I used to have an old router that I assumed was useless since my ISP stopped providing security updates for it. However, after some research, I discovered it was a TP-Link Archer C7 v2. I decided to flash it with OpenWrt, and to this day, it’s still part of my network, performing exceptionally well. I absolutely love OpenWrt!
Archer C7's are absolute workhorses with OpenWRT!! I have 3 C7v5's and an A7v5.8 (the Amazon-customized model) all running OpenWRT in my network, 3 functioning as APs and the 4th a wireless-to-ethernet bridge. My main router is a C7v4 with the stock firmware, but once I swap that for a different unit, it's gonna be flashed as well to be an IoT router, because the v4 has swappable antennas while the v5 doesn't.
It's been a super reliable model for me! converted one to a wireless bridge for rare cases of needing "wired" connectivity in a room where my monitor is to set up proxmox machines, before moving them to a proper wired location as headless devices.
Tip: If your router doesn't have enough storage for installing packages, there is still hope, if the router has a USB port, you can simply add a a cheap 8 gb flash, and with a github script, the openwrt will recognise it as storage
Wouldn't another useful option for storage-less router be as a Unmanaged Switch too? (I presume that a Managed Switch would require some internal storage/memory?)
This is how I added storage to my DD-WRT router. It allows me to add additional software and gives me space for packet captures which is a useful feature on your router. Know what is happening and who is doing it.
I think he chose to deactivate USB because of security reasons. Also: While your solution works, it adds an extra failure point to the system. And think about it ... these embedded devices sometimes are literally eating USB-Sticks (bad or fluctuating voltages, usage as permanent or disk storage isn't a good idea either). Just saying ... if your network is in ruins and nothing works anymore:) I'm not saying that you guys shouldn't use this method or don't try it. It's just for the future and that I can say: Who has warned you?! Hehehehe. Have a good one!:)
@@autohmae the switches supported by OpenWrt are missing a lot of features, you can only do vlan. They are still working to support other features like LAG and so on
and thats what I have.. 2 Netgear routers running OpenWRT as managed switches and an HP T520 thin client running as pfSense firewall.. well router on a stick is usually discouraged but given my internet speeds its plenty and is running perfectly fine..
One year ago I used to have problems with my ISP’s router, like constant connection drops, high ping, etc. I was fed up with it, so I bought a router from a store that I checked was compatible with OpenWrt and set it up at home, installing the firmware was easy, and setting up a little bit harder (because I had to call my ISP to get a PPPoE login), and after setting it up I threw the ISP router away, and my network now works beautifully. Love this thing.
I've been running OpenWRT since the WRT54G, and it does what I need it to do and it's good to see it getting some positive press. It replaced an AST Pentium Pro 200 desktop running openbsd in my closet which was loud and power hungry (relative to the WRT54G anyway.) I have been contemplating buying an N200 system to replace my aging router (it's not still the 54g, it died a long time ago.) I appreciate your bravery, tackling topics your not 100% an expert in!
Went with a N100 System. Been very stable and set it, forget it. Every now and then, I run updates. Installed Proxmox as base OS with Opnsense, Home Assistant (including Zigbee & Zwave), Vaultwarden, Nginx Proxy Manager, AdAway. Been completely satisfied for about a year now.
I love the fact you're learning and digging into the bones of everything as you go along on your channel. OpenWRT is internationally saving e-waste! Capabilities do change from device to device, you do need to pre-configure a bit before you hit a GUI/WI, this kit becomes low maintenence too.
Certainly glad this project exists but after migrating over to an x86 mini PC with OPNsense and a cheap used business WiFi 6 WAP, I'm never going back to an all in one router. Having the router separately from the WiFi wap frees one to be able to swap out their WiFi portion without having to rebuild your whole network. When corporations upgrade their waps every few years the prices as used devices plummets when they all hit the market at once. I'll keep my rather expensive N100 mini PC router and just upgrade the system software now and then buy them incan swap out my WAP easily when I want to upgrade to the next thing the corporations have left behind. Yes, I'm always WiFi standard behind the latest and greatest but I get high end business network hardware on the cheap. And I get to do it without a ton of work since the router stays the same.
100% this. Best to run both unless you are a minimalist. Case in point, I added wifi 6E to my location while keeping the old wifi in place, no devices to reconfig, no change to existing setup.. easy to add and remove, expanding or contracting my network with ease.
Whenever I need to upgrade my Wi-Fi I just get a newer router with OpenWrt and transfer over the same configuration. No need to build your network from scratch.
I went with ubiquiti ecosystem (edge router and access point), and while you could buy them in same device, I still think it is best to have them separate: 1) you can upgrade one as you mentioned 2) your whole network wont be down if you swap AP 3) offload WLAN load to other device, and focus on handling traffic on edge router. I don't know if this is really relevant anymore, but with 1Gbps internet speeds you could bottleneck your internet speed with low end CPU with specific types of traffic (huge parallel downloads, I think torrent is good example of that). Everyone has different needs though, and for most single device is probably best way to go. Personally, I like to have them separate and have manufacturer focus on that specific thing, rather than building all-rounder.
I love OpenWRT. I set it up on two identical Asus routers, one as a main router / AP and the other as an AP only. Setup 4 SSIDs and VLAN trunking between them. A bit of a learning curve but it works great. The stock FW was crippled with no VLAN support. It’s nice to take control of your hardware.
After having enjoyed several of your videos, I want to thank you and tell you, that besides all the facts you are providing, your style of presenting feels very friendly and nice to me. Sort of a friend helping you out without any looking down, just honest and likeable.
Run OPNsense as your main router, then use old wifi openWRT routers as a bridge with multiple vlans /ssids trunked back to your OPNsense router. OpenWRT rocks and makes it pretty easy to setup different wifi vlans for IOT, guest, work, mgmt, etc. but as your main router? Only if you don’t have a lot going on.
What's the point of all that in a home network? Protecting your cheap Chinese made cameras from the company that built them from spying on you? That seems to be about it: being able to run devices you shouldn't and don't actually trust.
@ when you gain more experience you will get a better understanding of the reasons. You really shouldn’t trust any devices or software period, first of all. The other major reasons for network segmentation is simple organization. It’s easier to track, monitor, and manage. Some of us have a lot going on in our homelabs, some of us run hundreds if not thousands of devices, VMs, containers, etc. some of us are using our home networks to learn how to do things at the enterprise level. Hope this helps you broaden your perspective.
@@Andy-fd5fg OpenWRT x86 is pain to update, I used it for years before I moved to pfSense. Now I have so many rules, I'm not even sure how I would replicate the configuration on OpenWRT. I always install OpenWRT when I can on on Access Points or spare routers I want to use as an Access Point though.
@@alexatkinlook into A/B partition updates on GitHub. I already split my routers SSD into 4 partitions (bios, fw A, fw B, and persistent user storage)
The way I run OpenWRT is as an LXC container, which means memory used basically 0, it runs alongside everything else running on my passively cooled NUC.
I did use openwrt for a while but learned the hard way that things can go wrong. For whatever reason my model of router was skipped by several versions of openwrt and then finally a new version was released that was compatible. I figured I'd just flash that onto the router and whatever right? Nope, turns out the procedure was to revert to the original factory firmware then flash it to the newest openwrt. My bad, it wasn't exactly easy to figure that out either, I had to spend a while searching to learn this. Oh and since it was kind of an emergency to have a bricked router I quickly went to the nearest store and bought whatever router I could find and luck would have it, openwrt doesn't support it. Openwrt was great while it lasted :P
I have patched xiaomi ax3000t (around 35 USD in my country) for openwrt (snapshot version). And this is the best that u can do with this router))) I have installed amnesia Wireguard on this router and all works good. Now i am waiting normal openwrt version for ax3000t (now i am on snapshot) Also, one week ago I have created LXC container with openwrt for my k3s cluster and it's works great!)
I bought 4 used Netgear routers all the same model, flashed them to OpenWRT, now I have managed Access Points and I use them as managed APs with SSIDs connected to various VLANs.
