I am currently in the market for some wireless access points and thought I’d get some suggestions here first. I am currently using some old eero pro’s as access points with a firewalla router. The firewalla isn’t old and I am happy with it so I am not looking to replace it with something at this time.

Are there suggestions for more privacy focused networking equipment? Or is that just a dumb question to ask?

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    14
    ·
    1 year ago

    For aps that are rock solid: Uniquiti and Mikrotek.

    If you just want to tinker then buy whatever openwrt supports locally. (Gli.net devices come preinstalled with openwrt)

    • ScoobyDoo27@lemm.eeOP
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      I’ll take a look at ubiquiti. I like to tinker but I don’t think my wife will like the internet cutting in and out while I try to figure out how to set it up or troubleshoot something.

      • railsdev@programming.dev
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        I have a Ubiquiti access point. Changing settings on the thing rarely impacts connected clients, and if it does it doesn’t take six years to restart like a typical all-in-one router/switch/AP.

        You’ll need their controller software, but I run this in Docker without issue. And if the controller goes offline the AP keeps going regardless.

        Ubiquiti in my mind is the Apple of networking. It literally just works and you won’t have to do tons of hacking to get it to do stuff.

  • tty5@lemmy.world
    link
    fedilink
    arrow-up
    10
    arrow-down
    1
    ·
    1 year ago

    TP-Link omada series - clones of ubiquity at half the price, can run openwrt if that’s your thing. I’ve got 6 of those including outdoor ones covering the yard

  • kn33@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Ubiquiti, but cut off from the Internet and manual upgrades if you’re worried about privacy

  • walden@sub.wetshaving.social
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    1 year ago

    Ubiquiti is a solid choice. They require controller software to set up. You can run it on your computer, in docker, etc. You don’t have to run it 24/7 if you don’t want.

    I have 3 different Unifi APs around the house and have no qualms with them. If I were going to replace them, I’d give Grandstream a serious look. They have built in controller software, or you can use their cloud management or run the software locally.

    • OminousOrange@lemmy.ca
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      I’ve got two Ubiquiti APs and the standard Dream Machine and am quite happy with them too. Sure, they’re not the cheapest option, but they’re quite feature rich and expansion within the ecosystem is very easy.

      • railsdev@programming.dev
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        And they let you run 2 GHz, 5 GHz on the same SSID which is such a small stupid feature that for some reason a lot of consumer-oriented devices disallow.

        (I know, supposedly it’s “bad” to do this because apparently there are some garbage WiFi cards that aren’t smart enough to seamlessly switch between the best option, but that’s never been the case for me. I prefer this to clumsily switching manually between the two whenever I move a device.)

  • meseek #2982@lemmy.ca
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    I have been nothing short of impressed with ASUS. I recently upgraded to an GT-AX6000 and it’s run circles around the other ones I’ve tried (TP Link AX5400 and Netgear). ASUS might also be one of the rare few that don’t gate features behind a subscription. Be wary of that.

    Also many need accounts to set up. Again, ASUS doesn’t.

    • railsdev@programming.dev
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I used to run ASUS and definitely agree. If Ubiquiti didn’t exist I’d go back to ASUS for residential networks.

  • citizen@sh.itjust.works
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    1 year ago

    If you want to look into enterprise grade equipment I recommend Ruckus with unleashed firmware. You can get older models r510 r610 from eBay for around 100-150 then flash unleashed by downloading it from official ruckus website. R610 requires more power so if you do PoE you need a switch that supports 802.3at 30w. R510 is less power hungry and suites most setups. You can do all sorts of network configurations with them. Meshing with other ruckus unleashed is supported. Guest portal, VLANs and client isolation. They are not the newest and don’t support wifi6 but are rock solid, support hundreds of devices and perform well in high congestion places. There are newer models but they are expensive r550 and r650. I used to recommend ubiquity equipment in the past but they are not the best for privacy focused deployment. Arguably the hardware of ubiquity AP’s are far inferior to enterprise gear like Ruckus or Aruba.

  • trippingonthewire@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Sorry for asking, but what even is the use of having a Wireless Access Point? If you have a router then you should be all set, no?

    • librecat@lemmy.basedcount.com
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      Take this with a major grain of salt as I don’t know much about this. I think that a router isn’t always also a wireless access point. It could just be for wired connections like a switch. Please downvote and correct me if I’m wrong, I really know little about this.

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        A router bridges your local network and the internet. It decides where to send packets. Typically in residential installations, the router acts as a gateway, acts as a local DHCP server, acts as a DNS server. Kind of all in one.

        A access point is a wireless device, which talks to wireless clients, putting their traffic on the network.

        Again residential devices, tend to be all in one, everything you would expect in your router/gateway, and an access point.

