Your Router Sucks. Build Your Own Instead!

Who is we?

@@LMojzis at least everyone who liked this comment

Yes, please

"The last guide you'll ever need."*
*It will be outdated in 6 months.

As far as consumer-grade junk, yeah, not much has changed. Unbox it, plug it in, type in the passphrase printed on the bottom, and you're off to the races.
Networking in Enterprise has changed a LOT, and has trickled down into high-end consumer/prosumer/business. Layer 3 switches, VLANs, 2.5G/5G/10G/20G/40G LAN, SDN (software defined routers and firewalls), etc, etc.

Sooooooo...when is this going to happen???? lol

Next-next time on LTT: Selling internet service to your neighbors.

Yes please 😩

@@ravanjock Next next next time on LTT: build your own power plant

Launch your own starlink

bruh i thought there was a random fly on my monitor cuz of your pfp .i was like damn middle of winter and i got a fly in here wtf lol

Wish I had this privilege, our router doesn’t want to die😖😖😡😡

Sounds like you ran into the old engineer's adage. There's nothing more permanent than a temporary fix. Glad it worked out for you in this case. :)

@@CDNKEEFTV Caught me too lol

Should have had a clustered firewall for resiliency.

In the Netherlands there are options 👀

Since I use Starlink I don’t think I can get or upgrade the router

John Oliver has a web segment about cable boxes, I'm sure the same applies; lack of competition so lack desire to do anything on the ISP's side.

lot's of them FORCE YOU TO USE there router

@@whoathatcombo hey do you have a stable ping while gaming with starlink ?

I did the same thing circa 2001 using a Wondows Box and Internet Connection Sharing. However, these days a good all-in-one Router is just simpler and far more power efficient for most users.

This is the same thing I found. Tp link and ubiquiti both have great routers that are as good and more efficient for less money than anything I could put together

@@ericbsmith42TL;DR buy a Microtik hex lite for $40, get a switch if necessary, and get a used ubiquiti access point (or some other WAP) and you might be better off for about the same price as a "good" combo router.
I would agree if I haven't had hardware problems on nearly every single one I've had, even the ones I've gotten back from RMA. It honestly made me give up and put Pfsense on my home server and install an Intel i210 on it.
My main problems were that something would fail or be unreliable (wifi sometimes, Ethernet switch other times. This is on about 5 routers that I purchased myself in the last 6 years) and their support for getting a replacement would be completely useless. Had to wait over 2 months for a replacement on one, and 3 weeks was the fastest. I went and bought a used backup router (which had an unreliable Ethernet switch) for $20 and used that while I waited for Netgear or Linksys to get me a replacement. I'm not a normal user, a normal user would be without internet for weeks because of the poor service and it is NOT okay. Honestly I think a better solution than this video is to buy a cheap mikrotik router rather than what I did, but I did mine to learn things too. RouterOS is a little daunting, but not as bad as Pfsense.

i just need an internet connection that doesn't get disconnected every 5 minutes 😭

With mine, I have my main LAN, VLAN for guest WiFi, test LAN and a connection to a Cisco router. I have both IPv4 and IPv6, NTP server connected to stratum 1 servers and more.

There’s devices named "Soft Routers" actually optimised to be a router. Its power consumption is lower, usually look like a Mini PC and you can install any os like RouterOS/OpenWRT/OpenSense etc

who cares

@@not-AIA lot of people do care. Reducing your power consumption is better for the environment and it saves money. I’m not from the US but from what I’ve heard the price of electricity is much lower there compared to European countries. Having a device that is more energy efficient can save you quite a bit of money

@@hannahl8164 how much are we talking tho? 30 bucks a yr? maybe so 2 bucks a month and that's on the very high side. and how is it better for the environment? by that logic I guarantee you an electric range uses waaaay more electricity.

