[SOLVED] seeking advice on new wired router for home LAN

[Megunticook]

I have a simple home network consisting mostly of CAT5e ethernet cable/ports distributed throughout the house. ISP is Spectrum, from the cable modem (new 3.1 DOCSIS they provided with internet/voice service) a CAT5e runs to a wired router (NETGEAR ProSafe™ Gigabit 8 Port VPN Firewall FVS318Gv2).

Been having some sporadic performance issues but a speed test when plugged directly into the modem is fast, 120/10 Mbps, vs. more like 60/10 on the LAN. Thinking this router which I got about 5 years ago should be replaced (it wasn't state of the art when I bought it). I'm guessing that's where the bottleneck is.

Would the Cisco RV260 be a decent upgrade?

I'm not a networking expert but run a home-based business plus my wife works from home and 2 sons are remote schooling. One of them likes playing games online. There might be 3 simultaneous users streaming video at any one time. So I don't need crazy performance but would like to maximize my setup.

Any thoughts on the Cisco unit or other recommendations would be welcome. Was also considering Ubiquiti Edge Routers. Looking to have 8-12 LAN ports so I can distribute signal to every room in the house.

Probably don't need the VPN but you never know. Am not afraid of learning/configuring the device to get maximum security and performance--so a robust admin. interface would be welcome.

As far as budget, not looking to spend hundreds but fine paying for quality.

Thanks for any tips.

 

[kanewolf]

I have a simple home network consisting mostly of CAT5e ethernet cable/ports distributed throughout the house. ISP is Spectrum, from the cable modem (new 3.1 DOCSIS they provided with internet/voice service) a CAT5e runs to a wired router (NETGEAR ProSafe™ Gigabit 8 Port VPN Firewall FVS318Gv2).

Been having some sporadic performance issues but a speed test when plugged directly into the modem is fast, 120/10 Mbps, vs. more like 60/10 on the LAN. Thinking this router which I got about 5 years ago should be replaced (it wasn't state of the art when I bought it). I'm guessing that's where the bottleneck is.

Would the Cisco RV260 be a decent upgrade?

I'm not a networking expert but run a home-based business plus my wife works from home and 2 sons are remote schooling. One of them likes playing games online. There might be 3 simultaneous users streaming video at any one time. So I don't need crazy performance but would like to maximize my setup.

Any thoughts on the Cisco unit or other recommendations would be welcome. Was also considering Ubiquiti Edge Routers. Looking to have 8-12 LAN ports so I can distribute signal to every room in the house.

Probably don't need the VPN but you never know. Am not afraid of learning/configuring the device to get maximum security and performance--so a robust admin. interface would be welcome.

As far as budget, not looking to spend hundreds but fine paying for quality.

Thanks for any tips.

Are you picking those routers because you NEED a VPN client on the router ?
A $100 WIFI router (with the WIFI turned off) will handle everything you described.

 

[SamirD]

I have worked with both the Netgear FVS and Cisco RV series routers. These are entry level smb routers with features like vlan and ipsec vpn tunnels. If you don't need these features then a regular consumer router will be fine. And if you do need these features, a ubiquiti unit will be much better overall.

 

[Megunticook]

Don't really need the VPN...just want security and performance.

I have an Asus wifi router I could use but it only has 4 LAN ports.

 

[SamirD]

Don't really need the VPN...just want security and performance.

I have an Asus wifi router I could use but it only has 4 LAN ports.

The security of NAT that is in every router from $100 to $10,000 protects the exact same way and blocks all incoming traffic unless it is explicitly allowed (upnp needs to be disabled as it can open stuff without asking you). So your Asus is just as good as any other for the basic stuff. And frankly, the Asus has better firmware updates and is less of a target since business class equipment and businesses are bigger targets than individuals.

As far as the 4 LAN ports, you can connect an unmanaged switch and add as many ports as you want. I have a 48 port one connected to my router.

 

[Megunticook]

Thanks for the explanation of security.

What about performance? Is a cheap entry-level consumer router going to be noticeably slower than something like that Cisco RV260 or a similar Ubiquiti?

The Asus Router I got recently is the RT-AC66U B1 Wireless-AC1750 Dual-Band Gigabit Router. If you think this would perform well in my situation, maybe I'll just go direct from the cable modem to the Asus, then install an unmanaged switch downstream from one of the Asus LAN ports and distribute signal throughout the house that way.

 

[kanewolf]

Thanks for the explanation of security.

What about performance? Is a cheap entry-level consumer router going to be noticeably slower than something like that Cisco RV260 or a similar Ubiquiti?

