Network upgrade

I’m thinking its about time to upgrade my network components, Router and switches. Last update was 2019. Support is ending for my current router ASUS RT-AC5300. It.s a 1g Wan/Lan.

I’m considering the ASUS GT-BE98 Pro, quad band (2 - 6GHz, 1 - 5GHz 1 - 2.4GHz), WiFi 7, 10gb and 2.5gb Wan connections, and 4 - 2.5gb Lan ports. Powered by a quad core 2.6 GHz processor. I’m not up to speed on VPN but I understand this router allows you to run both a normal internet connection (for Roon) and a VPN tunnel simultaneously, assigning specific devices to the VPN.

Will also be replacing my 1gb switches with multi-gig versions.

I’m guessing the increased in Wan/Lan speeds will be important when our internet/cable providers upgrade to Fiber makes it down our way.

I believe the Ethernet cabling in the house is cat 5e which as I understand it is sufficient for multi-gig Lan.

Just have the single router, no mesh, in the 2800 sq ft single story house. WiFi works fine inside and out but this new router is supposed to have greater coverage.

Can any of the networking gurus in the community advise if this sounds right or am I missing something?

I have an RT-BE88U (now unused) which runs essentially the same software.

I believe you are confusing VPNs and VLANs in the above statement. The BE88U allows WiFi SSIDs to be created associated with different VLANs and it allows individual ethernet ports to be assigned to different VLANs or indeed to be designated a trunk port providing VLAN tagged traffic for multiple VLANs to a managed switch.

On the VPN side, the OpenVPN client and server options are available as are Wireguard and LLTP just as they are on your RT-AC5300. It might be possible (I can’t remember) to associate a VPN with each endpoint (client or server) with a VLAN but, from memory, nothing more than that.

From memory, Cat 5e cabling can support 2.5Gbe ethernet. It will not support 10Gbe Ethernet. For that you will need Cat 6 (for up to 55m) or Cat 6a (up to 100m).

This, as ever, is complicated. The speed increases (over WiFi 6) come mostly from the increased number of WiFi bands and the increase RF bandwidth on the 6GHz band but these speed increases can’t be utilised unless your WiFi devices can also utilise them. In any event, you will be unlikely to get anywhere near the headline data rates.

Of course WiFi 6 (and thus WiFi 7) will already give you a marked improvement over your existing WiFi 5 network.

That is the best way when practical. While Mesh systems can solve signal strength issues they can, if not set up correctly, easily create other issues.

You will have to watch what happens with the 6GHz band if you have any devices that support it. The 6GHz band has less range and is more affected by obstructions in the signal path and so may not give coverage throughout the house.

There is no doubt that the RT-BE98 Pro is a very capable router but, since you have a wired network, it may more than you need (on the WiFi side) if you only use mobile WiFi devices.

My RT-BE88U only supported two WiFi bands (2.4 and 5 GHz) and that (used as a standalone router - no mesh) gave me all the speed I needed. Even now, after migrating to a home assembled Opnsense router (not recommended for a ‘plug in and go’ experience) and a separate WiFi Access point, I still only employ the 2.4GHz and the first 5GHz band because I don’t need more.

If you want to spend money on devices that don’t live up to the marketing then go with Wi-Fi 7 else go with Wi-Fi 6 instead. Try to go for professional or at least semi-professional gear – there are too many disappointing devices in the consumer segment. Do some online research before deciding for a specific device (search for error or issue with a specific device name / model number; see if you can find technical reviews from experts instead of the usual reviews from influencers and retailers). See also:

Thought I copied/pasted that statement directly from the ASUS web site last night, after midnight, under the definition for VPN Fusion. That website does highlight VPN Fusion, but I don’t see that statement there now.

Maybe it was from Google AI deep dive as is shown here:

ASUS ROG Rapture GT-BE98 Pro supports VPN Fusion, allowing simultaneous VPN (OpenVPN, WireGuard) and regular ISP connections to manage traffic for up to 16 devices without installing client software. Users can route specific devices (e.g., smart TVs, consoles) through different regional VPN servers while others use the standard connection.

I’ve never used a VPN at home because of what I read on the forum about it causing issue with Roon. The idea of having both was appealing. I’ve just started looking into upgrading the network and have a ways to go.

