
Ask HN: Which wireless router do you use at home? - Perceptes
I&#x27;ve been using an Airport Extreme for many years, but recently I started having trouble with wi-fi quality. I&#x27;d been thinking about getting a new router anyway, because I&#x27;d like one that can run a DNS server I can use to add a few records only visible to my local network. Which hardware do you use? If its software is customizable, what do you run on it (e.g. OpenWrt)?
======
ktta
This might seem weird, but I use an old PC with a wireless card in it (get one
with a good antenna, and connect wireless APs via ethernet if you want more
coverage). I've put Ubuntu server on it, and it has quite a few advantages
over my old router which had OpenWrt

1\. Persistent DNS cache using pdnsd (even after reboot because it is on-disk)
with a long minimum global TTL. You would imagine this would be a problem, but
surprisingly I haven't had any. I've only had to get in once to correct
something. You can manually purge a specific domain, and all of them if you
think something is wrong.

2\. Powerful enough for good OpenVPN settings. Automatically routes through a
VPN, and can be disabled for a specific client if needed. The AES instructions
(which are on any Intel chip after 2008) help out _immensely_ compared to
using just a generic router.

3\. Smoother LAN transfers. A cheap gigabit PCIe card (Intel EXPI9402PT - on
ebay for about $20) which takes away local transfer rate problems, especially
if you have an NAS.

4\. Use it as an NAS. It isn't a good idea to mix devices which need good
security with non-critical systems, like NAS so be sure about your settings
and know what you are doing.

Another cool thing is port forwarding to the remote VPN instance so you can
login remotely and check out your network or access any files/media you have
on your NAS.

There are more things people can do which give more control and/or better
experience, like setting up rate limiting on clients, custom settings for
clients with unknown MAC addresses, etc. Traffic shaping is a good one
(prioritize specific type of connections over another - example VoIP > Netflix
> torrent).

The extra power really opens up the possibilities of what a router can do.

If anyone has any questions, I'd be glad to help out.

~~~
ac29
Something to keep in mind is that even at idle, a PC will probably run at 50W
or so. This would cost $80-100/year to run where I live, which isnt
insignificant. Unless you are using it as a NAS, need very high speed OpenVPN
(>100MBit/s), or other things that a PC can do best, you're much better off
with something like an ER-X, which has a _max_ power draw of 5W, and has no
problem doing gigabit line-speed routing/NAT/etc.

~~~
ktta
True, power consumption should be considered. I guess doing this would be a
good choice if someone has a NAS already running.

>you're much better off with something like an ER-X I pretty much recommend a
plain jane router which can run DD-WRT for anyone. All this is clearly
overkill, and more importantly useless for most people.

Another choice is getting a cheap NUC like x86 device and get AP-only devices
for good coverage.

------
sgloutnikov
Ubiquiti EdgeRouter X [1] with a Unifi AP Pro [2]

Extremely happy with the performance and quality. I don't know of any router
for $180 that can rival this combination overall.

[1]
[https://www.ubnt.com/edgemax/edgerouter-x](https://www.ubnt.com/edgemax/edgerouter-x)
[2] [https://www.ubnt.com/unifi/unifi-ap](https://www.ubnt.com/unifi/unifi-ap)

~~~
artworx
Same setup for me. Two things to look out for with the EdgeRouter X:

1, IPv6 is not trivial to setup. In my case I struggled to find documentation
on configuring it on a PPoE connection.

2, It can't reach 1 GB/s on WAN.

------
MrZipf
Mikrotik wAP ac [1] positioned in center of home with a Mikrotik Hex POE [2]
as the main router and DHCP server. There is TP-Link HomePlug [3,4] between
router and WiFi base station.

The wAP ac has a stronger and more reliable signal than any other WiFI unit
I've tried (various Linksys, Asus, and BT units).

The Mikrotik gear is rock solid, but not exactly what I'd call consumer
friendly. Great if you know or want to know something about real routers. I
got fed up with buggy consumer routers and decided to go with either Mikrotik
or Ubiquity rather than struggle to get the right hardware and firmware combo
for Tomato et al. Nothing wrong with these, but none of my existing hardware
had an image on the various options.

[1]
[https://mikrotik.com/product/RBwAPG-5HacT2HnD](https://mikrotik.com/product/RBwAPG-5HacT2HnD),
$89

[2]
[https://mikrotik.com/product/RB960PGS](https://mikrotik.com/product/RB960PGS),
$79

[3] [http://uk.tp-link.com/products/details/cat-18_TL-
PA4010KIT.h...](http://uk.tp-link.com/products/details/cat-18_TL-
PA4010KIT.html)

[4] Always, always change the HomePlug network name and password :-)

------
slacka
I have an Asus RT-AC66U w/ merlin firmware. I've been running it for years now
without a single crash. It's only been rebooted once to update the firmware as
it's on a UPS. I have a 2 TB HDD that turns it into our house's media server.