Great catch! Any 10GBaseT NIC manufactured before NBaseT became a thing won't support 2.5gb or 5gb, as 10GBaseT (802.3an) and NBaseT (802.3bz) are two different 802.x standards.
Considering that the x540-t2 NIC was manufactured in 2012, that's definitely an 802.3an NIC.
From my understanding, and I could be wrong:
- 802.3an can always negotiate 100Mbps, 1Gbps, and 10Gbps. Sometimes it can do 10Mbps depending on the manufacturer/chipset/drivers/etc. 802.3an CANNOT do 2.5Gbps or 5Gbps.
- 802.3bz can always negotiate 100Mbps and 1Gbps. I don't know if it can do 10Mbps--never tried. From there, it's a matter of whether or not the port is capable of 2.5Gbps, 5Gbps, or 10Gbps, and the higher speed ports can support the "next increment" down. So a 10Gbps bz port can support 5Gbps and 2.5Gbps. Likewise, a 5Gbps port can support 2.5Gbps (but NOT 10Gbps).
Connecting a 'bz' device to an 'an' port (or vice versa) can have various results:
- 10Gbps 'bz' to 10Gbps 'an': Negotiates 10Gbps.
- 10Gbps 'bz' to 5Gbps 'bz': Negotiates 5Gbps.
- 10Gbps 'bz' to 2.5Gbps 'bz': Negotiates 2.5Gbps.
- 10Gbps 'bz' to any speed port lower than the above: Negotiates the lower speed (although 10Mbps may not even work).
- 10Gbps 'an' to any 'bz' port (5Gbps or 2.5Gbps): Negotiates 1Gbps (that's the highest common speed both ends have in common).
- 10Gbps 'an' to any lower speed port: Negotiates the lower speed (although 10Mbps may not even work).
For sake of completion:
- 5Gbps 'bz' to 5Gbps 'bz': Negotiates 5Gbps
- 5Gbps 'bz' to 2.5Gbps 'bz': Negotiates 2.5Gbps
- 5Gbps 'bz' to any lower speed port: Negotiates the lower speed (but I'm having doubts about 10Mbps even working at all)
- 2.5Gbps 'bz' to 2.5Gbps 'bz': Negotiates 2.5Gbps
- 2.5Gbps 'bz' to any lower speed port: Negotiates the lower speed (but I'm having doubts about 10Mbps even working at all)

My x550-t2 works great, but it's speed is listed as "unknown" within pfsense. Otherwise it works great, even at 2.5gbe.
Also note, you can get the fiber versions of these cards and use a transceiver to convert the fiber connection into 10gbe Ethernet.

also, imho, once you're at more than a couple 10GbE links you really should be running dedicated enterprise/enthusiast style gear and layouts. a "core switch" with proper hardware-acceleration is like magic; at L2 even a cheaper switch can have eye-watering backplane speeds with VLANs and more and ASICs can use shockingly minimal power. I'd wait for at least a few more major-generational-improvements before it makes sense to process it in software.
having said that, software is a great place for a couple more complex VLAN or Firewall tricks even at L2... just make sure you have the performance and check power consumption

You could get an Intel 2.5 gigabit card

i have 5k worth in hardware in my rack, but those e300 are so adorable :D

Why tho? Sounds like a recipe for way higher electricity bills and a bunch of extra noise. I put win XP on an old G4 (w/ an array cause idiocy) tryna be cool and wanted to kill myself. It was like there was a frikkin Harrier jump jet landing constantly, even after I pulled the array.

​@@YerBrwnDogAteMyRabit I got my gaming rig in a 2U. Because 1U was an issue with most motherboards being 1.3U.
It is not that loud if you know what you are doing. In fact when not under high load it is very quiet.
A Soekris 65 or PcEngines apu would fit the bill, and 1U.

@@jamegumb7298 Well (please forgive the late reply) that XP situation was def an experiment fo sho, but I'm sure if you used non- DC type hardware, you could put something a lot more energy efficient and quiet together. I'd imagine aesthetics-wise you could make it look good too.

@@YerBrwnDogAteMyRabit Any DC hardware would fit in 1U, I used 2U because it is a standard B650 mobo (those damn shields make it 1.3U, a barebones mobo might just fit but they are bottom bitch tier like A520 or A620 and lacked some stuff I wanted) with 5600X (Maybe 7600/7700 soon if I can be bothered to take it apart).
I suspect most would call it quiet, you just hear the exhaust start to blow under max load and it annoys me but the case is just tight. I do have surround sound with 8 inch woofers backed by compression drivers so this usually is not an issue. This is why I want to design my own 1.5U, put a large radiator in 2×120 or 2×140 (tilted, windtunnel, convection or ultra slim fans), better layout, I already designed the dual pump-res combo. I would have ordered it already but Protocase is not exactly cheap, 1st time has to be right.
I got a Xeon 4114 in a 1U case (runs BSD). That runs even quiter because I used a rather deep 44mm radiator (not easy yto get tho).

Does recently modern include those dell optiplexes?

Do you know any guid to how to do this ?
I want host my opnsense router on my main pc on a VM and get that router to my pc internet

@@amirlator did u find a soluition

@@zeenxdownz If you have a relatively modern system, you can install Proxmox onto it, and then put VMs under that like OPNsense for example.

some NUC-alikes have dual nics too. also Globalscale makes some embedded multi-NIC devices.

best part about using pfsense is when your router gets hacked and your ip gets banned for being part of a bot net

@@snowyowlll best part of being a Muppet and misconfiguring it in some massive way

No need for different physical interfaces on a router. Connect it to a switch on a trunk port and go from there.

Check out videos by ServeTheHome. If you don't mind Chinese stuff, you can get a 200-300$ Atom/Celeron/Pentium box with up to six 2.5G NICs.

