Hacker News new | comments | show | ask | jobs | submit login
Ask HN: Best current model routers for OpenWRT, DD-WRT, Tomato, etc.?
195 points by malandrew 968 days ago | hide | past | web | 119 comments | favorite
There are many models of routers that support open source router software/firmware like OpenWRT, DD-WRT and Tomato. However, when you look around, it's very difficult to determine the recency of router models out there and post date isn't always useful since many use which ever router just happens to be available to them for free. If one were to decide to buy a brand new model router to install open source router software on, where would you go to find out the best current models and be able to compare their features?

While it would be nice to know the best models as of today (December 1st 2013), I think it's more interesting to be taught how to fish instead of being given a fish. This also makes it easier for me (and anyone else) to pass this advice onto the next person.

My advice is to just avoid DD-WRT altogether. The community is so hostile and unhelpful, the site and wiki full of conflicting information, and almost all builds for anything besides the old Linksys gear is in a real unstable state. It seems almost inevitable that DD-WRT will just result in bricking your router and having some forum asshole mock you for it.

I'm running Merlin's AsusWrt on an RT-AC66U and I've been very happy with it. I bought it earlier this year to replace my aging WRT54GL which had run with Tomato for years.

I'm also a fan of OpenWrt, but I use the x86 build on a VM host, it acts as a router/firewall to other VMs in a private bridge.

Fully agreed. OpenWrt's community is truly great, and the web interface (LuCI) used in the firmware has come on leaps and bounds in the past couple of years.

Also, if you ever need to roll your own firmware, prepare for a big uphill struggle with DD-WRT, but it's a (relative) breeze with OpenWrt.

I can vouch for this. I've run ddwrt on all my routers for some time, but it seems like they're no longer the favorite, for many reasons.

If I could do it all again, I'd go for OpenWRT, though in my case that's just because OpenWRT has some features that ddwrt is lacking (e.g. native IPv6).

Considering DD-WRT is simply a closed version of OpenWRT and this is HN... we should all be going for OpenWRT!

It's a pretty amazing little project.

My experience is exactly the opposite. I've been running DD-WRT since the very first version (right when BrainSlayer forked Sveasoft Alchemy), and it's an incredible piece of software. Absolutely flawless.

Yes, it is true that the wiki has conflicting information, but it's not that hard to find a version that works well with your set up. And most routers are really hard to brick (and worst case scenario most models have JTAG in the PCB, so you can un-brick your router even from the worst mistakes).

Once you have a stable config, you'll enjoy several years of rock-solid performance - at least until you need to upgrade your router again. Rinse and repeat.

FWIW, I'm using Asus RT-N16 with DD-WRT v24-sp2 (03/17/12) kingkong, and also used WRT-350N, WRT-54G/GL. All services I use are rock-solid: VPN, QoS, DynDNS, MAC filtering, USB storage, printer support, etc. Of course, YMMV.

Just to share my experience as this is one of the rare edge cases that I have encountered:

Switching from dd-wrt to Merlin's ASUSWRT, I find that it kinda screws with airplay.

When I play a movie, I'd usually select the sound to output to my Airplay speaker on my apple tv. After switching to Merlin's FW, I tried playing a movie and there was interference and distortion in the sound.

I suspect its due to the ethernet connection/port that brought about that problem since the issue went away when connecting the apple tv via wifi. I only use shielded cat5e cables btw. All in all, the problem went away when I switched back to dd-wrt.

I remembered spending a whole Sunday just to figure that out. Also, I'm not sure if its just isolated to Merlin's ASUSWRT since stock ASUSWRT might also be affected(I didn't test).

Another happy user of Merlin's version of asuswrt here. My RT-AC66U had mysteriously started getting itself into a funk overnight, which Merlin's version cured entirely.

On the negative side, making even trivial firewall changes such as adding or removing port forwarding rules still requires a router reboot. Apple routers do (or did) this too. I'd like to know who decided that this was an acceptable behavior.

I also loaded DD-WRT on the AC66U and it was unable to get the WAN interface moving. And Shibby's TomatoUSB suffered from show-stopping configuration bugs.

I'm also running Merlin's build on the RT-AC66U. 802.11ac speeds with custom firmware, excellent ui and a rich feature set.

Ubiquiti devices all the way [1] [2]. They're the hacker's choice!

Before I discovered Ubiquiti, the Linksys WRT54Gx series was my goto. The problem with them is that, as a given WRT54Gx line matures, they usually shave down the specs. You can see that in action with the WRT54GS series here [3], which debuted with 8MB of flash and now only sports 2MB. Good luck getting anything useful into 2MB.

