I used to have an old router that I assumed was useless since my ISP stopped providing security updates for it. However, after some research, I discovered it was a TP-Link Archer C7 v2. I decided to flash it with OpenWrt, and to this day, it’s still part of my network, performing exceptionally well. I absolutely love OpenWrt!
Archer C7's are absolute workhorses with OpenWRT!! I have 3 C7v5's and an A7v5.8 (the Amazon-customized model) all running OpenWRT in my network, 3 functioning as APs and the 4th a wireless-to-ethernet bridge. My main router is a C7v4 with the stock firmware, but once I swap that for a different unit, it's gonna be flashed as well to be an IoT router, because the v4 has swappable antennas while the v5 doesn't.
It's been a super reliable model for me! converted one to a wireless bridge for rare cases of needing "wired" connectivity in a room where my monitor is to set up proxmox machines, before moving them to a proper wired location as headless devices.
Tip: If your router doesn't have enough storage for installing packages, there is still hope, if the router has a USB port, you can simply add a a cheap 8 gb flash, and with a github script, the openwrt will recognise it as storage
Wouldn't another useful option for storage-less router be as a Unmanaged Switch too? (I presume that a Managed Switch would require some internal storage/memory?)
This is how I added storage to my DD-WRT router. It allows me to add additional software and gives me space for packet captures which is a useful feature on your router. Know what is happening and who is doing it.
I think he chose to deactivate USB because of security reasons. Also: While your solution works, it adds an extra failure point to the system. And think about it ... these embedded devices sometimes are literally eating USB-Sticks (bad or fluctuating voltages, usage as permanent or disk storage isn't a good idea either). Just saying ... if your network is in ruins and nothing works anymore:) I'm not saying that you guys shouldn't use this method or don't try it. It's just for the future and that I can say: Who has warned you?! Hehehehe. Have a good one!:)
@@autohmae the switches supported by OpenWrt are missing a lot of features, you can only do vlan. They are still working to support other features like LAG and so on
and thats what I have.. 2 Netgear routers running OpenWRT as managed switches and an HP T520 thin client running as pfSense firewall.. well router on a stick is usually discouraged but given my internet speeds its plenty and is running perfectly fine..
One year ago I used to have problems with my ISP’s router, like constant connection drops, high ping, etc. I was fed up with it, so I bought a router from a store that I checked was compatible with OpenWrt and set it up at home, installing the firmware was easy, and setting up a little bit harder (because I had to call my ISP to get a PPPoE login), and after setting it up I threw the ISP router away, and my network now works beautifully. Love this thing.
@@Sonic-ww6wm The ISP router (Funbox 3) didn't and AFAIK still doesn't have any bridge mode functionality, so there's that, also I don't want another device in my rack using power outlets.
I love the fact you're learning and digging into the bones of everything as you go along on your channel. OpenWRT is internationally saving e-waste! Capabilities do change from device to device, you do need to pre-configure a bit before you hit a GUI/WI, this kit becomes low maintenence too.
I've been running OpenWRT since the WRT54G, and it does what I need it to do and it's good to see it getting some positive press. It replaced an AST Pentium Pro 200 desktop running openbsd in my closet which was loud and power hungry (relative to the WRT54G anyway.) I have been contemplating buying an N200 system to replace my aging router (it's not still the 54g, it died a long time ago.) I appreciate your bravery, tackling topics your not 100% an expert in!
Went with a N100 System. Been very stable and set it, forget it. Every now and then, I run updates. Installed Proxmox as base OS with Opnsense, Home Assistant (including Zigbee & Zwave), Vaultwarden, Nginx Proxy Manager, AdAway. Been completely satisfied for about a year now.
After having enjoyed several of your videos, I want to thank you and tell you, that besides all the facts you are providing, your style of presenting feels very friendly and nice to me. Sort of a friend helping you out without any looking down, just honest and likeable.
I bought 4 used Netgear routers all the same model, flashed them to OpenWRT, now I have managed Access Points and I use them as managed APs with SSIDs connected to various VLANs.
I love OpenWRT. I set it up on two identical Asus routers, one as a main router / AP and the other as an AP only. Setup 4 SSIDs and VLAN trunking between them. A bit of a learning curve but it works great. The stock FW was crippled with no VLAN support. It’s nice to take control of your hardware.
upgrading individual packages has two issues: 1) sometimes specific versions are requires as dependency for other packages and when you upgrade it, that dependency is no longer there. and 2) openwrt uses something called overlayfs, which has one read-only "lower" filesystem with default configs and packages, a.k.a the sysupgrade image, and a read-write "upper" filesystem where your config resides. when you reset the router, it simply wipes the upper fs to go to factory settings. same principle is also used by android, but android does not use overlayfs it's a different mechanism with same principle. anyway, when you upgrade a package, the older verison of that default package keeps sitting on the lower filesystem, but it is marked as deleted on the upper, but it still takes space. this can easily break devices by filling up the flash memory, especially on devices with low flash storage, like tplink archer ax23, which has only 16mb of storage. yes, only aroun 8 megs is available for user after openwrt install, and tailscale(7.73 MiB) barely fits for example
This is exactly why I am no longer a fan of OpenWRT personally. Sure you can use cheaper routers to do some useful things, but if your configuration is more advanced involving extra installed packages, then the update process is IMO much more clunky.
@@TheMuso28 it is a good "access point/combo router" OS. not a "enterprise-gear unifi replacement type shit. run your adblock dns server on your pc, because writing constant adguard logs to routers flash memory is probably a very bad idea. you need dpi? cool, get a proper computer. i'll still use both together honestly. like even if its dumb ap it's nice to have some ping statistics running on the ap or being able to scan the spectrum etc. and dump aps really do not need package updates that much
@@TheMuso28As douchebaggy as that sounds, it's in most parts on you. Upgrading is reasonably easy if you know how (download the sysupgrade image, create a backup archive, upload the new sysupgrade image to the router and off you go), if you have even more advanced configurations, there are tools like the firmware selector or even the OpenWRT built system to directly bake your packages and configs into a sysupgrade image for easier and cleaner setups
I have patched xiaomi ax3000t (around 35 USD in my country) for openwrt (snapshot version). And this is the best that u can do with this router))) I have installed amnesia Wireguard on this router and all works good. Now i am waiting normal openwrt version for ax3000t (now i am on snapshot) Also, one week ago I have created LXC container with openwrt for my k3s cluster and it's works great!)
I installed OpenWRT on an older TP-Link router but my speeds fell from 1 Gb to about 300 Mb. So not every router handles the same. So I used Pfsense for 4-5 years, the bought a Mikrotik router and now I am testing an Ubiquiti USG I scrapped from work. Advantage for Mikrotik and Ubiquiti is the meshing, I want to get 2-3 AP-s and have them working seamlessly
The way I run OpenWRT is as an LXC container, which means memory used basically 0, it runs alongside everything else running on my passively cooled NUC.
At home I use a Debian Box. On remote locations I use a LTE Router with openWRT. There are industrial Routers you can use. They can be Powered by batteries have GPIO, RS232 and RS485 to connect to industrial control system. Some ship with openWRT out of the box. Perfect for farm equipment. Wireguard for the connection to the home.
I remember the excitement when the original WRT54G was "jailbroken", and people started writing addons for it. About the only part of the firmware that wasn't open source was the GUI. A new GUI was soon written, and fully open source firmware was soon available.
Certainly glad this project exists but after migrating over to an x86 mini PC with OPNsense and a cheap used business WiFi 6 WAP, I'm never going back to an all in one router. Having the router separately from the WiFi wap frees one to be able to swap out their WiFi portion without having to rebuild your whole network. When corporations upgrade their waps every few years the prices as used devices plummets when they all hit the market at once. I'll keep my rather expensive N100 mini PC router and just upgrade the system software now and then buy them incan swap out my WAP easily when I want to upgrade to the next thing the corporations have left behind. Yes, I'm always WiFi standard behind the latest and greatest but I get high end business network hardware on the cheap. And I get to do it without a ton of work since the router stays the same.