Setting up vlans in PFsense or opnsense is simple but it's configuring the switch and tagging/untagging the ports that is going to get most users. Not all switches are the same.

This isn’t necessary for homekit right?

@@raknikmik it all depends on how much you want to do and your threat model. But yes, if you're separating IoT devices, homekit should be as well. 1) so it can talk to LAN IoT devices easier 2) it talks to IoT devices A LOT 3) it's still an IoT device

Oh I am definitely interestet in vlans, but I just can not get to set it up.... Someday maybe.

This is a cool suggestion. As an owner of about 10 "smart" appliances, what kinds of vulnerabilities can be prevented by putting them on a separate network?

The switches from that brand are crap, though. We have one in the office, and the connections are always being interrupted. And, despite being a 10 Gb switch, speeds from computer to computer are significantly lower.

@@samuellourenco1050 The ones I am running are working a treat so far. Though for 10gbe I am running fiber or DAC cables.

I have a feeling you have no knowledge of routerOS, didn’t switch to switchOS (not necessary), and didn’t troubleshoot on the forum.
I had the same problems as you did. But I knew that wasn’t an acceptable scenario from such a highly regarded company and I knew I didn’t know my way around routerOS. So I did some research. Yeh turns out you need to mess with some of the settings. If you are going to leave the switch running on routerOS then you need to turn off auto negotiate and manually set your speeds. Is it as easy to setup as an arista layer 2 set to DHCP? No way but those where $5000-10,000 switches when they first came out. If that’s what you want you can get them cheap I sold my 16 port SFP+ unit for just under $1000 and went out and bought a 4 ports SFP+ plus 1 1G switch for $150 from MikroTik and I’m very happy with it.
You just need to read and troubleshoot.

If you ever stick a wired ethernet transceiver in you need to go into settings and turn off auto negotiate especially if it isn’t the MikroTik branded transceiver. In fact if it isn’t the MikroTik transceiver your lucky if it works at all if you left auto-negotiate set to on.

MikroTik switches and routers are basically experimental-only, they're not that strong for daily usage and have a lower security level. You can always upgrade it through software etc but yeah

did you have to do any extra configuration for your WAN cable to connect into PFsense and just start working, or did you have to get additional settings info from your ISP and coordinate?

@@mitcHELLOworld I did have to make the wan vlam aware and tag a specific vlan

So is this better than say a wifi 6 asus router for 700$?

Honestly the price of an Edgerouter and ease of use IMO makes it better than building a PFsense box but that's just my opinion. Though I did not do to much advanced stuff my fav part was how magical the Smart Queue setting was, I could download a steam game without lagging anybody else on the network at nearly full speeds.

@@0hleg a million times better. dedicated APs are great at being APs and you can expand your network mesh-style without needing to mess with your router.

If you don't know WAN v LAN you're not even watching this, or:
A: Checked out within anywhere from 15sec (or 0.25min) into the video or atmost 420s (7min) just staring at the screen
B: You thought doing it cheap versus a $400 mid-to-top tier consumer router was too much and there had to be a way to DIY, five minutes in already checking out on the $350 router and paying $50 for install to match that $400 including the cost value of doing nothing
C: Ask their friend/friend-zone friend/family member/tech friendly colleague to do it after a variable amount of probing and driving towards asking for help while doing your best to avoid directly asking for help

I think I'm a great example of the target, I was a young soon-to-be computer scientist, and videos like these expedite the process of finding all these cool ways to set up the tech around me, and give me a good foundation of information for learning further things.
That being said, I think LTT's target has never been the absolute laymen, but it's great when everyone has even a passive interest in this kind of stuff :)

That’s because, contrary to popular belief, pfsense is a firewall.

You can also just buy a better one and use it instead of the provided one. Then you have more performance, more reliability and less power consumption than the DIY.

@@Pseudynom that's what most people do who don't want to use the ISP supplied one. However it's still down to you to fix if it goes wrong as many ISPs at least here, won't support you unless you use their kit.

they are not secure, look at pihole.

@@Diddydudat what would that achieve?

@@Diddydudat The ISP has nothing to do with the router you bought off Best Buy

Power consumption is pretty big. I tend to keep my devices 5+ years. I ended up going with ASUS RT-AX/AC gaming routers with fast processors (researched on Wikipedia), TP-Link WiFi 5 APs for like $60 a piece, and some off the shelf TP-Link smart switches for $30-40. I modded the router's firmware, unlocked a ton of capabilities, had fun tuning it for weeks (I have 1ms jitter under load. Tuned Merlin FlexQOS is nuts.), and got a super reliable setup that is very power efficient and covers a huge home - for like $340 in cash outlay. It's more power efficient than an old PC router, and some of those costs would've been incurred anyway. I should come out well ahead in under 5 years. Internet equipment runs 24/7, so 5 or 10 watts adds up, and 35 watts certainly adds up fast! 0.8kwh/day in savings.
My NAS is Synology and is more efficient than having a PC running all the time, plus the web apps are pretty skookum.