Finally, someone covering OpenWrt, the only modern and as much upstream as possible router OS. It also supports SQM, AQL, FQ_Codel by default, so QoS is better than *any* vendor router software.
OpenWRT is the only reason my Linksys WRT1900ACS is still my only piece of network equipment. It's at least 8 years old, and Linksys stopped updating the firmware at least 5 years ago. But OpenWRT is keeping it fresh and functional with my 1Gbps f/o connection. I think the best speed I've gotten with Fast over Wi-Fi was about 600-700, which is pretty good for a nearly decade-old Wi-Fi 5 router. Pro Tip: Keep your network gear well-ventilated. Most of this unit's existence has been sitting on laptop coolers to increase hardware longevity and reliability.
Though not a pro, one thing I like is having my main desktop hooked up with Ethernet cord while other things are on WiFi. When you flash in new firmware, you always want it to be on the cat 5 cord instead on over the air. I also like having my "daily driver" computer on cat 5 cord to have first dibs on Internet.
Hardware offloading mean that the CPU does not process the packages but there is a dedicated chip doing that task. So it's a must-have feature, moreover, it will be interesting to see some iperf benchmark between two hosts or directly between a laptop and the router to see the real speed of the router. Anyway nice video, you convinced me to buy a router that supports this os to install wireguard there instead of my raspberry!
upgrading individual packages has two issues: 1) sometimes specific versions are requires as dependency for other packages and when you upgrade it, that dependency is no longer there. and 2) openwrt uses something called overlayfs, which has one read-only "lower" filesystem with default configs and packages, a.k.a the sysupgrade image, and a read-write "upper" filesystem where your config resides. when you reset the router, it simply wipes the upper fs to go to factory settings. same principle is also used by android, but android does not use overlayfs it's a different mechanism with same principle. anyway, when you upgrade a package, the older verison of that default package keeps sitting on the lower filesystem, but it is marked as deleted on the upper, but it still takes space. this can easily break devices by filling up the flash memory, especially on devices with low flash storage, like tplink archer ax23, which has only 16mb of storage. yes, only aroun 8 megs is available for user after openwrt install, and tailscale(7.73 MiB) barely fits for example
This is exactly why I am no longer a fan of OpenWRT personally. Sure you can use cheaper routers to do some useful things, but if your configuration is more advanced involving extra installed packages, then the update process is IMO much more clunky.
@@TheMuso28 it is a good "access point/combo router" OS. not a "enterprise-gear unifi replacement type shit. run your adblock dns server on your pc, because writing constant adguard logs to routers flash memory is probably a very bad idea. you need dpi? cool, get a proper computer. i'll still use both together honestly. like even if its dumb ap it's nice to have some ping statistics running on the ap or being able to scan the spectrum etc. and dump aps really do not need package updates that much
At home I use a Debian Box. On remote locations I use a LTE Router with openWRT. There are industrial Routers you can use. They can be Powered by batteries have GPIO, RS232 and RS485 to connect to industrial control system. Some ship with openWRT out of the box. Perfect for farm equipment. Wireguard for the connection to the home.
I bought an old Sophos XG firewall for $20 and upgraded the memory to 4gb and installed Sophos Home firewall. So far, I'm out about $30. Separate AP because I have a server in the basement and put the AP in the center of our house.
BananaPi BPI-R3. Has OpenWRT support. 2.5gbit SFP ports WiFi6 and 2gb RAM with 8gb eMMC storage! Can do 1600mbits in close proximity with a modern phone and you can run Docker on the Router itself! The BPI-R4 is even better with 10gbit SFP+, but no working WiFi7 yet on that device. Might take another few months.
Just know wireless drivers with most routers won't be as good or up to date with reference to blobs with OpenWRT/OpnSense/etc. Use a seperate wifi router in conjuction as an AP only connected to your OpenWRT/*Sense, etc.
Your reasoning is sound, thanks for sharing the alternative and what it looks like. I just did it using pfsense and had the same experience, kept needing more and more knick knacks
I installed OpenWRT on an older TP-Link router but my speeds fell from 1 Gb to about 300 Mb. So not every router handles the same. So I used Pfsense for 4-5 years, the bought a Mikrotik router and now I am testing an Ubiquiti USG I scrapped from work. Advantage for Mikrotik and Ubiquiti is the meshing, I want to get 2-3 AP-s and have them working seamlessly
I remember the excitement when the original WRT54G was "jailbroken", and people started writing addons for it. About the only part of the firmware that wasn't open source was the GUI. A new GUI was soon written, and fully open source firmware was soon available.
Definitely a nice cheap option for a router with much more capabilities than off the shelf routers or ISP provided routers. You make a good point about the pfsense/opnsense route, I recently built an opnsense router using an Lenovo M720Q paired with an Omada EAP-772 access point and total project cost was around $330.
30:00. You can use any thumb stick or SD card (if your router manages to have SD card reader) to use as storage trough Extroot, with the expense of having a permanently attach memory stick plugged into you device. I used to have those on my OpenWRT router and worked preddy well most of the time.
If you have your routers connected on their router port, as in the WAN port, there’s a lot of overhead with routing as opposed to switches. Swishers transmit packets 10 times faster than routers.
I run OpenWrt on proxmox with bunches of other containers and such and it routes 10 Gb fiber just fine and it's been solid AF for several years. Recycled some old retired desktop parts for hardware.
Wooooo, I have this exact router and use openwrt on it, the price to specs is crazy for it and ofc openwrt was a requirement for me to buy the router, nice to see this getting the attention it deserves
I have this exact device at home with openwrt as an access point (not router), and it's been great for that. at the time I bought it it was one of very few devices around with 4x4 wifi stream support. also using openwrt on an x86 virtual machine as a router.
I can only recommend the NanoPi Devices. I use a NanoPi R5S to use plex in a container and two disksets connected via USB (One Backup). Works like charm and i can use 2.5 Gbit Ethernet. The ice on the cake is i have also a mainframe (yes mainframe) running in a container to play with.
the real biggest L with redhat based routers is the lack of good open source hardware offloading support, unless you've got like a shit ton of high clock cores
Two comments: First, don't ever change your theme music. It's very soothing, and I know instantly I'm "home" with you! Second, I just upgraded to a new Protectli Intel box with four 2.5Gbps ports (I have 2.5 Gbps fiber now--yay!), and migrated pfSense over to it from the previous router. It works fine, but I can see possibly changing over to OpenWRT for some flexibility and features that pfSense doesn't do well. Also not happy with the convoluted steps I have to go through now to get pfBlocker working again. Yeesh! Thanks for this vid--as always, you explain things like a good, down-to-earth friend would! I'm definitely saving this vid for future reference.
This is so very interesting, I literally just bought a router yesterday so I could do exactly this (it was an ASUS, for $82 AUD from Amazon... What a deal and if I brick it it's not expensive.). Interestingly I had a great experience and it was easy to do (I connected the WAN to my existing port and was able to download the firmware directly to the device). The only thing I had to do was disable ipv6 because I have a Pihole and it was causing ads to not be blocked, I might need to do some more engineering of my network for ipv6 now it's supported. Great suggestion, if I hadn't already just done it I would probably take the jump from this video.
OpenWRT is where it's at period. I have 17 of them in my home lab myself. Plus it's way more flexible than some of the other distros I have dealt with over the years.
Nice. I’ve been using OpenWrt for a while, and it’s been great. For the home, I’d pick a fleet of inexpensive routers running OpenWrt any time over real™️ network gear. I’m not a big fan of letting them do non-router things, though, and compete for limited resources.