100% this. Best to run both unless you are a minimalist. Case in point, I added wifi 6E to my location while keeping the old wifi in place, no devices to reconfig, no change to existing setup.. easy to add and remove, expanding or contracting my network with ease.
Whenever I need to upgrade my Wi-Fi I just get a newer router with OpenWrt and transfer over the same configuration. No need to build your network from scratch.
I went with ubiquiti ecosystem (edge router and access point), and while you could buy them in same device, I still think it is best to have them separate: 1) you can upgrade one as you mentioned 2) your whole network wont be down if you swap AP 3) offload WLAN load to other device, and focus on handling traffic on edge router. I don't know if this is really relevant anymore, but with 1Gbps internet speeds you could bottleneck your internet speed with low end CPU with specific types of traffic (huge parallel downloads, I think torrent is good example of that). Everyone has different needs though, and for most single device is probably best way to go. Personally, I like to have them separate and have manufacturer focus on that specific thing, rather than building all-rounder.
Run OPNsense as your main router, then use old wifi openWRT routers as a bridge with multiple vlans /ssids trunked back to your OPNsense router. OpenWRT rocks and makes it pretty easy to setup different wifi vlans for IOT, guest, work, mgmt, etc. but as your main router? Only if you don’t have a lot going on.
What's the point of all that in a home network? Protecting your cheap Chinese made cameras from the company that built them from spying on you? That seems to be about it: being able to run devices you shouldn't and don't actually trust.
@ when you gain more experience you will get a better understanding of the reasons. You really shouldn’t trust any devices or software period, first of all. The other major reasons for network segmentation is simple organization. It’s easier to track, monitor, and manage. Some of us have a lot going on in our homelabs, some of us run hundreds if not thousands of devices, VMs, containers, etc. some of us are using our home networks to learn how to do things at the enterprise level. Hope this helps you broaden your perspective.
@@Andy-fd5fg OpenWRT x86 is pain to update, I used it for years before I moved to pfSense. Now I have so many rules, I'm not even sure how I would replicate the configuration on OpenWRT. I always install OpenWRT when I can on on Access Points or spare routers I want to use as an Access Point though.
@@alexatkinlook into A/B partition updates on GitHub. I already split my routers SSD into 4 partitions (bios, fw A, fw B, and persistent user storage)
Two comments: First, don't ever change your theme music. It's very soothing, and I know instantly I'm "home" with you! Second, I just upgraded to a new Protectli Intel box with four 2.5Gbps ports (I have 2.5 Gbps fiber now--yay!), and migrated pfSense over to it from the previous router. It works fine, but I can see possibly changing over to OpenWRT for some flexibility and features that pfSense doesn't do well. Also not happy with the convoluted steps I have to go through now to get pfBlocker working again. Yeesh! Thanks for this vid--as always, you explain things like a good, down-to-earth friend would! I'm definitely saving this vid for future reference.
Just know wireless drivers with most routers won't be as good or up to date with reference to blobs with OpenWRT/OpnSense/etc. Use a seperate wifi router in conjuction as an AP only connected to your OpenWRT/*Sense, etc.
Hardware offloading mean that the CPU does not process the packages but there is a dedicated chip doing that task. So it's a must-have feature, moreover, it will be interesting to see some iperf benchmark between two hosts or directly between a laptop and the router to see the real speed of the router. Anyway nice video, you convinced me to buy a router that supports this os to install wireguard there instead of my raspberry!
@@marcogenovesi8570These routers have baby ARM CPUs. They lean heavily on ASICs for packet pushing and fortunately the SoCs are often great at it. Any remotely modern x86 CPU should be able to shift 10G in software unless you start throwing IDS/IDP duties at it, even very low power, weak Celerons 😊
Finally, someone covering OpenWrt, the only modern and as much upstream as possible router OS. It also supports SQM, AQL, FQ_Codel by default, so QoS is better than *any* vendor router software.
Yeah, SQM is so awesome on my vanilla OpenWRT GL-MT6000. My latency is constantly at 7mS during idle, or saturated download AND/OR saturated upload. No other QoS method has come even remotely close to how well SQM works for me. Gaming, voice and video comms, remote desktop sessions, interactive terminal sessions, etc, are all perfect with it. Low latency, low jitter, low loss, even during many downloads and uploads.
So I currently have a mesh network of TP-Link I have (3) Deco x55 Pro and (3) XE5300. I just upgraded to 2 Gig Up/Down fiber about 6 months ago. I have been pleased but I am a little worried with all the buzz around TP-Link is vulnerable to attack. I repurposed an older Dell R210 II to run OpenWRT it has Xeon processor 32G of RAM and 250G drive. I added a GLOTRENDs 4 port 2.5G NIC. I got that all working today. I have not made the switch yet. I don’t want to go buy all new Access Points. Not sure if I have my openwrt router doing all the routing and my TP-links as just Access points if that reduces the risk?. I don’t think these are on the supported list to run openWRT on yet. Any suggestions. My only concern is power draw. Your videos gave me some key insights. Tailscale looks cool. I have been using Twingate but this has some advantages. Thanks for the video. Sorry I wrote a book
I bought an old Sophos XG firewall for $20 and upgraded the memory to 4gb and installed Sophos Home firewall. So far, I'm out about $30. Separate AP because I have a server in the basement and put the AP in the center of our house.
30:00. You can use any thumb stick or SD card (if your router manages to have SD card reader) to use as storage trough Extroot, with the expense of having a permanently attach memory stick plugged into you device. I used to have those on my OpenWRT router and worked preddy well most of the time.
Tomato, OpenWRT, DDWRT, whatever open firmware is great. I ran really inexpensive routers as routers, AP's, managed switches for the better part of the last 20 years. I spent some time with Unifi but it wasn't as stable. It was a great intro to network administration, and a good stepping off point to unifi, Mikrotik, Omada setups.
I use openwrt and ddwrt on very old routers to convert wired only devices to wireless and setup wireless bridges. I also use it for my home internet Wifi AP. They work great!
I work at a smaller regional ISP company as a technician. We are using our custom build of OpenWRT on routers that we sell to clients. I personally have this in care. We are using TP-Link Archer C6 v3.2 and when we started using OpenWRT instead of a stock firmware, since then, remote support is much easier. For example, even if client resets it, we can still log in and set it again for them, if client is not tech-savvy to configure it. Also it is secured much better than in stock and I love the option of classic linux shell access if needed
Definitely a nice cheap option for a router with much more capabilities than off the shelf routers or ISP provided routers. You make a good point about the pfsense/opnsense route, I recently built an opnsense router using an Lenovo M720Q paired with an Omada EAP-772 access point and total project cost was around $330.
BananaPi BPI-R3. Has OpenWRT support. 2.5gbit SFP ports WiFi6 and 2gb RAM with 8gb eMMC storage! Can do 1600mbits in close proximity with a modern phone and you can run Docker on the Router itself! The BPI-R4 is even better with 10gbit SFP+, but no working WiFi7 yet on that device. Might take another few months.
I'm planning on buying a bpi-R4 as my router. Are those things as good as they look on paper? I don't need WiFi on it, I'm using access points for that.
I've played around with OpenWRT back in the day, had it installed on a couple of Linksys WRT54G series routers. Haven't used it in quite a while though and wanted to re-acquaint myself with the system and see if there was anything that was different from the way things used to be. Great video! You may have convinced me to try and find a refurbished commercial router for cheap and play around with OpenWRT again.
Your reasoning is sound, thanks for sharing the alternative and what it looks like. I just did it using pfsense and had the same experience, kept needing more and more knick knacks
Something fun you can try with the 2.5gbit port for a homelab is to assign it as your lan port instead of your wan and then have a cheap managed 2.5gbit switch behind it and do inter-vlan routing at 2.5gbit. That is if your router can handle the load but only testing will find that out. But if you wanna mess around with different VLANs for your clients and servers for example that's an option. Maybe that's an idea for a future video? Add one of the cheap chinese managed 2.5gbit switches and test the performance of a setup like this with a NAS on one network and a client on another.