@@BikeHelmetMk2 yeah, my media server is pulling 145W at idle, so 1kWh a night while doing basically nothing, but I'm concerned that spinning up and down the drives would drastically shorten their lifespan. It's really difficult to weigh up a couple of £ a month vs potentially £200 for an early drive failure

@@JamesScholesUK That is a tough one. I guess it depends on things like warranty duration... whether you'd chance it. For a bunch of 18TB drives, you would care less about the power consumption than the wear and tear.
My NAS consumes around 18 watts. Much more acceptable. I got it on a Prime day sale, so very reasonable price.

A FIY NAS will be so much of a better bang for your buck that power usage isn't a factor, especially since the majority of the power will be consumed by the hard drives.

35 watt usage is only $30.66 a year at 10 cents a kilowatt.
Personally I have PfSense (VPN) > OpenWRT router, gotta have that privacy game going

What are your exact pain points with your current setup? Personally, I feel like a decent router/ap unit will work for 99% of home users.
Personally I use the Asus RT-AX82U (about $230) and that is enough to cover my entire 1600sq ft home plus back yard and front yard. I do have the device roughly in the center of my house. The Asus routers have an easy to use management UI and are extremely easy to set up. They are also loaded with semi advanced features as well that are pretty easy to use and configure (QOS, port forwarding, DDNS, Mac filter, wifi mesh, VPN client, parental features, etc.). There is also an app for mobile that makes management even simpler.
I had a dyi router at one point using a Dell optiplex 7060 w/ i7-8700T 32GB ram + Netgear 802.11ac access point...which the dell was over kill I know. I had 4 of them as part of my home lab and pulled one to build a "better router". I honestly didn't get any noticable gain over the an older Asus ac router I had. When it came time to upgrade to 802.11ax I just bout the Asus I mentioned and the Dell rejoined my lab.

Are you kidding you know how quick 90% of companies who make routers would flag and black list this video to keep people from finding out how much they could Not give to the already made routers that are super cool sounding at the low cost of $399! Its a Gaming Router!!! That's also part of our sale point we have to add stickers too! Yes stickers and "For Gaming" everywhere!

@@Freakinkat I can't tell if your a troll or not. If that was truly the case with companies being able to flag videos they didn't like, RUclips wouldn't have any videos that are critical of items, or suggestions on DIY ways to not funnel money their way. Sure, in some conspiracy theory kind of way the videos could have issues, but its doubtful. Once you ioen that box on the internet it doesnt go away, NVidia and Hardware Unboxed. My comment would be something that falls under WHY LTT Labs was started, to offer full, in-depth, unbiased reviews

@@zach3893 😮‍💨just trolling, brother, plus rambling. That would be stupid rando and on a semi funny note just imagine a company literally like trying to stop someone from making a diy comparison video hating it and attempting to flag it as idk slander or copy rights claim just to curve viewers from seeing it like its some super omega secret that must never be seen or spoken 🤣, I don't know that would be nanners. Plus my comments like going one way then shifts to like some left Field rant.... It entertains me from time to time, it was like 3am I was pretty bored and tired, lemme make it l, pleeesseeeee? Or do you have any thoughts 🐱 ?

@@Freakinkat all good no worries.

I'll be praying for y'all when I set my cheap gas furnace to a cozy 71F this winter.
Actually our gas prices up a lot too this year, even if it isn't nearly as bad as for y'all. So I'll be praying for you in my crisp 67F home. R

@@rightwingsafetysquad9872 I like living in an apartment surrounded by other apartments with poor insulation. I get no natural light but I only turn my heat on every few months to clear out the dust to avoid fire.

@@defaultkoala2922 now that's thinking inside the box =)

@Default Koala 👍 Yep, my neighbours are heating my appartment for me. Ever since my landlord renovated the building with top of the line insulation on the outside and leaving everythin inside the building as is (pretty common in Germany) I'm practically not turning on the heat at all.
@joebot86 😂😂😂

As a German, you are good to go too if your ISP is nice enough to offer you a Fritzbox.
Otherwise I'd probably have built a router like that myself already :o

3c509s were the BOMB back in the 90's. They were the default ethernet card in everything i had.

Can 2nd gen intel cpu work? Im thinking of i5 2400 to i7 2600

​@@123dodo4na it's less efficient, there are dirt cheap 6th gens out there they should work fine

@@mudit1I wonder, would a laptop work with PF sense. because I’m thinking, I have a laptop with a i5-1035g1, 8GB of ram and a 256 GB ssd. Laptops are also power efficient as well, so I’m just wondering what you think

If you combine & virtualise it, it can actually make sense power wise (eg; router, NAS, Print sever, VPN, pihole etc)

@@TheNpcNoob I was gonna say, a router/NAS combo alone feels like this would make the power cost worth it. Adding additional things such as a printer location really does seal the deal though.

