-Link-AX60...7f0e984f1d56c4fb9ceb67914&language=en_US&th=1

Just to be clear, I like shopping the internet on days I am bored. I might not do anything at anytime and other times I do, like, back in 2022 when we had a new house built *LOL* and moved in 2023. (my wife jokes about it)

 

[John105]

I just use the free one (Quantum or whatever) that comes with FiOS. Only thing I don’t like is only 3 SSIDs.

Why I don’t think it matters? I used Meraki at home when it was free, and I realize nothing one buys online or at Best Buy will come close, so what difference does it truly make.

 

[alarmguy]

@OVERKILL

Current set up, new home.
1st photo,
MR2600 and the white box in the far corner is a Ring Z-wave controller for the thermostat and front door lock, door bell camera and garage door controlled with that but using the WiFi network. I cant remember how I got it together but it all works. Alarm system, garage door, front door lock, door bell camera. I would have bought different stuff but it came with the house, so good enough.

2nd photo is the fiber modem from the provider in an access panel supplied by the builder. Power line adapter goes to wifes workstation which is on the other side of the wall, its worked fine for years now so kept it, even though I can punch right through the wall and connect a Cat cable.

Anyway, point being, there are most likely plenty of security issues other than routers in many homes, I would think.
Not that it means to get a router full of holes.

 

[Toy4x4]

I see you mention that brand a lot but I dont see very many (to none) offerings for the home. I certainly am not interested in enterprise equipment. I would expect with a limited line of consumer products that you will only see a fraction of the security issues vs companies with lines many times greater. Yet I am not doubting your knowledge at all.

I take reasonable (more than most the population) precautions with everyday name brand equipment, there are much, much better fish to go after than me. I always tend to buy a router after its been out 2ish years and price reductions due to the newest Wifi standard coming out when I am happy with ac, sure next one will be an AX, its unavoidable. Anyway, range is most important to me and why I hesitate to get rid of the MR2600, it's flawless in that regard. Enthusiasts would cringe at the limited UI of the router, heck it even upset me at first *LOL* but it does what it does very well.

My MR2600 is now out of production and for fun Im tempted to get a new router after having this one for three going on 4 years will be Nov 2024. This would be a preemptive move, I mean the thing has to fail sooner or later. Though I still have an older TPlink that I replaced as an emergency back up should it fail I could use it until buying a new one. (wife works from home so back up important)

I actually hesitate, its been so dead on reliable with incredible range and the price always boggled my mind, just always works, never needs reset, get within a few percent of the 300/300speed we pay for over WiFi throughout the house on so many devices I get tired of counting them. Therein I think is more concerning than the router. The devices themselves I see as a security risk. However I am not nor is it my field like yours so have no idea what I am talking about, expect Im more aware and informed then the Joe next door.

Anyway, not jumping into anything, might wait until Nov or whenever but I typically look to buy one standard+ older routers meaning $200 to $250 routers for around $130 to $160. when the "new" line up comes out. I find the Archer AX55 interesting which is stupid cheap right now at $94. The other extreme is the bargain priced Archer AX6000 but in reading it says it runs hot I think and not power efficient ... anyway, just a small sample of what I am looking at. I am not going to be roped into a subscription service by any router company. I read, I think NETGEAR it terrible about this, along with privacy concerns.

It's amazing how Antennas can make a router look beefy. *LOL*
https://www.amazon.com/TP-Link-AX60...7f0e984f1d56c4fb9ceb67914&language=en_US&th=1

Just to be clear, I like shopping the internet on days I am bored. I might not do anything at anytime and other times I do, like, back in 2022 when we had a new house built *LOL* and moved in 2023. (my wife jokes about it)

I've had the AX55 for a couple (few?) years, now. No issues. I don't have the amount of gadgets you have that use wifi (5). I got this to replace the ASUS that failed after about 8-9 years. No issues with streaming to my Nvidia Shield.

 

[OVERKILL]

I see you mention that brand a lot but I dont see very many (to none) offerings for the home. I certainly am not interested in enterprise equipment. I would expect with a limited line of consumer products that you will only see a fraction of the security issues vs companies with lines many times greater. Yet I am not doubting your knowledge at all.

Search for Cisco if you want to see a huge list, but Cisco patches them. Being consumer or not isn't really the problem big picture, it's whether these vulnerabilities get patched or not and with consumer gear at the price point it is sold, firmware upgrade support to deal with this stuff isn't high priority and support ends quickly, if any is provided at all. That's why TP-Link having a huge list of CVE's is problematic.

