DIY routers and APs

[Tech9]

I am planning on using my 86U as a access point with VLAN tags using this script as a basis

This part is a bit of inconvenience. Native VLAN support APs is much easier. Asus home router VLANs fight is model specific. I believe using home routers as APs is a transition step only for folks going towards router, switch and APs way.

 

[Jeffrey Young]

This part is a bit of inconvenience. Native VLAN support APs is much easier. Asus home router VLANs fight is model specific. I believe using home routers as APs is a transition step only for folks going towards router, switch and APs way.

Can't agree more. If the RasPi works out with OpenWRT, I will likely in the long run just purchase an off the self AP that has VLAN support and send the 86U to my Mom's house to replace an ancient N56.

In the meantime, I am just trying to limit cost (have already picked up a RasPi - which is pricey right now with the chip shortage, and a managed switch).

 

[Tech9]

Some more low cost options in this thread here:

TP Link ER605 vs ER7206

Anyone have any experience with these? Mainly I want DCHP control with reserving IP addresses and Adaptive QoS for gaming devices etc..... Thanks in advance.

www.snbforums.com

I've tried both, works pretty well. No issues with USB adapters and Mini PCIe adapter. They just need to be the right ones.

 

[Clark Griswald]

Glad to read the work "The Experts" are doing for the DIY group!
I hadn't thought about the pi as a router
This past weekend, I built a Pi 4 (8GB) server to move to Pi-Hole, PiVPN.
"Griswald Easy" to build and setup.

 

[elorimer]

Since my TrueNAS server is running 24/7, I wonder if it would be feasible to run something in a Linux container. hmmm.

 

[Jeffrey Young]

Since my TrueNAS server is running 24/7, I wonder if it would be feasible to run something in a Linux container. hmmm.

My RasPi4 NAS is barely taxed, so I put PiHole Docker container on it. Have not had any issues.

PS: I run Ubuntu on my Pi

 

[Tech9]

I personally avoid multi-services running on single hardware. Router/Firewall definitely separate dedicated device.

 

[john9527]

@dave14305

Was just wondering on the Pi4 OpenWrt.....are you doing WAN/LAN VLANs on the single ethernet port, or adding a USB3/Ethernet adapter to have separate WAN and LAN interfaces?

 

[dave14305]

@dave14305

Was just wondering on the Pi4 OpenWrt.....are you doing WAN/LAN VLANs on the single ethernet port, or adding a USB3/Ethernet adapter to have separate WAN and LAN interfaces?

I have a TP-Link UE300 (RTL8153) dongle for the WAN connection. So it's a bit of a pain to load a vanilla image since the driver isn't included in the base image. If I had a managed switch, I could get by without it since my DL maxes at 480Mbit.

 

[AndreiV]

I’m not likely to buy another all-in-one WiFi router again. I will do a separate wired x86 or RPi router with a modern Linux kernel, and a WiFi access point which can have all the proprietary WiFi drivers it wants. As consumer broadband speeds increase, the all-in-one paradigm shows its limitations. At least for power use

Turris Mox and Omnia can be tweaked any way you want. Mox is modular so you can add extra ports etc. and firmware is changeable on both models.

The new Omnia 2022 is on target for next year and that has plenty of new toys :

CPU 2GHz Quad-Core 64-bit, more RAM (4GB and higher),Wi-Fi 6, 5G, 2x 10Gbps interface (WAN & LAN), internal SSD option

 

[thecheapseats]

Great thread here - gotta' love the SBC (single board computer) form factors whether they're x86 or ARM for leveraging a modular hardware approach to a router, then adding APs of choice - as APs are the rapidly moving/evolving targets these days.

The issue with many SBCs is availability in these 'lean' component times - so good luck with that. It's very hard to beat the RPi 4b/8gig at their price points today.

I've been a big fan of quotom boxes for routers (pick your software) as well as RPi 4b for a gps/ntp - or just about anything you can throw at them. The new compute module RPis are the way to go if you can buy/find one (eventually) as the host cards for them are evolving quickly...

 

[thecheapseats]

...It seems more like the prevailing view is along the lines of "GUI....real men don't need no stinking GUI"...

^^^that...

 

[john9527]

The new compute module RPis are the way to go if you can buy/find one (eventually) as the host cards for them are evolving quickly...

Hadn't heard of this series before....very interesting.....

reRouter CM4 1432 - Raspberry Pi Based Mini Router, Travel Router, Dual Gigabit Ethernet, OpenWRT OS

The Mini Router is pre-installed Seeed's custom OpenWRT system, the hardware is equipped with dual Gigabit Ethernet ports and dual USB 3.0 ports, as well as a Raspberry Pi Compute Module 4 with 4GB RAM and 32GB eMMC. The full system makes it suitable for soft router applications while keeping...

www.seeedstudio.com

 

[thecheapseats]

Hadn't heard of this series before....very interesting.....

yes, as the new compute module is a daughter board that will drop into host pcb boards designed for differing hardware applications... as well the new compute module can be ordered without wi-fi - possibly practical when external APs are added in a router/AP application...

