Was rather shocked to find BT hubs don’t allow you to change DNS servers anymore and force you to use their own ones, so I can’t properly setup adguard.
What routers are people using now that are reliable and will let me control my own network configuration
You must log in or register to comment.
Mikrotik. The depth and breadth of a tiny Hex S is mind blowing.
What i love about Mikrotik is. You buy it once and own it. Unlike something like Cisco or Juniper. You got tons of licensing fees.
I converted everything over to Mikrotik earlier this year. Excellent hardware and software and cheap. But has a bit of a learning curve.
Been using my Hex S for 4 years and couldn’t been happier. It’s crashed on me the total amount of zero times.
I like mikrotik, but if you’re not familiar with routers and their configurations, then it’s going to be a steep learning curve.
The hex S is wonderful. I don’t have one but I keep going back to look at it and weigh my options.
I don’t need another router, I really don’t. But it’s so nice! But I don’t need it!
I have Juniper, Cisco, watchguard, sonicwall, ubiquiti… So many routers and firewalls, I really do not need another one.
But I want one.
I got a hEX S a few weeks ago and I love it
Surprised to see no mention of the Edgerouter X in this thread so far.
Honestly, if you’re looking for a simple, highly customizable router that comes with its own hardware, and don’t mind supplying a separate access point, you really can do a lot worse than the ERX. They’re small, highly affordable, use very little power, and it’s all just Debian under the hood so you can do an astonishing amount with them.
Yeah this is what I’ve been running for the last few years. Incredibly stable and does everything that you want for a small network. Even has poe passthrough if your AP supports that
What AP would you recommend for use with it?
Honestly, your average SOHO router can easily be turned into a good enough access point. I’m using an old Asus router for mine. A Ubiquity access point is also a solid choice for cost vs performance. Or give TP-Link a look, they’re always a decent bet for wireless.
I have a ubiquity commerical AP, though only because I happened to get it for free. It’s probably overkill for home needs.
I have been using this for years and cannot recommend it enough. It’s literally the perfect home router in my opinion. Highly customizable, affordable, small, no gimped features “for ease of use” or whatever bs and extremely stable - I have never once had to touch it or reboot it after setting it up, which is more than I can say for any other router. The only downside is that you do have supply an AP separately.
It’s a great little machine. The downside, though, is that it’s not that powerful at all. With hardware offload enabled and features like QoS turned off, you’ll get about ~600mbps of max total bandwidth shared between up/down.
For most people that shouldn’t be an issue, though.
Can confirm - I am on an edgerouter x for years now - you can do anything you want with it. It’s not casual friendly - just keep that in mind.
Pfsense is fantastic. Extremely flexible. I am contemplating switching to opensense when it’s time for an upgrade (it’s been running seamlessly for many years, but someday I’ll need to).
Note that it’s a router, not a wireless access point. For that I use a few Ubiquity APs (I forget the model).
I just ordered a Netgate SG-1100 and I am beyond excited to spend the next few days seeing what this thing can do.
Surprised that no one has mentioned the Fresh Tomato project
There’s a ton of functionality built into it, and it is regularly updated.
If you don’t want to go the route with building your own hardware there is also mikrotik with which I’m pretty happy. Something like the hex s is pretty cheap and has a sfp port if you have fiber.
Literally anything that’s not ISP provided should give you the flexibility to set your own network parameters, but if you want strong flexibility beyond that, I’m going to throw my recommendation to opnSense, it’s a fork of pfSense and the only reason I like it over pfSense is that the interface is very different and to me, it makes a lot more sense in how it’s laid out.
That’s personal preference, YMMV.
For consumer gear, ubiquiti has some strong units, the ER-X is pretty reasonable, but the unifi line is somewhat more beginner friendly, but tends to bury advanced features a little bit, focusing more on usage and reporting of activity and such.
Lower end consumer, the usual contenders are tp-link, and Netgear, though I lean more towards stuff from Asus, or anything on the dd-wrt compatibility lists… I ran a Linksys WRT54GL for a long time because of dd-wrt. I haven’t kept up with the “wrt” variants over time… The last time I touched dd-wrt was on a relatively high end (at the time) Asus router and it did very well… Might be work looking into. There’s usually a trick to getting wrt firmware into a router though, and it will likely void your warranty, so buyer beware.