I did use openwrt for a while but learned the hard way that things can go wrong. For whatever reason my model of router was skipped by several versions of openwrt and then finally a new version was released that was compatible. I figured I'd just flash that onto the router and whatever right? Nope, turns out the procedure was to revert to the original factory firmware then flash it to the newest openwrt. My bad, it wasn't exactly easy to figure that out either, I had to spend a while searching to learn this. Oh and since it was kind of an emergency to have a bricked router I quickly went to the nearest store and bought whatever router I could find and luck would have it, openwrt doesn't support it. Openwrt was great while it lasted :P
This is so very interesting, I literally just bought a router yesterday so I could do exactly this (it was an ASUS, for $82 AUD from Amazon... What a deal and if I brick it it's not expensive.). Interestingly I had a great experience and it was easy to do (I connected the WAN to my existing port and was able to download the firmware directly to the device). The only thing I had to do was disable ipv6 because I have a Pihole and it was causing ads to not be blocked, I might need to do some more engineering of my network for ipv6 now it's supported. Great suggestion, if I hadn't already just done it I would probably take the jump from this video.
17:50 I had this problem on a different appliance when I installed OpenWRT. Turned out the device was VERY sensitive as to which RF channels would work with WiFi6. Only about 3 of them, and 2 were already congested with neighbours AP's so yeah, after a few hours of trial and error, I hit a good setup and I'm never touching it again... 😮
It's going to be a couple months before I can dive into this, but I think it's going to fix serious issues I have with Frontier Fiber. (they take control of the lan, as well as wan. I need assigned IP's that they prevent..) Worth a try.
the real biggest L with redhat based routers is the lack of good open source hardware offloading support, unless you've got like a shit ton of high clock cores
20:00 When dealing with connections between networks (like browsing the internet) the data flow passes through the CPU, that does all the package translation like NAT and so. Flow offload, like the name says, offloads from CPU whis workload if the hardware supports it. As far as this functionality relies to the hardware, there's some security questions that need to be addressed, but offloading this task from CPU increases the internet speed.
I have this exact device at home with openwrt as an access point (not router), and it's been great for that. at the time I bought it it was one of very few devices around with 4x4 wifi stream support. also using openwrt on an x86 virtual machine as a router.
Router in the 5 Ghz band first checks whether the selected channel is free (it is about weather or military radars, for example). Sometimes it takes up to 20 minutes for the access point to be visible. This is called Dynamic Frequency Selection (DFS). However, this seems to apply only to high channels in the 5Ghz band. The only strange thing is that the network is visible on the laptop and the phone is not.
im wondering if it would make sense to actually replace my old router, nas and home assistant server by one more powerful server wich handles all of that in either containers or vms and use repeaters or access points instead. Would that make sense regarding power efficiency? I want to merge my home assistant and NAS anyways.
I run OpenWrt on proxmox with bunches of other containers and such and it routes 10 Gb fiber just fine and it's been solid AF for several years. Recycled some old retired desktop parts for hardware.
I have this router with OpenWRT, unsure if they have fixed the below issue but: #1 - DO NOT UPGRADE CORE PACKAGES VIA PACKAGE MANAGER, it will brick the device, upgrade by downloading the new firmware again from OpenWRT and flashing the new firmware via the Web UI, I imagine tailscale and whatever else should be fine (I use as AP so I dont use packages) #2 - No need to run the last setenv command, if you leave the boot args for usb and keep the usb with that image on it named exactly the same in a drawer somewhere (not plugged in), if you do brick it from #1 (I have) then you can possibly recover from the USB without serial, you would still need to setup from that step again by plugging in the USB and doing the ssh / send the device specific firmware #3 - I also have speed issues with 5GHz, I think AX is supposed to be dual band to get WiFi 6 speed, although I could be wrong about this. Would test speeds with stock firmware and see how they have it setup before flashing OpenWRT
the "solution" to 1 is to use attended-sysupgrades and have the device itself request a firmware to the openwrt servers with the packages you have installed so it can be flashed. This also saves space because all the packages will be in the high compression read only part of the firmware image now
Funny.. I've been configuring all kinds of Asus routers in Wi-Fi AP mode and everything is just passed through to pfsense. DHCP, static arp, firewall rules, VLANs... I enable an additional wireless MAC filtering on access points, even though the firewall doesn't allow unknown devices. An AP is just a switch relaying the wireless VLAN traffic to the firewall.
So why are you here? Never experienced a failure on pfsense. Not even once. Still running an openWRT in parallel on the same Internet connection and connecting one of the cameras to the Internet via that alternative router. As long as there is Internet connectivity...
Mikrotik hap ax2 or 3 are also great options for homelabing. But I would recommend them to people that like to play around with plenty of network settings which can get overwhelming at first.
I remember starting using openwrt around the time that fon's LaFonera free wifi router was released in oct 2006, openwrt was released january 2007 so guess that was the very first version, 17 years now.
Wow it looks like WRT has come a long way since I did it with an old Linksys and Buffalo a/g generation router with a whole 54 Mbps wireless bandwidth. Might be time to look at this again. Thanks Colten!
OpenWRT runs quite happily on PC and Pi as well, though I agree that its biggest party trick is unleashing the power of commercial wifi routers. It is my preferred solution as old routers are a dime a dozen.
One time I embedded a firewall / router inside my computer. I removed TCP/IP from my hardware NIC and routed it directly into Hyper-V and used the virtual NIC as the TCP/IP connection. The only way I could get online is to boot the router / firewall in the VM.
@@MedicalServiceKenakMedika Pretty much any supported OpenWRT device can be configured to run a GRETAP or VXLAN tunnel over Wifi to another OpenWRT device. The advantage is that even VLANs can be tunneled across.
OpenWRT is a common practice to install on a Proxmox VM on multi-port Mini PC in China, I guess OpenWRT is simpler than the *sense for routers. Sadly many new routers especially those support Wifi 7/6E doesn't support OpenWRT. It'd be crazy if it does, cheap consumer devices with advanced VLAN capability wireless.
Which Is Better? It really depends on your use case: OPNsense is ideal for users who need a full-featured firewall with advanced security, are willing to work with higher resource requirements, and prefer a user-friendly interface for enterprise-level or heavy-duty home network setups. OpenWRT is perfect for those who need flexibility and customization and are running low-power hardware (or older routers), or if you want to experiment with Wi-Fi management and wireless networks. It’s great for home use, DIYers, and those comfortable with manual configuration. If you’re looking for a powerful firewall, OPNsense is likely the better choice, but if you want a lightweight, customizable solution that works across a wide range of devices, OpenWRT is a solid pick.
Also, *sense is only on OpenBSD, which is effectively a dead end, while OpenWRT is based on Linux, meaning that it’s even more expandable than the BSD-based *sense router OSs, and there are more and currently drivers for a lot more devices, making it easier to run newer hardware.
@@fujinshu I appreciate your input, but I think there are some important distinctions to note. OPNsense, while based on OpenBSD, offers a level of security and stability that’s hard to beat, especially with its advanced firewall features, VPN capabilities, and traffic shaping options that OpenWRT doesn’t quite match. It’s not a "dead end" - OpenBSD is still actively maintained and used in enterprise-level applications, and OPNsense is continuously updated with security patches and improvements. While OpenWRT excels in flexibility and is great for custom setups on low-power devices, OPNsense brings more robust enterprise-grade features, especially for users needing deep network control. It’s not just about hardware compatibility - it's about use cases, and OPNsense is a more powerful choice for those requiring high-level firewall and security capabilities. Both have their strengths, but OPNsense’s security-first approach and deeper control set it apart for more complex network needs.
Wooooo, I have this exact router and use openwrt on it, the price to specs is crazy for it and ofc openwrt was a requirement for me to buy the router, nice to see this getting the attention it deserves
OpenWRT is the only reason my Linksys WRT1900ACS is still my only piece of network equipment. It's at least 8 years old, and Linksys stopped updating the firmware at least 5 years ago. But OpenWRT is keeping it fresh and functional with my 1Gbps f/o connection. I think the best speed I've gotten with Fast over Wi-Fi was about 600-700, which is pretty good for a nearly decade-old Wi-Fi 5 router. Pro Tip: Keep your network gear well-ventilated. Most of this unit's existence has been sitting on laptop coolers to increase hardware longevity and reliability.
