I recently sold my UDMP and bought some mikrotik gear, because the device hat very tight limits on what ubiquiti wants you to do with it. No wireguard was an annoyance I could live with, but disabling NAT was not possible and a switch backplane running at 1gbps were the final blow. Also I do not want to have to log into an online account to use my (maybe airgapped) router.
The older Unifi routers, USG-3 and USGPRO-4, can run wireguard. The annoyance is, that you must configure it via config.gateway.json file and reinstall it after each firmware update. They also run without cloud accounts.
Pity that Ubiquiti goes the wrong direction with their newer products.
Mikrotik's wired hardware is fantastic...but their wireless products leave a lot to be desired. I find that in most cases openwrt gives better wireless throughput on the exact same hardware under the same conditions. My other gripe with Mikrotik is that they pushed their own proprietary protocols like EoIP instead of supporting standards like vxlan (I know this will be available in RouterOS 7, but that is still not really out when I last checked).
My knowledge of their product line is pretty out of date now, but in another life I spent a few years setting up networks in hotels and condo buildings with Mikrotik gear.
Their software has the occasional wart if you're more used to enterprise gear like Cisco, but is generally decent and reliable. (The kinds of issues I'm talking about are like... it was really roundabout and difficult to get a single port with both VLAN tagged as well as untagged traffic flowing through it.)
I'm honestly always surprised their equipment isn't more well-known and popular in the tech crowd. While they've got some turnkey stuff, they also sell (or at least sold) devices that were pretty simply a handful of ethernet ports, a switch chip + CPU, and a mini-pcie port that you could add kinda whatever you wanted in to (they sell modules for 802.11, 3G/LTE, LoRA, etc). For a lot of models they'll also just sell you a bare board. Basically everything comes with a full software license (only real limit is max 200 vpn tunnels, max 200 hotspot users). They sell replacement parts down to bare boards to replace PSUs and things. Basically everything is powerable over PoE, most stuff has a SFP port, etc. Some of the models have had GPIO pins, and on basically all of them all the LEDs can be reprogrammed and are user-controllable. They've got equipment as cheap as $40. A lot of it is actually supported by OpenWRT.
Without having used it, if you just want something with wifi and more similar to a consumer router, looks like their hAP AC3 for $99 or something is probably decent. You're not losing anything buying the home gear, it's still licensed to the same level as all the other gear. Otherwise if you just need a router you can basically just start at the cheap end of their routers and look through the test results for something with acceptable performance for you.
Personally, I've been using a RB2011 for almost a decade as either a router or core switch and it's been great. Though the highest my connection speed's been throughout is probably 100mbps. These day's it's relegated to switching, and handles my setup where I've got all my PoE IP cams on one VLAN, main network on another, trunk running to my server where I've got the DVR and all my other stuff running, etc, etc. Hasn't had a single hiccup.
The hAP AC2 is almost essentially the same router and even cheaper. I replaced my UDM with it and I am way happier without the extra frills (no LED, no boot sound) and my uptime has been way more reliable
I use the RB4011, which even came with rack mounts. For the last year it's been working great (once you get the hang of how the configuration works). Can highly recommend.
I also use the CRS326, with a little less power than the RB4011, but with 24 Lan ports instead.
The only downside, compared to the UDMP, is the missing DPI
Me to, I’m considering a UDM-Pro for my 10Gbps internet upgrade coming soon but I’m a bit afraid that it won’t play nice with multiple external IP-addresses.
Microtik is certainly interesting but I’m lost as to which model I should choose.
