Connecting Switches to Router

Okay, so the connection as a whole is more stable because the router is more stable?

Statements about connection stability usual refer to the WAN dropping (or not as the case may be), and that's something that shouldn't have changed.
 
So other than my setup being a bit sluggish when I'm pumping loads of data through it concurrently, I have had absolutely no stability issues with the Asus router. In fact the most unstable thing since this network started taking shape in April 2014 has been Virgin Media's service. I think the total downtime of the broadband has been around 3 days (over ~2.5 years).

Even with power cuts etc, the black thing at the bottom of the cabinet is a UPS so everything in there stays running for about 45 mins (cameras and all).

Damn you guys though... as I'm writing this I feel like I want to upgrade this. However when I tend to do that I go all out and do everything, which unfortunately I can't at the moment due to all £ going towards the wedding. Maybe towards the end of next year I will go down the 10GbE switch (consolidated to one really good one) route, as well as a newer NAS etc.


Another point to note, I've been reading that because I've just moved to Virgin's VIVID 200 Gamer package (200Mbit down and 20Mbit up) fron the original VIVID 200 and happen to be running Shibby's Tomato on the Asus, it will struggle. I need to go back to their stock or Merlin. People have done tests and throughput is faster with the other firmwares.

:D
 
Last edited:
If the DS1813+ is for the CCTV, why not move it on to the DLink?
If you are using it for files for your network, why not just use the DS414 for CCTV smd set up a nightly backup job?
I would also move the mybook onto DS414

Out of curiosity, have you tried unplugging all but one network connection from the DS1813+ and run the tests?

Don't go making DMZs, I don't, even for testing. As for leapfrog attacks, I have no idea how that fits in.
 
If the DS1813+ is for the CCTV, why not move it on to the DLink?
If you are using it for files for your network, why not just use the DS414 for CCTV smd set up a nightly backup job?
I would also move the mybook onto DS414

Out of curiosity, have you tried unplugging all but one network connection from the DS1813+ and run the tests?

Don't go making DMZs, I don't, even for testing. As for leapfrog attacks, I have no idea how that fits in.

The second NAS is just running JBOD and is simply a backup of the primary one (and in another part of the house). In order for it to do a proper service, I would need to change the RAID configuration, get a UPS for it etc... or I put it inside the cabinet but then lose the separate backup.

Before anyone tries to be smart, I know a "proper" backup is actually offsite etc, but this works for me and doesn't cost too much.



/Edit: Nearly everything on the network is accessible from the WAN... some things by their counterpart phone applications (my cameras feed into Synology's Surveillance Station but I can access each one individually as well), others via a VPN running on the NAS and very very few things directly. Where possible I use https with my own certs.
 
Last edited:
Okay, so the connection as a whole is more stable because the router is more stable?

Statements about connection stability usual refer to the WAN dropping (or not as the case may be), and that's something that shouldn't have changed.

Well according to my TBB graph the WAN connection looks better, slightly less jitter compared to before.
 
Another point to note, I've been reading that because I've just moved to Virgin's VIVID 200 Gamer package (200Mbit down and 20Mbit up) fron the original VIVID 200 and happen to be running Shibby's Tomato on the Asus, it will struggle. I need to go back to their stock or Merlin. People have done tests and throughput is faster with the other firmwares.

:D
My recommendation is not to make too many internal changes but to take away some of the load on the router. I know as a matter of fact having the RT-AC88U model (much better cpu and more ram than the 66U model) that they can really struggle when all the options are enabled for security AND if you have special routing and ESPECIALLY VPN etc - it's all going to take its toll on the poor router.

Sticking in a UTM (i.e. Sophos or Pfsense) won't break the bank - mine cost me £160 for an imported dual-nic NUC from china (from the forest). Best move I've ever made moving away from relying on consumer-grade routers. Any old PC will also do, check out Sophos - its free for home users with the only limit being it can only be used on up to 50 ip addresses which is usually enough for most home users (I use up about 27 in total - including devices, servers, ap's and switches). oh and the security benefits you will gain as a result (especially bearing in mind how much stuff you have externally accessible).
 
Edgerouter Lite is under £100 and a fantastic bit of kit.

compared to a dedicated UTM/firewall/dhcp server no consumer grade router can hold up in feature sets and performance. OP has a performance issue with the router which is clearly visible as it's pumping through data and not allowing devices to connect to the admin pages in a timely fashion (This is clearly a performance issue with the router -I've experienced this also and my setup is nowhere near as big or as complicated as OPs)

I doubt very much a 'edgerouter' is going to be able to cope with all the routing, vpn, security etc loads he requires.

Also note they aren't as secure as some peeps make out: http://www.securityweek.com/flaw-allows-hackers-find-ubiquiti-devices-exposed-web

Thats the problem with consumer-grade kit - hackers and botnets target these as they aren't always up to date with the latest firmware and manufacturers aren't as keen to patch their products as quick as specific security vendors.
 