Though not a pro, one thing I like is having my main desktop hooked up with Ethernet cord while other things are on WiFi. When you flash in new firmware, you always want it to be on the cat 5 cord instead on over the air. I also like having my "daily driver" computer on cat 5 cord to have first dibs on Internet.
Using a router to route is a great option! After looking for a mini pc that was power efficient, had linux compatible WiFi, and lots of ports, I was eventually like "oh wait they make those"
OpenWRT is where it's at period. I have 17 of them in my home lab myself. Plus it's way more flexible than some of the other distros I have dealt with over the years.
I like DD-WRT better. Been using it for 10 years to make 100 yard wireless bridges to tie my wide area network together. Once you figure out how to make a client wireless bridge, you'll never touch a wifi range extender ever again that halves your bandwidth that tries to do everything on the same one channel.
Old provider-locked FritzBox from a flea market for 10€. Provider unlock and flash. Frugal little computer that's relatively safe and that you can just stick anywhere all over the place.
I run openwrt on a usff/micro optiplex 9020 with a 2.5g nic in one m2 and a wifi6e card in the other m2 and a sata ssd, it uses 15W under max load and is fast as heck, the bios post takes longer than boot + connect and it cost like $70, i prefer not have it virtualized because it is a somewhat critical piece of the network and it basically never gets touched
get asus routers they fully support open wrt and even contribute and integrate code from and to those projects into their default os they are very robust most of them have plenty of storage and ram and other features they are also compatible with different flavors of open wrt like tomato or dd-wrt and many others.
One thing to note about returning to stock, on both my Asus and gl.inet routers via the recovery webui, I found I had to use older official firmware otherwise the restore would fail.
I use DD-WRT because at the time I bought my router, it was the only compatible option available. I'm asking you: is there any mesh system compatible with DD-WRT or OpenWRT? I need to expand my WiFi without having to drill into the concrete and Powerline doesn't work for me.
If you have your routers connected on their router port, as in the WAN port, there’s a lot of overhead with routing as opposed to switches. Swishers transmit packets 10 times faster than routers.
I had 3 Google Wifi units on which I installed OpenWrt. To ensure my home wasn't without WiFi during the process, I bought 4 used units, installed OpenWrt on them, and then sold my original 3 for the same price I paid for the 4.
To get the true network speed test, you don't hook up the Dynalink router to your Main router at home. Otherwise you are actually using double NAT. 1 NAT from your main router and 2 NAT from the Dynalink router.
ooh the argon theme looks nice! the Ui was what was holding me back from jumping fully on openwrt. Im currently on freshtomato, but openwrt has some distinct benefits with the easier to install packages
I do remember owning D-Link 859 before it was EoL. Flashed it with DD-WRT because it was easier to flash that thing there back then and never experienced any of it for the first time. It was bought back in 2018, lasted years on us until we haven't used it anymore but managed to flashed it with OpenWRT before that. We stopped using it because the wifi antenna stopped sending signals but the routing and switching capability still works. I thank for third party firmware for making our router lasted for 7 years! Just don't buy cheap routers because they have small storage and ram. Also don't buy any routers that are not Qualcomm or Mediatek because they have more compatibility than any other routers brands that I am aware of.
Back in the day I used dd-wrt however WiFi 6 was unsupported which was a deal-breaker for me as I've been trying to move over to that. I still have that trendnet router somewhere around here.
If you have gigabit Internet from your ISP then you want that 2.5Gb WAN port. Due to overhead on your Ethernet connection a gigabit port can only reliably achieve about 940 MBit/sec. A major US cable ISP (ahem…) typically provisions 1000x35 connections at 1200x42, and 1000x1000 (yes, there are markets that have that over coax!) connections at 1200x1100 so you have a fighting chance of getting the full gigabit. The ISP’s WiFi 6 and 6e routers have 2.5Gb WAN ports and 1Gb LAN ports as nobody really needs a gigabit on a single device, but you might need two devices at 500…or 10 devices at 100.
I can only recommend the NanoPi Devices. I use a NanoPi R5S to use plex in a container and two disksets connected via USB (One Backup). Works like charm and i can use 2.5 Gbit Ethernet. The ice on the cake is i have also a mainframe (yes mainframe) running in a container to play with.
I've had 3 Netgate pfSense Security Appliances. I thought I'd be running pfSense forever. Wrong! When Ubiquiti came out with the UCG-MAX, I bought one to play with. Well, that didn't last long. I've since retired pfSense in favor of UniFi.
So could you (or anybody) turn a router in to a simple nas if you have a extra router laying around? I would love a extremely simple nas with no option needed to configure, like a router with a usb hub then plug and play file storage with no extra funktions what so ever. I get that it will be slow and any redundancy will have to be manual, I just want a simple storage all pcs and phones can read and write to. Does it even need security behind my main routers fire wall for none sensitive data, or will the wifi make it a target for all my neighbors, after all wifi uses user name and password?
Yes. I have the exact same router and openwrt and have it set up as a Samba server (networked file system drive) sharing a 2TB external SSD on the USB3 port as a backup destination for Duplicati. Done, daily it takes a couple of minutes to do an incremental backup and the router doesn't miss a beat
The 5G band not showing on the phone issue is mostly because you set the channel as auto and some devices (specially phones) can’t recognize all the 5G channels (specially the higher freqs), the solution is to set the 5G channel manually to 40 or 44 and it will work on all devices
I used to have an old router that I assumed was useless since my ISP stopped providing security updates for it. However, after some research, I discovered it was a TP-Link Archer C7 v2. I decided to flash it with OpenWrt, and to this day, it’s still part of my network, performing exceptionally well. I absolutely love OpenWrt!
I also had an Archer C7 with OpenWRT for years. Only recently upgraded to a newer access point.
Been running OpenWRT through the same Archer v2 as you. Fantastic performance and reliability.
Was it a Ziggo thing?
Archer C7's are absolute workhorses with OpenWRT!! I have 3 C7v5's and an A7v5.8 (the Amazon-customized model) all running OpenWRT in my network, 3 functioning as APs and the 4th a wireless-to-ethernet bridge. My main router is a C7v4 with the stock firmware, but once I swap that for a different unit, it's gonna be flashed as well to be an IoT router, because the v4 has swappable antennas while the v5 doesn't.
It's been a super reliable model for me! converted one to a wireless bridge for rare cases of needing "wired" connectivity in a room where my monitor is to set up proxmox machines, before moving them to a proper wired location as headless devices.
Tip:
If your router doesn't have enough storage for installing packages, there is still hope, if the router has a USB port, you can simply add a a cheap 8 gb flash, and with a github script, the openwrt will recognise it as storage
Wouldn't another useful option for storage-less router be as a Unmanaged Switch too? (I presume that a Managed Switch would require some internal storage/memory?)
I hope someday we can run OpenWRT on a USB SSD/NVME instead of the native flash.
This is how I added storage to my DD-WRT router. It allows me to add additional software and gives me space for packet captures which is a useful feature on your router. Know what is happening and who is doing it.
@@SB-qm5wgyou could try modifying uboot to boot off a USB device
I think he chose to deactivate USB because of security reasons.
Also: While your solution works, it adds an extra failure point to the system. And think about it ... these embedded devices sometimes are literally eating USB-Sticks (bad or fluctuating voltages, usage as permanent or disk storage isn't a good idea either).
Just saying ... if your network is in ruins and nothing works anymore:) I'm not saying that you guys shouldn't use this method or don't try it. It's just for the future and that I can say: Who has warned you?! Hehehehe. Have a good one!:)
Pro tip: an old router running OpenWrt is the cheapest 5-port managed switch.
I've seen a bunch of switches also listed as OpenWRT capable, I've not tried it, but supposedly that also works.
second pro tip: buy a second secondhand one for when you brick it 😂
or pick an easy router to install it on to
cheapest indeed. if you are luck you can get 100/100 from only 1 port to another port. never try using 100Mbps from 2 TCP connections at once
@@autohmae the switches supported by OpenWrt are missing a lot of features, you can only do vlan. They are still working to support other features like LAG and so on
and thats what I have.. 2 Netgear routers running OpenWRT as managed switches and an HP T520 thin client running as pfSense firewall.. well router on a stick is usually discouraged but given my internet speeds its plenty and is running perfectly fine..