~~~
gmac
Similar: RT-N66U, with stock firmware. In Wireless Access Point mode, attached
to my ISP-provided modem/router, whose WiFi is turned off. Very happy with it.

------
nisa
For OpenWRT - at the moment the current code is at the fork called LEDE - here
is a ToH: [https://lede-project.org/toh/start](https://lede-
project.org/toh/start) \- both projects want to reunite but it seems progress
is slow - use the 17.01.2 release for LEDE at the moment - it's the most
stable current version.

As for the hardware - If you want to use OpenWRT/LEDE you have to be selective
about supported WiFi chips. ath9k is battle tested but no ac wifi. ath10k
should work reasonable well if you only want to have an access point. Broadcom
/ Mediatek and others can have issues - stability or signal strength depending
on the driver.

Check out kmod-sched-cake and sqm-scripts for the latest in research regarding
bufferbloat -
[https://www.bufferbloat.net/projects/codel/wiki/Cake/](https://www.bufferbloat.net/projects/codel/wiki/Cake/)
together with airtime fairness -
[https://linuxplumbersconf.org/2016/ocw/system/presentations/...](https://linuxplumbersconf.org/2016/ocw/system/presentations/3963/original/linuxplumbers_wifi_latency-3Nov.pdf)
you can archive some crazy results in good wifi (only on ath9k / mt76 partly
on ath10k).

If you want something off the shelf - Mikrotik and Ubiquity and to a degree
TP-Link and Asus models get good reviews. In terms of hardware and antennas
Mikrotik and Ubiquity are usally better.

You probably want 802.11ac and 5GHz - at the moment 802.11ac Wave2 is probably
not worth the money because you need support on the client side and that is
rare.

TP-Link Archer C50 would be my budget pick (30€) and runs LEDE - no Gigabit
through. Archer C7 for Gigabit.

If you don't mind soldering a serial console and flashing LEDE using the
bootloader get a used Cisco Meraki MR18 / MR24 without licence and wall mount
kit for a few $ from ebay - top notch hardware and antennas (but ath9k not
ath10k) and lot's of CPU / memory.

~~~
sml156
+1 For LEDE/OpenWRT, I'm running 17.01.02 (uname -a=Linux LEDE 4.4.71 #0) I am
using a TP-Link TL-WDR4300 v1 and am very happy with it so far.

I would probably be more happy with ubiquiti unifi

------
xmodem
PFsense on a Dell Optiplex FX160 running a router-on-a-stick configuration
with a Cisco switch (router-on-a-stick refers to pulling the external and
internal interfaces over a single ethernet cable on separate VLANs)

------
manmal
Currently 1 Unifi AP with Long Range, with a RPi 3 as controller (docker
image). Setup was done in 30 minutes, and I'm just amazed how well it all
works. I'll soon buy another 1-2 APs for the other floors in the house, and
expect perfect wifi signal everywhere. If I need to, I can let the RPi run
things like dnsmasq, printer server or whatnot.

Apart from the Unifi centric hardware, I have an Asus router that currently
handles all the routing (also DHCP), and a cable modem.

------
praveenster
Google WiFi (mesh of 3 units). Really love it so far. Very easy to configure
and manage. No more clunky webpages to navigate, no more worrying about
firmware upgrades. Switched recently from Linksys WRT610N after using it for
about 8 years without any issues except for lack of firmware updates.

~~~
bmelton
Same here, but with 5 units, and I'm supremely pleased by its overall
performance.

For some odd reason, after moving to a new house, the Powerline networking in
my office degraded from the consistent 300-400Mbps in the old house to <
10Mbps in my new office.

