
Ask HN: Best current model routers for OpenWRT, DD-WRT, Tomato, etc.? - zhan_eg
I&#x27;m in the process of choosing new device(s) for a small wireless network in multi-story building and prefer having devices supporting some open source router software&#x2F;firmware (OpenWRT, DD-WRT, Tomato). The amount of models available is enormous, but as the last Ask HN[0] (from 3 years ago) on this topic was a good starting point I think some good up-to-date advice can come up now. malandrew the original poster told it well so:<p>&gt;  If one were to decide to buy a brand new model router to install open source router software on, where would you go to find out the best current models and be able to compare their features?
&gt; While it would be nice to know the best models as of today, I think it&#x27;s more interesting to be taught how to fish instead of being given a fish. This also makes it easier for me (and anyone else) to pass this advice onto the next person.<p>[0] - https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=6828699
======
TwoNineFive
The first thing you need to know is that the OpenWRT project is basically dead
and that 95+% of the developers went over to the LEDE Project. However, LEDE
has not yet published a stable release yet. You can get nightly builds that
are in pretty good shape though.

I would highly recommend an ipq806x-based system, if you can afford it. Almost
always matched with qca9880 radios. These are modern 802.11ac wave2 systems.

ipq806x is a Qualcomm-Atheros SoC. Go to wikidevi for specifications on the
chips and all of the devices I mention below.

Check camelcamelcamel for recent pricing info if buying in the USA.

The list would be:

Linksys EA8500

TP-Link Archer C2600 (Not recommended due to TP-Link going anti-OSS. Modern
versions require signed firmware and other DRM junk)

Trendnet TEW827DRU (Not yet accepted into LEDE, but could be any day now)

Netgear R7800 (Has a slightly faster CPU, but more expensive)

Netgear R7500v2 (Avoid the V1)

ZyXEL NBG6817 (Has the same slightly faster CPU as the R7800, but it's storage
flash is goofy and I'm not 100% sure it's fully working. Ask the lede-dev
mailing list first.)

The top issue that all of these devices have is that the 802.11 radio LEDs
don't work yet because the driver is missing support for it. However, if you
can live without blinking lights, these models are the way to go. This feature
will almost certainly get fixed in the future.

I would tell you to go with the Linksys EA8500 if price/value is your concern.
Otherwise the Netgear R7800 has a very active dev and probably has the best
support. The ZyXEL NBG6817 looks really interesting to me, but I don't have
one yet.

If $140-$200 USD is too much for you, look to some older 802.11ac devices.
Like I said above, avoid TP-Link as they have started locking down their
devices by removing serial ports and requiring signed firmware/DRM etc.

Your list here in comments is pretty good, though I'd avoid the TP-Link unless
you can get one that is older (before TP-Link became anti-OSS.)

Good luck

~~~
alimbada
As an OpenWRT user it's a little worrying to find that many of the developers
have left the project. Do you have any more info on why this happened?

~~~
zhan_eg
There was a pretty detailed discussion on HN on the split [0] I personally
hope that the situation won't become as [1].

[0] -
[https://news.ycombinator.com/item?id=11624374](https://news.ycombinator.com/item?id=11624374)
[1] - [https://xkcd.com/927/](https://xkcd.com/927/)

~~~
alimbada
Sure, having competing standards isn't always a good thing but we're not
talking about a standard here. It's a new router firmware distribution and I
think having more of them is a good thing as it gives people more choice.

The major problem that I do see here is that LEDE has been forked from
OpenWRT, but has nowhere near the level of device support that OpenWRT has. I
have a TP-Link WDR4300 which I bought specifically because it was one of the
routers which are highly compatible with OpenWRT. However, LEDE doesn't list
this router amongst its supported devices (though there are newer WDRXXXX
devices listed).

~~~
wtallis
> However, LEDE doesn't list this router amongst its supported devices (though
> there are newer WDRXXXX devices listed).

What list are you looking at?