The other problem with the WRT54Gx's is that there's quite a lot of hardware and architecture variation under the hood. You're usually fine, but I do have one WRT54G-RG at home here that wouldn't even take OpenWRT. It's running DD-WRT, which is a ghetto. (I see some other commenters here feel similarly).

Anyway the Ubiquiti PicoStation 2HP, by contrast, has

  - 8MB of flash
  - 32MB of RAM
  - a nice Atheros SoC which transmits at the legal max of 1000 mW
  - can easily be outfitted with high gain external antennas
  - works perfectly under OpenWRT, and
  - is competitively priced at $78 [4]
The only downside: if you need extra ethernet ports, you'll want a separate switch or possibly a wired router. But I think it's worth it. You shouldn't put an all-in-one wireless / router device on the public internet. The commenter who runs pfSense on an x86 system has the right idea: https://news.ycombinator.com/item?id=6829315

Source: I started a live entertainment company 4 years ago. We use Ubiquiti equipment in all our shows, and we've deployed about 50 PicoStations with our own OpenWRT packages to date.

[1] http://www.ubnt.com/picostation

[2] http://www.ubnt.com/nanostation

[3] http://en.wikipedia.org/wiki/Linksys_WRT54G_series#WRT54GS

[4] http://store.netgate.com/Ubiquiti-PicoStation2HP-80211bg-100...

For the unfamiliar... The Linksys WRT54Gx series were (and still are) incredibly popular, but to anyone considering buying one for use today: Please don't!

They've haven't been manufactured in years, will max out at about 35Mbps LAN-WAN throughput, have tiny flash (as noted above) and only support 802.11b/g.

There's plenty of modern-day equivalents to choose from. If you're really budget constrained, the cheapest widely available OpenWrt & DD-Wrt capable router I know of is the TP-Link TL-WR74x series which can be bought for <$20.

I still have a WRT54G from college. I didn't realize I had it until I had to work on my parents' network and found it plugged in. It did not survive the visit.

They were easy to set up and ran well at the time. Now, yes, definitely not something to pick up given all the vastly better alternatives out there.

I have to wonder what the difference in BOM costs there is between 8MB of flash and 2MB of flash? Consumer USB flash prices in the 10+GB range are around 0.05 pennies per MB. Surely at the point, the cost of the enclosure dwarfs the cost of the actual memory for flash chips in the MB range.

It seems like the cost of retooling would far outweigh any cost savings from spinning a new rev with 6MB less flash.

They sell a lot more than just the WRT54 and are terrified that the $250 market (or whatever) will collapse if people start buying low end models and reflashing to gain features.

Its a market segmentation game. They'd gladly pay $5 extra for less memory, if neutering the low end device saves the sale of a high end $200 model.

You may wish to look into who owns Linksys.

> You may wish to look into who owns Linksys.

I think you're referring to Cisco, who manufactures higher-end networking equipment. But recently, Belkin bought Linksys from Cisco: http://news.cnet.com/8301-1001_3-57574628-92/belkin-complete...

Most of these router devices use NOR flash; much more expensive than NAND, which is the one you're used to seeing in USB sticks.

One thing I don't like is that Ubiquiti doesn't support real POE(802.3af/at). I would like to plug my 3xAircam, 2x AP, and Airvision NVR into my POE switch. But I have to have all these injectors hanging off my cables if I don't want to buy their switch.

Ubiquiti does make an 802.3af adapter.


I know, but it just moves where I end up putting an adapter. It can't cost that much more for them to put in 802.3, they already have a DC-DC converter. They just need to drop down from 48v with 802.3.

Ah, only 100mbit and 802.11B/G.

I'm not familiar with anything past simple networking - is it possible to prevent your whole network being slowed to 100mbit while still using this device?

> Ah, only 100mbit and 802.11B/G.

Ubiquiti does have newer 802.11n / 5GHz APs too.

> is it possible to prevent your whole network being slowed to 100mbit while still using this device?

If you wire it into a gigabit switch, only that port on the switch should operate at 10/100.

And in my experience you don't even get 100 Mbit. Comcast recently doubled my download speed to 60 Mbit and I quickly realized my WRT54G was only capable of downloading up to 30 Mbit. Typically I'd expect to see close to 10 MB/sec over 100Base-T but I was getting about 3.5 MB/sec max. It seemed to only be on the WAN port because I was able to stream stuff from my NAS at close to 10 MB/sec. It was disappointing so I upgraded to the WNR3500L which is working great. Both were running DD-WRT and worked well with it.