One year ago I used to have problems with my ISP’s router, like constant connection drops, high ping, etc. I was fed up with it, so I bought a router from a store that I checked was compatible with OpenWrt and set it up at home, installing the firmware was easy, and setting up a little bit harder (because I had to call my ISP to get a PPPoE login), and after setting it up I threw the ISP router away, and my network now works beautifully. Love this thing.
Couldnt you just use bridge mode
@@Sonic-ww6wm The ISP router (Funbox 3) didn't and AFAIK still doesn't have any bridge mode functionality, so there's that, also I don't want another device in my rack using power outlets.
I know all pppoe credentials for my isp but it uses vlan. How can we setup openwrt with vlan. Is there a option for mac address spoofing.
I used OpenWRT for many years with many routers. To overcome the storage limitation issues, I used a USB stick with a functionality named Extroot.
Lifesaver comment man, thanks!
I love the fact you're learning and digging into the bones of everything as you go along on your channel.
OpenWRT is internationally saving e-waste! Capabilities do change from device to device, you do need to pre-configure a bit before you hit a GUI/WI, this kit becomes low maintenence too.
I've been running OpenWRT since the WRT54G, and it does what I need it to do and it's good to see it getting some positive press. It replaced an AST Pentium Pro 200 desktop running openbsd in my closet which was loud and power hungry (relative to the WRT54G anyway.) I have been contemplating buying an N200 system to replace my aging router (it's not still the 54g, it died a long time ago.) I appreciate your bravery, tackling topics your not 100% an expert in!
Went with a N100 System. Been very stable and set it, forget it. Every now and then, I run updates. Installed Proxmox as base OS with Opnsense, Home Assistant (including Zigbee & Zwave), Vaultwarden, Nginx Proxy Manager, AdAway. Been completely satisfied for about a year now.
Oh man the wrt54g days. Takes me back.
Woah, I did it the first time on a Mango.
Great device, thumps up, aranc23!:)
After having enjoyed several of your videos, I want to thank you and tell you, that besides all the facts you are providing, your style of presenting feels very friendly and nice to me. Sort of a friend helping you out without any looking down, just honest and likeable.
I bought 4 used Netgear routers all the same model, flashed them to OpenWRT, now I have managed Access Points and I use them as managed APs with SSIDs connected to various VLANs.
I want to flash OpenWrt onto four to six refurbished Netgear routers, install the FRR package, and turn them into an OSPF lab.
I love OpenWRT. I set it up on two identical Asus routers, one as a main router / AP and the other as an AP only. Setup 4 SSIDs and VLAN trunking between them. A bit of a learning curve but it works great. The stock FW was crippled with no VLAN support. It’s nice to take control of your hardware.
upgrading individual packages has two issues: 1) sometimes specific versions are requires as dependency for other packages and when you upgrade it, that dependency is no longer there. and 2) openwrt uses something called overlayfs, which has one read-only "lower" filesystem with default configs and packages, a.k.a the sysupgrade image, and a read-write "upper" filesystem where your config resides. when you reset the router, it simply wipes the upper fs to go to factory settings. same principle is also used by android, but android does not use overlayfs it's a different mechanism with same principle. anyway, when you upgrade a package, the older verison of that default package keeps sitting on the lower filesystem, but it is marked as deleted on the upper, but it still takes space. this can easily break devices by filling up the flash memory, especially on devices with low flash storage, like tplink archer ax23, which has only 16mb of storage. yes, only aroun 8 megs is available for user after openwrt install, and tailscale(7.73 MiB) barely fits for example
btw zerotier is only 501kb on openwrt
This is exactly why I am no longer a fan of OpenWRT personally. Sure you can use cheaper routers to do some useful things, but if your configuration is more advanced involving extra installed packages, then the update process is IMO much more clunky.
@@TheMuso28 it is a good "access point/combo router" OS. not a "enterprise-gear unifi replacement type shit. run your adblock dns server on your pc, because writing constant adguard logs to routers flash memory is probably a very bad idea. you need dpi? cool, get a proper computer.
i'll still use both together honestly. like even if its dumb ap it's nice to have some ping statistics running on the ap or being able to scan the spectrum etc.
and dump aps really do not need package updates that much
@@TheMuso28As douchebaggy as that sounds, it's in most parts on you. Upgrading is reasonably easy if you know how (download the sysupgrade image, create a backup archive, upload the new sysupgrade image to the router and off you go), if you have even more advanced configurations, there are tools like the firmware selector or even the OpenWRT built system to directly bake your packages and configs into a sysupgrade image for easier and cleaner setups
I have patched xiaomi ax3000t (around 35 USD in my country) for openwrt (snapshot version). And this is the best that u can do with this router))) I have installed amnesia Wireguard on this router and all works good. Now i am waiting normal openwrt version for ax3000t (now i am on snapshot)
Also, one week ago I have created LXC container with openwrt for my k3s cluster and it's works great!)
I installed OpenWRT on an older TP-Link router but my speeds fell from 1 Gb to about 300 Mb. So not every router handles the same. So I used Pfsense for 4-5 years, the bought a Mikrotik router and now I am testing an Ubiquiti USG I scrapped from work. Advantage for Mikrotik and Ubiquiti is the meshing, I want to get 2-3 AP-s and have them working seamlessly
Did you turn on hardware flow control?
The way I run OpenWRT is as an LXC container, which means memory used basically 0, it runs alongside everything else running on my passively cooled NUC.
At home I use a Debian Box.
On remote locations I use a LTE Router with openWRT. There are industrial Routers you can use. They can be Powered by batteries have GPIO, RS232 and RS485 to connect to industrial control system. Some ship with openWRT out of the box.
Perfect for farm equipment. Wireguard for the connection to the home.
I remember the excitement when the original WRT54G was "jailbroken", and people started writing addons for it. About the only part of the firmware that wasn't open source was the GUI. A new GUI was soon written, and fully open source firmware was soon available.
Still have a WRT54G in my "Museum" most stable router I ever had
@@jjdawg9918 I got WRT54G at the thriftstore for this purpose.
When the printer at your parent's house "breaks", it's because they want you to visit. Remote access isn't enough. Just sayin'. 😉
Certainly glad this project exists but after migrating over to an x86 mini PC with OPNsense and a cheap used business WiFi 6 WAP, I'm never going back to an all in one router.
Having the router separately from the WiFi wap frees one to be able to swap out their WiFi portion without having to rebuild your whole network. When corporations upgrade their waps every few years the prices as used devices plummets when they all hit the market at once. I'll keep my rather expensive N100 mini PC router and just upgrade the system software now and then buy them incan swap out my WAP easily when I want to upgrade to the next thing the corporations have left behind. Yes, I'm always WiFi standard behind the latest and greatest but I get high end business network hardware on the cheap. And I get to do it without a ton of work since the router stays the same.
100% this. Best to run both unless you are a minimalist. Case in point, I added wifi 6E to my location while keeping the old wifi in place, no devices to reconfig, no change to existing setup.. easy to add and remove, expanding or contracting my network with ease.
@duduoson1306 Great minds think alike.
Whenever I need to upgrade my Wi-Fi I just get a newer router with OpenWrt and transfer over the same configuration. No need to build your network from scratch.
@GabrielSoldani That's a great point and I hadn't thought of that.
I went with ubiquiti ecosystem (edge router and access point), and while you could buy them in same device, I still think it is best to have them separate:
1) you can upgrade one as you mentioned
2) your whole network wont be down if you swap AP
3) offload WLAN load to other device, and focus on handling traffic on edge router. I don't know if this is really relevant anymore, but with 1Gbps internet speeds you could bottleneck your internet speed with low end CPU with specific types of traffic (huge parallel downloads, I think torrent is good example of that).
Everyone has different needs though, and for most single device is probably best way to go. Personally, I like to have them separate and have manufacturer focus on that specific thing, rather than building all-rounder.