@@RineyCat exactly and say you had a server running 24/7 for projects and/or labs then the above running in their own dockers only adds to the value prospect.

@@TheNpcNoob Agreed but that's assuming you already using those things. Most users typically will have a 10watt router from their ISP. So for the average user let's say typicall older desktop maybe will draw 200w with the ap aswell that's a substantial increase during some of the peak power pricing. I'm from the UK and alot of lower income family's are worried about heating their homes. So for anyone seeing the video the jump to high power consumption is worth the note. Probably would be a great video for LTT how to get the most with the least power budget.

@@final0after0image Being from the UK too, I completely agree.

Sure, technically someone could "takeover" your router and LAN. But for your average home user, I'd be willing to bet you're more likely to win the lottery than to have that happen.

@@mintymus Modern tools allow the whole IPV4 space to be scanned in minutes by any malicious actor. When someone finds a vulnerability or a weakness, they will scan the whole internet looking for targets. This is done programmatically, not manually. You don’t need to be special to be a victim of a script.

@@cuppacheese Ok but have you ever met someone who had this happen to them?

@@mintymus First off, I wouldn’t base my network security around anecdotal evidence. Secondly, if I did, I would have to ask everyone that has had a security compromise to allow me to do a postmortem investigation to determine the initial access vector. To answer your question, yes, I have dealt with machines that had been accessed in unauthorized fashion via the Intel AMT technology. Was it some kid trying to run PFSense on his Dad’s old computer, no. Still, security through obscurity is not security. Do things the right way the first time.

@@cuppacheese So do you never use your smart phone when you're not at home? In that long winded response, you still didn't say if it was someone you knew.

you should try to configure some sort of aggregation to achieve higher internet speeds.

@@mitcHELLOworld Not in South East Asia

yea it's terrible

War prices.

no fucking way thats true, combo units are passively cooled and run under 10 watts.

@@hailgod1 yeah AVM Fritz!Box 7490 takes 8-11 Watts on average and 22 Watts max.

@@Dudinify I have a Fritz box 7530?

and then when one comes down they all come down

@@GreedoShot If one VM goes down, that doesn't affect the others. If the host goes down, then obviously that affects everything.

@@katrinabryce didn't say vm

That would be an amazing video, I do something similar with PfSense but don't have any IoT devices.
My smart tv is an old laptop running linux with a bluetooth keyboard & mouse, also an xbox controller for retro game emulators.
Out of curiosity what VPN provider are you using? I am with IVPN just cause they seem the most privacy respecting but Mullvad seems pretty good too.

Some SD-WAN would be great too!

They already did a video on Pihole

A poe injector is 10 bucks…

@@laurenzooo A passive one, you have to check if that injector pushes 24 or 48v and if the AP supports the voltage.

@@laurenzooo Yep, those from TP Link will set you back about 15 bucks or so. Typically they max out at about 15 watts, which is enough for APs, cameras, phones and so on. My switch can do up to 30 watts per device.

I believe people that don't know much about this stuff would assume that you need a power supply. Not everyone knows about PoE.

eh

That’s what I was thinking…. As much as I’d love a PC router. I can’t get by the power consumption… I don’t even want to look at my energy bill😂

True but there are quite power efficient mini pcs on the market so it can sometimes make sense.
Especially if the place where you want to put the router is not where you need the best Wi-Fi reception.

You can run this on a small SBC that sips power (sub 10W) so I don't know what you're talking about.
Also, that Ubiquiti access point is probably 10x better than any "purpose built" all-in-one router/AP combo you can get off the shelf (even for 2-3x the price of that AP).

@@murtadha96 Yeah, for 100 bucks you get n on 2.4GHz in 2022. It's super awesome.

A powerhungry desktop plattform for router is kind of overkill. If you are building a server thats going to be on 24/7 anyway install some router OS in a VM and use a dedicated switch so you can utilize that hardware instead of 24/7 running a desktop at 5% load.

Just use ARM devices. They use way less power. LTT is just ignoring openwrt, which is in my opinion, the best cost-effective alternative

A mini pc should be good enough for your requirements. There are a lot out there which consume way less power (from 5watts to around 25 watts). Openwrt is not a full fledged firewall and the AP hardware may not be good enough to run all firewall features (I have both openwrt and Opnsense).

I’ve just bought a used Synology router for £35 since I want DDNS functionality for watching tv abroad without paying for a VPN. I suppose ultimately it depends on what your use case is, this for me is fine. However if you want better Wi-Fi I know that virgin is giving out new Wi-Fi 6 routers for free to customers that have the gen 3 hub or older.