>works perfectly under OpenWRT

Is the support really that good? The openwrt hardware page seems rather sparse[1] compared to more common devices. They are also harder to find in Europe but hopefully that will improve.


> Is the support really that good?

Yes. Prebuilt images for the Ubiquiti devices have been a part of every OpenWRT release for a while now.

http://downloads.openwrt.org/backfire/10.03.1/atheros/ http://downloads.openwrt.org/attitude_adjustment/12.09-rc2/a...

Sounds like the wiki needs an update, then.

As someone who has no idea what they're asking, how do the different memory sizes affect "buffer bloat".

The OpenWRT wiki[1] is a great resource for this. There you can find a Buyers' Guide[2], as well a Table of Hardware[3] with compatibility tables for vendors, models and OpenWRT versions.

I recently flashed a TP-Link TL-WR1043ND with OpenWRT and it worked like a charm. I'm planning to flash it with the Pantou[4] OpenWRT distribution so I can start running OpenFlow with real hardware.

[1]: http://wiki.openwrt.org/

[2]: http://wiki.openwrt.org/toh/buyerguide

[3]: http://wiki.openwrt.org/toh/start

[4]: http://archive.openflow.org/wk/index.php/Pantou_:_OpenFlow_1...

I'm using WR943ND and have problems with WiFi - it usually works, but may suddenly lose connection and start not accepting some or all clients (usually looks as a failure to obtain address via DHCP). Requires me to power-cycle the router every now and then. Not sure whenever the problem is within the hostapd or kernel, and I'm too lazy and incompetent to debug it. It seems to work fine for others, so maybe it's just my particular hardware issue.

Also, about an year ago, switch support was nearly non-existent - they just had the configuration struct hardcoded right inside kernel and nobody (including me) hadn't enough patience to properly expose config to userspace. But that matters only if you want 802.1Q, which is rarely a requirement for typical home networks. And maybe someone bothered to hack that, already.

Otherwise TL-WR{7,8,9,10}4[13]ND is a good platform. Unless they changed something recently, I'm not aware of.

The TP-LINK TL-WDR3600 is the same price, but supports 5GHz as well.

Not only that, but the WDR3600 has a significantly faster CPU, more memory and more flash than the WR1043ND. It's about 2 years newer too. Definitely worth a few extra dollars.

I have a WR-1043, as well as an MR3240 - It seems all TP-Link kit is built like tanks. Can't recommend it enough.

I'm a bit nervous about TP-Link, I have a couple of of small GigE switches and when they were at the end of a not that long cable (although maybe not the best quality connection) they couldn't sustain more than 100Mbit unlike a similar but slightly more expensive ZyXEL switch managed to support the 1Gbit mode.

I usually use tp-link gear for openwrt, it's readily available from our distributor and dirt cheap. Don't just look for recent models, pick your hardware from the openwrt hardware compatibility list based on the specs you need.

If you can disregard the fact that the firmware isn't open source, have a look at www.ubnt.com and www.routerboard.com . Those don't run openwrt, but price/performance and features beat everything else that's on the market. The mikrotik routers are performing so well and have so many features it's ridiculous. If you really need Cisco, you'll know. If you're not sure, get a mikrotik, it will cover everything you'll ever need.

Agreed... You really cannot beat TP-Link for the money, and the vast majority (but not all!) of their routers are OpenWrt supported.

I buy literally thousands of them for work (we re-purpose them as network measurement devices, running OpenWrt), and the models we use are as follows:

* TL-WR741ND - 100M ports (can saturate the WAN link).

* TL-WDR3600 - 1G ports (LAN-WAN can hit around 500Mbps with careful tuning, but I don't know how that changes when NAT is enabled)

* TL-WDR4900 - 1G ports (LAN-WAN can hit around 900Mbps, and that's even without using the NAT co-processor, which OpenWrt doesn't support)

Ones I would avoid - WR1043ND (very popular, but old now - it was the precursor to the WDR3600), WDR3500 (100Mbps ports - yuck), WDR4300 (very little difference to the WDR3600, but more expensive)

The TL-WDR4900 really is blindingly quick, largely because it has a PPC CPU inside rather than the MIPS CPU, but it's also double the price of the 3600.

Unless you need the horsepower, the TL-WDR3600 really is the way forward.

I would avoid the 802.11ac models at the moment; they're more expensive, and there's no 802.11ac driver for OpenWrt yet, so you'd be wasting your money.