Run OPNsense as your main router, then use old wifi openWRT routers as a bridge with multiple vlans /ssids trunked back to your OPNsense router. OpenWRT rocks and makes it pretty easy to setup different wifi vlans for IOT, guest, work, mgmt, etc. but as your main router? Only if you don’t have a lot going on.
Depends what hardware you run it on, they have a build for x86/64.
What's the point of all that in a home network? Protecting your cheap Chinese made cameras from the company that built them from spying on you? That seems to be about it: being able to run devices you shouldn't and don't actually trust.
@ when you gain more experience you will get a better understanding of the reasons. You really shouldn’t trust any devices or software period, first of all. The other major reasons for network segmentation is simple organization. It’s easier to track, monitor, and manage. Some of us have a lot going on in our homelabs, some of us run hundreds if not thousands of devices, VMs, containers, etc. some of us are using our home networks to learn how to do things at the enterprise level. Hope this helps you broaden your perspective.
@@Andy-fd5fg OpenWRT x86 is pain to update, I used it for years before I moved to pfSense. Now I have so many rules, I'm not even sure how I would replicate the configuration on OpenWRT.
I always install OpenWRT when I can on on Access Points or spare routers I want to use as an Access Point though.
@@alexatkinlook into A/B partition updates on GitHub. I already split my routers SSD into 4 partitions (bios, fw A, fw B, and persistent user storage)
Two comments: First, don't ever change your theme music. It's very soothing, and I know instantly I'm "home" with you!
Second, I just upgraded to a new Protectli Intel box with four 2.5Gbps ports (I have 2.5 Gbps fiber now--yay!), and migrated pfSense over to it from the previous router. It works fine, but I can see possibly changing over to OpenWRT for some flexibility and features that pfSense doesn't do well. Also not happy with the convoluted steps I have to go through now to get pfBlocker working again. Yeesh!
Thanks for this vid--as always, you explain things like a good, down-to-earth friend would! I'm definitely saving this vid for future reference.
I've only used OpenWRT once, though I've used DDWRT plenty. It's great for bringing new life to old routers. Thanks!
Just know wireless drivers with most routers won't be as good or up to date with reference to blobs with OpenWRT/OpnSense/etc. Use a seperate wifi router in conjuction as an AP only connected to your OpenWRT/*Sense, etc.
Hardware offloading mean that the CPU does not process the packages but there is a dedicated chip doing that task. So it's a must-have feature, moreover, it will be interesting to see some iperf benchmark between two hosts or directly between a laptop and the router to see the real speed of the router. Anyway nice video, you convinced me to buy a router that supports this os to install wireguard there instead of my raspberry!
a normal intel/amd CPU can do 1 gbit no problem, it's an issue for 10gbit or more
@@marcogenovesi8570These routers have baby ARM CPUs. They lean heavily on ASICs for packet pushing and fortunately the SoCs are often great at it.
Any remotely modern x86 CPU should be able to shift 10G in software unless you start throwing IDS/IDP duties at it, even very low power, weak Celerons 😊
Finally, someone covering OpenWrt, the only modern and as much upstream as possible router OS. It also supports SQM, AQL, FQ_Codel by default, so QoS is better than *any* vendor router software.
It was a test-bed for FQ_Codel, etc. in the early days, so it was ahead of everyone else.
Yeah, SQM is so awesome on my vanilla OpenWRT GL-MT6000. My latency is constantly at 7mS during idle, or saturated download AND/OR saturated upload.
No other QoS method has come even remotely close to how well SQM works for me. Gaming, voice and video comms, remote desktop sessions, interactive terminal sessions, etc, are all perfect with it. Low latency, low jitter, low loss, even during many downloads and uploads.
@zekicay
Dude freshTomato is way better than OpenWrt
So I currently have a mesh network of TP-Link I have (3) Deco x55 Pro and (3) XE5300. I just upgraded to 2 Gig Up/Down fiber about 6 months ago. I have been pleased but I am a little worried with all the buzz around TP-Link is vulnerable to attack. I repurposed an older Dell R210 II to run OpenWRT it has Xeon processor 32G of RAM and 250G drive. I added a GLOTRENDs 4 port 2.5G NIC. I got that all working today. I have not made the switch yet. I don’t want to go buy all new Access Points. Not sure if I have my openwrt router doing all the routing and my TP-links as just Access points if that reduces the risk?. I don’t think these are on the supported list to run openWRT on yet. Any suggestions. My only concern is power draw. Your videos gave me some key insights. Tailscale looks cool. I have been using Twingate but this has some advantages. Thanks for the video. Sorry I wrote a book
I bought an old Sophos XG firewall for $20 and upgraded the memory to 4gb and installed Sophos Home firewall. So far, I'm out about $30. Separate AP because I have a server in the basement and put the AP in the center of our house.
30:00. You can use any thumb stick or SD card (if your router manages to have SD card reader) to use as storage trough Extroot, with the expense of having a permanently attach memory stick plugged into you device. I used to have those on my OpenWRT router and worked preddy well most of the time.
Tomato, OpenWRT, DDWRT, whatever open firmware is great. I ran really inexpensive routers as routers, AP's, managed switches for the better part of the last 20 years. I spent some time with Unifi but it wasn't as stable.
It was a great intro to network administration, and a good stepping off point to unifi, Mikrotik, Omada setups.
I use openwrt and ddwrt on very old routers to convert wired only devices to wireless and setup wireless bridges. I also use it for my home internet Wifi AP. They work great!
I work at a smaller regional ISP company as a technician. We are using our custom build of OpenWRT on routers that we sell to clients. I personally have this in care. We are using TP-Link Archer C6 v3.2 and when we started using OpenWRT instead of a stock firmware, since then, remote support is much easier. For example, even if client resets it, we can still log in and set it again for them, if client is not tech-savvy to configure it. Also it is secured much better than in stock and I love the option of classic linux shell access if needed
Definitely a nice cheap option for a router with much more capabilities than off the shelf routers or ISP provided routers. You make a good point about the pfsense/opnsense route, I recently built an opnsense router using an Lenovo M720Q paired with an Omada EAP-772 access point and total project cost was around $330.
OpenWRT is fantastic, I've deployed everywhere from core firewalls to edge WAPs and wireless PtP and PtMP setups. It's never let me down!
Must have lucky hardware. Its hit or miss with most people.
What devices are you talking about?
BananaPi BPI-R3.
Has OpenWRT support. 2.5gbit SFP ports WiFi6 and 2gb RAM with 8gb eMMC storage!
Can do 1600mbits in close proximity with a modern phone and you can run Docker on the Router itself!
The BPI-R4 is even better with 10gbit SFP+, but no working WiFi7 yet on that device. Might take another few months.
I'm planning on buying a bpi-R4 as my router. Are those things as good as they look on paper?
I don't need WiFi on it, I'm using access points for that.
@@Guillaurent If you dont need the WiFi, yes.
I've played around with OpenWRT back in the day, had it installed on a couple of Linksys WRT54G series routers. Haven't used it in quite a while though and wanted to re-acquaint myself with the system and see if there was anything that was different from the way things used to be. Great video! You may have convinced me to try and find a refurbished commercial router for cheap and play around with OpenWRT again.
Your reasoning is sound, thanks for sharing the alternative and what it looks like. I just did it using pfsense and had the same experience, kept needing more and more knick knacks
Something fun you can try with the 2.5gbit port for a homelab is to assign it as your lan port instead of your wan and then have a cheap managed 2.5gbit switch behind it and do inter-vlan routing at 2.5gbit. That is if your router can handle the load but only testing will find that out. But if you wanna mess around with different VLANs for your clients and servers for example that's an option.
Maybe that's an idea for a future video? Add one of the cheap chinese managed 2.5gbit switches and test the performance of a setup like this with a NAS on one network and a client on another.
I did use openwrt for a while but learned the hard way that things can go wrong. For whatever reason my model of router was skipped by several versions of openwrt and then finally a new version was released that was compatible. I figured I'd just flash that onto the router and whatever right? Nope, turns out the procedure was to revert to the original factory firmware then flash it to the newest openwrt. My bad, it wasn't exactly easy to figure that out either, I had to spend a while searching to learn this. Oh and since it was kind of an emergency to have a bricked router I quickly went to the nearest store and bought whatever router I could find and luck would have it, openwrt doesn't support it. Openwrt was great while it lasted :P
Hell yeah 👍 I've used OpenWrt for a very very long time, and DD-WRT before that. Glad you saw the light.