The reason for the sub gigabit Routing performance is NAT. If you'd have a v6 prefix delegated it would be bang on 1Gbit/s. Also as you correctly said (you just can't say it enough) don't use opkg to update pkgs. It's merely used to update things on ext4 installations of openwrt. Since every other installation uses squashfs alls changes made to the fs, will be layered upon the install. So deleting files will increase the storage usage instead of decresing it as it saves the metadata of the deletion, but does not remove the file. It's the same as with docker container images. This is why custom firmwares should be build to change specific parts about owrt. Anoher remark: you can use adguard, but you'd need to store all it's files on a usb drive though. Also it is a very capable routing platform (bgp, ospf, vxlan, wireguard, vrfs..) and can do everything you'd want, you only need to install the right packages. ;)
Tomato, OpenWRT, DDWRT, whatever open firmware is great. I ran really inexpensive routers as routers, AP's, managed switches for the better part of the last 20 years. I spent some time with Unifi but it wasn't as stable. It was a great intro to network administration, and a good stepping off point to unifi, Mikrotik, Omada setups.
540MB/s is the limitation of write speed on an SSD. If you want better performance numbers you need a faster storage drive so the actual that can transfer to and from your device at full speed. Otherwise your speeds hit a hardware performance bottle neck.
i got an openwrt router, which is way less powerful (and less storage) than the one you got, and i have no issues running adguard home on it, and i stil have plenty of space for anything an average home user needs
Another reason you may want to consider OpenWRT over OPNsense or PFsense is that you can run into compatibility issues even if you just want to do Ethernet through a mini PC. Realtek NICs have extremely spotty compatibility with FreeBSD, which OPNsense and PFsense are built on, so even with the proprietary drivers installed you can easily run into a situation where your only options are to have a dual port M.2 NIC MacGyvered onto your mini PC, exclusively using USB 3.0 NICs, or just installing OpenWRT to take advantage of it's Linux kernel having better maintained drivers for Realtek NICs
I use OpenWRT myself. What I know is that when looking for a router, do your homework first! I have the Linksys WRT1200AC router. that is advertised to be OpenWRT-ready. I bought an exact duplicate router and flashed in the OpenWRT firmware and immediately LOVED it! The router has 2 USB ports so you can use them for external hard drives, or other stuff, including serial devices with the needed cord. OpenWRT can be used, not just for routers, but also NAS servers, light show machines or "everything in one" servers. If anyone were to take the Intel flavor, and add the Gnome GUI like Ubuntu, the possibilities would be damn near limitless. Since that my router is dual band, I gave them separate SSIDs, with the 5 GHz transmitter as (router name)-FM
If you're already using a wifi-less router such as pfsense you should be able to use whatever AP/router your ISP provides. Most models should support bridge mode which lets you utilize the AP functionality without the routing. Wifi devices connect to the AP and it can send connections up to your actual router/dhcp server as normal. I've been using my Verizon provided AP/Router while my actual router is elsewhere. May end up being cheaper for some.
I use openwrt and ddwrt on very old routers to convert wired only devices to wireless and setup wireless bridges. I also use it for my home internet Wifi AP. They work great!
I remember starting using openwrt around the time that fon's LaFonera free wifi router was released in oct 2006, openwrt was released january 2007 so guess that was the very first version, 17 years now.
One time I embedded a firewall / router inside my computer. I removed TCP/IP from my hardware NIC and routed it directly into Hyper-V and used the virtual NIC as the TCP/IP connection. The only way I could get online is to boot the router / firewall in the VM.
Router in the 5 Ghz band first checks whether the selected channel is free (it is about weather or military radars, for example). Sometimes it takes up to 20 minutes for the access point to be visible. This is called Dynamic Frequency Selection (DFS). However, this seems to apply only to high channels in the 5Ghz band. The only strange thing is that the network is visible on the laptop and the phone is not.
The 5G band not showing on the phone issue is mostly because you set the channel as auto and some devices (specially phones) can’t recognize all the 5G channels (specially the higher freqs), the solution is to set the 5G channel manually to 40 or 44 and it will work on all devices
17:50 I had this problem on a different appliance when I installed OpenWRT. Turned out the device was VERY sensitive as to which RF channels would work with WiFi6. Only about 3 of them, and 2 were already congested with neighbours AP's so yeah, after a few hours of trial and error, I hit a good setup and I'm never touching it again... 😮
I had 3 Google Wifi units on which I installed OpenWrt. To ensure my home wasn't without WiFi during the process, I bought 4 used units, installed OpenWrt on them, and then sold my original 3 for the same price I paid for the 4.
My only gripe with off the shelf routers, the 1-2 mips cores dont allow much performance for inspections or throughput LAN to WAN foe +1Gbps. Memory limitations is junk for doing any logs or diagnostics. However, I'm usually using OpenWRT for family and friends with 500Mbps or less Internet.
Which Is Better? It really depends on your use case: OPNsense is ideal for users who need a full-featured firewall with advanced security, are willing to work with higher resource requirements, and prefer a user-friendly interface for enterprise-level or heavy-duty home network setups. OpenWRT is perfect for those who need flexibility and customization and are running low-power hardware (or older routers), or if you want to experiment with Wi-Fi management and wireless networks. It’s great for home use, DIYers, and those comfortable with manual configuration. If you’re looking for a powerful firewall, OPNsense is likely the better choice, but if you want a lightweight, customizable solution that works across a wide range of devices, OpenWRT is a solid pick.
Also, *sense is only on OpenBSD, which is effectively a dead end, while OpenWRT is based on Linux, meaning that it’s even more expandable than the BSD-based *sense router OSs, and there are more and currently drivers for a lot more devices, making it easier to run newer hardware.
@@fujinshu I appreciate your input, but I think there are some important distinctions to note. OPNsense, while based on OpenBSD, offers a level of security and stability that’s hard to beat, especially with its advanced firewall features, VPN capabilities, and traffic shaping options that OpenWRT doesn’t quite match. It’s not a "dead end" - OpenBSD is still actively maintained and used in enterprise-level applications, and OPNsense is continuously updated with security patches and improvements. While OpenWRT excels in flexibility and is great for custom setups on low-power devices, OPNsense brings more robust enterprise-grade features, especially for users needing deep network control. It’s not just about hardware compatibility - it's about use cases, and OPNsense is a more powerful choice for those requiring high-level firewall and security capabilities. Both have their strengths, but OPNsense’s security-first approach and deeper control set it apart for more complex network needs.
The router can have openwrt installed, firewall etc, but then all traffic still has to go through the actual modem...isn’t this a privacy / secularity risk is my modem for example is a Huawei? (I use a modem / router all in one, 4g SIM card, as I don’t have fibre or any other option in my area) I’d like to get a raspberry pi 5, with the 4g sim HAT add on, and run openwrt on that. The pi’s Ethernet port will connect to a switch. No need for routers or modems! 8gb pi5 is more powerful than most routers so it’d be a champ at this i think👍
I have this router with OpenWRT, unsure if they have fixed the below issue but: #1 - DO NOT UPGRADE CORE PACKAGES VIA PACKAGE MANAGER, it will brick the device, upgrade by downloading the new firmware again from OpenWRT and flashing the new firmware via the Web UI, I imagine tailscale and whatever else should be fine (I use as AP so I dont use packages) #2 - No need to run the last setenv command, if you leave the boot args for usb and keep the usb with that image on it named exactly the same in a drawer somewhere (not plugged in), if you do brick it from #1 (I have) then you can possibly recover from the USB without serial, you would still need to setup from that step again by plugging in the USB and doing the ssh / send the device specific firmware #3 - I also have speed issues with 5GHz, I think AX is supposed to be dual band to get WiFi 6 speed, although I could be wrong about this. Would test speeds with stock firmware and see how they have it setup before flashing OpenWRT
the "solution" to 1 is to use attended-sysupgrades and have the device itself request a firmware to the openwrt servers with the packages you have installed so it can be flashed. This also saves space because all the packages will be in the high compression read only part of the firmware image now
Back in the day I used dd-wrt however WiFi 6 was unsupported which was a deal-breaker for me as I've been trying to move over to that. I still have that trendnet router somewhere around here.
It's going to be a couple months before I can dive into this, but I think it's going to fix serious issues I have with Frontier Fiber. (they take control of the lan, as well as wan. I need assigned IP's that they prevent..) Worth a try.