Seconded. I use the 3600 with Gargoyle OpenWrt (www.gargoyle-router.com, basically a web interface to OpenWrt) and it's been nothing but great.

It looks like the TL-WDR4900 is not MIPS and has half the flash as before. I'm not sure if that changes anything.

Man what about the TL-WR841N it's only 19$ on amazon right now??

That's valuable advice here, thanks for sharing.

I did not know that. I suppose Sam Knows ;)?

The Ubiquity EdgeRouter stuff is (mostly) open source, as its a fork of Vyatta. Under the hood, its Debian with Vyatta's open source CLI and Ubnt's web UI.

Anyway their hardware is excellent...

Jeff Atwood's write up : http://www.codinghorror.com/blog/2012/06/because-everyone-st... is worth reading along these lines because he does a good job of explaining a process for surveying the market.

That said, if you are not too cost conscious you can build a wireless router out of the Intel NUC really easily, and for modest loads I've used a Beaglebone as an access point. So you may find you can cobble together the pieces in a fairly straight forward way. I do not recommend a Raspberry Pi as a wireless router as its network is all going through the USB hub and as such it has a lot of latency spikes.

I'll second that article. I bought the Asus RT-N16 on the back of that recommendation.

Funnily enough, I never bothered installing any firmware, I found the default to be excellent (despite the reviews on amazon trashing the Asus firmware). I found it fine for me.

I don't see why QoS is such an important feature for a personal router. If he is (and I assume he is) the primary user of his network, then why is QoS control necessary?

The common response is voip, but it can also be video on demand. While Netflix will notch down from HD to SD to Artifact-D as the net congests it isn't pretty. If you have multiple users and some says "Hey look the Linux Mint iso is out, lets get both the 32 bit and 64 bit version." while you are watching a movie, its very annoying for both the movie watcher and the other person who says "WTF? 18 hours to complete, no way!" This way only one of you is disappointed.

What is Artifact-D?

(Yes, I tried googling it.)

It's probably a joke, implying that the Netflix video quality served during congested periods is so low that all you get is video artifacts.

Sorry, what jxf wrote. Highly compressed video suffers from extremely obvious and distracting artifacts, about the only thing you can say nice about it is that the frame rate is high and it doesn't pause in the middle. So the neologism conveys the point where the video is unwatchable due to visual artifacts but still considered "video" by the provider.

If you use VoIP you probably want QOS.


I've been using the Asus RT-N66U 'Black Knight' for well over a year with DD-WRT and have nothing but praise for it.

Dual-band N900, three detachable antennas, 256 MB RAM, rock solid stability.



I regularly have 20+ guests(with their own device) over at my place and my old router would usually be unresponsive when everyone connects to it(20 + half a dozen of my own devices).

The n66u on the other hand seems to be chugging away with no problems at all and I really think it could last me another 5 years.

Absolutely love Asus routers. Have been running tomato on a RT-N16 with no problems.

The N66U is an absolute monster. 256mb of RAM on it is almost silly.

I'll second that motion. I have not had a single issue with my RT-N66U and Tomato.

openWRT... another asus model. but yeah, after my research, asus is the best bang for the buck.

I cannot stress how happy I was to spend a decent chunk of money on the Asus Black Night and drop DD-WRT on it. I never have to reboot it and never feels hot to the hand. I see it covering my needs for a couple years.

If you are looking for the best, regardless of price, it is probably the ASUS RT-AC68U that was released recently. See the 9-page dd-wrt thread on it here: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=177612&sid=8bfd... which shows a few issues here and there, but that is typical of newly released models. You did say you were looking for recent ones.

If you don't have 802.11ac-capable devices and just want a cheap solid dd-wrt box, I would suggest the Asus RT-N16 or RT-N66U. The thing to look for is the amount of ram in these things. An 8M router is going to suck at running dd-wrt. See the big huge table here:


And pay attention to the ram column.

I got an ASUS RT-N66U earlier this year and it really is an awesome piece of kit. +1 for Asus routers

... except for the N56U. The only one NOT supported by the popular firmware alternatives. Guess who bought one :-)

There is code.google.com/p/rt-n56u/‎ but it's nowhere as good as my old Tomato.

I've got pfSense[1] running on a passively cooled embedded board[2]. I then use whatever wireless APs I want in bridge mode.

I like this because x86 will always be compatible with anything I might run in the future, and changing out wireless hardware from 2.4 N to dual-band N to ac has been trivial and required no thought to compatibility.