Having to rewire the house with cat 6a for 10GBe Ethernet is probably a show stopper but having 2.5GBe available is still appealing.

If it’s working well, I wouldn’t fool with it until you need to. I have AT&T fiber and use their gateway. My unmanaged switches are Netgear.

I read your post last night, before I started this topic and maybe because of it, in hopes of getting a better understanding of the issues.

My thinking was the router would be backwards compatible with the current WiFi standards and would be an improvement over what I currently have. We only use WiFi with our phones and Ipads. What I was really interested in was the multi-gig Ethernet.

As I replied to @Wade_Oram, I’m just starting out on this idea and have a ways to go before doing anything.

Ah. This maybe a difference between what you would experience and what I had on my RT-BE88U. With my Asus routers (three of them starting with an RT-AC66U), I have always used Merlin Firmware. Probably one of the biggest differences in this firmware relative to the standard Asuswrt firmware is that the Merlin Firmware drops VPN Fusion in favour of VPN director. However, it’s been nearly a year since I moved to Opnsense running on an Intel Mini PC (with multiple ethernet ports) and I am certainly forgetting the details. With the router not currently in my network, I can’t refresh my memory.

I do know that the Asus routers are not as flexible (or powerful) as Opnsense - but I also know that Opnsense requires significantly more network knowledge. Additionally, at the time (before the recent RAM price increases), I put together my Opnsense Router and added a POE powered WiFi Access point for less than the cost of that RT-BE98U Pro.

Whilst phones and tablets should be fine, it should be noted that I have at least one WiFi connected IOT device that will not connect on a WiFi 7 enabled network. I get around this by configuring two WiFi networks - one with WiFi 7/WPA3 enabled and one, for IOT devices, restricted to WiFi 6 and WPA2. My access point allows both to co-exist.

This is what makes me think that the RT-BE-98U Pro may be more than you want. Personnally, in your position, I would go for a more modest router with 2 or possibly 3 WiFi bands. My RT-BE88U costs less than half of that RT-BE98U Pro and offers essentially the same features except that it is 2 band WiFi only. Other WiFi 7 routers from ASUS are cheaper still.

Edit: Also mobile devices will often be the limiting factor. In my house, with my WiFi, my mobile devices (Pixel 6, Pixel 7, Pixel Tablet and an old lenovo Tablet - admittedly, all getting a bit long in the tooth these days but still supporting WiFi 6) will not get above about 850Mbps - even when in the same room as the AP. By contrast, my WiFi 6 capable laptop will get up to 1.9Gbps in several rooms.

Certainly, this makes a difference. Upgrading your wired network with 2.5Gbe capable routers and switches can make a big difference especially with heavy network traffic within the LAN.

Would backwards compatible not relate to older Wi-Fi standards then?
PS: Same is true for Wi-Fi 6 devices which are also already an improvement to your current device and mature.

There is no real gain in throughput/speed to expect here for devices that use older standards when connected to a newer standard base unit.

Better get a switch for that – if and when you actually have a use for it. Ah you do I see:

Then use the 10 Gbps LAN port to uplink to the primary switch (try to avoid daisy-chaining switches, define one as primary and connect all the other switches to that one).

PS: I would expect a late Wi-Fi 6 device to provide at least a 2.5 Gbps port as uplink port when used as an Access Point.

Also: Many basic stuff has already been written in the other thread here in this post:

Read the post script there too - the Wi-Fi 7 test report I shared seems to support that by pointing out that no device actually advertises/does MLO and most are not even certified Wi-Fi 7 devices.
Customers are early adopters paying a lot of money for a dream castle. Someone still remembers when the first generation of 802.11n (pretend to) consumer devices entered the market with dual band 2.4 / 5 GHz marketed – and they couldn’t do both bands simultaneously (but that very important fact didn’t get marketed of course)?

A good article but, as with all things social media, yes you have to check out the specs carefully. Not all Wi-Fi 7 is created equal. From my experience they tested the low and mid tier Wi-Fi 7 routers. For instance they did not test the top end consumer products ie ZenWifi BT10 not the BQ16 or 16 Pro, or the Netgear Orbi 970 only the 370 etc. These do conform to all of the Wi-Fi 7 certified standards. As is always the case you get what you pay for…..missing off the higher end consumer models assisted making tha article more “sensational”. A classic tactic of Social Media “influencers”

I would always go to a consumer network testing site such as “Dong Knows Tech” to check tested performance for routers and the details about the system you are considering that the manufacturer marketing gurus do not include in their hype. A sensible step before getting out your credit card.

