> 1. Invest in a decent router (probably $150-200 at least) and throw openwrt on it. You'll need something with serious CPU beef because openwrt relies more on software than hardware, and most routers use hardware for QoS etc., hence the price tag. You'll also need to actually understand the multitude of settings offered by openwrt if you care at all about security or performance -- this is nontrivial if you aren't already a network engineer.
Why not OPNsense on an old x86 box?
> but that's likely to get you punched by your flatmates when it inevitably reboots incorrectly during a power outage or overheats or whatever and suddenly you need to spend 2 hours debugging problems without a working wireless connection and everyone else is pissed they can't use the internet.
I thought for a couple of years that my OPNsense setup would pass the Family Acceptance Factor, but one day (a few months back!) it spontaneously wiped itself of its settings — requiring me to plug in a monitor, reconfigure it to boot, and restore my settings from a backup.
My (very annoyed) family had to ask why we had to jump through hoops, and not use a simple consumer router like everyone else.
I'd imagine that OpenWrt would be the same, or worse.
Old x86 boxes tend to be hot, having moving parts (fans), large, and noisy. Sure some folks have a large house, basement, and don't care. For many a nice new reliable (with warranty) widget that burns little power, is silent, has no moving parts, and is tiny/easily mounted is a pretty big win. The edgerouter is pretty good, I have a 6P, but the ubiquiti trend towards subscriptions, cloud management, etc is pretty worrying.
Given that I'd likely keep my next router for 5+ years, I'm hoping for 2.5gbit (if not 10gbit), 4 ports, IPv6 aware (I get a /60 from my ISP), VLANs (so I can keep the random consumer crap segregated off), etc. I had settled on the hardkernel with 6x2.5 Gbit ports, but it's discontinued.
My Ubiquiti 6xp does a great job, I can keep the config file in git, I can assign a IPv6 /64 per port, run custom firewall rules to redirect all DNS to my DNS server (allowing blocking youtube, web games, etc), etc. I block all remote access to my router and from the consumer crap VLAN with watches, TVs, AV receivers, game consoles, etc.
Here's hoping someone ships similar, have my eye on the Mirotek RB5009UG+S+IN, has 1 10G, 1 2.5G, and a bunch of 1G. I'd need a second vlan capable switch with a 10G uplink for my uses, but it's workable. Hoping for similar with a few more faster ports. Even just 2x10G would make a big difference.
In my (extensive) experience on several different hardware platforms, OpenWRT is far more stable and featureful than stock firmware.
In the worst case, stock firmware would require a hard reset (power cycle) every few weeks. I've had OpenWRT firmware running without interruption (on UPS) for years at a time.
Why not OPNsense on an old x86 box?
> but that's likely to get you punched by your flatmates when it inevitably reboots incorrectly during a power outage or overheats or whatever and suddenly you need to spend 2 hours debugging problems without a working wireless connection and everyone else is pissed they can't use the internet.
I thought for a couple of years that my OPNsense setup would pass the Family Acceptance Factor, but one day (a few months back!) it spontaneously wiped itself of its settings — requiring me to plug in a monitor, reconfigure it to boot, and restore my settings from a backup.
My (very annoyed) family had to ask why we had to jump through hoops, and not use a simple consumer router like everyone else.
I'd imagine that OpenWrt would be the same, or worse.