The Asus Router I got recently is the RT-AC66U B1 Wireless-AC1750 Dual-Band Gigabit Router. If you think this would perform well in my situation, maybe I'll just go direct from the cable modem to the Asus, then install an unmanaged switch downstream from one of the Asus LAN ports and distribute signal throughout the house that way.

Not for what you have described. "Cheap" routers still do all the data flows in hardware. UNLESS you choose to enable a feature that prevents that. If you choose to enable a feature like intrusion detection (on Ubiquiti) then the CPU on the router has to be involved. That lowers performance. 100 Mbit WAN performance can generally be handled by any router with gigabit WAN and LAN ports.

 

[Megunticook]

OK, thanks, I'll go direct into the Asus router and see if speeds pick up at all.

 

[kanewolf]

OK, thanks, I'll go direct into the Asus router and see if speeds pick up at all.

Do a factory reset on the Asus, I recommend using Merlin firmware. Even though your AC66U is end of support, there is a version available -- https://www.asuswrt-merlin.net/

 

[SamirD]

Thanks for the explanation of security.

What about performance? Is a cheap entry-level consumer router going to be noticeably slower than something like that Cisco RV260 or a similar Ubiquiti?

The Asus Router I got recently is the RT-AC66U B1 Wireless-AC1750 Dual-Band Gigabit Router. If you think this would perform well in my situation, maybe I'll just go direct from the cable modem to the Asus, then install an unmanaged switch downstream from one of the Asus LAN ports and distribute signal throughout the house that way.

You're welcome.

As far as performance, with your use case I would say no. Any router that is designed for gigabit wan to lan speeds (most new ones today are) should easily take care of any traffic you have.

I would most definitely try the asus as it should be fast enough to handle everything. Just remember that if you're using this for wifi too, that can affect performance, but not likely in your use case.

 

[SamirD]

OK, thanks, I'll go direct into the Asus router and see if speeds pick up at all.

You mention 'speeds pick up at all'--is there a problem in your current setup?

 

[Megunticook]

You mention 'speeds pick up at all'--is there a problem in your current setup?

Spectrum guy tested at the modem and got 120/10 Mbps. When I test my LAN I average 50/10 and rarely break 100. And given the age and price point of the Netgear router I had in there, suspected that maybe there was an issue with it.

 

[Megunticook]

Just remember that if you're using this for wifi too, that can affect performance, but not likely in your use case.

OK, so if I use it for wifi that would (or "could") degrade performance for the clients on the wired ethernet LAN?

Reason I originally got the Wifi was to allow phones and iPads in the house to get online easily. The ASUS router was just installed on one of the 8 LAN ports on the Netgear router.

Maybe I should stick with that configuration and replace the Netgear with a newer/better router.

 

[SamirD]

Spectrum guy tested at the modem and got 120/10 Mbps. When I test my LAN I average 50/10 and rarely break 100. And given the age and price point of the Netgear router I had in there, suspected that maybe there was an issue with it.

Ah yes, I remember this issue. I had a similar issue with the FVS318N, which is simply a FVS318G with wifi built-in. After many years, I finally found a firmware version that unlocked its full potential. It can hit nearly 500Mbps. So you may not need to do anything except upgrade the router's firmware to unlock your speeds.

 

[SamirD]

OK, so if I use it for wifi that would (or "could") degrade performance for the clients on the wired ethernet LAN?

Reason I originally got the Wifi was to allow phones and iPads in the house to get online easily. The ASUS router was just installed on one of the 8 LAN ports on the Netgear router.

Maybe I should stick with that configuration and replace the Netgear with a newer/better router.

So what can end up happening is the processor gets so bogged down with processing all the wifi that it starts to be not available for the wired ethernet traffic, causing issues. This only happens if you really, really hammer it (almost like an attack on it), so generally you won't see this being an issue.

I think your current setup is ideal. It's actually almost like the setup I have at one of my sites, except it's an FVS318N and a TP-Link Archer c5 as an access point. I would upgrade the firmware and see if that doesn't open it up.

 

[Megunticook]

Ah yes, I remember this issue. I had a similar issue with the FVS318N, which is simply a FVS318G with wifi built-in. After many years, I finally found a firmware version that unlocked its full potential. It can hit nearly 500Mbps. So you may not need to do anything except upgrade the router's firmware to unlock your speeds.

I'm afraid I have the latest firmware...upgraded it last several years ago, though, it's "end of life" and no longer supported. Last firmware from 2017.