Something fun you can try with the 2.5gbit port for a homelab is to assign it as your lan port instead of your wan and then have a cheap managed 2.5gbit switch behind it and do inter-vlan routing at 2.5gbit. That is if your router can handle the load but only testing will find that out. But if you wanna mess around with different VLANs for your clients and servers for example that's an option. Maybe that's an idea for a future video? Add one of the cheap chinese managed 2.5gbit switches and test the performance of a setup like this with a NAS on one network and a client on another.
also on another note, some openwrt devices have better wifi driver implementations than others. one way to sort of gauge that is to check resource usage with top command while loading up the wifi interface. also most devices cant use hardware offload features for nat etc. and on the ones that are supported you need to explicitly enable it. that might also be a factor limiting your suboptimal wifi bandwidth.
Wow it looks like WRT has come a long way since I did it with an old Linksys and Buffalo a/g generation router with a whole 54 Mbps wireless bandwidth. Might be time to look at this again. Thanks Colten!
Mikrotik hap ax2 or 3 are also great options for homelabing. But I would recommend them to people that like to play around with plenty of network settings which can get overwhelming at first.
Biggest benefit of openwrt is SQM which is a QOS using cake id recommend checking into that and doing a little bit of a update on this maybe run this for a week and see what it was like just an idea
Im lucky to get 1.75 mbps. We run multiple devices on it. 500 mbps is straight overkill unless you have massive traffic from a server. Yes, the low bandwidth is noticeable when all devices are active but they still work. My point is that 1.7 will work, 10 is amazing with 10 devices. 500 is redundant and makes you wonder what you’re actually paying for. Should be a able to share that excess bandwidth.
@@MedicalServiceKenakMedika Pretty much any supported OpenWRT device can be configured to run a GRETAP or VXLAN tunnel over Wifi to another OpenWRT device. The advantage is that even VLANs can be tunneled across.
as an openwrt fan rocking high-available openwrt setup at home, i have to say your point for "needing an poe source and ap for wifi" is just silly at best. any modern router with dhcp and firewall off, and lan connected to lan, can do just fine as an access point. in other words, take one of those all in one boxes and just use the acecss point part. you do not need an enterprise/prosumer grade access point as shown on video
To get the true network speed test, you don't hook up the Dynalink router to your Main router at home. Otherwise you are actually using double NAT. 1 NAT from your main router and 2 NAT from the Dynalink router.
Old provider-locked FritzBox from a flea market for 10€. Provider unlock and flash. Frugal little computer that's relatively safe and that you can just stick anywhere all over the place.
If you have gigabit Internet from your ISP then you want that 2.5Gb WAN port. Due to overhead on your Ethernet connection a gigabit port can only reliably achieve about 940 MBit/sec. A major US cable ISP (ahem…) typically provisions 1000x35 connections at 1200x42, and 1000x1000 (yes, there are markets that have that over coax!) connections at 1200x1100 so you have a fighting chance of getting the full gigabit. The ISP’s WiFi 6 and 6e routers have 2.5Gb WAN ports and 1Gb LAN ports as nobody really needs a gigabit on a single device, but you might need two devices at 500…or 10 devices at 100.
I run openwrt on a usff/micro optiplex 9020 with a 2.5g nic in one m2 and a wifi6e card in the other m2 and a sata ssd, it uses 15W under max load and is fast as heck, the bios post takes longer than boot + connect and it cost like $70, i prefer not have it virtualized because it is a somewhat critical piece of the network and it basically never gets touched
You can also use openwrt on older NAS devices that are no longer supported. Biggest issue is the upgrade process, I've not attempted to upgrade the version cos I don't want to lose all the backup data and the time it would take to resync cos mine is my backup - backup NAS
I just flashed my old TP-Link wireless router with OpenWRT. That particular company recently had their stuff hacked. Changing the Os has saved it from this!
I use pfsense as my router then i have a pair of linksys/belkin ax3200/e8450's as wifi access points with openwrt and it works AWESOME!!! make them into dumb APs without DNS or DHCP or even fiewall as pfsense does all that, the APs aren't stressed at all AND the four ports are still wired sdwitch ports (WAN is also a switch port now but i use that for the incoming kinda like WAN, though you can use any port for any)...best of both worlds and i can expand my wifi or add a vlan for wifi iot devices super easy, just buy another belkin and openwrt it and plug it in
Never used anything else than the ISP provided router. Not sure about before I was doing my own networking stuff, but my current one has all the options I need, fully saturates my 1 Gbit FttH, and gives me up to 800 Mbit over wifi
As others have said I like having PFsense as my main router but Im planning on setting something like this up for Iot device testing with packet captures
I wish OpenWRT didn't have a bespoke crazy network config (works great only if you use a gui). I get why it is required (DSA is a nightmare to understand from the Linux kernel anyway). I tried over and over to put my Flint 2 into AP mode with VLANs and gave up. They are moving to Alpine APK which is refreshing. Hoping for more "linux standardization" comes along.
IMHO now with DSA its easier the switch is treated as any other Router where each port can be configured as you want on *Sense you do the same. I used a lot of SWConfig before and now its more in line to what I dormally do on router devices. The downside is if you want to treat the interfaces as switch than it is a bit messy but luci made some progress in that too! Lets see what will it go with the APK change.
not sure what are you expecting from the move to Alpine's package manager. It's just a tool to install packages, they are not becoming Alpine nor discontinuing the UCI configuration system they always had
I used to have an old router that I assumed was useless since my ISP stopped providing security updates for it. However, after some research, I discovered it was a TP-Link Archer C7 v2. I decided to flash it with OpenWrt, and to this day, it’s still part of my network, performing exceptionally well. I absolutely love OpenWrt!
I also had an Archer C7 with OpenWRT for years. Only recently upgraded to a newer access point.
Been running OpenWRT through the same Archer v2 as you. Fantastic performance and reliability.
Was it a Ziggo thing?
Archer C7's are absolute workhorses with OpenWRT!! I have 3 C7v5's and an A7v5.8 (the Amazon-customized model) all running OpenWRT in my network, 3 functioning as APs and the 4th a wireless-to-ethernet bridge. My main router is a C7v4 with the stock firmware, but once I swap that for a different unit, it's gonna be flashed as well to be an IoT router, because the v4 has swappable antennas while the v5 doesn't.
It's been a super reliable model for me! converted one to a wireless bridge for rare cases of needing "wired" connectivity in a room where my monitor is to set up proxmox machines, before moving them to a proper wired location as headless devices.
Tip:
If your router doesn't have enough storage for installing packages, there is still hope, if the router has a USB port, you can simply add a a cheap 8 gb flash, and with a github script, the openwrt will recognise it as storage
Wouldn't another useful option for storage-less router be as a Unmanaged Switch too? (I presume that a Managed Switch would require some internal storage/memory?)
I hope someday we can run OpenWRT on a USB SSD/NVME instead of the native flash.
This is how I added storage to my DD-WRT router. It allows me to add additional software and gives me space for packet captures which is a useful feature on your router. Know what is happening and who is doing it.
@@SB-qm5wgyou could try modifying uboot to boot off a USB device
I think he chose to deactivate USB because of security reasons.
Also: While your solution works, it adds an extra failure point to the system. And think about it ... these embedded devices sometimes are literally eating USB-Sticks (bad or fluctuating voltages, usage as permanent or disk storage isn't a good idea either).
Just saying ... if your network is in ruins and nothing works anymore:) I'm not saying that you guys shouldn't use this method or don't try it. It's just for the future and that I can say: Who has warned you?! Hehehehe. Have a good one!:)
Pro tip: an old router running OpenWrt is the cheapest 5-port managed switch.
