
Ask HN: Best open source home wifi router in 2018 (buy or build) - peatmoss
I have an aged Apple Airport Extreme base station that I&#x27;m looking to replace. A combination of recent news about router infections and changes to net neutrality has me interested in options for open source capable routers.<p>The main features I&#x27;m looking for are longevity &#x2F; timeliness of firmware updates, and a relatively easy way of tunneling all my home network traffic through some cloud-hosted machine or VPN service (mostly shielding from Comcast).<p>1) What&#x27;s the state of dedicated open source firmware &#x2F; off-the-shelf router combos? Between Tomato, DD-WRT, OpenWRT and seemingly countless others, I have no idea which software path is best. Between the Linksys &quot;Open Source&quot; WRT devices, and the Netgear Nighthawk, and others, I also have no idea which hardware is best.<p>2) I&#x27;m at least nominally interested in building up my own router with OpenBSD. It seems like the winner in terms of hardware would be something low-powered, and with Intel (iwm driver) or Atheros (athn) wifi hardware. Has anyone gone this route &#x2F; have good recommendations for hardware? Is PCEngines the right hardware for that? Is this a reasonable approach to a wifi router in 2018?
======
bradknowles
Ubiquity is based on the Vyatta platform, which means it’s pretty decent as a
network device. Unless you’ve got gigabit WAN speeds, it will probably be
sufficient for your SOHO needs. But I would split the wireless functions from
the Routing/firewall functions. You might even do a three-way split with
dedicated devices for each function.

But most Ubiquiti devices are going to need some sort of a management machine,
running their proprietary software. That could be an old repurposed desktop, a
small format computer, or something else. But it will need to be a more
mainstream OS — I don’t think a Raspberry Pi will do the job.

I’ve heard good things about Mikrotik, but then they are also vulnerable to
the recent VPNFilter malware. And they might do okay on the Routing side, but
I don’t know how well they will perform on the firewall or VPN server side.

~~~
bradknowles
I have been looking for a good gigabit speed multi-WAN firewall/router
solution.

The Ubiquity Edge routers give you multiple interfaces, and can do multi-WAN,
but not at gigabit speeds. And not with also handling VPN functions.

I’ve been looking for good NUC or SBC type solutions with enough CPU
horsepower and multiple independent NICs, but I haven’t found anything yet.
Please let me know if you find anything in this space.

------
lol-lol
[https://mikrotik.com/products/](https://mikrotik.com/products/)

or if you want, just board:
[https://mikrotik.com/products/group/routerboard](https://mikrotik.com/products/group/routerboard)

Anyway their routers are cheap and very capable, but the administration is NOT
(!WARNING!) for normal users. You will need to know a lot about networking.

------
kevinherron
I have a Google Wifi router right now. I have zero complaints other than it
being Google.

If I were to do it over, I'd go with pfSense and a Ubiquiti WiFi AP.

------
jamesw72
I use a combination of pfSense on a Dell mini and a Unifi access point by
Ubiquiti. This set up splits the work so that wifi just does wireless stuff
and the router just does routing and firewall. Works very well and is very
stable.

~~~
bradknowles
In my case, I installed a number of Unifi Access Points at the house of my in-
laws. They were fortunate that when their house was being built, each room got
a home run of cat5 cable, which made the Unifi Access Points a no brainer.

Now they have way better WiFi access through the house than we do, or anyone
else I know of. Of course none of the rest of us are fortunate enough to have
those cat5 home runs, either.

The Unifi APs can be configured with the proprietary Ubiquity application on a
laptop, and then when you are done configuring them, you can take your laptop
with you. But then you have to bring it back if you ever want/need to make any
configuration changes. Better would be to find a local device where you can
install the Ubiquity app and then you don’t have to worry about bringing the
laptop with you, and it’s a lot easier to do remote support.

Been there, done that.

But the Unifi APs are pure access points and have no router functionality, so
you have to pair them with something else for that part. And from what I’ve
heard, pfSense on suitable hardware really is the best available solution for
SOHO use cases.

