Hi, I got a new router from my ISP, but it doesn’t even have an option to change the address of the DNS server…
So I’m gonna switch (if necessary also the ISP).
I have never used a custom router, so I would appreciate a push in the right direction. What can you recommend? Synology? FritzBox? Asus? Bridge Mode on the ISP router + RasPi?
The following I am running on a separate device, but if possible it would be nice to have it directly on the router device:
- PiHole
- Wireguard
- DDNS updater
You must log in or # to comment.
Fritzboxes are rock stable, and support Wireguard from FritzOS 7.5 onwards, see https://avm.de/service/vpn/wireguard-vpn-zur-fritzbox-am-computer-einrichten/
(Apparently NOT the cable versions!)
What nags me most with them is that you have no separate Firewall controll over their WiFi, and the WiFi range is not really great. So probably consider going with dedicated APs instead.
They are quite solid but be aware that the web UI is dog slow and the menus weirdly designed.
I’m very happy with my FritzBox (7590), it handles de ADSL connection to the ISP, supports various DDNS providers, Wireguard VPN, 4 port gigabit switch (5 of you don’t need the WAN port), guest WiFi with client isolation.
It also has basic media server and NAS functionality (with USB3 external hard drives).
Of course you can change the DNS server and other network controls like QOS, wake on LAN, port forwarding, different profiles with parental controls, filters, connection times, etc.
They also seem to take security seriously.
How much bandwidth and flexibility do you want? OpenWRT is what I use on consumer hardware but many people here also swear by custom hardware with opnsense
swear by custom hardware with opnsense
…which is completely unnecessary and overkill for most people, even those with home labs, since OpenWrt can do it all.
Homelab is a hobby, and like other hobbies, people actually loves doing the “unnecessary and overkill” stuff.
I thought “unnecessary and overkill” is our actual name, and selfhosting is just a nickname
I have been using opnsense on a very cheap celeron nuc for a few years, very happy with it
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters AP WiFi Access Point CA (SSL) Certificate Authority DNS Domain Name Service/System ESXi VMWare virtual machine hypervisor IP Internet Protocol NAS Network-Attached Storage NUC Next Unit of Computing brand of Intel small computers PiHole Network-wide ad-blocker (DNS sinkhole) SSH Secure Shell for remote terminal access SSL Secure Sockets Layer, for transparent encryption TLS Transport Layer Security, supersedes SSL Unifi Ubiquiti WiFi hardware brand VPN Virtual Private Network
13 acronyms in this thread; the most compressed thread commented on today has 9 acronyms.
[Thread #626 for this sub, first seen 25th Mar 2024, 09:55] [FAQ] [Full list] [Contact] [Source code]
One more for mikrotik (I run the VM version on a small linux box).
I tested a ton of those (pf/opn-senses, VyOS, even Cisco), and noone of the free ones can handle IPv6 in a reasonable way in 2024, which is slightly bizzare. Mikrotik has some annoyances, but it’s rock solid as a router.
I don’t use its container features and instead run podman in a vm next to it. Works great.
How do you mean? IPv6 in OPNsense is working fine.
OpnSense is incapable of proper DHCPv6-PD, that’s when your route receives a prefix from upstream and delegates parts of it downstream. More specifically, it does the delegation, but it doesn’t add the relevant routes, effectively blackholing the allocated prefixes.
VyOS fixed this specific bug since I reported it. RouterOS and IOS never had it.
I’m isolated from this I suppose as I still use a separate line for upload. PD delegates and opens ports. What CIDR ranges do you use?
PD delegates the whole prefixes, i.e. it allows the subrouters to ask for a subnet of the size they need.