Last edited:
compared to a dedicated UTM/firewall/dhcp server no consumer grade router can hold up in feature sets and performance. OP has a performance issue with the router which is clearly visible as it's puming through data and not allowing devices to connect to the admin pages in a timely fashion.

I doubt very much a 'edgerouter' is going to be able to cope with all the routing, vpn, security etc loads he requires.

On the contrary it can, maybe look up the specifications and reviews of it before dismissing it.
 
What part of consumer-grade do you not understand dooksy?

The ubiquiti is JUST a router - nothing else. If the OP had a relatively small network and didn't know what he was doing then yeah I'd say go for it. It's better than nowt, BUT he is more than capable and technical enough and willing enough to do it all properly.

Whilst the ubiquiti can handle up to 1Gb/sec traffic - it's limited in its VPN use, and I can easily see that killing the performance bearing in mind the OP's traffic.

Glad its working good for you dooksy - but I personally think it's not suitable for the OP's advanced network configuration.
 
Ubiquiti is not aimed at the consumer market. It is not aimed at a regular home user with minimal network experience, you need some knowledge to get it set up as it's not as easy as for example an Asus router.

Advanced? :D He's downloading from the internet and then copying data to a NAS, with some cameras thrown in. That's not that advanced. I run similar, including OpenVPN, and it all works like a dream. Using the lowly Edgerouter Lite.

I'm glad that your Chinese imported enterprise-grade PC running whatever is working for you.
 
Ubiquity is a great wireless solution but that is about all.

Far better products out there, capable of a lot more. The fact he can saturate a gigabit link shows the OP is not just a 'web browsing' average end user - anyways up to him which choice he wants to make. The basic gist is his consumer-grade router is struggling with the task at hand.

Ubiquiti are over-rated in my experience - good for wireless AP's, that's about it.
 
'Advanced' ? It's two switches on the same IP range.

Which thread are you reading friend?


-edit
https://dl.ubnt.com/Tolly212127UbiquitiEdgeRouterLitePricePerformance.pdf

It slams the Juniper J6350 and Cisco 3925 (both RRP over £5000)

Agree his network topology etc isn't exactly advanced but his use case is. I'm sure you'll agree VPN access, twin servers, large amount of devices is more than what an 'average' user will have.

Whilst I have no doubt the ubiquiti router is a great piece of kit for its price range, there's more to networks than just routing. A proper UTM solution will give him the security he needs for his servers too (i.e. reverse proxy/web protection) hence my recommendation. It can also scale according to his network growth - he can simply upgrade the hardware on the UTM (beefier ram, cpu etc) quite easily to accommodate more devices/throughput etc.

Yes the downside is that it all has to be configured but once setup its a far superior solution to utilizing a consumer-grade product.

I'll be honest with you all - Reason I moved to a UTM solution was the pace of updates with consumer-grade routers was appalling (been through about 5 routers in the past 2 years, most manufacturers more interested in selling new kit than supporting existing kit). Take for example the XSS cross-site scripting bug identified back in February 2015 on the ubiquiti (and many other routers) - it took them till April 2016 to fix this vulnerability. Got sick of waiting for updates whilst peeps were busy hacking my NAS box (or attempting to!). These 'linux' based UTM's do a much better job of keeping up to date with addressing vulnerabilities and provide better security overall for devices presented out to the web.

All comes down to the OP, if he wants an easy yet consumer-grade style router or something more advanced. Your choice bud. gl and hf :)
 
Agree his network topology etc isn't exactly advanced but his use case is. I'm sure you'll agree VPN access, twin servers, large amount of devices is more than what an 'average' user will have.

Not really.. ERL isn't aimed at 'average home user', it's a business grade router.

This thread has gone way off track now, sorry OP.
 
Well what I originally set out to ask was answered by post 18 so happy to just sit back and read what else I could do with all this. I hadn't heard of Ubiquity before so always interesting to read about other popular products etc.

I don't think I will be upgrading any of the hardware until about this time next year, and by then will probably be looking at 10GbE stuff :)
 
You should be getting 110MB/s transfer speeds on your current hardware (on LAN)

That's MB not Mbps (ie 110MB/s is roughly 1000Mbps (gigabit speeds))
 
You should be getting 110MB/s transfer speeds on your current hardware (on LAN)

That's MB not Mbps (ie 110MB/s is roughly 1000Mbps (gigabit speeds))

When there is not much going on concurrently, I get around 90MB/s from my PC to the NAS... and that is what I would expect anyway :)

I had a quick Google for 10GBase-T (RJ45) switches and they seem to be quite pricey. Would then need to replace the NASs too so definitely not one for now :o
 
Back
Top Bottom