What Router can you recommend?

Quill0 , 2 months ago

I always liked Mikrotik. Not the most open of router but the most documented and configurable I've seen with a web, gui, ssh, or telnet I've seen

CoopaLoopa , 2 months ago

+1 for Mikrotik.

Get one of their routers that have an Arm or x86 processor and you can run PiHole and a DDNS updater on there as containers.
Wireguard support (client and server) is built in.

Even their cheapest hardware that runs routerOS has access to all the same features as their enterprise level gear.

smb , 2 months ago

i am happy to have a raspberry pi setup connected to a VLAN switch, internet is behind a modem (like bridged mode) connected with ethernet to one switchport while the raspi routes everything through one tagged physical GB switchport.
the setup works fine with two raspi's and failover without tcp disconnections during an actual failover, only few seconds delay when that happens, so basically voip calls recover after seconds, streaming is not affected, while in a game a second off might be too much already, however as such hardware failures happen rarely, i am running only one of them anyway.

for firewall i am using shorewall, while for some special routing i also use unbound dns resolver (one can easily configure static results for any record) and haproxy with sni inspection for specific https routing for the rather specialized setup i have.

my wifi is done by an openwrt but i only use it for having separate wifis bridged to their own vlans.

thus this setup allows for multi-zone networks at home like a wifi for visitors with daily changing passwords and another fror chromecast or home automation, each with their own rules, hardware redundancy, special tweaking, everything that runs on gnu/linux is possible including pihole, wireguard, ddns solutions, traffic statistics, traffic shaping/QOS, traffic dumps or even SSL interception if you really want to import your own CA into your phone and see what data your phones apps (those that don't use certificate pinning) are transfering when calling home, and much more.

however regarding ddns it sometimes feels more safe and reliable to have a somehow reserved IP that would not change. some providers offer rather cheap tunnels for this purpose. i once had a free (ipv6) tunnel at hurricane electronic (besides another one for IPv4) but now i use VMs in data centers.

i do not see any ready product to be that flexible.
however to me the best ready router system seems to be openwrt, you are not bound to a hardware vendor, get security updates longer than with any commercial product, can 1:1 copy your config to a new device even if the hardware changes and has the possibility to add packages with special features to it.

"openwrt" is IMHO the most flexible ready solution for longtime use. same as "pfsense" is also very worth looking at and has some similarities to openwrt while beeing different.

qjammer , 2 months ago

I recently bought an x86 passive cooled box from Topton, an aliexpress merchant, that was recommended by ServeTheHome, a great youtube channel/blog that reviews all kinds of networking equipment for homelabs. Since it's x86, you can pretty much install anything on it, in my case OPNSense. I recommend you watch some of their videos/read their blogs and see what fits!

Xanxia , 2 months ago

I have a Netgate 3100 that I bought used. Workes fine and at full speed with my 1000/1000Mbit connection.

tritonium , 2 months ago

I went tplink omada router, switches, and aps, very happy.

different_base , 2 months ago

I use an entry level router ASUS RT-AX53U with OpenWrt. WiFi 6, IPv6, Guest VLAN, DNSCrypt (DoH), Adblock, Firewall are few things I have configured with OpenWrt.

Even if you don't buy ASUS, make sure your router is supported by OpenWrt. It's a Linux distribution that runs on routers and PCs to configure home networking.

dukatos , 2 months ago

I am using NanoPi R5S. I am using debian system but there is also openwrt image for it, if you are not experienced Linux admin.

Works for over a year without problems. It runs PiHole and Wireguard client on docker, ddclient, unbound and reverse proxy.

UltraBlack , 2 months ago

you can convert really any computer into a little router using the help of an ethernet card. I'm planning to do exactly that for my homeserver

devtoi , 2 months ago

I have had basically no issues with my setup:
Edgerouter 4 (overkill, had a lower end Edgerouter earlier with no issues except the power adapter died, other hardware was fine).
Some pretty basic unifi AP.
As well as some cheap dumb gigabit switches.
Can basically fire and forget them. Relatively easy to do most things I need on it.
Never needed a reboot outside of upgrades. No stability issues, unlike basically all other home grade all in one stuff I have experienced in the past.

Swarfega , 2 months ago

I have a Unifi router, switch and four access points. My setup works fine. Stable.

I see other people from work say they get dropouts over the work VPN but I have no issues at all. I'm not saying the hardware is their cause but ISP provided all in one boxes are just that. An all in one solution.

