What is the current best SOC if I only want an OpenWRT device acting as:
access point + switch
supports VLANs to isolate iot elements in a dedicated Wi-Fi SSID
which can last a long time (eg. I still have a WR841N under OpenWrt 19.07 tiny running 24/24... )
My main router is a x86_64 mini PC (Celeron N3160 - OpenWRT 22.03.0-rc4) and I'm happy with it.
I tried many APs running OpenWRT or not (like Archer C80, Tenda RX3, Omada EAP650, Netgear WAX218 and WAX206, ZyXEL NWA50AX and many others) and the only one that works almost correctly has a MT7621 (a Cudy WR1300). I have found that ceiling mount APs hace a poor
Is this SOC still the best overall SOC on the market or is anything newer a better choice ?
If that can help to make a reply, I would be happy with:
very good 2.4Ghz coverage (I don't care too much about 2.4Ghz speed)
very good 5Ghz speed in the AP vicinity (AX should be great if supported in the future)
Pretty much any proper AP hardware can do what you're looking for -- especially if you're just using it for wifi (and not as a router).
Personally, I'd recommend getting a proper AP rather than the all-in-one wifi router devices (such as the Unifi or other similar dedicated APs). If you need additional ethernet ports, get a standard managed switch to handle that. The performance of dedicated APs is almost always better than a device with built-in routing and switching.
All of your VLANs should be handled by the main router. This will include the firewall rules to allow/prohibit inter-VLAN routing. The APs will just be configured as dumb APs -- simple and reliable.
As for 802.11r -- this is not always necessary or useful. There are good ways to optimize wifi without using this standard, and some client devices don't play nice with fast roaming. That said, you can layer that on top of pretty much any OpenWrt installation, so no worries there.
My experience doesn't 100% agree with @psherman.
I've tried a few "proper access points" (as I said, TP-Link EAP650, Netgear WAX218, ZyXEL NWA50AX) and have never been happy with the range or throughput, even with the original firmwares.
With these ceiling-mount APs, I always noticed that the speeds dropped after the slightest dry wall and even in free space after only few meters ... they were all really disappointing.
I never had this phenomenon with (lower cost) "all-in-one wifi router devices" equipped with external vertically polarized antennas (I live in a one-storey house, vertical antennas suit my need fine) with the classic "donut" radiation pattern (5 or 6 dBi).
"all-in-one wifi router devices" like TP-Link Archer C80 or Tenda RX3/TX3 in AP mode are rock solid on these apects ... but not OpenWRT compatible (or not compatible with each other on the 802.11r standard)
As you said, each of my APs only works as dumb AP, no problem with that.
My VLANs and FW rules are defined on my main (OpenWRT rooter) no problem with that again.
but all my APs are not necessarily happy under OpenWRT to correctly manage VLANs + roaming + speed + range at the same time (eg. iqp4018 devices) . So I have to use some APs not compatible with OpenWRT to achieve my performance need (then losing my other requirements)
I don't think there's any SoC that works properly including VLAN that also offers WIFI.
ipq40XX has issues with the switch (VLAN), ipq8XXX (no idea, overall performance seems to be so-so at best), mt7621 is MIPS and generally unstable these days it seems, MT7622 works fine in general but there appears to be some issues with the switch/ethernet and 11ax is probably not the way you want to go if you want something "stable". For now I think you best bet would be Marvell 64-bit and mt76 (11ac) or ath10k (11ac) wifi. Totolink A8000RU appears to be stable but I'm not sure about switch support as these use some old Realtek switch.
Comparing like-for-like (ipq40xx with swconfig, ipq806x with swconfig, just vanilla current master as-is), ipq40xx can do around 300-350 MBit/s (iperf3 through the router in its default configuration, so DHCP/ ethernet on WAN, NAT/ routing, iperf3 client on LAN), while ipq8065 (stock OpenWrt, so no NSS involved) can do ~600-650 MBit/s (both tested without software flow-offloading, genuine speed); with NSS (which ipq40xx is lacking, but present on ipq50xx/ ipq60xx, ipq807x), it (ipq806x) could achieve 1 GBit/s wirespeed (and probably even 10 GBit/s, but you won't find those interfaces on anything but the QCA devboard). VLANs are not an issue for the (different, more traditional) network/ switch setup for ipq806x (which basically has the same qca8337 switch you find on high-end/ current ath79 SOCs, connected to an stmmac ethernet IP core), its the incentive to cut costs, to integrate the switch into the SOC for ipq40xx (and its successors, which evolved out of this design, ipq50xx/ ipq60xx/ ipq807x), while connecting the PHY over their new link (PSGMII) which lead to the driver situation that's now being disentangled with the pending dsa migration for ipq40xx.