I take reasonable (more than most the population) precautions with everyday name brand equipment, there are much, much better fish to go after than me. I always tend to buy a router after its been out 2ish years and price reductions due to the newest Wifi standard coming out when I am happy with ac, sure next one will be an AX, its unavoidable.

The problem with this approach is that you are far more likely to either already be dead-ended for firmware/security updates after 2 years or close to it.

Anyway, range is most important to me and why I hesitate to get rid of the MR2600, it's flawless in that regard. Enthusiasts would cringe at the limited UI of the router, heck it even upset me at first *LOL* but it does what it does very well.

Well, nothing is stopping you from buying one of these consumer gateways and just using it as an access point with something a bit more robust handing NAT/PAT and firewall duty like a PFSense or OPNsense box.

Regarding Ubiquiti, they are definitely not Enterprise-grade, I'd call them "Prosumer" which is a term somebody else on here used and I'd agree with. You aren't getting Cisco/Juniper/Brocade/CheckPoint/Palo Alto grade equipment at the Ubiquiti price point, but there's nothing inherently wrong with that if you understand that going in.

For home users they make:
1. The Unifi Express
2. The Unifi Dream Router
3. The Unifi Dream Wall

They also make some higher power units like the UDM, variants of which both @Rand and myself own. These are rack mount.

 

[Rand]

I have heard the UDM (non pro) will be updated with wifi 7 and released relatively soon(no real timetable).. seems fairly ideal for your setup.

With current Unifi hardware they have large rackmount gear $$$ although the udm pro was 279 black friday.. its current 379 is abit pricy for no POE, no AP and 1gbit wan.
the UDR(unifi dream router) is ok as long as you dont need more than 500mbits internet through IPS/IDS It irritates me it was in prerelease for 99$ and I didnt buy a couple.

The express has no IPS/IDS otherwise it would serve fine as a router and AP.

I'm installing a UDM PRO SE tomorrow with 3 waps. but the price on that setup is about $1000 with 2 U7-pro waps.
The SE is pretty futureproof with 3.5GBIT/s IPS/IDS, 2.5gbit wan 2x 10gbit sfp+ ports and an 8 port POE switch (6x poe 2x poe+)


Disclaimer: need coffee..

 

[alarmguy]

Search for Cisco if you want to see a huge list, but Cisco patches them. Being consumer or not isn't really the problem big picture, it's whether these vulnerabilities get patched or not and with consumer gear at the price point it is sold, firmware upgrade support to deal with this stuff isn't high priority and support ends quickly, if any is provided at all. That's why TP-Link having a huge list of CVE's is problematic.

The problem with this approach is that you are far more likely to either already be dead-ended for firmware/security updates after 2 years or close to it.

Well, nothing is stopping you from buying one of these consumer gateways and just using it as an access point with something a bit more robust handing NAT/PAT and firewall duty like a PFSense or OPNsense box.

Regarding Ubiquiti, they are definitely not Enterprise-grade, I'd call them "Prosumer" which is a term somebody else on here used and I'd agree with. You aren't getting Cisco/Juniper/Brocade/CheckPoint/Palo Alto grade equipment at the Ubiquiti price point, but there's nothing inherently wrong with that if you understand that going in.

For home users they make:
1. The Unifi Express
2. The Unifi Dream Router
3. The Unifi Dream Wall

They also make some higher power units like the UDM, variants of which both @Rand and myself own. These are rack mount.

Appreciate the long reply. Most this stuff over my head. I am your typical consumer which I would like to believe much more knowledgable than Joe next door but no/where near prosumer as you call it or should I say security concerns of an enterprise or prosumer. I do have an acquaintance very close to me that does an incredible amount of IT work for the USPS. Im talking big scale as setting up entire new buildings and all the computers/systems and laptops that go with it. I missed my calling, love the stuff and he LOVES his occupation.
I did look at the dream routers before your reply. Not what I am looking for in price but more important range.

I honestly feel if someone wants to break into my wife and I own little internet world here they will hove a harder time than Joe next door and for what reason? They can do much better than me *LOL* Furthermore I am sure all the electronics in my home have far more security holes than any popular name brand router, as routers tend to make front page electronic news if they have a security issue.

So that brings me to Tp-Link series, Archer 55 pro at a min, to Archer AXE75 and possibly the older Archer AXE 6000
Im in no rush but most likely will change in the fall after the current MR 2600 will have been running for 4 years straight now. But it's kind of cool not to be in a rush and have fun looking.
I only mention Tp_link because our past TP Link Archer C7 AC1700 provided many years ( I think 4) of reliable service before the Current Motorola MR2600 and it still sits in my closet as a back up incase a failure by the MR 2600.