You cant expect a Zenwifi BT 10 system costing +/- 700 dollars (here in Malaysia) to have the same technology or components as the, still consumer, BQ16 costing +/- 1600 dollars per pair.

Also see my advice above:

PS: Products should deliver at any price point or they are pointless. If they advertise Wi-Fi 7, buyers expect Wi-Fi 7 and not some home brew non-standard compliant device; if they advertise MLO, customers expect working MLO implemented.

They have a rating that has to be stated on the box and on the marketing (BE 6000, BE9600, BE16000, BE22000 etc etc). This is the maximum throughput (never reached in the real world) in mbps. The WiFi standard allows for multiple levels of MLO implementation. Needless to say the 22000 plus rated routers fully implement all levels of MLO implementation (i.e backhaul combined 10 gbps ethernet + wireless bands capability).

Whilst manufacturers use the WiFi 7 banner as super fast the speed/throughput rating informs you of the level of implementation of the entire Standard. Whilst the manufacturers are being a little opaque they are not lying. If so there would no doubt be multiple class actions ongoing……..

Not a “networking guru,” but I’ve been running my own home networks for decades. I understand the technology enough (I work in tech and I was adjacent to multiple early LAN and WAN networking projects in the 80s/90s) to make my life easy. Easy for me these days is UniFi. In my simplest location, I have a Cloud Gateway Ultra connected with legacy 5e (came with the house) to various UniFi switches and WiFi access points that I installed around a spread-out house. If my fiber provider was not so inflexible, I’d be using a Cloud Gateway Fiber directly rather than having the Ultra sitting behind the provider’s ONT NAT (which makes my network life unnecessarily complicated).

That and an access point is a very capable setup with lots of room for expansion.

A bit more expensive than other options as you need to get a separate AP but, with 5 Gb/s IDS/IPS Throughput and vlan capabilities… it’s a lot of router. Better than a lot of other stuff out there.

Edit: Forgot to mention, the wireguard vpn works great with Roon and ARC.

I had some complications first few tries but all problems I had were of my own making.

I have several APs here because this house is quite spread out. The one closest to the router in the living room I’m typing this from is the “Swiss Army Knife” (Swiss Army Knife - Ubiquiti Store) connected to a UniFi switch with PoE. I love the modularity of UniFi gear. With a bit of care, everything is very tidy, with APs and auxiliary switches powered over the Ethernet distribution cables.

Yes. UniFi for me. Great / pro level gear. The cost is not that much more than the consumer stuff and it’s been rock solid for me..

I replaced my 10 year old Edimax WAP (SoHo level - AC1750, which was a 3x3 dual band WIFi 5) with a Unifi U7 Pro Wall, on a stand. It is used in a Penthouse apartment, so no floors to consider, hence the non-ceiling mount configuration.

The U7 Pro Wall has 2.5G port with POE+ power, 2x2 6Ghz, 2x2 5GHz and 2x2 2.4GHz. It accommodates all devices, from IOT, legacy WPA2 only, and the latest WiFi 7.

I now get full 1Gbit/s provided by my ISP to my iPhone 16 Pro (WIFi 7), MacBook Air M4 (WiFi 6E). Older WiFi 5 devices including a iPad Pro 9.7 get 500 MBit/s.

The WiFi 7 i hype is real for me. New iPad Pro coming soon.

An excellent upgrade, so can totally recommend Unifi WiFi devices.

No point for me upgrading network switches (Netgear) and gateway router (Cisco) as ISP only giving 1Gbit/s down service presently & only 50Mbit/s up. Plus all other wired equipment (NAS, Roon server, docking stations, A/V) is Gigabit or even Fast Ethernet, so might as well sweat that.

When ISP gives 2.5G or 5G then will look to a Unifi Gateway router to capitalise on this, but the Gigabit core backbone will remain, as internal LAN data transfer speeds are not bottlenecked on a Gigabit network but on the devices themselves.

Go UniFi. Only downside is it’s extremely addictive!