The new house is old, with thick walls, and I wasn't getting good throughput
with the old pair of OnHubs I was using, but I figured that enough mesh points
would overcome that, and as one of the mesh points is in my office, I've found
plugging the desktop ethernet output directly into the ethernet input on the
Mesh unit to be extremely performant.

~~~
praveenster
I did the same thing on one of the mesh units as well as it was in one of the
rooms diametrically opposite from the main unit and on the second floor. The
mesh shows great signal strength now.

------
oDot
Before paying for a Ubiquiti product, take a look at how they treat the GPL:

[https://en.wikipedia.org/wiki/Ubiquiti_Networks#Open-
source_...](https://en.wikipedia.org/wiki/Ubiquiti_Networks#Open-
source_licensing_compliance)

~~~
nisa
They also run PHP 2.0 (sic!) on all routers -
[https://www.theregister.co.uk/2017/03/16/ubiquiti_networking...](https://www.theregister.co.uk/2017/03/16/ubiquiti_networking_php_hole/)

~~~
frik
_" A command injection vulnerability was found in 'pingtest_action.cgi.' This
script is vulnerable since it is possible to inject a value of a variable. One
of the reasons for this behavior is the used PHP version (PHP/FI 2.0.1 from
1997),"_

The first time I heard someone is using a pre PHP 3 version. Must be perl/cgi
based and really old stuff. Why do they even ship with an inbuilt web server
with cgi enabled - it's so outdated and screams 1995 tech. (even back in 2002
cgi, and Perl and PHP3 were considered outdated, and we had already PHP 4)

------
givemefive
a ubiquiti AC-lite with pfsense on an APU2

I'd rather have my wifi be a black box that just works and my router be a
little more just raw hardware with openbsd or linux or pfsense.

~~~
nicolas314
Same here: APU2C4 running vanilla OpenBSD for routing, DHCP, DNS, attached to
a Unifi AC configured in pure bridge mode. I was not too pleased with
Ubiquiti's firmware though and flashed LEDE, for which you can find ready-to-
use firmware images. No more need to install and run a java-based controller
instance on another PC for just a wireless bridge. For guest WiFi, I got a GL-
AR150 for 20€ and also run LEDE, this time in isolation mode -- guests are
NAT'd on their own network and cannot see each other.

~~~
givemefive
Cool didn't know about LEDE, I use the iPhone app to manage the ubiquiti. But
I don't really need to manage much. Just upgraded the firmware once...

------
songzme
Here's how our home router is set up at our code school:

I bought a cheap gigabit router (from craigslist for around $30) and then
bought a wireless range extender ($60) for the far end of the house. The
router is not connected to the modem (so obviously no internet). We built our
own server to host all the code, exercises, videos, as well as a DNS server.
Our gitlab repository is resolved to google.com, so they usually get a kick
out of pushing their code to 'google'. We have our own internal q/a site that
resolves to facebook.com. Everybody gets to pick their own domain name to host
their own projects.

We experience 0 downtime (unless there is a power outage), pushes to our
repository is almost instantaneous, and tests run blazing fast on our speedy
i7 desktop with 62GB Ram (that I got for $600 on craigslist). Also, students
are not limited to their machines, they can code on whichever device they want
(as long as it runs chrome or ssh) because code is hosted on the server. This
way, we don't have to deal with people's installation problems.

I didn't touch the router's firmware at all. Our server acts as a dns server.
However, everybody would have to modify their dns records on their wifi
settings to add our server's ipaddress.

~~~
traviscj
> However, everybody would have to modify their dns records on their wifi
> settings to add our server's ipaddress.

Why can't you just push it over dhcp? (This is what I've always done for this
use case...)

~~~
songzme
Thanks for the insight! Its my first time I've setup up something like this
(coming from a front end dev background), so I didn't know about dhcp.