LEDE does builds for the WDR4300, and given that it's an ath9k router, it is
and will continue to be very well supported. The only caveat is that I don't
know whether they've added the necessary signature to allow the firmware to be
accepted as a valid upgrade by recent TP-Link stock firmware, but once any
third-party firmware is installed, there's definitely no barrier to upgrading
to LEDE.

~~~
alimbada
I was looking at this page: [https://lede-
project.org/toh/views/toh_available_864](https://lede-
project.org/toh/views/toh_available_864)

But I see now that my device is listed under the "non-ideal" table of hardware
page.

------
mdasen
I have the Asus RT-AC68U/TM-AC1900. I bought it from T-Mobile for $60 and
flashed it to stock and then put Asuswrt-Merlin on it (but you can use Tomato
or DD-WRT). It does take a little work to flash it to stock (like Telnet'ing
into the router), but it wasn't bad and for $60 I ended up with a wonderful
router. There are guides online for flashing it back to stock.

If you're looking for information, I suggest SmallNetBuilder. They have very
thorough reviews:
[http://www.smallnetbuilder.com/tools/rankers/router/view](http://www.smallnetbuilder.com/tools/rankers/router/view).
It looks like the RT-AC68U is their #1 pick for AC1900 router now. It used to
be their #2 pick under their previous testing methodology (after the R7000
Nighthawk from Netgear). That's slipped to #3 under the new testing and the
Asus has taken the top slot.

Asuswrt-Merlin isn't such a radical departure from stock, but it has some nice
features and allows me to do things like edit the etc/hosts to block certain
things.

The Asus RT-AC68U is probably one of the top 2 AC1900 routers out there and
T-Mobile is selling it for a song (even if you're not a T-Mobile customer).
It's a little work to re-flash it so read a guide and see if you're
comfortable with that. Or you could buy a stock RT-AC68U and get
SmallNetBuilders #1 AC1900 router overall, for 2.4GHz avg throughput, 2.4GHz
max throughput, 2.4GHz range, 5GHz avg throughput, and 5GHz range.

~~~
jtolj
I'll third the Asus RT series.

I just replace my FIOS router with an ASUS RT-AC66U running AsusWRT-Merlin (I
understand the stock firmware is based on Tomato). It is very fast, stable,
has great coverage and is extremely configurable/hackable. I think I paid $75
for it from Amazon Warehouse Deals.

~~~
wtallis
> extremely configurable/hackable.

Except for the closed-source WiFi drivers, which also limit the choice of
kernel versions.

------
mavrc
I know others have recommended this already, but I would also say that your
best bet is to buy some Ubiquiti hardware. An EdgeRouter X + UniFI Pro dual-
band AP is on the order of $200 from Amazon and has way, way better
functionality than SOHO hardware of same price point, with the principal issue
that it is enterprise hardware, and is very much not point-and-click to set
up. I think the tradeoff in functionality and build quality is worth it,
though.

I recently replaced my PC router running pfSense with an EdgeRouter X - at
~$50 the power savings alone will probably pay for it in less than a year, and
the only thing I can't do with it that I could do with pfSense is create a
standalone OpenVPN endpoint - so I'm moving that functionality to a server
that was running anyway.

~~~
rbritton
I can second this. I recently upgraded my home network to an EdgeRouter PoE +
Netgear R7000 (flashed to DD-WRT) and wish I would've gone with Ubiquiti
across the board. That side of things was much, much easier to get configured
how I wanted it than DD-WRT on the Netgear. The VLAN tagging in DD-WRT for
that hardware only partially worked via the GUI configuration, and I ended up
having to go in via the CLI to finish it off.

~~~
tlow
Pretty far out of my depth here, but I did the same w/ 3 Long Range Dual Band
Pro APs and I'm quite pleased... so thirded.

------
sashk
I use two devices to handle usual definition of the router:

    
    
      1. Mini PC[1] running as a router (pfSense);
      2. eero to handle the wifi.
    

Why? I've tried many times to use dd-wrt, openwrt and tomato firmwares on my
routers, but every time I failed miserably: it's either something stops
working, or I need to schedule routers reboots and so. So I gave up. Since
that time, mini pc [1] is the third system which routes my traffic, acts as
VPN gateway, proxy server and so on on my home network and I've never been
happier. With eero I've got even better coverage comparing to the previous
Airport Express.

[1]: [https://www.aliexpress.com/item/Latest-windows-8-mini-pc-
min...](https://www.aliexpress.com/item/Latest-windows-8-mini-pc-mini-fanless-
desktop-pc-with-Dual-Intel-82574L-Gigabit-Nics-Walk/32255088559.html)

~~~
chx
I found [https://www.amazon.com/Qotom-Q190G4-Celeron-Processor-
Barebo...](https://www.amazon.com/Qotom-Q190G4-Celeron-Processor-
Barebone/dp/B019Z8T9J0) a fantastic device for the price. There's a non-Atom
Celeron, a Broadwell chip and four Intel LAN ports in a <$150 package without
moving parts. My home is small so this also handles the wifi for me.

~~~
riobard
How do you make it do WiFi? USB WiFi adapter?