        This is fine for small installations, or people who don’t really care particularly about quality. When you get into dedicated devices, you get higher reliability in your access points, better radios, better firmware. They keep it simple stupid philosophy applies to hardware as well.

        If you have a large house, you’ll probably need multiple access points to cover the entirety of the house, and you wouldn’t want each access point to be acting as a gateway, a router, or a DHCP server.

        • trippingonthewire@lemmy.ml
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          So it’s just like mini routers just dedicated to internet, with better quality and reliability, that connect to the main router when it’s near, but give you a stronger signal?

          • railsdev@programming.dev
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            I like to think of them as Ethernet switches that happen to have WiFi. Their goal is just to bridge (in the colloquial sense, not necessarily networking sense) WiFi to Ethernet.

          • jet@hackertalks.com
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Router is a technical term, that many people misuse due to retail advertising.

            A router by itself has multiple networks that talks to, and decides what traffic goes to which network.

            A switch has one network, but it’s aware of what device is attached to which port, and only forwards packets to the correct port for the device.

            The difference between a router and a switch is what level of the network stack they’re working at. But basically switches are dumb and fast, routers are smarter and slower. A fast router tends to be expensive.

            Wireless access points typically don’t want to send all of the wired network traffic over the wireless, if it’s not addressed to a wireless client, so it’ll keep track of the hardware address of the clients, and if it sees traffic destined for that hardware then and only then will it switch the packet onto the wireless network. Hence all access points tend to act as a hardware switch.

            • jet@hackertalks.com
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Let’s say you have a 10 room concrete building. Let’s say the concrete has rebar in it, so basically a wireless signal can’t go between rooms. This is theoretical, just go with me.

              If you wanted to have seamless wireless access across the entire house, so that you could take a voice call and walk around. You would need to put a wireless access point in each room.

              In order to allow seamless transfer between access points, you would probably want to have access points from the same vendor, all configured using the same network ID, using the same authentication scheme. That way your smarter clients like modern cell phones, would see that oh there’s multiple wireless access points in this network that I can talk to right now, I’ll switch from one to the other. When the switch happens you tend to lose some packets, so the faster the switch, the more seamless the experiences for people.

              Some wireless access points can negotiate with each other to push specific clients to different access points. But most of this fast switching is done client side.

              so in this 10-room building, you’re going to have 10 access points, you’re going to have a single router between the building and the internet, you’re going to have a DHCP server internally usually. Those access points may be negotiating between themselves, using some mesh technology, but ideally they’re all wired to the same network.

              When a client switches from access point a to access point b, those access points will now know that physical hardware address has switched, and the main network should still send the packets to the client with very few being dropped.

    • ScoobyDoo27@lemm.eeOP
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I think the Firewalla may be able to broadcast WiFi (I’m not sure) but it doesn’t matter much to me because it’s tucked away in my utility room. I need a couple AP’s for my upstairs for all my wireless devices.

    • PeachMan@lemmy.one
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago
      1. More control. I can make a homemade PFSense router that gives me enterprise grade features like VLANS, VPN options and advanced firewall rules.

      2. Performance. A dedicated AP from Unifi or Armada is more powerful and stable than most consumer wireless routers.

      3. Price. Building a decent setup yourself actually pretty cost effective compared to high-end consumer routers.

      It’s DEFINITELY NOT for everyone, but if you’re a nerd with some networking skills and time to spare you can make a baller enterprise-grade home network for under $300. My budget setup made from used components blows any $500 “premium” router away.

  • PeachMan@lemmy.one
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Apparently you can flash OpenWRT on some Unifi APs, though I’ve never tried it personally. I have a Unifi AP (with stock firmware) connected to my DIY PFSense box and it’s working great.

  • The Doctor@beehaw.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I have two Linksys EA8300’s running OpenWRT for the wireless infra at my house, and a Nexx WT3020 running OpenWRT as a bridge for my VoIP ATA. Solid hardware.

  • Oliver Lowe@lemmy.sdf.org
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    If you’re up for a bit of a learning/DIY project, you could get some small form-factor PC with some ethernet and WiFi interfaces and run OpenBSD with hostapd. You can be almost certain that it’s not leaking usage info to 3rd parties.

      • rckclmbr@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        1 year ago

        APs don’t run openwrt though. Openwrt is for a home router/firewall and AP combo. AP is just the wifi part and plugs into a router

        • dot20@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          AFAIK you don’t have to use it as a router. If you configure all the interfaces to LAN it should just act as a switch/AP combo.

            • jet@hackertalks.com
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Maybe they just want to play with open WRT? Maybe they have extra hardware that they want to use as access points?

                • PeachMan@lemmy.one
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  1 year ago

                  They said they were looking for privacy-focused, open source options. So get a Unifi AP and flash OpenWRT on it, and that fits the bill.