This is so very interesting, I literally just bought a router yesterday so I could do exactly this (it was an ASUS, for $82 AUD from Amazon... What a deal and if I brick it it's not expensive.). Interestingly I had a great experience and it was easy to do (I connected the WAN to my existing port and was able to download the firmware directly to the device). The only thing I had to do was disable ipv6 because I have a Pihole and it was causing ads to not be blocked, I might need to do some more engineering of my network for ipv6 now it's supported.
Great suggestion, if I hadn't already just done it I would probably take the jump from this video.
17:50 I had this problem on a different appliance when I installed OpenWRT. Turned out the device was VERY sensitive as to which RF channels would work with WiFi6. Only about 3 of them, and 2 were already congested with neighbours AP's so yeah, after a few hours of trial and error, I hit a good setup and I'm never touching it again... 😮
It's going to be a couple months before I can dive into this, but I think it's going to fix serious issues I have with Frontier Fiber. (they take control of the lan, as well as wan. I need assigned IP's that they prevent..)
Worth a try.
the real biggest L with redhat based routers is the lack of good open source hardware offloading support, unless you've got like a shit ton of high clock cores
Redhat based?
Mediatek has hardware offloading support on OpenWRT while Qualcomm requires a fork built with NSS. Can be done if your network needs it though.
Thank you for all, what you're doing from the East Europe :)
20:00 When dealing with connections between networks (like browsing the internet) the data flow passes through the CPU, that does all the package translation like NAT and so.
Flow offload, like the name says, offloads from CPU whis workload if the hardware supports it. As far as this functionality relies to the hardware, there's some security questions that need to be addressed, but offloading this task from CPU increases the internet speed.
I have this exact device at home with openwrt as an access point (not router), and it's been great for that. at the time I bought it it was one of very few devices around with 4x4 wifi stream support. also using openwrt on an x86 virtual machine as a router.
If your host that runs the virtual machine is Linux, you can also run OpenWRT in an LXC container instead.
Router in the 5 Ghz band first checks whether the selected channel is free (it is about weather or military radars, for example). Sometimes it takes up to 20 minutes for the access point to be visible. This is called Dynamic Frequency Selection (DFS). However, this seems to apply only to high channels in the 5Ghz band. The only strange thing is that the network is visible on the laptop and the phone is not.
im wondering if it would make sense to actually replace my old router, nas and home assistant server by one more powerful server wich handles all of that in either containers or vms and use repeaters or access points instead. Would that make sense regarding power efficiency? I want to merge my home assistant and NAS anyways.
I run OpenWrt on proxmox with bunches of other containers and such and it routes 10 Gb fiber just fine and it's been solid AF for several years. Recycled some old retired desktop parts for hardware.
I have this router with OpenWRT, unsure if they have fixed the below issue but:
#1 - DO NOT UPGRADE CORE PACKAGES VIA PACKAGE MANAGER, it will brick the device, upgrade by downloading the new firmware again from OpenWRT and flashing the new firmware via the Web UI, I imagine tailscale and whatever else should be fine (I use as AP so I dont use packages)
#2 - No need to run the last setenv command, if you leave the boot args for usb and keep the usb with that image on it named exactly the same in a drawer somewhere (not plugged in), if you do brick it from #1 (I have) then you can possibly recover from the USB without serial, you would still need to setup from that step again by plugging in the USB and doing the ssh / send the device specific firmware
#3 - I also have speed issues with 5GHz, I think AX is supposed to be dual band to get WiFi 6 speed, although I could be wrong about this. Would test speeds with stock firmware and see how they have it setup before flashing OpenWRT
the "solution" to 1 is to use attended-sysupgrades and have the device itself request a firmware to the openwrt servers with the packages you have installed so it can be flashed. This also saves space because all the packages will be in the high compression read only part of the firmware image now
Funny.. I've been configuring all kinds of Asus routers in Wi-Fi AP mode and everything is just passed through to pfsense. DHCP, static arp, firewall rules, VLANs... I enable an additional wireless MAC filtering on access points, even though the firewall doesn't allow unknown devices. An AP is just a switch relaying the wireless VLAN traffic to the firewall.
So why are you here?
Never experienced a failure on pfsense. Not even once.
Still running an openWRT in parallel on the same Internet connection and connecting one of the cameras to the Internet via that alternative router. As long as there is Internet connectivity...
Mikrotik hap ax2 or 3 are also great options for homelabing. But I would recommend them to people that like to play around with plenty of network settings which can get overwhelming at first.
I remember starting using openwrt around the time that fon's LaFonera free wifi router was released in oct 2006, openwrt was released january 2007 so guess that was the very first version, 17 years now.
Wow it looks like WRT has come a long way since I did it with an old Linksys and Buffalo a/g generation router with a whole 54 Mbps wireless bandwidth. Might be time to look at this again. Thanks Colten!
0:25 your openwrt menu looks way nicer than mine what version is this, I have never seen something similar anywhere else
OpenWRT runs quite happily on PC and Pi as well, though I agree that its biggest party trick is unleashing the power of commercial wifi routers. It is my preferred solution as old routers are a dime a dozen.
One time I embedded a firewall / router inside my computer. I removed TCP/IP from my hardware NIC and routed it directly into Hyper-V and used the virtual NIC as the TCP/IP connection.
The only way I could get online is to boot the router / firewall in the VM.
OpenWRT on the Dynalink is a great combo. I’ve been running it solid for almost a year with fiber.
Great vid. Can OpenWRT do satellites and mesh? I've not played with it really at all. Would make a solid video...
Yes it can do mesh but on certain chipset
@@MedicalServiceKenakMedika Pretty much any supported OpenWRT device can be configured to run a GRETAP or VXLAN tunnel over Wifi to another OpenWRT device. The advantage is that even VLANs can be tunneled across.
Another IT gateway drug, this time for networking 😂 nicely done! I love how you make this approachable 😊
OpenWRT is a common practice to install on a Proxmox VM on multi-port Mini PC in China, I guess OpenWRT is simpler than the *sense for routers. Sadly many new routers especially those support Wifi 7/6E doesn't support OpenWRT. It'd be crazy if it does, cheap consumer devices with advanced VLAN capability wireless.
Which Is Better?
It really depends on your use case:
OPNsense is ideal for users who need a full-featured firewall with advanced security, are willing to work with higher resource requirements, and prefer a user-friendly interface for enterprise-level or heavy-duty home network setups.
OpenWRT is perfect for those who need flexibility and customization and are running low-power hardware (or older routers), or if you want to experiment with Wi-Fi management and wireless networks. It’s great for home use, DIYers, and those comfortable with manual configuration.
If you’re looking for a powerful firewall, OPNsense is likely the better choice, but if you want a lightweight, customizable solution that works across a wide range of devices, OpenWRT is a solid pick.
Also, *sense is only on OpenBSD, which is effectively a dead end, while OpenWRT is based on Linux, meaning that it’s even more expandable than the BSD-based *sense router OSs, and there are more and currently drivers for a lot more devices, making it easier to run newer hardware.
@@fujinshu I appreciate your input, but I think there are some important distinctions to note. OPNsense, while based on OpenBSD, offers a level of security and stability that’s hard to beat, especially with its advanced firewall features, VPN capabilities, and traffic shaping options that OpenWRT doesn’t quite match. It’s not a "dead end" - OpenBSD is still actively maintained and used in enterprise-level applications, and OPNsense is continuously updated with security patches and improvements. While OpenWRT excels in flexibility and is great for custom setups on low-power devices, OPNsense brings more robust enterprise-grade features, especially for users needing deep network control. It’s not just about hardware compatibility - it's about use cases, and OPNsense is a more powerful choice for those requiring high-level firewall and security capabilities. Both have their strengths, but OPNsense’s security-first approach and deeper control set it apart for more complex network needs.