I really appreciate all the responses and input. Which ever way I go it will be with a single router, no mesh, with thoughts on future proofing so I won’t need to do this again.

I’ve had the current router GT-AC5300 for about 7 years now and it has performed very well with no input from me, setup and/or configuration. Other than occasional firmware updates it has been out of sight and out of mind.

I have to admit I’m partial to ASUS, having used their motherboards exclusively in our Desktop builds, along with WiFi and Ethernet cards and routers as far back as I can remember. And of course it will be for my next NUC/Rock upgrade.

I’m leaning towards WiFi 7 for future proofing since everything I’ve read says it is backwards compatible with WiFi 5 and 6, and a gaming router for the prioritized multi-gig gaming port. I’m thinking of using the gaming port with an 8 port multi-gig switch for Roon and all connected end-points devices. That would have priority over all other Network traffic.

Google search “can a router gaming port be used for music server priority” proived this input:

Yes, a router’s dedicated gaming port (often labeled “LAN 1” or “Game”) can absolutely be used to give a music server (such as Roon, NAS, or streamer) priority over other devices.

These ports work by prioritizing wired traffic, placing the connected device at the head of the queue during network congestion, which is ideal for streaming high-resolution audio without stuttering.

Why This Works for Music Servers

Head-of-the-Queue Priority: The gaming port is typically configured to assign the highest priority to any connected device, treating it like a “VIP” on the network.

Wired Reliability: Using a physical ethernet port ensures lower latency and better stability compared to Wi-Fi, crucial for high-bitrate audio.

Traffic Management: While labeled “gaming,” this feature is actually a form of Quality of Service (QoS) that prioritizes time-sensitive data over background downloads.

As previously mention I’ve been looking at the ASUS GT-BE98 Pro and found another one, ASUS GT-BE1900ai as a possibility. The GT-BE1900ai has a 2.6 GHz quad core cpu for the router and a 2.1 GHz quad core cpu for the AI component. It’s a power monster with greater Wi-Fi range, faster Ethernet, and total overkill for my needs. Either one of those along with multi-gig switch’s should future proof our internal Network.

I’m not put off with the price, having spent tons on surround sound equipment and soundproofing, it’s all about the performance and the expectation that we in our 70’s will not need to upgrade again.

This is all in the planning stage and subject to change but more or less explains my thought process.

I do this within the Netgear Managed 8-port switch for my “backend” servers. I give the ports used by my Primary NAS with Music library, the NUC running ROCK for Roon Server and the feed to/from the Cisco Gateway router, QoS priority. IOT devices are on a separate 5-port Netgear switch connected to a port on the lowest priority along with the ports for the backup NAS (rsync based backup jobs run out-of-hours at 1am or 2am. This gives any music streaming related feed from “backend” to “frontend” priority.

The connections on the Cisco Gateway are for the WAN input from the “modem mode” router, the WiFi AP, the “backend” servers, the “frontend” A/V and my Study/Home office desk.

This separates any internet traffic going to WiFi & A/V devices, work related traffic over an VPN and internally networked data from the NAS within Roon.

Does it make a difference, don’t know, as I just build the network this way through evolution and frontend to backend separation.

Have considered VLANs & subnets, but it starts getting quite complicated for just a relatively small number of devices (under 30)

Sounds like the same or similar outcome. Roon and endpoints isolated with priority. While all other traffic gets in the queue.

I’m picturing my setup with the Router having 4 - 2.5gb Lan ports and the 10gb Lan gaming port. One unmanaged switch on the gaming port for Roon, with another unmanaged switch using one of the 2.5gb lan ports for house traffic. The 3 remaining lan ports on the router will be used for video streaming (TiVo, TiVo Mini, Roku).

Seems to me like it should work plug and play, using the default router setup, without any configuration required. Thats what I’m hoping for anyway.

This is all dependent on our internet provider getting Fiber in our area. It’s coming but I don’t know when. There’s been crews working on the roads leading to and down our street. Cutting back the vegetation growing over the culverts, clearing out the culverts, marking buried utility/gas lines. Some company is preparing to run buried cable down the road.

Our current service is 1GB over copper cable. I think the options for fiber are 1gb, 2gb, 5gb and 8gb. I’ll take 2.