~~~
newbear
Where did you learn to set something up like this?

~~~
traviscj
I learned from
[http://tldp.org/HOWTO/DHCP/x369.html#DHCPSERVER](http://tldp.org/HOWTO/DHCP/x369.html#DHCPSERVER)
when I got tired of auto-managing IP addresses -- the basic setup is not
terrible. If you're using something else for DHCP assignment (e.g. PfSense)
you can usually just provide the extra DNS server in the config there and it
propagates out.

------
r3vrse
Netgear R7000 [1] with AdvancedTomato [2], which is Tomato but with a pretty
UI. It runs DNS, nginx as a reverse proxy, SSH gateway and some other bits &
pieces with minimal fuss. Pretty sure I've never had to reboot it outside of
testing configuration changes. I even managed to upgrade to a significantly
newer firmware version without blowing away the NVRAM/other settings and
having to redo everything from near scratch as is IME so common with custom
router FW builds (note: YMMV).

It has USB 3, GigE, wireless speed has been fine etc... certainly one of the
best home tech purchases I've made in the last couple years.

[1] [http://www.netgear.com.au/home/products/networking/wifi-
rout...](http://www.netgear.com.au/home/products/networking/wifi-
routers/R7000.aspx) [2]
[https://advancedtomato.com](https://advancedtomato.com)

------
5_minutes
I had a quite pricey $120 Asus n66u as primary router and a cheap, TP link
router, as backup, lying in the closet.

At one point, the Asus started to become unreliable and unstable so I disabled
it and put the $40 TP Link instead.

Now, about 3 years later, I completely forgot about my router setup and this
TP link is rocking it every day. I'm really impressed by the brand. I only had
to pull the powercord to quickly reset it once, during several years. I can
not say this of most other brands I've worked with in the past.

You can run OpenWRT etc on it. It's quite similar to the legendary WRT54G.

I also bought a Wifi 4G portable router from TP Link later, and this is also
high quality hardware at affordable prices.

[https://www.amazon.de/TP-Link-TL-WR1043ND-Ultimate-
Anschluss...](https://www.amazon.de/TP-Link-TL-WR1043ND-Ultimate-Anschluss-
Glasfasermodem/dp/B002YLAUU8)

------
cloudengineer
Ubiquiti Edgerouter + two Unifi UAP-AC-Pro

------
zeroxfe
I've been using ASUS routers with the Asus Merlin[1] firmware for a very long
time -- they're just fantastic if you want customizability.

Current router: ASUS AC3100

[1] [https://asuswrt.lostrealm.ca/](https://asuswrt.lostrealm.ca/)

------
wcfields
PfSense on passively cooled j1200 celeron [1] running to a netgear PoE switch
hooked to 3 ubiquiti unifi pro ac.

[1]
[https://www.amazon.com/dp/B01AJEJG1A/](https://www.amazon.com/dp/B01AJEJG1A/)

------
fencepost
I'm still using an old WNDR-3700 (gigabit ports, dial band, agn) with OpenWRT,
though the 2.4 wifi has gotten pretty spotty lately and I now have it set to
do nightly reboots.

I'll likely replace it with one of the newer Mikrotik routers soon, mostly
because we've started using them at work and for clients and it'd be good to
have another spot to get and stay familiar with them. That said, while
RouterOS is powerful it has a not insignificant learning curve. I've also seen
firmware images and wiki entries indicating that you can run OpenWRT on some
models, but I'm not sure how well supported that is.

------
untog
The ASUS Google OnHub. I used to face a router that reach DD-WRT and
customised all the options... then I got sick of it all. The OnHub just works,
and updates itself. It's not glamorous, but neither are my requirements.

------
untangle
Mikrotik hEX RB750Gr3 5-port Gigabit Router feeding an AmpliFi Mesh Wi-Fi
System (router plus two meshpoints). Performance, configurability, and
reliability have been excellent. ~$350 total cost.

------
nodomain
Located in Germany where the company AVM has a very high market share. As a
result, I use a Fritz!Box 6360 for Cable Internet (400 down, 25 up) with a
Fritz!Repeater 1750E on every floor connected via gigabit ethernet. Manually
set up 2.4 and 5 Ghz SSIDs to segregate devices like printer an other ancient
stuff to the 2.4 SSID while using the 5 GHz SSID for my modern devices. I
cannot imagine a better setup.

~~~
heehsum
I'm from Germany too and am using a Fritz!Box 7490 behind a cable modem (200
down/12 up). The router let's you set up one wireless network with both 2.4GHz
and 5GHz so devices automatically get switched onto the band with higher Tx
rate. Currently pretty happy with the setup.

------
kenrick95
I'm using TP-Link WR802N [1] and installed OpenWRT on it. Its small form
factor is quite useful for me since sometimes I took it when I traveled back
to my hometown (to easily have my local wifi network).