Im not stuck on the TPlink brand but price performance reviews are hard to beat. But now in today's world, Im more annoyed at the fact that many router companies are requiring personal information for the privilege of buying their router!
Im not sure the extent, I think most its jsut if you want to use an app on your phone. Ill never use a phone app for my router so not a concern but I do want a fair to good UI to use on my computer. From what I read or what I think, you wont take a bit hit with TpLink if you choose to not give away your information.

 

[Rand]

Appreciate the long reply. Most this stuff over my head.

Its not you vs your neighbor
Doubt anyone is wardriving around your house

its whatever 10million addresses their botnet scanned and came back as vulnerable.
So theoretically it would be you your neighbor and 1000 other people near you that all get owned and turned into botnets.
for DoS attacks
worst case scenario they get RATs/keyloggers on your computers and have all your passwords etc.

I had 3 consumer level routers in a row get abandoned by the manufacturer very quickly. buffalo 1900, tplink a2300, and a linksys.

Best you can do with consumer gear is buy new model so it gets updates for a year or 2.

 

[alarmguy]

Its not you vs your neighbor
Doubt anyone is wardriving around your house

its whatever 10million addresses their botnet scanned and came back as vulnerable.
So theoretically it would be you your neighbor and 1000 other people near you that all get owned and turned into botnets.
for DoS attacks
worst case scenario they get RATs/keyloggers on your computers and have all your passwords etc.

I had 3 consumer level routers in a row get abandoned by the manufacturer very quickly. buffalo 1900, tplink a2300, and a linksys.

Best you can do with consumer gear is buy new model so it gets updates for a year or 2.

Yeah, I get it and understand. My point is there are many more older and never updated routers vulnerable in a world with billions of people I and most others are just chump change. In the USA alone the router market is estimated at 15 billion. I use and change out routers every 4 years or so anyway there are many worse things that can happen to me walking out the front door of my home.
I do think it's smart keeping routers updated and changing them out for preventive reasons after running for so many years non stop anyway. Plus it's fun. I do think we are at a level now that it's becoming overkill (no pun intended*LOL*) for someone with residential service. Except for people like me who want a router with consistent full speed of my provider whether I notice it or not in almost every corner of the home and any outdoor Wifi Cameras at least enough that performance isnt degraded.

I think range is key more than anything for me personally.

 

[OVERKILL]

Appreciate the long reply. Most this stuff over my head. I am your typical consumer which I would like to believe much more knowledgable than Joe next door but no/where near prosumer as you call it or should I say security concerns of an enterprise or prosumer. I do have an acquaintance very close to me that does an incredible amount of IT work for the USPS. Im talking big scale as setting up entire new buildings and all the computers/systems and laptops that go with it. I missed my calling, love the stuff and he LOVES his occupation.
I did look at the dream routers before your reply. Not what I am looking for in price but more important range.

I honestly feel if someone wants to break into my wife and I own little internet world here they will hove a harder time than Joe next door and for what reason? They can do much better than me *LOL* Furthermore I am sure all the electronics in my home have far more security holes than any popular name brand router, as routers tend to make front page electronic news if they have a security issue.

So that brings me to Tp-Link series, Archer 55 pro at a min, to Archer AXE75 and possibly the older Archer AXE 6000
Im in no rush but most likely will change in the fall after the current MR 2600 will have been running for 4 years straight now. But it's kind of cool not to be in a rush and have fun looking.
I only mention Tp_link because our past TP Link Archer C7 AC1700 provided many years ( I think 4) of reliable service before the Current Motorola MR2600 and it still sits in my closet as a back up incase a failure by the MR 2600.

Im not stuck on the TPlink brand but price performance reviews are hard to beat. But now in today's world, Im more annoyed at the fact that many router companies are requiring personal information for the privilege of buying their router!
Im not sure the extent, I think most its jsut if you want to use an app on your phone. Ill never use a phone app for my router so not a concern but I do want a fair to good UI to use on my computer. From what I read or what I think, you wont take a bit hit with TpLink if you choose to not give away your information.

If you have an old computer kicking around that you could slap another NIC in, you could offload the gateway function to PFSense or OPNsense and just use the new unit for WiFi (turn it into a glorified access point). That way you don't need to worry about any personal information being shared.

On your "electronics being more vulnerable" posit, the problem is that none of those things are directly facing the internet, they are behind the consumer gateway. This is why it's always prudent to turn off services that automatically forward ports, like UPNP for example, so that you don't have anything behind the perimeter exposed. So, unless the device has a mechanism for exploitation that isn't the internet, the traffic still has to go through your gateway.