 

[Megunticook]

So what can end up happening is the processor gets so bogged down with processing all the wifi that it starts to be not available for the wired ethernet traffic, causing issues. This only happens if you really, really hammer it (almost like an attack on it), so generally you won't see this being an issue.

Got it, not likely but possible.

I think your current setup is ideal. It's actually almost like the setup I have at one of my sites, except it's an FVS318N and a TP-Link Archer c5 as an access point. I would upgrade the firmware and see if that doesn't open it up.

Afraid I have the latest FW on the router. I'll swap in one of the Cisco RV260s and see how it does.

 

[Megunticook]

Well, I swapped in the Cisco RV260 this morning. Updated the firmware. Checked speed and ... 37 Mbps! Well, I guess that wasn't the best $170 I ever spent. Will do some more testing. I wonder why I'm not getting those 100+Mbps speeds that Spectrum is supposedly providing.

I suppose it's probably more secure to have a current router that's still supported with firmware updates rather than something that hasn't been update for 4 years.

Speaking of security, do I want to disable the PnP option?

And maybe I should start a different thread for this question, but what's the best way to place a time restriction on one device? Basically looking to shut down my son's game console at 10pm schoolnights, just so there's no temptation. Can I target a specific LAN port with a schedule? Or do I need to identify a device with a certain IP address?

Thanks.

 

[kanewolf]

Speaking of security, do I want to disable the PnP option?

I recommend disabling it. uPnP allows software to create port forwards silently. That means that security vulnerabilities are created silently. I prefer to manually create any port forwards. That way I know exactly what vulnerabilities I have.

 

[Megunticook]

I recommend disabling it. uPnP allows software to create port forwards silently. That means that security vulnerabilities are created silently. I prefer to manually create any port forwards. That way I know exactly what vulnerabilities I have.

Done, thanks.

 

[SamirD]

I'm afraid I have the latest firmware...upgraded it last several years ago, though, it's "end of life" and no longer supported. Last firmware from 2017.

The latest firmware wasn't the solution--it was a particular version that did it for me. It's on the netgear support community in a discussion thread about slow speeds.

 

[SamirD]

Well, I swapped in the Cisco RV260 this morning. Updated the firmware. Checked speed and ... 37 Mbps! Well, I guess that wasn't the best $170 I ever spent. Will do some more testing. I wonder why I'm not getting those 100+Mbps speeds that Spectrum is supposedly providing.

I suppose it's probably more secure to have a current router that's still supported with firmware updates rather than something that hasn't been update for 4 years.

Speaking of security, do I want to disable the PnP option?

And maybe I should start a different thread for this question, but what's the best way to place a time restriction on one device? Basically looking to shut down my son's game console at 10pm schoolnights, just so there's no temptation. Can I target a specific LAN port with a schedule? Or do I need to identify a device with a certain IP address?

Thanks.

Something is definitely wrong--you should have faster than that for sure if you got it new.

Not really. The same nat blocking everything.

YES. Disable upnp as it is a BIG security threat.

You can do it by port or IP depending on what is available.

 

[Megunticook]

Thanks...so what's the best way to troubleshoot the speed issue and isolate the source of the problem?

To test I've just been using the Ookla app. That reasonable?

I'll see if I can figure out how to set up time restrictions on one port or IP range.

 

[kanewolf]

Thanks...so what's the best way to troubleshoot the speed issue and isolate the source of the problem?

To test I've just been using the Ookla app. That reasonable?

I'll see if I can figure out how to set up time restrictions on one port or IP range.

A wired connection with as few devices as possible is the best way. Laptop with an ethernet cable. Start from the first device from the ISP (usually the modem). Temporarily connect the laptop. Use a browser and speedtest.net website. If that is good. Connect the next link in the network and repeat. Work outward like a tree. Trunk -> big branch -> branch -> little branch -> leaf -- Your laptop represents the leaf and the ISP feed to the house the trunk.

 

[SamirD]

Thanks...so what's the best way to troubleshoot the speed issue and isolate the source of the problem?

To test I've just been using the Ookla app. That reasonable?

I'll see if I can figure out how to set up time restrictions on one port or IP range.

I'm not sure as I would have expected the rv260 to run at full speed. You've already shown that the system is capable of faster speeds since you get them when directly connected.

I wouldn't use ookla. I would fast.com and dslreports.com/speedtest. I've found these to be the most reliable across different isps. I would also use your isp's speedtest site.

I wouldn't mess with any of that until the speed issue is fixed. With the bugs in the firmwares of these smb products, one setting can affect another.