~~~
chx
It has two mini PCIe slots, one for mSATA, one for wifi. It has the usual
antenna holes as well. You need an mPCIe card (Intel 7260HMW is popular) and
two U.FL to RP-SMA connectors and be done. But yes, you could use USB as well.
They sell kits as well but they use inferior cards IMO.

~~~
riobard
Thanks! I have an ASRock Beebox which has mSATA WiFi card installed by
default, but I've never trusted the signal due to its lack of external
antennas. I was wondering how well it performs in your setup :)

------
zhan_eg
For now, by my research the best candidates are

\- TP-Link Archer C7 (supported by both DD-WRT and OpenWRT, and recommended by
the latter)

\- Linksys WRT1200AC/1900AC (supported by both DD-WRT and OpenWRT)

\- Ubiquiti UAP-AC-LITE/LR/PRO (OpenWRT, diffrent models depending how much
speed/range do you need. No routing here, just access points.)

For any models discussed, please keep in mind that depending on the hardware
version, the firmware support is different.

~~~
ljoshua
I have a TP-Link Archer C7, and while it has generally been pretty good, the
last six months or so it will simply drop all connectivity and require a
reboot. Pretty frustrating (happens 2-3x/week) and has me looking for another
replacement. This is with stock firmware though, so I would hope, but haven't
tried, that alternative firmwares would fare better.

~~~
mstade
I've had the same issue happen, running Archer C7 running OpenWRT. But I'm not
100% sure it's actually the router or whether it's really a problem with my
ISP. I haven't seen the issue in a couple of months now, yet I've made no
changes to my setup.

I did have considerable issues getting both wifi interfaces to work well at
the same time, but that's probably more due to my own incompetence more than
anything. I did finally manage to make it work, much like how you'd wiggle
antennae on an old tv back in the day and suddenly you got a signal.

------
djsumdog
I highly recommend just building a Thin-ITX router. I have a post of how I
built mine here:

[http://penguindreams.org/blog/building-a-thin-itx-
router/](http://penguindreams.org/blog/building-a-thin-itx-router/)

I paid too much for parts. You can easily construct one of these for under
$200. I'm sick of ARM and needing a different image per device.

AVOID the ClearFog and BPI-R1:

[http://penguindreams.org/blog/review-clearfog-
pro/](http://penguindreams.org/blog/review-clearfog-pro/)

[http://penguindreams.org/blog/banana-pi-bpi-r1-fails-into-
an...](http://penguindreams.org/blog/banana-pi-bpi-r1-fails-into-an-insecure-
state/)

I cannot recommend either of them (although if I had to, the BPI-R1 is better
than the ClearFog. Just don't expect it to be stable)

------
FussyZeus
I bought the Buffalo N300 not long ago:

[https://www.amazon.com/gp/product/B00IB8IVDQ/ref=oh_aui_deta...](https://www.amazon.com/gp/product/B00IB8IVDQ/ref=oh_aui_detailpage_o05_s00?ie=UTF8&psc=1)

I've been extremely happy with this purchase, admittedly I'm a bit of a high-
demand user (I host a number of minor services for myself and friends
including TeamSpeak, minecraft, as well as operating two Xbox Ones) so I
needed something with good port forwarding support and UPNP. Rock solid,
straight DD-WRT interface with minor branding, shell access, and monitoring
support. This router's been an absolute champ and I'd recommend it to anyone.

~~~
emilecantin
I'll second Buffalo. I have the N600 [0], and I'm pretty happy with it. I
started with the built-in DD-WRT firmware, installed OpenWRT soon after, and
recently moved to LEDE, without any issues. I don't really use many advanced
features, but I find it's really stable. One really nice thing I appreciate is
dnsmasq. It puts your DHCP entries on the local DNS, so you can access your
machines by their hostnames via straight DNS, no WINS or Bonjour needed.