Repurposing a tower as a router is nice if you have cheap energy, but here in the UK thin clients are your friend. Google Parkytowers, this one person has put a lot of effort into documenting most of the thin clients you can find used for cheap, including their idle and running power draw. I'm currently running an IGEL M340C with OpenWRT as my home router, which I got off eBay for £20. It has an AMD Jaguar quad core, draws 7-12 watts while in use, and works perfectly with a Realtek gigabit ethernet USB adapter for the WAN connection. I also run a 10ZIG 58xxQ as an adblocker/VPN gateway. With the powersave governor enabled in Linux, it only draws 4-5 watts from the wall while fully saturating my ISP's download speed.

Arm sbcs exist…. So get a box and set it up……

FritzBox FTW!!!

FritzBox sind scheiße, my bad but it's true.

Just got the 7590AX from my Provider.
Even the NAS function is usable.

Only once I had a router by another company than avn and I was shocked that I couldnt even activate wifi (it was blocked by the provider, you had to extra pay for it).
Best thing about those fritz boxes is, that even the most basic ones can be manually configured as you want them to be. Yeah one good thing about Germany.

yea, the routers are "fine", but provide shitty wifi and the real issue is that our actual internet speed and quality is kinda awful in most rural areas.

An OPNsense firewall has quite a few more features...

Edge router and gigabit up/down yeah right

i wouldnt say unreliable I bypassed my bell canada fibre modem. With a dual 10 gbit network card with sfp modules over 2 years ago. I use it for my 1.5 GBIT bell fibre connection. i bought the optiplex for 40$ I added the smallest cheapest ssd i could find. I have yet to get an outage that was fault of the equipment or pfsense

I would not describe this solution as unreliable, power-hungry. That largely depends on the hardware you choose to run it on. I have had pfsense or similar running for almost 10 years now and have had very few issues that I did not inflict upon myself LOL. These platforms offer even more officially supported flexibility than edge router x for sure. I can not speak to Omada but as it's more or less a clone of Unifi, my bet is pretty good it is also limited in flexibility. now could most home users be served just fine by one of these devices of course. quick side note, while I am aware solutions like this support more, features if you are willing to go poking around in the Json configs it's not officially supported and could break with a system update or clicking the wrong thing in the web interface so I don't count them. No hate just adding my thoughts to the matter, I won't be giving up my pfsense box anytime soon tho. Hope you have a wonderful day.

Neither can handle non-offloaded 500/500, nevermind gigabit, without buffer bloat.

very sad comment

look at Level1 Tech. They have a home automation series that may go into detail. It was a while ago but that doesn't move too fast.

@@stephen1r2 thanks I'll look into it

Why on earth would you waste an AP and dedicate it to IoT devices? You'd want to setup a VLAN for them instead

@@Ryne785 I do both, I have an AP dedicated to the IoT devices and that entire AP is on it's own VLAN for IoT devices.

@@lighthawk95 Why? Waste of an AP when you can use the IoT VLAN across all APs.

I think we all died

Calm down, thirsty.

@Unauthorized D035 lol

Lol god comment

Don't forget we didn't have one yesterday

and potentially become the DYI ISP* :D
By the way, Mikrotik hardware is quite chip and powerfull, crazy feature for the price

+1 for the NC364T. I tried 2 other 4-port Intel GbE NICs (one Dell and one other ancient Intel 4 port card, probably Dell too) and had all sorts of issues including the motherboard not POSTing. Threw the HP NC364T in and all sorted 🙌

@@ChristopherHammond13 Yep. I use this model card as well. Works great with pfSense.

And don't forget Mellanox cards on eBay, for 10G or higher.

@@LtdJorge Yep, I bought several of these off of e-bay. Great value!

Trust me you do not want VLANs in your home network. It is just not worth the additional headache of setting it up and troubleshooting in the future.

@@lostintechnology1851 it is if you care about network design, but yea, your average joe, the 99.9% of people dont need that, and that includes most people who watch these videos too. lol
Also@OP if you're interested, jsut google what vlans are, literally if you're interested you'd look it up vs posting and waiting for Linus Corp to make a video about it. Off the bat, not what it takes.

Fun fact - with OPNSense you can install Adguard on it and it does exactly the same things as does pi-hole, but without needing a pi..

Yeah VLAN at least the IoT devices including cellphones to their own VLAN as those use casting and what not to other IoT devices. IoT is a massive issue with security updates and not worth taking the chance if you local fileshare and have PC's that are on all the time. So no VLANs aren't a big deal if you have just a few devices like a phone and a Firestick, but if you have a robot vacuum and smart outlets or wifi lightbulbs... Yeah VLAN that.