ElderWendigo , 2 months ago

Jack of all trades, master of none. Forcing a router reboot to get the home Internet working again has become a thing of the past since I set up a unifi router and APs.

I'd had router/WiFi combos before running either dd-wrt, open-wrt, or tomato. None of them were stable. But I suspect that was because the hardware just couldn't keep up, not because the open source software was faulty.

possiblylinux127 , 2 months ago

How much bandwidth and flexibility do you want? OpenWRT is what I use on consumer hardware but many people here also swear by custom hardware with opnsense

TCB13 , 2 months ago

swear by custom hardware with opnsense

...which is completely unnecessary and overkill for most people, even those with home labs, since OpenWrt can do it all.

possiblylinux127 , 2 months ago

I won't disagree but not everyone is the same

redcalcium , 2 months ago

Homelab is a hobby, and like other hobbies, people actually loves doing the "unnecessary and overkill" stuff.

TCB13 , 2 months ago

Think about it... with OpenWrt you can spend even more time tweaking around and doing things that may be more automation under OPNsense. :P But yes, fair point.

Gooey0210 , 2 months ago

I thought "unnecessary and overkill" is our actual name, and selfhosting is just a nickname

TCB13 , 2 months ago (edited 2 months ago)

How much wifi and open-source do you really want?

If you are willing to go with commercial hardware + open source firmware (OpenWrt) you might want to check the table of hardware of OpenWrt at https://openwrt.org/toh/views/toh_available_16128_ax-wifi and https://openwrt.org/toh/views/toh_available_864_ac-wifi. One solid pick for the future might be the Netgear WAX2* line or the GL.iNet GL-MT6000. One of those models is now fully supported the others are on the way. If you don’t mind having older wifi a Netgear R7800 is solid.

For a full open-source hardware and software experience you need a more exotic brand like this https://www.banana-pi.org/en/bananapi-router/. The BananaPi BPi R3 and here is a very good option with a 4 core CPU, 2GB of RAM Wifi6 and two 2.5G SFP ports besides the 4 ethernet ports. There’s also an upcoming board the BPI-R4 with optional Wifi 7 and 10G SPF.

Both solutions will lead to OpenWRT when it comes to software, it is better than any commercial firmware but be aware that it only support wifi hardware with open-source drives such as MediaTek. While MediaTek is good and performs very well we can't forget that the best performing wifi chips are Broadcom and they use hacks that go behind the published wifi standards and get it go a few megabytes/second faster and/or improve the range a bit.

DD-WRT is another “open-source” firmware that has a specific agreement with Broadcom to allow them to use their proprietary drivers and distribute them as blob with their firmware. While it works don’t expect compatibility with newer hardware nor a bug free solution like OpenWRT is.

There are also alternatives like OPNsense and pfSense that may make sense in some cases you most likely don't require that. You've a small network and OpenWRT will provide you with a much cleaner open-source experience and also allow for all the customization you would like. Another great advantage of OpenWRT is that you've the ability to install 3rd party stuff in your router, you may even use qemu to virtualize stuff like your Pi-Hole on it or simply run docker containers.

Meltrax , 2 months ago

I guess maybe too mainline for everyone here but I use an Asus router flashed with the Merlin OS (a painless easy process) and it works excellently. No issues setting up all the things you mentioned.

farcaller , 2 months ago

One more for mikrotik (I run the VM version on a small linux box).

I tested a ton of those (pf/opn-senses, VyOS, even Cisco), and noone of the free ones can handle IPv6 in a reasonable way in 2024, which is slightly bizzare. Mikrotik has some annoyances, but it's rock solid as a router.

I don’t use its container features and instead run podman in a vm next to it. Works great.

___ , 2 months ago

How do you mean? IPv6 in OPNsense is working fine.

farcaller , 2 months ago

OpnSense is incapable of proper DHCPv6-PD, that's when your route receives a prefix from upstream and delegates parts of it downstream. More specifically, it does the delegation, but it doesn’t add the relevant routes, effectively blackholing the allocated prefixes.

VyOS fixed this specific bug since I reported it. RouterOS and IOS never had it.

___ , 28 days ago

I’m isolated from this I suppose as I still use a separate line for upload. PD delegates and opens ports. What CIDR ranges do you use?

farcaller , 28 days ago

PD delegates the whole prefixes, i.e. it allows the subrouters to ask for a subnet of the size they need.

kindenough , 2 months ago

A raspberry pi with pihole running as dhcp server. In the ISP router turn off DHCP, DNS problem solved as pi will advertise its DNS to all connected devices on the network.