I've seen a bunch of switches also listed as OpenWRT capable, I've not tried it, but supposedly that also works.
second pro tip: buy a second secondhand one for when you brick it 😂
or pick an easy router to install it on to
cheapest indeed. if you are luck you can get 100/100 from only 1 port to another port. never try using 100Mbps from 2 TCP connections at once
@@autohmae the switches supported by OpenWrt are missing a lot of features, you can only do vlan. They are still working to support other features like LAG and so on
and thats what I have.. 2 Netgear routers running OpenWRT as managed switches and an HP T520 thin client running as pfSense firewall.. well router on a stick is usually discouraged but given my internet speeds its plenty and is running perfectly fine..
One year ago I used to have problems with my ISP’s router, like constant connection drops, high ping, etc. I was fed up with it, so I bought a router from a store that I checked was compatible with OpenWrt and set it up at home, installing the firmware was easy, and setting up a little bit harder (because I had to call my ISP to get a PPPoE login), and after setting it up I threw the ISP router away, and my network now works beautifully. Love this thing.
I've been running OpenWRT since the WRT54G, and it does what I need it to do and it's good to see it getting some positive press. It replaced an AST Pentium Pro 200 desktop running openbsd in my closet which was loud and power hungry (relative to the WRT54G anyway.) I have been contemplating buying an N200 system to replace my aging router (it's not still the 54g, it died a long time ago.) I appreciate your bravery, tackling topics your not 100% an expert in!
Went with a N100 System. Been very stable and set it, forget it. Every now and then, I run updates. Installed Proxmox as base OS with Opnsense, Home Assistant (including Zigbee & Zwave), Vaultwarden, Nginx Proxy Manager, AdAway. Been completely satisfied for about a year now.
Oh man the wrt54g days. Takes me back.
Woah, I did it the first time on a Mango.
Great device, thumps up, aranc23!:)
I love the fact you're learning and digging into the bones of everything as you go along on your channel.
OpenWRT is internationally saving e-waste! Capabilities do change from device to device, you do need to pre-configure a bit before you hit a GUI/WI, this kit becomes low maintenence too.
Certainly glad this project exists but after migrating over to an x86 mini PC with OPNsense and a cheap used business WiFi 6 WAP, I'm never going back to an all in one router.
Having the router separately from the WiFi wap frees one to be able to swap out their WiFi portion without having to rebuild your whole network. When corporations upgrade their waps every few years the prices as used devices plummets when they all hit the market at once. I'll keep my rather expensive N100 mini PC router and just upgrade the system software now and then buy them incan swap out my WAP easily when I want to upgrade to the next thing the corporations have left behind. Yes, I'm always WiFi standard behind the latest and greatest but I get high end business network hardware on the cheap. And I get to do it without a ton of work since the router stays the same.
100% this. Best to run both unless you are a minimalist. Case in point, I added wifi 6E to my location while keeping the old wifi in place, no devices to reconfig, no change to existing setup.. easy to add and remove, expanding or contracting my network with ease.
@duduoson1306 Great minds think alike.
Whenever I need to upgrade my Wi-Fi I just get a newer router with OpenWrt and transfer over the same configuration. No need to build your network from scratch.
@GabrielSoldani That's a great point and I hadn't thought of that.
I went with ubiquiti ecosystem (edge router and access point), and while you could buy them in same device, I still think it is best to have them separate:
1) you can upgrade one as you mentioned
2) your whole network wont be down if you swap AP
3) offload WLAN load to other device, and focus on handling traffic on edge router. I don't know if this is really relevant anymore, but with 1Gbps internet speeds you could bottleneck your internet speed with low end CPU with specific types of traffic (huge parallel downloads, I think torrent is good example of that).
Everyone has different needs though, and for most single device is probably best way to go. Personally, I like to have them separate and have manufacturer focus on that specific thing, rather than building all-rounder.
I love OpenWRT. I set it up on two identical Asus routers, one as a main router / AP and the other as an AP only. Setup 4 SSIDs and VLAN trunking between them. A bit of a learning curve but it works great. The stock FW was crippled with no VLAN support. It’s nice to take control of your hardware.
After having enjoyed several of your videos, I want to thank you and tell you, that besides all the facts you are providing, your style of presenting feels very friendly and nice to me. Sort of a friend helping you out without any looking down, just honest and likeable.
Run OPNsense as your main router, then use old wifi openWRT routers as a bridge with multiple vlans /ssids trunked back to your OPNsense router. OpenWRT rocks and makes it pretty easy to setup different wifi vlans for IOT, guest, work, mgmt, etc. but as your main router? Only if you don’t have a lot going on.
Depends what hardware you run it on, they have a build for x86/64.
What's the point of all that in a home network? Protecting your cheap Chinese made cameras from the company that built them from spying on you? That seems to be about it: being able to run devices you shouldn't and don't actually trust.
@ when you gain more experience you will get a better understanding of the reasons. You really shouldn’t trust any devices or software period, first of all. The other major reasons for network segmentation is simple organization. It’s easier to track, monitor, and manage. Some of us have a lot going on in our homelabs, some of us run hundreds if not thousands of devices, VMs, containers, etc. some of us are using our home networks to learn how to do things at the enterprise level. Hope this helps you broaden your perspective.
@@Andy-fd5fg OpenWRT x86 is pain to update, I used it for years before I moved to pfSense. Now I have so many rules, I'm not even sure how I would replicate the configuration on OpenWRT.
I always install OpenWRT when I can on on Access Points or spare routers I want to use as an Access Point though.
@@alexatkinlook into A/B partition updates on GitHub. I already split my routers SSD into 4 partitions (bios, fw A, fw B, and persistent user storage)
The way I run OpenWRT is as an LXC container, which means memory used basically 0, it runs alongside everything else running on my passively cooled NUC.
I did use openwrt for a while but learned the hard way that things can go wrong. For whatever reason my model of router was skipped by several versions of openwrt and then finally a new version was released that was compatible. I figured I'd just flash that onto the router and whatever right? Nope, turns out the procedure was to revert to the original factory firmware then flash it to the newest openwrt. My bad, it wasn't exactly easy to figure that out either, I had to spend a while searching to learn this. Oh and since it was kind of an emergency to have a bricked router I quickly went to the nearest store and bought whatever router I could find and luck would have it, openwrt doesn't support it. Openwrt was great while it lasted :P
I have patched xiaomi ax3000t (around 35 USD in my country) for openwrt (snapshot version). And this is the best that u can do with this router))) I have installed amnesia Wireguard on this router and all works good. Now i am waiting normal openwrt version for ax3000t (now i am on snapshot)
Also, one week ago I have created LXC container with openwrt for my k3s cluster and it's works great!)
I bought 4 used Netgear routers all the same model, flashed them to OpenWRT, now I have managed Access Points and I use them as managed APs with SSIDs connected to various VLANs.
I want to flash OpenWrt onto four to six refurbished Netgear routers, install the FRR package, and turn them into an OSPF lab.
Finally, someone covering OpenWrt, the only modern and as much upstream as possible router OS. It also supports SQM, AQL, FQ_Codel by default, so QoS is better than *any* vendor router software.
It was a test-bed for FQ_Codel, etc. in the early days, so it was ahead of everyone else.
OpenWRT is the only reason my Linksys WRT1900ACS is still my only piece of network equipment.
It's at least 8 years old, and Linksys stopped updating the firmware at least 5 years ago.
But OpenWRT is keeping it fresh and functional with my 1Gbps f/o connection.
I think the best speed I've gotten with Fast over Wi-Fi was about 600-700, which is pretty good for a nearly decade-old Wi-Fi 5 router.
Pro Tip: Keep your network gear well-ventilated. Most of this unit's existence has been sitting on laptop coolers to increase hardware longevity and reliability.
Though not a pro, one thing I like is having my main desktop hooked up with Ethernet cord while other things are on WiFi. When you flash in new firmware, you always want it to be on the cat 5 cord instead on over the air. I also like having my "daily driver" computer on cat 5 cord to have first dibs on Internet.