@@cmdbill you'd be amazed how many iot devices reach out to China, especially smart bulbs.

Yes, one of those, a switch and a couple of APs. I ran a powerline link to an upstairs section as well (apartment, so no holes allowed.)

Eaxctly what i was thinking. 24/7 power usage adds up. I also bet the ping delay is less then going though purpose built hardware made to do the job then a universal computer

I'll give it a try. I've tried some others that claimed the same but the results were not what I expected.

Ventoy + a fast 256GB stick = a hell of a tool box. 💪

Do you have a laptop setup like this for yourself? Sounds interesting but i'd be a bit concerned if my main router is a disassembled laptop with 2 m.2 to pcie NIC adapters swinging around.

I feel like there's a bit of a contradiction between "old laptop" and having an "M.2 drive".

@@Sabrinahuskydog brah, i used to run mmorpgs 24/7 on laptops. Never once had one die from 2007-2018 when I then switched to a desktop I built. Only time I'd turn them off is when I knew it was time to clean them out and apply new thermal paste. As long as your vents aren't blocked, laptops will never overheat running as a router. You saw that it was using not even 10% of a desktop CPU in the video, that laptop will be running at room temp pretty much for the life of it.

@@Sabrinahuskydog, no? The cooling fans will eventually die after two or three years, but even then, it'll just throttle.

@@alexdi1367 You could set the fans to only kick in when temps are high and have it passively cooled when idle to save the fan from wearing out. They are usually easy to replace anyway.

I am just as we speak venturing into this… not for the feint hearted. Any recommended guides?

I have proxmox on a ryzen 5900X, but the MB is a workstation/server board to support ECC RAM. Desktop servers are fun but extremely finicky due to parts.

@@toaster775 Level1Techs has a lot of really great videos on homelabs.

@@toaster775 There is a Guide by Learn Linux TV. Its long but very good ( ruclips.net/p/PLT98CRl2KxKHnlbYhtABg6cF50bYa8Ulo )

Isn't it bit slow? I doubt that it's even 7% of i7, not to mention that LTT only used their monstrosity only with single device connected to it.

The thing is: Microtik has tons of options, more than you will ever need in fact - but is geared towards professionals. It is absolutely not user friendly.

Oh poop that's a genius use case. It's amazing how much use old technology has.

SSD helps to reduce the power consumption.

​ @LMojzis
You'll save like ~8watts. Depending on how much electricity costs in your area, the purchase price of a $15 SSD could break even in less than 6 months.
For me, averaging on-peak and off-peak power costs for running it 24 hours a day, it would take me a little over 2 years go break even. Most people are going to get more than 2 years of use out of a PfSense/OPNsense box like this, and even if they end up changing to a new box, the drive is still useable for other purposes, so it's still probably worth it in the long run if you don't mind paying the energy costs upfront.
There's also the probability that the cost of electricity will increase over time, so you may end up seeing a faster ROI on the purchase of an SSD.
And not that it's really that big of a concern, because you likely won't be rebooting the firewall that often, but significantly faster boot times are also a nice bonus of solid state storage.

well they are going BSD sop bhyve it is :P

some are a little bit upgradeable ^^ as avm doesnt differentiate the hardware between some models but releases them with different firmware, you can sometimes "hack" a different firmware onto it to unlock 100mbit to 1gbit on more ports or usb3 instead of usb2
I did that with my fritzbox 7520 and flashed a 7530 firmware onto it to get all its benefits. I see that as an upgrade of sorts (but not intended yes)

@@DiverseGreen-Anon yes indeed or what i also saw where some large Antennas people put on some models 😂

Or just buy a Motorola surfboard modem and ditch their equipment fee and garbage equipment.

Yep exactly why years ago I moved my home server from an old pc to an rpi. No way I want 100w on 247 with energy at 34pkw!

I would never use an old PC as a 24/7 Router. For testing ok but nothing more. The Intel NICs mentioned here are old and power hungry too.

You can install it on a 10-15w device

but then what would you have learned

My Qotom mini PC has a serial port and it works fine for the console. The only issue is the DE-9 connector is for connecting to a modem, rather than another PC. And yes, I do mean DE-9. Anyone who calls those connectors DB-9 doesn't know what they're talking about. Check with industrial catalogs or Wikipedia on D-subminiature connectors.

I have MikroTik lte router from my ISP and i dont have any internet drops (unless 4g craps out)

@@vilnaszekje I absolutely worship their os, multiple routing tables, vlans, vpn server and a complex firewall on a 70$ router (not arm btw, newer are tho) is insane...

@@slimz. Mikrotik makes just about the best routers (in it's price range) and at the same time just about the worst WiFi APs in my experience. However pair it with Unifi APs and a Unifi Controller on a decent VM if there is a reasonably powerful server on the network, and you'd get the ultimate network.