If you're fine with ipq40xx's performance, ipq806x is a strict improvement (as mentioned before, by roughly a factor of two, courtesy of the 2*1.7 GHz ~cortex A15 SOC) - and it usually comes with 4x4 wireless instead of 2x2 for ipq40xx as well. ipq806x (which also has pending dsa PRs) will give you two CPU ports to the switch, which you can assign freely between your VLANs, there are no known issues with VLANs here (and I've been using a trunk port to my managed switch transporting multiple VLANs/ VIDs on my nbg6817 (ipq8065) and g10 (ipq8064) for years, no problems whatsoever).
EDIT: ipq8065 usually comes with 4x4 802.11ac/ wave2 wifi (QCA9984), ipq8064 mostly comes with 4x4 802.11ac/ wave1 wifi (QCA9980; there are vendors who upgraded ipq8064 with Quantenna 'Topaz' wave2 radios (but those don't have linux support)).
ipq806x: stmmac + qca8337 --> VLANs are fine
ipq40xx: in-SOC essedma MAC, PSGMII connected PHY --> VLAN difficulties, only sorted in the pending dsa PR (but sorted there for good)
ipq50xx/ ipq60xx/ ipq807x: descendants of the ipq40xx switch design (but also inheriting NSS/ NPU cores from ipq806x; it's complicated)
@slh I have never been happy with my ipq40xx device, bad coverage (perhaps an antenna design problem on the Fritz!box 4040) and poor wifi speed, more power consumption that others, verrrrry slooooooow to boot, unstable wifi (max 2 days before problem appears ... whatever the FW) and not good with vlans ... it was my worst equipment purshase ever !
@diizzy my MT7621 device (Cudy wr1300) works very well, no problem at all with it concerning DSA/VLANS/Wifi stability under OpenWrt 22.03 (or 21.02) but the wifi speed should be better (500MB/s if I remember well, it is not my main AP, it is on my desk), but its soc starts to age so I asked if anything newer could be a better candidate as I don't need any routing/sqm power (AP only)
ipq8065 seems to be a clear winner here.
Note in order to clarify:
I need vlans simply because I need multiple Wi-fi SSIDs to isolate my iot (and also to isolate my pro laptop [wired] from my LAN and the MT7621 do that very well) so a managed switch + not-vlan-capable-APs is not really a solution (or I will need a lot of APs !)
I have a 300/300 plan, almost any AP today is capable enough. Wifi is not only for internet in my mind, I see that like a "lan extansion", so I care about LAN <-> WLAN 'confort' (speed and latency)
I like to use the lowest usefull power on my APs (to help roaming and perhaps also reduce radiations), as an exemple the excellent (radio side) Archer C80 (AC1900 3x3 wave2) has a very good penetration + speed + coverage at its lowest power available (but will never be OpenWRT compatible, its SOC is a special MT7621 made for TP-Link with only 4MB memory). The WAX218 (AX3000 4x4) or EAP650 (AX3000 2x2 @160MHz but I set it @80Mhz to be honest) have poorer penetration, poorer speed, poorer coverage even at max power with manufacturers FW and are almost useless at minimum power while consuming much more (I made this comparaison with all the 3 installed at the same place, on the ceiling of the bedrooms' corridor and made my testing on each bedroom). The EAP650 is better that the WAX218 (much more)
I'm pretty sure the QCA9980 on my r7500v2 (an ipq8064 based device) is wave 2. Also the r7500v2 has 512 MB ram (some forum members - possibly posting in this thread - have reported it having only 256).
That said, I don't recommend you get a r7500v2 unless you like DIY projects.
I have few MT7621 devices myself (D-Link DIR-860L) and while they appear to work relatively fine they're starting to show their age and wireless range is really poor to be honest.
I have a few ipq40xx devices (Linksys MR8300 and EA6350v3) and they been working great as APs at least, range might not be great but they're very stable. I do however see some strange switch wonky-ness on one of the MR8300s with one interface randomly switch MAC address (it alternates between two).
Despite all the complaints my Linksys WRT3200ACM also works well although there are some limitations, no WPA3 and no DFS channels on 5Ghz so you're very limited to your selection of channels.
