You are right. Need more coffee.nope you’re wrong on that, I guess you have not read through the thread. This is my first post in here,
Post in thread 'Your Choice for Router in 2023'
https://bobistheoilguy.com/forums/threads/your-choice-for-router-in-2023.370217/post-6527886
Your Choice for Router in 2023
- Thread starter john_pifer
- Start date
Can that Unifi Dream Router be used as the basis of a mesh network by adding a few APs?
OVERKILL
$100 Site Donor 2021
I know my UDM can, that's a good question, I'll have to check.
OVERKILL
$100 Site Donor 2021
That's not clear in our communication FWIW
OK, and your point in mentioning this is what? You know how many botnets are out there? How many people are blissfully unaware that they've been compromised? TP-Link is a Chinese company, as @Rand has mentioned. They'd be the last people I'd be trusting on the perimeter of my network, but you are free to do you, as I've learned from the numerous exchanges on here, once you've got your mind set on something, nothing is going to change that.
CVE's:
Netgear: 1,142
TP-Link: 332
ASUS: 249
Linksys: 128
Netgear makes a ton of equipment, and has been around a very long time, their oldest CVE is from 2001. TP-Link's oldest CVE is from 2012. I don't see any really spicy ones for Netgear that are recent, same with Linksys. The most recent ones for Linksys apply to ancient devices.
The latest TP-Link CVE is from March 5th, 2024:
Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious JavaScript payload within that rule, which could result in an execution of the JavaScript payload when the rule is loaded.
Or how about this one from January 4th, 2024:
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX3000 firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115", Archer AX5400 firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115", Archer AXE75 firmware versions prior to "Archer AXE75(JP)_V1_231115", Deco X50 firmware versions prior to "Deco X50(JP)_V1_1.4.1 Build 20231122", and Deco XE200 firmware versions prior to "Deco XE200(JP)_V1_1.2.5 Build 20231120".
This ASUS one from February 19th, 2024 is a real banger:
A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet.
The question isn't whether vulns will exist in these other brands, they will, it's the nature of all network gear. It's whether they are:
A. Easily exploited
B. Going to be patched
Tying into "B" there, does the device do automatic firmware updates? Because Joe Average home user isn't going to be manually checking. In the more commercial space, this has been a huge issues with Fortinet, people running ancient firmware and their firmware being full of holes.
That's folly. Just because they are old doesn't mean they are more susceptible. CVE's that apply to newer devices often DON'T apply to older devices because they are running older generation firmware that doesn't have those same issues or lack the feature that the vuln is present in. For the same reason Ubuntu server ships with a 5-series kernel while 6/7 series are "current", "relatively recent" is not inherently better, particularly if the brand has spotty security and QC history.
Yes, you've made it abundantly clear that you are "not concerned". I work in the industry, I'm quite concerned, if I wasn't concerned, I wouldn't be doing my job.I’m not concerned other than to have a relatively recent router and I do believe the more popular brands and models will have issues discovered much more rapidly than lesser sold models.
But then again, I ride a motorcycle too
I have no problem if somebody wants a prosumer as you call it device. Those devices are very limited.
You'll have to explain to me your statement that prosumer devices are "very limited", because as presented, it makes no sense.
OVERKILL
$100 Site Donor 2021
Yes it can:
WiFi QoS with UniFi APs Application
It has built-in PoE ports too, so you could power the AP's right off the unit.
Thanks.
Looks like UDM has more robust hardware to handle faster broadband speeds. If you were to buy today, would you choose UDM or UDR?
OVERKILL
$100 Site Donor 2021
I have the UDM-SE, which is a rack-mount unit with a 2.5Gbit uplink and two SFP+ ports. I currently have 1.5Gbit fiber, so I'd go that route again basically out of necessity. I've already got a 10Gig-E SFP+ on back order, lol.