[0]: [https://www.amazon.com/Buffalo-AirStation-HighPower-
Wireless...](https://www.amazon.com/Buffalo-AirStation-HighPower-Wireless-
WZR-600DHP/dp/B0096239G0/ref=pd_bxgy_147_2?_encoding=UTF8&psc=1&refRID=5YSR8EG4NVKKF090D4KS)

------
feistypharit
I used to run a modified advanced tomato (advancedtomato.com) on a few Asus
routers. But the build process is terrible and I got sick of maintaining it.
Looked at openwrt and lede, but still a pain to maintain.

I recently decided on the ubiquiti edge router x ($49), ac-lr access
point($90), and pihole($50) on a raspberry pi for DNS. The pi also runs DNS
crypt. But now everything gets regular updates and the firewall config and
stats on the edge router are great.

~~~
Diederich
DNS crypt? The google came up with several possibilities.

~~~
cvwright
Probably this one: [https://dnscrypt.org/](https://dnscrypt.org/)

------
warcode
If all you need is a wireless network the UniFi AP-AC series is great. I don't
have any reason to put OpenWRT on it.

------
thom_nic
In the past two years, I've bought...

\- TP-Link Archer C7. This supports our office of ~30 ppl and has been bullet-
proof since day 1.

\- TP-Link N600. Cheaper but still 5GHz. Also super stable, I use it as a wifi
bridge daily.

\- I just bought a Netgear R6300v2 which will go in my home. Have not used it
much yet but for the price it's an ARM core with a lot of Flash & RAM so I'm
excited.

Caveats: I don't know if in practical terms new-ish TP-Links (later than Q2
'16) are harder to flash due to them supposedly cracking down on third-party
firmware. At the time they were super easy, I just downloaded the latest from
ftp://ftp.dd-wrt.com/betas/ and followed standard instructions.

Caveat #2: For Broadcom/ARM builds you probably _don 't_ want to use builds
from ftp.dd-wrt. Intead you want KONG's build, see:
[http://www.desipro.de/ddwrt-ren/K3-AC-
Arm/Readme](http://www.desipro.de/ddwrt-ren/K3-AC-Arm/Readme) and search the
forums for latest KONG builds.

Finally, reading Amazon reviews for any supported model helps as well, you'll
find a few ppl who relate their experience putting ddwrt on it.

EDIT: if your budget is $100+ I've also read good things about the Netgear
R6400 and ASUS AC66 and AC68 but don't have any direct experience there.

~~~
thom_nic
Heads up! If you're quick, the TMo-branded ASUS AC68 is on sale for $60 after
coupon WIFI40. [http://www.t-mobile.com/accessories/t-mobile-wi-fi-
cellspot-...](http://www.t-mobile.com/accessories/t-mobile-wi-fi-cellspot-
router.html)

------
randombit
This is not quite what you ask for and a little more expensive that some
options, but I use a PC Engines APU2 running Alpine as my router+wifi access.
Great little machine that is much more functional than typical home router
hardware, and it boots using coreboot. A good option if you like setting up
everything by hand.

More about APU2 at
[http://www.pcengines.ch/apu2b4.htm](http://www.pcengines.ch/apu2b4.htm)

~~~
zhan_eg
Thanks for the option - are you using an Wi-Fi card on PCI, or you have access
point connected by the LAN ports?

If it is the first option - there are two recommended Wi-Fi cards - which one
you are using and how many client devices does it manage?

~~~
randombit
It has WLE200NX a/b/g/n PCIe with antennas (all from PC Engines), plus an Alfa
g/n 2000mW adaptor at the end of a long USB cable, positioned for better
reception in another building ~150 feet away (n devices are mostly fine
without it but especially old b/g devices had a hard time). Before that, wifi
had been managed by an RT-N66U, and a repeater had been required to reach the
other building. For my setup the APU2 actually replaced 3 devices which had
previously been required: Erlite-3 router, RT-N66U, plus repeater. And more to
the point, replaced 3 key network infrastructure devices, all running
different commercial/closed software, with a single device running a security
focused Linux distro and open source boot firmware.

As to load, it manages just a household's worth of machines, maybe ~10
wireless clients and ~10 more devices on the LAN side. The load on the machine
is effectively zero. I would personally be confident building such a setup for
even 100 clients. The 2 PCI + 2 USB3 offers many expansion options and the SoC
itself is tens of times faster than most home routers.

------
fnj
A router has nothing to do with providing WiFi. You should have a separate
router and WAP.

For the router, any fanless mini-PC with two ethernet ports. Run OpenBSD or
pfSense.