Circling back… My biggest issue with opnSense and pfSense, is the choice of hardware, unless you’re buying direct from pfSense’s netgate product line, you’ll have to source something to run it on, and my biggest issue with that, personally, is that I want something small, like a router, IMO, should be, at least smaller than most PC’s, that’s relatively inexpensive, with at least two built in ethernet ports, since I’ve found that USB ethernet options are generally not very reliable. And usually, I can find something small and cheap, but there’s only one ethernet port, or I can find something cheap with plenty of networking, but it’s not small, or I can find something small with plenty of networking, but it’s not cheap.
So I’m running a sonicwall at home, because fuck all this other junk, I just want something that does what I want it to do without hiding all my options behind some garbage, or a system that can only work a particular way, and you don’t get options to change it. Or something that’s huge or expensive… Or something I have to spend a lot of time setting up, maintaining, or fixing. For me, that’s sonicwall.
I opted for a Fujitsu Futro S720. It has only 1 Ethernet, but you can add a second one with a PCI x4 card. Used are very cheap and consumes about 6W (if I’m not mistaken).
I use Protectli hardware with Pfsense or Opnsense. Doing this at home and in 10+ small/medium environments. Never had any issues, I highly recommend Protectli hardware + pfsense/opnsense.
You can also get cheaper mini PC’s on Alibaba for cheap. I did this in 2017 and it’s still going strong. No moving parts, all passively cooked with an Intel laptop chip that has hardware encryption built in (core i5).
Been using opnsense since the start and it’s been rock solid.
MikroTik is super powerful, customizable and affordable.
I run OpenWRT on a RaspberryPi and it’s great. Happy to answer questions.
Where did you attach the second ethernet NIC?
I used USB Ethernet adapters in both USB ports. TP-Link UE300, been rock solid.
If you have a pi kicking around or a docker instance of pihole you can use it to take over dhcp of the router and then set the dns servers in pihole.
That’s what I do currently on my home hub
That might be the way to do it. I’m somewhat unfamiliar with networking, what does DHCP do?
DHCP strands for dynamic host control protocol. It is a server that assigns dynamic IP addresses to devices on the network which request it.
So the pi takes over dchp and assigns itsself as a DNS server? I assume if I want to assign static IPs I have to do it through the pi from then on?
Can’t use pihole because I’m running NixOS on my pi and the only way to run it is via docker container (which melts down my system, believe it’s trying to emulate x86 for some reason)
Old computer, or Raspberry pi with proxmox and pfsense on it. The positive thing is that you can run other servers as well (pi-hole for example for network wide blocking ads)
If you’re using pfSense anyway, pfBlockerNG provides the same AD related DNS sinkhole functionality of pi-hole without the need for a whole separate machine/VM to manage.
You could also use OpnSense and install AdGuard Home on that.
I’ve been relying on pfSense for around a decade.
I’m guessing I would need to get a modem too then, no? I’ve got the BT router that takes the DSL connection directly currently
I just bought my own hardware and loaded PFSense. Put the ISP modem in bridged mode to disable all of their nonsense.
I set the DNS servers I want in PFSense and that filters down to everything on the network.
pfSense on a ZimaBoard 216 works astonishingly well and it’s easy to setup and manage. Toss in a Mikrotik CSS610 and you have a vlan ready setup in under an hour.
If you don’t like the ZimaBoard, you can go with any of the Topton style router PCs from AliExpress for a couple hundred and have a 2.5Gb router running in proxmox with docker in a separate VM.
pfSense is great!!! I bought a Netgate router which comes with pfSense Plus.
OP, consider buying a Netgate router if you want no hassle, or if you’re up for installing an OS then you can put pfSense on a custom platform like ZimaBoard or Protectli.
Just wanna put in a good word about GL-iNet routers … they are more travel- and pro-sumer focused than a lot of what’s been mentioned here. They run a proprietary front end on top of OpenWRT, but if you don’t like that, most of them have full support in vanilla OpenWRT.
These are definitely more for the tinkerer market, their documentation and firmware can have quirks, but that being said (and as somebody who wouldbe wary at that caveat) I have been using GLi routers with manufacturer firmware as a daily driver for 3+ years and once you get them set up they are very solid.
Might be a good option for the digital nomads among us who need a smaller device which can connect to a host network and then send all traffic over a VPN with very easy setup.
Do they have mesh options?
Good question, I’m not entirely sure as I have never used mesh features per se.
I do currently use a GLi Creta as a wifi extender to a GLi Slate AX, but that’s likely not what you’re asking about (I believe it’s a layer 3 (?) bridge from WWAN to WLAN/LAN). It does work pretty well in this role, all factors considered.
I bought a cheapish small PC with 4 Nics and ran pfsense for a long time, that’s your best best. I’ve ended up with a Ubiquiti Dream Machine, less time to tinker and higher need for production with working from home