Hardware offloading mean that the CPU does not process the packages but there is a dedicated chip doing that task. So it's a must-have feature, moreover, it will be interesting to see some iperf benchmark between two hosts or directly between a laptop and the router to see the real speed of the router. Anyway nice video, you convinced me to buy a router that supports this os to install wireguard there instead of my raspberry!
a normal intel/amd CPU can do 1 gbit no problem, it's an issue for 10gbit or more
upgrading individual packages has two issues: 1) sometimes specific versions are requires as dependency for other packages and when you upgrade it, that dependency is no longer there. and 2) openwrt uses something called overlayfs, which has one read-only "lower" filesystem with default configs and packages, a.k.a the sysupgrade image, and a read-write "upper" filesystem where your config resides. when you reset the router, it simply wipes the upper fs to go to factory settings. same principle is also used by android, but android does not use overlayfs it's a different mechanism with same principle. anyway, when you upgrade a package, the older verison of that default package keeps sitting on the lower filesystem, but it is marked as deleted on the upper, but it still takes space. this can easily break devices by filling up the flash memory, especially on devices with low flash storage, like tplink archer ax23, which has only 16mb of storage. yes, only aroun 8 megs is available for user after openwrt install, and tailscale(7.73 MiB) barely fits for example
btw zerotier is only 501kb on openwrt
This is exactly why I am no longer a fan of OpenWRT personally. Sure you can use cheaper routers to do some useful things, but if your configuration is more advanced involving extra installed packages, then the update process is IMO much more clunky.
@@TheMuso28 it is a good "access point/combo router" OS. not a "enterprise-gear unifi replacement type shit. run your adblock dns server on your pc, because writing constant adguard logs to routers flash memory is probably a very bad idea. you need dpi? cool, get a proper computer.
i'll still use both together honestly. like even if its dumb ap it's nice to have some ping statistics running on the ap or being able to scan the spectrum etc.
and dump aps really do not need package updates that much
I've only used OpenWRT once, though I've used DDWRT plenty. It's great for bringing new life to old routers. Thanks!
At home I use a Debian Box.
On remote locations I use a LTE Router with openWRT. There are industrial Routers you can use. They can be Powered by batteries have GPIO, RS232 and RS485 to connect to industrial control system. Some ship with openWRT out of the box.
Perfect for farm equipment. Wireguard for the connection to the home.
I bought an old Sophos XG firewall for $20 and upgraded the memory to 4gb and installed Sophos Home firewall. So far, I'm out about $30. Separate AP because I have a server in the basement and put the AP in the center of our house.
BananaPi BPI-R3.
Has OpenWRT support. 2.5gbit SFP ports WiFi6 and 2gb RAM with 8gb eMMC storage!
Can do 1600mbits in close proximity with a modern phone and you can run Docker on the Router itself!
The BPI-R4 is even better with 10gbit SFP+, but no working WiFi7 yet on that device. Might take another few months.
Just know wireless drivers with most routers won't be as good or up to date with reference to blobs with OpenWRT/OpnSense/etc. Use a seperate wifi router in conjuction as an AP only connected to your OpenWRT/*Sense, etc.
I used OpenWRT for many years with many routers. To overcome the storage limitation issues, I used a USB stick with a functionality named Extroot.
Your reasoning is sound, thanks for sharing the alternative and what it looks like. I just did it using pfsense and had the same experience, kept needing more and more knick knacks
I installed OpenWRT on an older TP-Link router but my speeds fell from 1 Gb to about 300 Mb. So not every router handles the same. So I used Pfsense for 4-5 years, the bought a Mikrotik router and now I am testing an Ubiquiti USG I scrapped from work. Advantage for Mikrotik and Ubiquiti is the meshing, I want to get 2-3 AP-s and have them working seamlessly
OpenWRT is fantastic, I've deployed everywhere from core firewalls to edge WAPs and wireless PtP and PtMP setups. It's never let me down!
Must have lucky hardware. Its hit or miss with most people.
What devices are you talking about?
Opnsense has a lot more features and a lot easier to use. Wont accidently brick a router by picking a wrong option either. At least for me.
I remember the excitement when the original WRT54G was "jailbroken", and people started writing addons for it. About the only part of the firmware that wasn't open source was the GUI. A new GUI was soon written, and fully open source firmware was soon available.
Still have a WRT54G in my "Museum" most stable router I ever had
Definitely a nice cheap option for a router with much more capabilities than off the shelf routers or ISP provided routers. You make a good point about the pfsense/opnsense route, I recently built an opnsense router using an Lenovo M720Q paired with an Omada EAP-772 access point and total project cost was around $330.
30:00. You can use any thumb stick or SD card (if your router manages to have SD card reader) to use as storage trough Extroot, with the expense of having a permanently attach memory stick plugged into you device. I used to have those on my OpenWRT router and worked preddy well most of the time.
If you have your routers connected on their router port, as in the WAN port, there’s a lot of overhead with routing as opposed to switches. Swishers transmit packets 10 times faster than routers.
Pro tip: Changing the country code to a nation without transmission power regulations allows you to communicate with the International Space Station.
In the very worst case someone might come to your door (very unlikely, but possible in theory).
I run OpenWrt on proxmox with bunches of other containers and such and it routes 10 Gb fiber just fine and it's been solid AF for several years. Recycled some old retired desktop parts for hardware.
Wooooo, I have this exact router and use openwrt on it, the price to specs is crazy for it and ofc openwrt was a requirement for me to buy the router, nice to see this getting the attention it deserves
I have this exact device at home with openwrt as an access point (not router), and it's been great for that. at the time I bought it it was one of very few devices around with 4x4 wifi stream support. also using openwrt on an x86 virtual machine as a router.
If your host that runs the virtual machine is Linux, you can also run OpenWRT in an LXC container instead.
I can only recommend the NanoPi Devices. I use a NanoPi R5S to use plex in a container and two disksets connected via USB (One Backup). Works like charm and i can use 2.5 Gbit Ethernet. The ice on the cake is i have also a mainframe (yes mainframe) running in a container to play with.
the real biggest L with redhat based routers is the lack of good open source hardware offloading support, unless you've got like a shit ton of high clock cores
Redhat based?
Mediatek has hardware offloading support on OpenWRT while Qualcomm requires a fork built with NSS. Can be done if your network needs it though.
Two comments: First, don't ever change your theme music. It's very soothing, and I know instantly I'm "home" with you!
Second, I just upgraded to a new Protectli Intel box with four 2.5Gbps ports (I have 2.5 Gbps fiber now--yay!), and migrated pfSense over to it from the previous router. It works fine, but I can see possibly changing over to OpenWRT for some flexibility and features that pfSense doesn't do well. Also not happy with the convoluted steps I have to go through now to get pfBlocker working again. Yeesh!
Thanks for this vid--as always, you explain things like a good, down-to-earth friend would! I'm definitely saving this vid for future reference.
This is so very interesting, I literally just bought a router yesterday so I could do exactly this (it was an ASUS, for $82 AUD from Amazon... What a deal and if I brick it it's not expensive.). Interestingly I had a great experience and it was easy to do (I connected the WAN to my existing port and was able to download the firmware directly to the device). The only thing I had to do was disable ipv6 because I have a Pihole and it was causing ads to not be blocked, I might need to do some more engineering of my network for ipv6 now it's supported.
Great suggestion, if I hadn't already just done it I would probably take the jump from this video.
Another IT gateway drug, this time for networking 😂 nicely done! I love how you make this approachable 😊
OpenWRT is where it's at period. I have 17 of them in my home lab myself. Plus it's way more flexible than some of the other distros I have dealt with over the years.
Nice. I’ve been using OpenWrt for a while, and it’s been great. For the home, I’d pick a fleet of inexpensive routers running OpenWrt any time over real™️ network gear. I’m not a big fan of letting them do non-router things, though, and compete for limited resources.