~~~
roseltraut
I wonder, are there simple powerful just AP's comparable to the already
mentioned routers? Just with less features...

~~~
hedora
I had the Asus AC68U, which was the best rated consumer router on
smallnetbuilders, in terms of wifi range and speed. I just replaced it with a
Ubiquiti AC-PRO access point which is much cheaper than the Asus. The Ubiquiti
is maginally better in my informal testing with the two in the same location.
After ceiling-mounting the Ubiquti in a more central location, it blows the
asus out of the water. It went from ~100 MBit -> 500+ on the old "dead spot"
desktop, the raspberry pi on that desk went from 22MBit to 72MBit. The rest of
the house has better coverage than before.

For a router, I use openbsd and this guide:
[https://news.ycombinator.com/item?id=13052673](https://news.ycombinator.com/item?id=13052673)

The router is an AMD that runs almost any unix, so it is more or less immune
to obsolescence due to lack of software updates (Linux and *BSD all have to
abandon headless x86-64...)

Total cost was ~$300. The router was $200 of that and should last until my
home internet connection is ~1GBit (OpenBSD probably can't NAT quite that
quickly on that hardware--haven't measured it).

[edit: fixed asus model number]

------
jabl
As long as you can do without 802.11ac, make sure you get something supported
by the ath9k driver, which IIRC is the only driver that doesn't need a
firmware blob. So all the people working on bufferbloat etc. are using that
driver for their tests, so you'll get the improvements first.

I have a TP-Link TL-WDR3600 v1 running OpenWRT. It was cheap, and works fine.

------
Smushman
Direct from real world experience, a few points of architectural guidance.

1\. Use WiFi routers for WiFi.

Avoid firewalling, NAT, authentication protocols, the strongest levels of
encryption, or other packet changes/control on the WiFi Router.

Resources are always constrained. Mentioned processes consume resources and
the load only appears under real world conditions that you did not anticipate
or could not replicate in test.

2\. Distribute (as much as possible). A little work/cost up front will save
you down the line.

A lot of WiFi routers support multiple radios (IE 2 radios). That gives you
three points of failure for every router - one for each radio, and one for the
router. Take one dual band router down and everyone in the coverage area loses
connectivity in both bands.

Separating these will provide improved redundancy, throughput, offloading, and
etc.

------
JonnieCache
What fanless mini PC should I use to run a VPN gateway at line speed? I see a
lot of random boxes reccommended on aliexpress, but which one should I buy?
Should I just get whatever one, as long as it has the right AES instructions?
Or are some of them awful?

------
Wheaties466
mikrotik routerboard with a ubiquiti wap. I've never been happier.

~~~
mbrock
Have you tried the Mikrotik WAPs?

I'm just about to order a Mikrotik hAP AC Lite.

[https://routerboard.com/RB952Ui-5ac2nD](https://routerboard.com/RB952Ui-5ac2nD)

It's for a one-floor collective house in Latvia, so it's kind of nice to get
an AP from a Latvian company. :)

~~~
wincy
I just ordered the hAP AC non lite. I have a gigabit internet connection so I
couldn't deal with the 100mbit ports. I'll get that and an RB3011uias-rm
tomorrow! Got that because of some of the traffic shaping I'm planning on
doing will need routerOS 5 and more processing power. I'm in the US and a huge
fan of Mikrotik stuff, they don't get the exposure they deserve on threads
like this.

They also have a new cheaper wAP ac which has a single gigabit port and work
outdoors!

~~~
mbrock
We just got some 100 Mbit fiber to the house and we don't do a ton of heavy
file sharing so it'll be fine for us.

A stone's throw from the house is a field where we plan to have some activity
in the spring and summer, so I'm thinking we could then get an additional
outdoor wAP.

Yeah, finding out about Mikrotik at all took a fair bit of googling and
researching but they seem cool!

Latvia has a bit of an electronical engineering tradition, especially in
radio, as I understand...

------
tbronchain
Very interesting question I've asked myself a year ago. I ended up buying an
old Netgear WNDR3800 for $15, and put OpenWRT on it. And it works great! It
has enough ROM to install most of the services you would probably need need
(ssh, iptables, smb, shadowsocks, dnsmasq, time machine, dyndns, are running
altogether perfectly well) and enough RAM as well. OpenWRT itself isn't
perfect, and I had to setup an package building environment on my machine to
install some packages (typically shadowsocks) on the latest stable build
(currently 15.05.1). But it works. And it works great. Speed is good, and I
don't see anything I would have to complain about that disturb my needs/usage.
I like the modularity and I love having a real Linux I can ssh to as router.