@@zdanee That's why i said decent, they made a wave 2 package that supposedly helps but breaks their existing capsman management.... Probs don't even need a VM if you get it running inside the routers container or set it up once and forget about it.

Omg that's so true 🤣

Much faster, better ping, lower jitter, also MUCH BETTER SECURITY.
Most new all in one routers ship with outdated firmware & around 50% of NEW routers have known vaurnabilities which people & the companies just dont care about.
It's gotten so bad that even the NSA & FBI have put out warnings to consumers about it.

@@WitchMedusa I assume this security aspect is accessible over wifi without (or maybe with?) password access to the network?
As for better ping...I assume that's more a function of my ISP and modem than my router. I highly doubt for the internet service I have available I can get meaningfully better ping. But also why wouldn't they mention this in the video? Security vulnerabilities are nice to patch but not knowing the nature of them, they may or may not be a concern. Stuff like TPM security on W11 being mandatory is such a niche issue for most users that it's not worth the trouble of getting working on my machine even if it means not having the latest OS.
As for jitter, would I really notice the better jitter if it is terrible coming straight from the modem?

If you invest in a NAS and want external access to it but then connect it to your cheap ISP supplied router you are simply asking for your NAS to be ransomewared. ISP supplied routers are designed to do the bare minimum so as to make them cheaper to produce and easier for the ISP's help centres to diagnose problems. As for buying a router? Even some of the high cost routers you can buy from the likes of Netgear etc are not much better security wise than ISP supplied routers. Look up the firmware problems relating to security on Netgear routers for instance and they are not alone. Your router's security is only as good as it's firmware and OS updates. I bought a small micro appliance as shown towards the end of the video and installed pfSense on it. pfSense is based on BSD with regular updates and a vast number of community users ensuring that any problems are very quickly dealt with due to it's open source nature. Plus pfSense allows the installation of a large number of packages, for instance I have pfBlockerNG installed which blocks adverts and malicious sites for all of my network. I have set up static ip's for most of my devices including my little server, something which a lot of ISP supplied routers have no way of doing, setup vlans in conjunction with guest access in my Unify access point to ensure that some devices are restricted to internet access only such as IOT devices. My daughter works from home and her employer is well known for snooping on the networks their employees connect to. So her work laptop is walled off from the rest of my network on a separate vlan. I have open VPN setup on my router with VPN access for my phone and laptop and also for my daughter's phone and personal laptop ensuring that no matter where we are in the world we can have a secure connection back to my UK ip address. Seriously, once you start investigating what you can do with a proper enterprise level firewall OS the possibilities are staggering. And the power consumption of one of these little devices is minimal, even in the UK.

Electricity isn’t particularly expensive. If you’re desperate, turn up your gas heating and down any electrical heaters you may have to compensate.

you can just get an Intel ATOM CPU box with similar power draw but WAY more power. Good luck pushing Gigabit speeds on an ARM/MIPS box with traffic shaping, even my old J1900 Celeron at less than 10w can push me to my max line speed of 900mbps with shaping on Intel NICs

You do realise there are x86 SBCs that consume ~10W and can run this and a dozen other applications, right?

@@murtadha96 Yes, but this video was (mainly) about repurposing old PCs, which are way less efficient. I'm running a small offsite NAS on a ZimaBoard, so I'm well aware these options exist, but I'm not gonna spend $200 to replace my router with one if I don't need the extra power.

@@DuckMan77 And when I get a gigabit connection, I might consider it, but my 400MHz single core MIPS processor is more than enough to route my 100Mbps connection (including traffic shaping, not that seems to be hitting the CPU particularly hard).

The APU2 draws only 6-10W, it's definitely less than an Optiplex needs.

Unless you are using some advanced functionality there will be no differnce

My cheap AX router running OpenWrt probably does more than a $300 "good" consumer level router, unless you need 2.5G or 10G LAN. The biggest problem with routers is garbage software and OpenWrt is the ultimate answer.

alternatively, get a Mikrotik since RouterOS is crazy good

But not all hardware (ex Linksys, D-Link) NAT routers support that third party firmware

Apologies for the unaskedfor advice, but have you tried OpenWRT on it? I had a bunch of reliability issues on my Unifi 6 Lite that were all solved nearly 10)% once I switched. No downtime or anything since I switched.

I can vouch for both sides, I have had issues with both my 6 LR and nano HD. The wifi 5 LR was always solid. It is important to make sure you stay on top of the firmware updates though.

@@daboross2 no, i didn’t even know that was a thing… I might try it thanks!

Interesting. My Dream Machine Pro has been beyond rock solid.

My U6 Lite has been an absolute champion, zero issues whatsoever.
It's very likely the problem is in your router (not access point).

That's insane

and it was worth every penny of it