The reason for the sub gigabit Routing performance is NAT. If you'd have a v6 prefix delegated it would be bang on 1Gbit/s. Also as you correctly said (you just can't say it enough) don't use opkg to update pkgs. It's merely used to update things on ext4 installations of openwrt. Since every other installation uses squashfs alls changes made to the fs, will be layered upon the install. So deleting files will increase the storage usage instead of decresing it as it saves the metadata of the deletion, but does not remove the file. It's the same as with docker container images. This is why custom firmwares should be build to change specific parts about owrt. Anoher remark: you can use adguard, but you'd need to store all it's files on a usb drive though. Also it is a very capable routing platform (bgp, ospf, vxlan, wireguard, vrfs..) and can do everything you'd want, you only need to install the right packages. ;)
Tomato, OpenWRT, DDWRT, whatever open firmware is great. I ran really inexpensive routers as routers, AP's, managed switches for the better part of the last 20 years. I spent some time with Unifi but it wasn't as stable.
It was a great intro to network administration, and a good stepping off point to unifi, Mikrotik, Omada setups.
540MB/s is the limitation of write speed on an SSD. If you want better performance numbers you need a faster storage drive so the actual that can transfer to and from your device at full speed. Otherwise your speeds hit a hardware performance bottle neck.
i got an openwrt router, which is way less powerful (and less storage) than the one you got, and i have no issues running adguard home on it, and i stil have plenty of space for anything an average home user needs
OpenWRT is awesome, and longevity is insane. I have a 802.11g router, 20 years maybe, and the IBF thing is still supported!
Another reason you may want to consider OpenWRT over OPNsense or PFsense is that you can run into compatibility issues even if you just want to do Ethernet through a mini PC. Realtek NICs have extremely spotty compatibility with FreeBSD, which OPNsense and PFsense are built on, so even with the proprietary drivers installed you can easily run into a situation where your only options are to have a dual port M.2 NIC MacGyvered onto your mini PC, exclusively using USB 3.0 NICs, or just installing OpenWRT to take advantage of it's Linux kernel having better maintained drivers for Realtek NICs
I use OpenWRT myself. What I know is that when looking for a router, do your homework first! I have the Linksys WRT1200AC router. that is advertised to be OpenWRT-ready. I bought an exact duplicate router and flashed in the OpenWRT firmware and immediately LOVED it! The router has 2 USB ports so you can use them for external hard drives, or other stuff, including serial devices with the needed cord. OpenWRT can be used, not just for routers, but also NAS servers, light show machines or "everything in one" servers. If anyone were to take the Intel flavor, and add the Gnome GUI like Ubuntu, the possibilities would be damn near limitless.
Since that my router is dual band, I gave them separate SSIDs, with the 5 GHz transmitter as (router name)-FM
If you're already using a wifi-less router such as pfsense you should be able to use whatever AP/router your ISP provides. Most models should support bridge mode which lets you utilize the AP functionality without the routing. Wifi devices connect to the AP and it can send connections up to your actual router/dhcp server as normal. I've been using my Verizon provided AP/Router while my actual router is elsewhere. May end up being cheaper for some.
I use openwrt and ddwrt on very old routers to convert wired only devices to wireless and setup wireless bridges. I also use it for my home internet Wifi AP. They work great!
Hell yeah 👍 I've used OpenWrt for a very very long time, and DD-WRT before that. Glad you saw the light.
Next: Vyos vs opemwrt for 10 gbit speed
I remember starting using openwrt around the time that fon's LaFonera free wifi router was released in oct 2006, openwrt was released january 2007 so guess that was the very first version, 17 years now.
Even though I prefer manually configuring routing with OpenBSD, I use an OpenWRT router as an access point and it works great.
One time I embedded a firewall / router inside my computer. I removed TCP/IP from my hardware NIC and routed it directly into Hyper-V and used the virtual NIC as the TCP/IP connection.
The only way I could get online is to boot the router / firewall in the VM.
OpenWRT on the Dynalink is a great combo. I’ve been running it solid for almost a year with fiber.
You can work around the space issue on openwrt, by using an extroot configuration using a USB device as extra storage, even 500mb is lots for openwrt.
That's just what I did with my DD-WRT router. Gives me space for packet captures which is great for troubleshooting.
Router in the 5 Ghz band first checks whether the selected channel is free (it is about weather or military radars, for example). Sometimes it takes up to 20 minutes for the access point to be visible. This is called Dynamic Frequency Selection (DFS). However, this seems to apply only to high channels in the 5Ghz band. The only strange thing is that the network is visible on the laptop and the phone is not.
The 5G band not showing on the phone issue is mostly because you set the channel as auto and some devices (specially phones) can’t recognize all the 5G channels (specially the higher freqs), the solution is to set the 5G channel manually to 40 or 44 and it will work on all devices
17:50 I had this problem on a different appliance when I installed OpenWRT. Turned out the device was VERY sensitive as to which RF channels would work with WiFi6. Only about 3 of them, and 2 were already congested with neighbours AP's so yeah, after a few hours of trial and error, I hit a good setup and I'm never touching it again... 😮
I had 3 Google Wifi units on which I installed OpenWrt. To ensure my home wasn't without WiFi during the process, I bought 4 used units, installed OpenWrt on them, and then sold my original 3 for the same price I paid for the 4.
And now i have 4 vlan and 3 SSID 😀
My only gripe with off the shelf routers, the 1-2 mips cores dont allow much performance for inspections or throughput LAN to WAN foe +1Gbps. Memory limitations is junk for doing any logs or diagnostics.
However, I'm usually using OpenWRT for family and friends with 500Mbps or less Internet.
Which Is Better?
It really depends on your use case:
OPNsense is ideal for users who need a full-featured firewall with advanced security, are willing to work with higher resource requirements, and prefer a user-friendly interface for enterprise-level or heavy-duty home network setups.
OpenWRT is perfect for those who need flexibility and customization and are running low-power hardware (or older routers), or if you want to experiment with Wi-Fi management and wireless networks. It’s great for home use, DIYers, and those comfortable with manual configuration.
If you’re looking for a powerful firewall, OPNsense is likely the better choice, but if you want a lightweight, customizable solution that works across a wide range of devices, OpenWRT is a solid pick.
Also, *sense is only on OpenBSD, which is effectively a dead end, while OpenWRT is based on Linux, meaning that it’s even more expandable than the BSD-based *sense router OSs, and there are more and currently drivers for a lot more devices, making it easier to run newer hardware.
@@fujinshu I appreciate your input, but I think there are some important distinctions to note. OPNsense, while based on OpenBSD, offers a level of security and stability that’s hard to beat, especially with its advanced firewall features, VPN capabilities, and traffic shaping options that OpenWRT doesn’t quite match. It’s not a "dead end" - OpenBSD is still actively maintained and used in enterprise-level applications, and OPNsense is continuously updated with security patches and improvements. While OpenWRT excels in flexibility and is great for custom setups on low-power devices, OPNsense brings more robust enterprise-grade features, especially for users needing deep network control. It’s not just about hardware compatibility - it's about use cases, and OPNsense is a more powerful choice for those requiring high-level firewall and security capabilities. Both have their strengths, but OPNsense’s security-first approach and deeper control set it apart for more complex network needs.
The router can have openwrt installed, firewall etc, but then all traffic still has to go through the actual modem...isn’t this a privacy / secularity risk is my modem for example is a Huawei?
(I use a modem / router all in one, 4g SIM card, as I don’t have fibre or any other option in my area)
I’d like to get a raspberry pi 5, with the 4g sim HAT add on, and run openwrt on that. The pi’s Ethernet port will connect to a switch. No need for routers or modems! 8gb pi5 is more powerful than most routers so it’d be a champ at this i think👍
most of the traffic is encrypted (https websites) anyway so the most the modem can do is snoop what IP addresses you connect to
I have this router with OpenWRT, unsure if they have fixed the below issue but:
#1 - DO NOT UPGRADE CORE PACKAGES VIA PACKAGE MANAGER, it will brick the device, upgrade by downloading the new firmware again from OpenWRT and flashing the new firmware via the Web UI, I imagine tailscale and whatever else should be fine (I use as AP so I dont use packages)
#2 - No need to run the last setenv command, if you leave the boot args for usb and keep the usb with that image on it named exactly the same in a drawer somewhere (not plugged in), if you do brick it from #1 (I have) then you can possibly recover from the USB without serial, you would still need to setup from that step again by plugging in the USB and doing the ssh / send the device specific firmware
#3 - I also have speed issues with 5GHz, I think AX is supposed to be dual band to get WiFi 6 speed, although I could be wrong about this. Would test speeds with stock firmware and see how they have it setup before flashing OpenWRT
the "solution" to 1 is to use attended-sysupgrades and have the device itself request a firmware to the openwrt servers with the packages you have installed so it can be flashed. This also saves space because all the packages will be in the high compression read only part of the firmware image now
Back in the day I used dd-wrt however WiFi 6 was unsupported which was a deal-breaker for me as I've been trying to move over to that. I still have that trendnet router somewhere around here.