[1] [http://uk.tp-link.com/products/details/cat-9_TL-
WR802N.html](http://uk.tp-link.com/products/details/cat-9_TL-WR802N.html)

~~~
eps
WR802N is excellent out of the box.

Unlike newer models it allows created your own WiFi access point that is
routed to the Internet via another WiFI network. Very useful when travelling
with multiple iPads and such - no need to connect them all one by one to a
hotel WiFi (no need to configure them at all as a matter of fact) and you get
your own isolated subnet with working broadcast and multicast.

------
laughfactory
We're using Google WiFi. Not super (or at all) customizable as you'd like to
do, but it does work very well. It's stable and offers really good performance
throughout our 1000 sq ft apartment (even given all the numerous networks
around us). In the new home we're buying, I plan to use the mesh network (buy
more Google WiFi units) capabilities to blanket the whole home.

------
jakelazaroff
Didn't have the patience to sort through who knows how many options, so I just
read The Wirecutter's comparison [1] and bought the one they recommended: TP-
Link Archer C7 (v2).

[1] [http://thewirecutter.com/reviews/best-wi-fi-
router/](http://thewirecutter.com/reviews/best-wi-fi-router/)

------
pdxpatzer
Router is a PC Engines APU2 (apu2c4) running OpenBSD, wireless APs are Buffalo
and run OpenWRT in plain bridging mode.

------
mkhpalm
I use a couple TP-Link Archer C7 v2 (dual band ath9k and ath10k) running
OpenWRT. 1 of them acts as the router and the others are just bridge over
Ethernet to extend wireless coverage and provide local switch ports. Works
pretty well for me.

I would also suggest Ubiquiti and/or pfsense if you want an out-of-box
experience.

------
jtl999
A rackmount pfSense router built from an old Core i3 desktop from circa 2010
and a Intel 4-port NIC. I have 150/150 FTTH at home. Might have 250/250 or
1000/250 by the end of the year (the router can handle 800mbps WAN->LAN with
about 50-75% CPU usage)

UAP-AC-LR for the wireless.

------
sashk
I'm using eero (1st gen) and with the latest update I've became less happy, as
I now have to reboot it once every two weeks to get performance back. And
speeds became slower as well. Disappointed, but hope it's a bug, not a way to
force me to gen2 model.

------
colept
There was a black friday deal for the following router:

[https://support.t-mobile.com/docs/DOC-10864](https://support.t-mobile.com/docs/DOC-10864)

Which was easy to upgrade the firmware and then override so I could install
Tomato.

------
tlb
At home, 3 Netgear WNDAP360s to cover 2 floors and a detached garage. I've
needed to reboot a few times in 2 years.

At work, a Ubiquiti EdgeRouter. Fast and trouble-free so far, and easier to
set up than the Netgears.

------
Aloha
I've got Comcast Business Class, so I have one of their routers
(Cisco/Technicolor) as the actual router - but I run my own DHCP and DNS - I
use an Apple Airport as the access point itself.

------
qubex
AirPort Extreme with a couple of peripheral units acting as a Wireless
Distribution System (WDS). I'm heartbroken that Apple won't be developing any
new units.

------
akerro
Nice try NSA!

Omnia Turris, open hardware, OWRT by default, top tier hardware, HAC
encryption, 2.4GHz and 5GHz.

~~~
tricolon
Is it really worth the €330?

~~~
kogepathic
It depends.

Is the hardware worth 330€? Probably not. But IIRC everything is open source,
including the hardware design, which you'd never get from a commercial router.

Is it worth 330€ as a router? CZ.NIC has put a lot of effort into the OS and
updates. The router has 8GB of NAND and they are using btrfs to handle updates
(snapshot, update, rollback if there are issues).

This kind of update feature doesn't exist in OpenWrt and LEDE, though mainly
because most routers ship with 16MB of NOR flash and there simply isn't room
to take a snapshot while upgrading. Some routers like the Xiaomi Mi 3 have
128MB of NAND and it would be possible if there was upstream support in LEDE
(although that router has other issues with MediaTek WiFi).

So if you're looking for a reasonably secure router that auto-updates, I think
it's worth it. Set it and forget it mentality.

If you have the technical skills and time to manage the router yourself, then
just buy a low power PC (e.g. PCEngines APU, Solidrun ClearFrog, Marvell
MACCHIATTObin) and install Linux/PfSense/OPNSense.

I don't own the Turis myself, I just saw some conference presentations of
theirs about how they implemented the Turis.

------
KiDD
PF-Sense on a SuperMicro server in a VM. Ubiquiti Unifi AP Pro HD

------
cdevs
Have a peplink and typically like peplink or tp-link devices

------
hossbeast
Amplifi HD mesh, base station plus 2 APs

------
akulbe
Unifi ER-X-SFP from Ubiquiti Networks.

------
pdonis
Netgear WNDR3700 running OpenWRT.

------
mongol
Mikrotik

------
hungerstrike
I have an (awesome) ASUS RT-AC5300 router but I use my Synology DiskStation to
run a DNS server.

Everything worked out of the box. No custom software installation, no messing
around. I love them both, they're very powerful.

It's easy to install dnsmasq on Synology but now you don't have to do that
manually anymore, they have their own package system now which includes a DNS
Server built upon dnsmasq.

------
frik
What access point/repeater with 2+ antennas (visible) can you recommend?

~~~
ktta
Often people go about doing this the wrong way.

It is better to get two cheap routers and use one as an AP only. The AP only
can be placed where ever you want so it'll have better coverage than a multi-
antenna router any day.