I've been quite interested to read about the fact developers from OpenWRT are
moving to LEDE. Maybe it could be worth it to wait - as I said, OpenWRT isn't
perfect and I'm sure a lot of improvements can be done. I haven't tried LEDE
though. But I think, for a small office/home network, just getting an
(reasonably)old/cheap yet powerful, compatible hardware and put OpenWRT on it
is quite a good solution at the moment.

------
jonstokes
I've used OpenWRT in different incarnations over the years, and at this point
my suggestion is to forget about OpenWRT and buy some Unifi hardware from
Ubiquiti. You get almost the same amount of control from Ubiquiti's pro line,
plus the hardware is really solid and it all Just Works.

Now that the enterprise-level Ubiquiti stuff is so insanely cheap, there's
basically no reason IMO to fool around with open-source router projects.

------
crisscrosscrash
Among the open source router options, what's the best for multi-WAN and
flexible QoS?

I was looking at switching from ASUS on Merlin to Tomato for better QoS and to
try out multi-WAN that was added in shibby about a year ago. I really want the
internet to be reliable and fail over to a 2nd connection and then back fairly
seamlessly.

Am I better off using pfSense (or something else) vs trying one of these
integrated router/wireless firmwares?

Years ago I started looking for multi-WAN and got the very disappointing
Linksys / Cisco RV042. It worked, but the interface was crap and it lacked a
lot of the features that even consumer routers had. For an office of up to 50
people (and 2x devices) we've been using an ASUS RT-AC66R on Merlin and it's
worked pretty well in that it's rock solid stable for many months at a time,
has a bit of features - now including nice graphs for per-host bandwidth
monitoring, and basic QoS and multi-WAN. The biggest issue is that QoS options
are limited and it's hard to know if it's even working properly. The multi-WAN
auto failover seems buggy and that seems like an area that Merlin hasn't
touched.

------
MrVitaliy
I recommend buying a simple Access Point (AP) but with enterprisy components,
like xclaim xi-3, and treat it as a stupid radio device while running layer 3
services with DHCP, firewall, etc on a separate device (or a vm) with pfSense.
This way if you have problems with radio signal, you can just replace or buy a
different brand AP without changing anything on your network stack.

------
gwu78
Pipe dream: take over production of AirPort Extreme from Apple, release the
hardware specifications to the public, and make it easy for users to install
their own kernels, e.g., NetBSD.

Reality: as someone else said already, PC Engines or Soekris are the best you
can do. They make the hardware and let users make the software. These
companies appear to have some longevity. Easy to run user-compiled kernels of
choice.

Ubiquiti is not an option if you want to compile your own kernels. The drivers
are proprietary. They make the hardware _and the software_. Users assumed to
be incapable? Apparently they cannot survive selling hardware alone. Longevity
of this company is uncertain. Humble opinion only.

------
mrbill
I'm currently using a Ubiquiti Edgerouter X (previously an ERLite) for
routing/NAT and a UAP-AC-LR for WiFi (along with an OnHub in bridge mode, for
AB testing).

Previously, I used a UAP-LR reflashed with "normal" OpenWRT as I hated their
controller/config software, but now there's Android and iOS apps for basic AP
configuration.

EdgeOS (a Vyatta fork) isn't as user friendly as other "consumer" routers, but
every tech friend who owns one has fallen in love with the price/performance
and feature set.

------
NetStrikeForce
I'm using Nexx WT3020
[https://wiki.openwrt.org/toh/nexx/wt3020](https://wiki.openwrt.org/toh/nexx/wt3020)
for my easy VPN project, but I've got the GL-iNet in mind also.

The idea of these is to connect them to your main router and have a "protected
Wi-Fi network" that routes all traffic through VPN, while you can always go
back to your normal Wi-Fi network to not use VPN.

If anyone's interested in talking about it, hit me up at hello@tscr.io

------
ce4
It's not exactly what OP asked for but some readers may find it worthwile:

The Raspberry Pi is well supported. If you happen to have one that's
collecting dust and want to have a look at OpenWRT. Or to try things without
fear of bricking the main router. I use a spare v1 for "traveling". Add a
cheap Wifi dongle, an LTE dongle and one of those portable USB batteries and
you have something to play with.

~~~
dublinben
This isn't a good recommendation as anything other than a toy. The RPi doesn't
have enough processing power to handle adequate speeds.