I know all about coffee and also Siri voice to text in the morning which doesnt get much of anything right for me. I get it *LOL*
I got that from your recommendation of very few routers limited to the Dream Unit and one other, so all I saw from you were 2 units from one company.
I appreciate your input the way it starts out and like to read up on things but now you are getting personal again as you have done so many times, so I will leave it be. Last thing I care to read in here of all places, insignificant place no less.
Last edited:
OVERKILL
$100 Site Donor 2021
From Ubiquiti, who doesn't REALLY do Enterprise. From other brands, anything aimed at the SMB/SOHO market or Teleworker also fits in the same category, so the Meraki Z4, SonicWall TZ250W, CheckPoint Quantum SMB, Fortigate 40F/60F/70F/80F, Netgate 1100/1200 (pfSense)...etc. Ubiquiti gives you a lot of "bang for buck" which is why they are mentioned most often in the context of what we are calling "prosumer" options here.
If this place is so insignificant to you, why are we even having this conversation?
Not to dwell on you feeling singled out, but I think it important to mention that I fully appreciate that you have absolutely no idea how frustrating you are to interact with, which means these conversations frustrate me far more than they do you. You are very much like a dog with a bone once you've formed an opinion, regardless of how shaky the foundation for that opinion may be. Be it hydrogen, LG appliances or network gear, your opinion, promotion/advocacy, liberal use of hand waving and dismissal of what others are saying ("I'm not concerned" is a favourite) is grating.
When we are interacting, provided of course you plan on doing so again in the future, given how "insignificant" this place is to you, I would greatly appreciate it if you didn't try to placate me with "I agree, but" and other sweet nothings trying to downplay and dismiss while maintaining a facade of civility. If you've got a counter-point to make, do so, if you don't, then cede that fact and move on.
And I fully appreciate that I probably come off like a d*** sometimes, I'm OK with that.
are you using the incorrect form of mesh meaning roaming or the actual mesh with wireless backhaul only.
The answer to both is yes. with unifi ap's but it also has poe on 2 ports so you could do wired backhaul with 2 of the lower powered WAP's such as the 6-lite and 6-plus
For the best wireless backhaul you would want the more powerful units such as the 7-pro
The slightly anemic 6-lite tops out around 400mbits.
but are you chasing a speedtest or just want good coverage and plenty of speed.
edit I see this was answered.. a bunch of posts didnt populate when I first read this thread. oops.
So depend on your budget.. and the anticipated network speeds.
The udr will do gigabit without the IDS/IPS turned on.
which the express doesnt support .. so between those 2 options the UDR is much more versatile.
I think more exciting is the upcoming release of the updated UDM "Base" (=Non pro)
That would be the top choice for most people once its out.
The UDM pro is ok if you could find it for less than $300 imo. Its the same hardware as the SE as far as processor/ram etc.. and quite capable
What you get for another $120 with the UDM PRO SE is 2.5gbit wan without having to use a 10gbit sfp+ slot, 8port poe switch.
This gets quite pricy when they dont include a WAP.
You could literally plug in the UDR and get the same thing for $99 when it was released although with lower performance limits.
Last edited:
Just want good coverage and good speed, wireless backhaul.
a u6-plus is fairly equivalent to the built in WAP on the UDR. you would need a poe injector sold separately.
The UDR is currently overpriced It dropped as 99(very cheap), and it now continuously sells out at $199 from the manufacturer so there is a reseller market with markups currently.
I wouldnt buy a UDR if you have gigabit internet and are interested in running the IDS/IPS
500mbit and lower it will be fine.. or if you dont run the IDS/IPS it will easily do gigabit due to hardware offloading.
You will lose aprox half your speed if you do wireless backhaul. but do you need 400mbits on your phone?
there are higher performance consumer grade gear options that are cheaper.. just how much do you care about security.
Wireless backhaul is not esp. performant on lower tier unifi waps.. Some consumer gear has 3 radios one dedicated to backhaul.