Wooooo, I have this exact router and use openwrt on it, the price to specs is crazy for it and ofc openwrt was a requirement for me to buy the router, nice to see this getting the attention it deserves
OpenWRT is the only reason my Linksys WRT1900ACS is still my only piece of network equipment.
It's at least 8 years old, and Linksys stopped updating the firmware at least 5 years ago.
But OpenWRT is keeping it fresh and functional with my 1Gbps f/o connection.
I think the best speed I've gotten with Fast over Wi-Fi was about 600-700, which is pretty good for a nearly decade-old Wi-Fi 5 router.
Pro Tip: Keep your network gear well-ventilated. Most of this unit's existence has been sitting on laptop coolers to increase hardware longevity and reliability.
Though not a pro, one thing I like is having my main desktop hooked up with Ethernet cord while other things are on WiFi. When you flash in new firmware, you always want it to be on the cat 5 cord instead on over the air. I also like having my "daily driver" computer on cat 5 cord to have first dibs on Internet.
Pro tip: Changing the country code to a nation without transmission power regulations allows you to communicate with the International Space Station.
In the very worst case someone might come to your door (very unlikely, but possible in theory).
Using a router to route is a great option! After looking for a mini pc that was power efficient, had linux compatible WiFi, and lots of ports, I was eventually like "oh wait they make those"
OpenWRT is awesome, and longevity is insane. I have a 802.11g router, 20 years maybe, and the IBF thing is still supported!
OpenWRT is where it's at period. I have 17 of them in my home lab myself. Plus it's way more flexible than some of the other distros I have dealt with over the years.
Very nice! I ran OpenWRT in the past and might again. It's nice that you can run adblock and VPN.
I like DD-WRT better.
Been using it for 10 years to make 100 yard wireless bridges to tie my wide area network together.
Once you figure out how to make a client wireless bridge, you'll never touch a wifi range extender ever again that halves your bandwidth that tries to do everything on the same one channel.
I use openwrt on my main router(mi4a gigabit) also all of my old routers like tl wr940/740 DD-wrt and openwrt, using those in house for last 5 years
Old provider-locked FritzBox from a flea market for 10€. Provider unlock and flash. Frugal little computer that's relatively safe and that you can just stick anywhere all over the place.
Opnsense has a lot more features and a lot easier to use. Wont accidently brick a router by picking a wrong option either. At least for me.
It would be great if you could setup a second video to show how to configure multiple openwrt routers into a mesh with a wifi and ethernet backhaul
You can work around the space issue on openwrt, by using an extroot configuration using a USB device as extra storage, even 500mb is lots for openwrt.
That's just what I did with my DD-WRT router. Gives me space for packet captures which is great for troubleshooting.
What was the WAN performance of the router before you flashed it with OpenWrt?
I run openwrt on a usff/micro optiplex 9020 with a 2.5g nic in one m2 and a wifi6e card in the other m2 and a sata ssd, it uses 15W under max load and is fast as heck, the bios post takes longer than boot + connect and it cost like $70, i prefer not have it virtualized because it is a somewhat critical piece of the network and it basically never gets touched
get asus routers they fully support open wrt and even contribute and integrate code from and to those projects into their default os they are very robust most of them have plenty of storage and ram and other features they are also compatible with different flavors of open wrt like tomato or dd-wrt and many others.
One thing to note about returning to stock, on both my Asus and gl.inet routers via the recovery webui, I found I had to use older official firmware otherwise the restore would fail.
I use DD-WRT because at the time I bought my router, it was the only compatible option available. I'm asking you: is there any mesh system compatible with DD-WRT or OpenWRT? I need to expand my WiFi without having to drill into the concrete and Powerline doesn't work for me.
“Don’t worry I didn’t brick it” lmao
Thanks it was a great idea! I'm gonna check my old router, whether it can be used with openwrt after your video! :)
If you have your routers connected on their router port, as in the WAN port, there’s a lot of overhead with routing as opposed to switches. Swishers transmit packets 10 times faster than routers.
Can you do this to an ISP provided router? I have a T-Mobile router. Doesn't T-Mobile need to talk to it (so would need specific configuration)
Have you looked into VyOS?
I had 3 Google Wifi units on which I installed OpenWrt. To ensure my home wasn't without WiFi during the process, I bought 4 used units, installed OpenWrt on them, and then sold my original 3 for the same price I paid for the 4.
And now i have 4 vlan and 3 SSID 😀
To get the true network speed test, you don't hook up the Dynalink router to your Main router at home.
Otherwise you are actually using double NAT. 1 NAT from your main router and 2 NAT from the Dynalink router.
ooh the argon theme looks nice! the Ui was what was holding me back from jumping fully on openwrt. Im currently on freshtomato, but openwrt has some distinct benefits with the easier to install packages
I do remember owning D-Link 859 before it was EoL. Flashed it with DD-WRT because it was easier to flash that thing there back then and never experienced any of it for the first time. It was bought back in 2018, lasted years on us until we haven't used it anymore but managed to flashed it with OpenWRT before that. We stopped using it because the wifi antenna stopped sending signals but the routing and switching capability still works. I thank for third party firmware for making our router lasted for 7 years! Just don't buy cheap routers because they have small storage and ram. Also don't buy any routers that are not Qualcomm or Mediatek because they have more compatibility than any other routers brands that I am aware of.
Back in the day I used dd-wrt however WiFi 6 was unsupported which was a deal-breaker for me as I've been trying to move over to that. I still have that trendnet router somewhere around here.
Not quite enough to convince me to replace my "forbidden router" but this is indeed very compelling. Thanks for the quick look!
there are actual routers on the market with openwrt pre-installed, to carry with me, i did get a gl inet router that has openwrt baked in.
This is crazy timing.. i just installed openwrt on a router 2 days ago... looking to expand with 802.11r and some more APs soon
If you have gigabit Internet from your ISP then you want that 2.5Gb WAN port. Due to overhead on your Ethernet connection a gigabit port can only reliably achieve about 940 MBit/sec. A major US cable ISP (ahem…) typically provisions 1000x35 connections at 1200x42, and 1000x1000 (yes, there are markets that have that over coax!) connections at 1200x1100 so you have a fighting chance of getting the full gigabit.
The ISP’s WiFi 6 and 6e routers have 2.5Gb WAN ports and 1Gb LAN ports as nobody really needs a gigabit on a single device, but you might need two devices at 500…or 10 devices at 100.
Been using and developing on Openwrt for 12 year. Has never let me down
I can only recommend the NanoPi Devices. I use a NanoPi R5S to use plex in a container and two disksets connected via USB (One Backup). Works like charm and i can use 2.5 Gbit Ethernet. The ice on the cake is i have also a mainframe (yes mainframe) running in a container to play with.
Can OpenWRT do mesh? My Orbis are providing the best coverage I've ever had.
I've been running opnwrt on my N100 mini PC for a long time. I prefer it over opnsense and pfsense . Built in adguard is also a huge plus
I've had 3 Netgate pfSense Security Appliances. I thought I'd be running pfSense forever. Wrong! When Ubiquiti came out with the UCG-MAX, I bought one to play with. Well, that didn't last long. I've since retired pfSense in favor of UniFi.
So could you (or anybody) turn a router in to a simple nas if you have a extra router laying around? I would love a extremely simple nas with no option needed to configure, like a router with a usb hub then plug and play file storage with no extra funktions what so ever. I get that it will be slow and any redundancy will have to be manual, I just want a simple storage all pcs and phones can read and write to. Does it even need security behind my main routers fire wall for none sensitive data, or will the wifi make it a target for all my neighbors, after all wifi uses user name and password?
Yes. I have the exact same router and openwrt and have it set up as a Samba server (networked file system drive) sharing a 2TB external SSD on the USB3 port as a backup destination for Duplicati. Done, daily it takes a couple of minutes to do an incremental backup and the router doesn't miss a beat
Thanks for the alt viewpoint!
The 5G band not showing on the phone issue is mostly because you set the channel as auto and some devices (specially phones) can’t recognize all the 5G channels (specially the higher freqs), the solution is to set the 5G channel manually to 40 or 44 and it will work on all devices