~~~
floatboth
The Pi 2 should have enough power, the Pi 3 has more than enough.

What they don't have is good I/O. USB 2.0 only. And the 100mbps Ethernet is
attached through it.

~~~
Tharkun
YMMV, but 100mbps is not enough speed for me. That rules out the Pi.

------
ianopolous
I bought a netgear NightHawk R7000 (dual core 1GHz) this year and it is great.
Despite it being connected by a wire through my ISP provided router, the wifi
bandwidth is about 40% better. DD-WRT installation was easy and is solid.

------
atmosx
Carambola 1 and 2 from 8devices[1] worked for me.

[1]
[http://www.8devices.com/products/carambola](http://www.8devices.com/products/carambola)

------
awinter-py
Are there any efforts to test the long-term stability of the open router
distros on specific hardware? I'd give money to a legit 'OSS router lab'.

------
ino
Does anyone want to share their experience / recommendation for a router with
4G / LTE SIM card slot?

I think I'm going to be needing one soon.

~~~
nulagrithom
Not an open source one, but we use Cradlepoint routers for our remote offices
that need to fail over to 4G / LTE. I quite like them.

------
RockyMcNuts
It's an answer to a different question but Wirecutter did a nice roundup of
all the new (proprietary) mesh WiFi systems

[http://thewirecutter.com/reviews/best-wi-fi-mesh-
networking-...](http://thewirecutter.com/reviews/best-wi-fi-mesh-networking-
kits/)

HN discussion
[https://news.ycombinator.com/item?id=13102698](https://news.ycombinator.com/item?id=13102698)

If LEDE has a stable release that supports mesh networks it will be nice.

------
sandGorgon
tplink c7. period. you can go and read the detailed reviews on
whirlpoolforums. the amount of ram available is 512mb which is huge.

if i were you, i would take an el cheapo j1900 intel box (from aliexpress)
with quad lan ports and run pfsense on it. perhaps the best bang for buck
configuration known to man!

------
Zelmor
Taking into consideration the do-it-all directions the linux kernel is
heading, I am more in favour of security conscious solutions, such as an APU
board with BSD on it. For myself, this is still a concept. I've decided to
learn more about bsd, security and networking before jumping into
implementation and purchase of hardware.

Next year though! Next year!

------
goalieca
What do you guys think about raspberry Pi configured as a wap? Are we there
yet??

~~~
brians
Maxes out at 50-100 Mbps, depending on packet size. Wifi-USB-CPU-USB-Ethernet
for every packet.

------
yegortimoshenko
PC Engines APU2 (or Soekris net6501) + OpenBSD is the best router you can get.

------
darkblackcorner
I think the Turris Omnia
([https://omnia.turris.cz/en/](https://omnia.turris.cz/en/)) looks fantastic,
and plan on getting one when my budget allows.

On further (re)inspection though it seems you'd still be tied to your ISP's
router/modem :(

Perhaps there's a good standalone/mPCI modem out there somewhere?

~~~
vetinari
Turris Omnia has a SFP port, so if your ISP has that option, you can get rid
of your modem.

~~~
darkblackcorner
Good call, but my line in is RJ25 so probably not gonna happen.

------
bitJericho
I recommend a custom built PC and pfsense.

~~~
zhan_eg
pfSense for the routing part (and many other features not found in consumer
Wi-fi routers) is very good, but is using it for Wi-Fi such a good idea ? The
mantra in the pfSense forums is not to hassle with Wi-Fi, as it is a big pita.

Moreover, are there any AC cards supported? Based on the list provided by
them[0] and info on the forums there aren't?

[0] -
[https://docs.google.com/spreadsheets/d/11cF4UoNL68Me5ZC6qhjF...](https://docs.google.com/spreadsheets/d/11cF4UoNL68Me5ZC6qhjFPmzdW7mib56dBIAKz30Qpug/edit?hl=en#gid=0)

~~~
djsumdog
pfSense is FreeBSD based right? If so, then no, there is no AC support at all
in most of the BSD operating systems out there. AC is a pretty big fundamental
difference from bgn. There are devs working to support it, but anything out
there is likely to be alpha/beta state right now.