It has by far the most solid ethernet support though and 2.4Ghz has always been very flakey at best.
MT7622, the Totolink A8000RU would probably be my go to device (despite the "sparse"? switch support), range is great and SoC support in general seems rather solid. As far as speed goes my WRT3200ACM performs better over WIFI but not by much and range is by far better than my Linksys boxes (both models seem to be very similar in that regard). I should point out that the Totolink is 11ac which is what I would reocmmened by far for stability reasons but availability is sparse at best afaik.
Based on relatively recent master branch and general observations over at least a few months
2 months later ...
Hi @psherman, we talked together about performance differences between "all-in-one wifi router devices" and "proper AP" (such as the Unifi or other similar dedicated APs)
My experience with what you talked "proper AP" is not the same as yours, especially if I look at wifi speed performance for few clients.
I'm curently playing with a "proper" Netgear WAX218 (IQP8072a AX 4x4) ... so not really an entry level device.
and so I had to share my evening hacks with you
Out of the box under OpenWRT I can achieve 105MB/s with low cost MT7621a devices (Asus RT-53U, or Cudy X6 at half the Asus price and seems to have a better radio), they draw 5W (idle) and 8W under load (8W/12W for the WAX218 ... a "green" device !).
My laptop has an Intel AX210 card.
Not so bad !!!!!!!
With the Netgear, also out of the box but with the stock FW, the best speed (trying a lot to find the best AP orientation relative to the laptop) was 65MB/s. I can tell the ratio cost/perf/watt is really not good for the Netgear
And, 30 minutes ago, with the WAX218 's cover removed, It took me the idea to disconnect 3 of the WAX218 's antennas (thanks to the uFL connectors) and to put those of my venerable TP-Link Archer C5 V2 (or C7, as you like).
I don't know what vswr the stock antennas has but that certainly explain why the device run so hot during my testing !
It's seems (at least to me) logic that:
a pro (many STA sharing the same AP) must be design not to make speed, but to handle many concurrent connections. So they must have a spherical radiation patern (or semi-spherical) => 0 to 2dBi
an home AP must handle fewer clients, it must serve the same level of the house and is often simply placed on a sideboard (and often not high up). So a stick (dipole ?) antenna with higher gain (4-5dB) with an horizontal (donut) patern seems also very logical here
and the 3rd category: those who sell mesh devices, they want to have a bad antenna design so that you are happy to have bought their equipment (and that with too good antennas one risks having more problems in the case of a mesh...especially since the average consumer always puts the power of the WiFi on full blast)
That's why I think ceiling mount are not the only/best/universal solution in many "home" use cases if you want speed (but if you don't care, and you can ... that's another story )
But perhaps the WAX218 simply has bad antenna design ... I don't know, I never tried with Unify APs
For me, I value stability and connection robustness with many client devices over speed. I get good speeds on all of my devices. I specifically tuned my APs to provide reliable performance at the expense of extraordinary speeds. For example, I use VHT40 which limits speeds, but provides much more robustness against radio noise/interference (especially from neighboring APs, and my home is very close to my neighbors).
I understand that very well, as it's really fine.
I use VHT80 for fast data transfert inside my lan.
And I set 20Mhz for 2.4G with power at 5dBm (3mW) and 5Ghz power at 20dBm (50mW) because I prefer more APs that more power (more ealthy, more efficient in term of coverage) and I've found these values to be good in my home for coverage/wifi speed and to help roaming
With few exceptions, a dedicated business/enterprise-grade WAP is going to be your best bet for performance and reliability. While OpenWRT on an AIO WiFi router might work fine for a small property with thin walls, my experience is that a proper dedicated WAP setup is always better. If you're having issues with range or coverage, the solution, as with many other things in life, is to just add more. For example, I manage a residential property with a sprawling first floor layout that does require two UniFi APs on either end for optimal coverage. Have had exactly zero issues with uptime, performance, and manageability.
I have 2 Unifi APs in my home, and 2 in my in-law's. My dad has a large house and uses 5 of them. Provided the firmware is stable (which can be hit or miss with Unifi -- I've been happiest with the stock unifi v4.3.20 which is rock solid), the performance is excellent. I had almost 2 years of uptime on my APs recently, until I power cycled them as part of other network maintenance (they didn't need to be restarted, but I interrupted the PoE).
In all three locations, the network has better coverage and more stability than it ever did with consumer grade gear. When the focus is reliable and predictable performance and good coverage, using enterprise gear really does have a leg up.