 

[john9527]

Probably will regret asking....but....

For those of you familiar with OpenWrt.....what are the essential packages would you want to see included in a 'base' build for a good out-of-the-box experience. Right now talking about an x86 target, so really no worries about memory or storage space. Think replacing an all-in-one router.

 

[dave14305]

Probably will regret asking....but....

For those of you familiar with OpenWrt.....what are the essential packages would you want to see included in a 'base' build for a good out-of-the-box experience. Right now talking about an x86 target, so really no worries about memory or storage space. Think replacing an all-in-one router.

I don’t use much when I run OpenWRT.

htop irqbalance lsof sqm-scripts luci-app-sqm tcpdump

 

[Tech9]

Hadn't heard of this series before....very interesting.....

reRouter CM4 1432 - Raspberry Pi Based Mini Router, Travel Router, Dual Gigabit Ethernet, OpenWRT OS

The Mini Router is pre-installed Seeed's custom OpenWRT system, the hardware is equipped with dual Gigabit Ethernet ports and dual USB 3.0 ports, as well as a Raspberry Pi Compute Module 4 with 4GB RAM and 32GB eMMC. The full system makes it suitable for soft router applications while keeping...

www.seeedstudio.com

Very nice! I didn't know this thing exists. And the price is right.

 

[Clark Griswald]

The Pi World is filled with all kinds of Magical Holes to follow.
Edit:
Currently installed & learning Docker, Portainer, and WatchTower.

 

[john9527]

Though I'd give a little update on where I'm at with my x86 OpenWrt build...

Working and included in build

• VLANs
  Configuration: Part gui, part manual
  Gui works well, I have 5 VLANs defined
  Firewall needs manual configuration
• IPv6 Native
  Configuration: gui
  Includes prefix delegation by VLAN using /60 ISP prefix
• Port Bonding
  Configuration: Part gui, part manual
  The gui wants to put everything in a new bridge, which is not what I wanted
  I have two ports bonded carrying the VLANs to my switch (balance-rr), and two port ports bonded to my modem (802.3ad) for the WAN
• dnsmasq(full)
  Configuration: gui, but just a colleciton of options to select
  Had to move to the (full) version to get DNSSEC/ipset support
• GetDNS/Stubby (DoT)
  Configuration: manual, no gui
• DNSFilter/NTPFilter
  Configuration: manual, no gui
  Fairly easy to implement for both IPv4 and IPv6 since it's a modern kernel and supports both route_local and NAT6
• OpenVPN Server/Client
  Configuration: Part gui, part manual
  Gui requires knowledge of what options to set
  Need to manually set up interfaces and firewall
• OpenVPN Policy Routing
  Configuration: gui
  This is actually pretty impressive. Supports domains, ports as well as addresses.
  Also includes a Netflix ruleset (gives credit to @Xentrk )
• UPNP
  Configuration: gui
  Needed to write bugfix for the gui
• DDNS
  Configuration: gui
  Currently using Google Domain and NoIP
• ACME (Let's Encrypt)
  Configuration: gui
  Needed to fix downlevel parameter references and add ALPN support
• SSH access
  Configuration: gui
  Set up using key access (re-used my router key)
• vnStat (global transfer stats)
  Configuration: gui
• banIP
  Configuration: gui
  Using FireHOL and country bans
• WOL
  Configuration: gui
• irqbalance
  Configuration: default, no gui
• ATH9K wireless support
  Configuration: gui
  Had an Atheros mini-pcie card laying around to install, seems to work OK
• Wireless AP
  AC1900P running my LTS Fork, manually configured with VLAN support

Not confirmed yet, but part of build

• Samba4

Not yet tried, and currently not part of the build

• MultiWAN
  Have no way to test this, so likely will be user only
• Per Client tracking
  I really have no need, but see where some may want it. Quite a few alternative packages to pick from.
• SQM/Cake
• AdBlock

All together (openwrt, packages, luci) I've written about 30 patches to fix bugs or make things work the way I'd like

EDIT: Forgot to include having DDNS up also.

 

[Jeffrey Young]

Thanks @john9527 for the info. Seems that I have some more reading to do as you had to do a lot manually.

I finally had a chance yesterday to set up my RasPi using the single Ethernet port for both LAN and WAN using a managed switch.

I did play around with Adguard Home (website version, not the OpenWRT package) on a VM install and was able to get it working without any issues.