Last edited:
Update - Its a keeper, Window to return is close if not past. $79 to renew a router that was running the last 3.5 years works for me.
Downloads on the new router exceed my 300 download speed but interestingly uploads seem to decline on this computer.
I did these two tests from the most challenged part of our house. 3 walls from the router including my Mac behind that laundry room wall that has a dryer and washer on the other side. This router exceeds the download speed in on this particular computer compared to the Motorola MR2600 in its location but the uploads are a little slower from this computer.
Yet in another part of the house it's consistent on my MacBook Air. My Motorola was more consistent at my desktop described at slightly slower download speed above unless something changed. But the TPlink faster all around other places. Also 5g range outside the house is a bit better.
The router main purchase point was to replace the Motorola MR 2600 that was in use for a while now. The MR2600 was a range beast in our other 3000 sq ft home. I cant compare that range now that we are in a new downsized home.
The tests are to confirm this one performs just as good to better and of course nice to see I can beat the speed test site if only by a little. Not that I am going to notice anything, would like to believe it feels a hair more "snappy" but sure it's my imagination.
No Hiccups, no resets, everything seamlessly works including all smart devices. All in all, I guess safe to say works as good or better than the last one and with 300/300 service either router was/is fine.
Mac Desktop 1st photo, 2nd photo MacBook Air in another location of the house. My internet service is 300/300
Downloads on the new router exceed my 300 download speed but interestingly uploads seem to decline on this computer.
I did these two tests from the most challenged part of our house. 3 walls from the router including my Mac behind that laundry room wall that has a dryer and washer on the other side. This router exceeds the download speed in on this particular computer compared to the Motorola MR2600 in its location but the uploads are a little slower from this computer.
Yet in another part of the house it's consistent on my MacBook Air. My Motorola was more consistent at my desktop described at slightly slower download speed above unless something changed. But the TPlink faster all around other places. Also 5g range outside the house is a bit better.
The router main purchase point was to replace the Motorola MR 2600 that was in use for a while now. The MR2600 was a range beast in our other 3000 sq ft home. I cant compare that range now that we are in a new downsized home.
The tests are to confirm this one performs just as good to better and of course nice to see I can beat the speed test site if only by a little. Not that I am going to notice anything, would like to believe it feels a hair more "snappy" but sure it's my imagination.
No Hiccups, no resets, everything seamlessly works including all smart devices. All in all, I guess safe to say works as good or better than the last one and with 300/300 service either router was/is fine.
Mac Desktop 1st photo, 2nd photo MacBook Air in another location of the house. My internet service is 300/300
Last edited:
Call Comcast to see if they upgrade the modem for free.
Before buying.
You need at least a Arris 6180 or equivalent may be even newer.
JHZR2
Staff member
Curious if the ubiquiti express gateway, router and wifi in one:
Is this a functional equivalent in terms of gateway HW/SW/etc. to the gateway ultimate? Or is it possible that the ultimate has better/newer internal components somehow to be more “future proof” since it is “new”.
Getting one piece of hw, vs connecting a new gateway ultimate to an existing AX router/wifi is of interest to me.
Is this a functional equivalent in terms of gateway HW/SW/etc. to the gateway ultimate? Or is it possible that the ultimate has better/newer internal components somehow to be more “future proof” since it is “new”.
Getting one piece of hw, vs connecting a new gateway ultimate to an existing AX router/wifi is of interest to me.
Last edited:
OVERKILL
$100 Site Donor 2021
Is there an outdoor rated one? I have almost no signal outside since it's a metal building.
OVERKILL
$100 Site Donor 2021
HP Aruba makes outdoor rated access points.
as does unifi but I'd pass unless you are going all unifi gear.. their outdoor AP is a dated wifi 5ac.. although I do get 5ghz signal 200ft away from it.
and 2.4 even farther. costs around $100 Set one up for a solar powered birdhouse with camera.
Similar threads