It's going to be a couple months before I can dive into this, but I think it's going to fix serious issues I have with Frontier Fiber. (they take control of the lan, as well as wan. I need assigned IP's that they prevent..)
Worth a try.
Thank you for all, what you're doing from the East Europe :)
Something fun you can try with the 2.5gbit port for a homelab is to assign it as your lan port instead of your wan and then have a cheap managed 2.5gbit switch behind it and do inter-vlan routing at 2.5gbit. That is if your router can handle the load but only testing will find that out. But if you wanna mess around with different VLANs for your clients and servers for example that's an option.
Maybe that's an idea for a future video? Add one of the cheap chinese managed 2.5gbit switches and test the performance of a setup like this with a NAS on one network and a client on another.
Been using and developing on Openwrt for 12 year. Has never let me down
also on another note, some openwrt devices have better wifi driver implementations than others. one way to sort of gauge that is to check resource usage with top command while loading up the wifi interface. also most devices cant use hardware offload features for nat etc. and on the ones that are supported you need to explicitly enable it. that might also be a factor limiting your suboptimal wifi bandwidth.
nvm. wrote this comment, clicked resume and he literally pulled up the offload menu
Wow it looks like WRT has come a long way since I did it with an old Linksys and Buffalo a/g generation router with a whole 54 Mbps wireless bandwidth. Might be time to look at this again. Thanks Colten!
Mikrotik hap ax2 or 3 are also great options for homelabing. But I would recommend them to people that like to play around with plenty of network settings which can get overwhelming at first.
Thanks it was a great idea! I'm gonna check my old router, whether it can be used with openwrt after your video! :)
Biggest benefit of openwrt is SQM which is a QOS using cake id recommend checking into that and doing a little bit of a update on this maybe run this for a week and see what it was like just an idea
Very nice! I ran OpenWRT in the past and might again. It's nice that you can run adblock and VPN.
Im lucky to get 1.75 mbps. We run multiple devices on it. 500 mbps is straight overkill unless you have massive traffic from a server. Yes, the low bandwidth is noticeable when all devices are active but they still work. My point is that 1.7 will work, 10 is amazing with 10 devices. 500 is redundant and makes you wonder what you’re actually paying for. Should be a able to share that excess bandwidth.
Great vid. Can OpenWRT do satellites and mesh? I've not played with it really at all. Would make a solid video...
Yes it can do mesh but on certain chipset
@@MedicalServiceKenakMedika Pretty much any supported OpenWRT device can be configured to run a GRETAP or VXLAN tunnel over Wifi to another OpenWRT device. The advantage is that even VLANs can be tunneled across.
It would be great if you could setup a second video to show how to configure multiple openwrt routers into a mesh with a wifi and ethernet backhaul
as an openwrt fan rocking high-available openwrt setup at home, i have to say your point for "needing an poe source and ap for wifi" is just silly at best. any modern router with dhcp and firewall off, and lan connected to lan, can do just fine as an access point. in other words, take one of those all in one boxes and just use the acecss point part. you do not need an enterprise/prosumer grade access point as shown on video
A great compatible easy to flash router is the WRT-AC1900 it's dirt cheap with some really nice specs and super easy to flash.
To get the true network speed test, you don't hook up the Dynalink router to your Main router at home.
Otherwise you are actually using double NAT. 1 NAT from your main router and 2 NAT from the Dynalink router.
Old provider-locked FritzBox from a flea market for 10€. Provider unlock and flash. Frugal little computer that's relatively safe and that you can just stick anywhere all over the place.
If you have gigabit Internet from your ISP then you want that 2.5Gb WAN port. Due to overhead on your Ethernet connection a gigabit port can only reliably achieve about 940 MBit/sec. A major US cable ISP (ahem…) typically provisions 1000x35 connections at 1200x42, and 1000x1000 (yes, there are markets that have that over coax!) connections at 1200x1100 so you have a fighting chance of getting the full gigabit.
The ISP’s WiFi 6 and 6e routers have 2.5Gb WAN ports and 1Gb LAN ports as nobody really needs a gigabit on a single device, but you might need two devices at 500…or 10 devices at 100.
I run openwrt on a usff/micro optiplex 9020 with a 2.5g nic in one m2 and a wifi6e card in the other m2 and a sata ssd, it uses 15W under max load and is fast as heck, the bios post takes longer than boot + connect and it cost like $70, i prefer not have it virtualized because it is a somewhat critical piece of the network and it basically never gets touched
Running Sophos as vm on proxmox, netgear switch and 2 unifi WAP,s. With 8 different sidds everything seperated on vlans. Good connections on 3 floors.
also for subnet advertising you can just do server ip /32, if you dont want to expose whole lan to other clients on the tailnet (friends etc)
You can also use openwrt on older NAS devices that are no longer supported. Biggest issue is the upgrade process, I've not attempted to upgrade the version cos I don't want to lose all the backup data and the time it would take to resync cos mine is my backup - backup NAS
I use openwrt on my main router(mi4a gigabit) also all of my old routers like tl wr940/740 DD-wrt and openwrt, using those in house for last 5 years
I just flashed my old TP-Link wireless router with OpenWRT. That particular company recently had their stuff hacked. Changing the Os has saved it from this!
I've been running opnwrt on my N100 mini PC for a long time. I prefer it over opnsense and pfsense . Built in adguard is also a huge plus
When the printer at your parent's house "breaks", it's because they want you to visit. Remote access isn't enough. Just sayin'. 😉
I use pfsense as my router then i have a pair of linksys/belkin ax3200/e8450's as wifi access points with openwrt and it works AWESOME!!! make them into dumb APs without DNS or DHCP or even fiewall as pfsense does all that, the APs aren't stressed at all AND the four ports are still wired sdwitch ports (WAN is also a switch port now but i use that for the incoming kinda like WAN, though you can use any port for any)...best of both worlds and i can expand my wifi or add a vlan for wifi iot devices super easy, just buy another belkin and openwrt it and plug it in
Never used anything else than the ISP provided router. Not sure about before I was doing my own networking stuff, but my current one has all the options I need, fully saturates my 1 Gbit FttH, and gives me up to 800 Mbit over wifi
Don't matter if the upstream ISP has set up their own firewall. You can't change that.
As others have said I like having PFsense as my main router but Im planning on setting something like this up for Iot device testing with packet captures
I wish OpenWRT didn't have a bespoke crazy network config (works great only if you use a gui). I get why it is required (DSA is a nightmare to understand from the Linux kernel anyway). I tried over and over to put my Flint 2 into AP mode with VLANs and gave up.
They are moving to Alpine APK which is refreshing. Hoping for more "linux standardization" comes along.
IMHO now with DSA its easier the switch is treated as any other Router where each port can be configured as you want on *Sense you do the same.
I used a lot of SWConfig before and now its more in line to what I dormally do on router devices.
The downside is if you want to treat the interfaces as switch than it is a bit messy but luci made some progress in that too!
Lets see what will it go with the APK change.
not sure what are you expecting from the move to Alpine's package manager. It's just a tool to install packages, they are not becoming Alpine nor discontinuing the UCI configuration system they always had
This is crazy timing.. i just installed openwrt on a router 2 days ago... looking to expand with 802.11r and some more APs soon