  [1] http://www.pfsense.org/
  [2] http://www.jetwaycomputer.com/ITX-JBC362F36.html

One problem with a "customized distribution" is it probably gets far fewer security updates, much slower, of FreeBSD, than just using straight up main line "real" freebsd.

This kind of logic is why I use plain old Debian as the OS with roughly the same hardware architecture as your design.

While you're absolutely right, this is my home network, and not that big a deal. I'd guess that even outdated FreeBSD is way more secure than most consumer router firmware, which hopefully makes me a less appealing target.

None of the above.

Run pfSense on an old x86 box and you'll end up with something an order of magnitude better. As far as an access point goes I'd suggest going with ubiquiti gear if it's in your budget.

There are huge disadvantages in using old x86 boxes, like size, noise, power consumption, lack of ethernet ports and so on.

If you wanted to sensibly advise using pfsense you could point at the zrouter project http://zrouter.org/projects/zrouter/wiki/Supported_devices

I do not think those disadvantages apply in most cases. Back when DSL was new I used an old 486 for many years, this is not new territory for me.

Size is irrelevant unless you're putting it in your entertainment center (why?) or live on a sailboat. Just stick it in the basement, stack on top of the fileserver, whatever. If you're doing the dorm room thing or living aboard a sailboat you have to realize that involves some highly unusual lifestyle compromises. For most people its not an issue.

Noise: I did splurge on some large slow fans (like $10) to replace old small fast (LOUD) fans. Again this is a lifestyle thing, where if your castle has no location further than 5 feet from your sleeping head, you're going to have serious lifestyle issues that most people simply will not have. I don't find my desktop at home or work to be particularly loud. I did at one time run a more modern desktop as a firewall and specifically ripped out the fancy graphic card and used the on board video, to reduce noise a little. After installation I never used the video or keyboard again, all SSH access, so its not like it needed fancy graphics. My main firewall/wifi/dhcp/asterisk/stuff/etc box is about 50 walking feet from my sleeping head, past the (sometimes) loud fridge, the dishwasher, the clothes dryer, the hot water heater... For most people its not going to be an issue.

Power consumption. Not an issue. I was drawing about 50 watts which will cost about $50 or about 3 weeks of cablemodem service per year. Using the EE tradition of it costs about $1 to provide 1 watt for one year. I admit I was an idiot and upgraded to a soekris box many years ago which is basically a 5 watt PC. So I save about $45 per year of damage to my finances and the environment. Great, that'll only take like ten years to pay off the capital expense / manufacturing environmental degradation. That was a dumb move on my part and I'd suggest you're always better off both financially and environmentally by reusing an old desktop.

Lack of ethernet ports (LOL, serious? Plug in another board?)

>Size is irrelevant unless you're putting it in your entertainment center (why?) or live on a sailboat.

No, it's not. If you're using *DSL (including FTTC) then how much space you have available depends on where your phone line enters your house, for instance.

My lines comes in, from a pole in the alley behind my house, to my kitchen and the master socket is by my kitchen door in the hall. I certainly don't have room for a large box there, but a typical router fits nicely.

A laptop is a good option for x86 network stuff. Relatively low power with a battery back-up. I would never use a desktop PC, too expensive.

Do many laptops have multiple ethernet ports?

multiple usb ports

USB ethernet is very sucky.

I set this up recently and really like it a lot. I had an ASUS AC66U as my home gateway/firewall/router/wap which was beginning to struggle with the crazy home lab setup I was concocting.

pfSense is radical. It's like OpenWRT in that it's a self-contained router/firewall/etc... operating system, with great gui and cli management tools. It's based on FreeBSD and has a very active community of developers and users. There's even a pretty cool subreddit for it: http://reddit.com/r/pfsense

One of the unexpected side-effects of the pfSense box was seeing my internet speeds increase significantly. The only variable that I changed was from the ASUS router to an older system running pfSense. In both scenarios I was hardwired using cat6. Prior to pfSense I would get ~20mbps down and now I am hitting ~30 with no problems.

I've got it setup with a dual gigabit nic. The motherboard ethernet port goes to my cable modem for WAN, and each port on the gig nic corresponds with my LAN and LAB subnets. LAN goes to my house, wifi devices, etc... and the LAB subnet is for my servers.

It's nice having an ipsec VPN running that I can connect to when on the road. For example, I'm in California right now for the holidays and can still hit my Freenas box for file storage/backups that is 3,000 miles away in Northern Virginia.

I built a rack for the setup, you can see the black pfSense box down below: http://instagram.com/p/g4JuvrBf7N/

It's an older Compaq/AMD Sempron system that I refurbished a bit. After installing the HP dual-gig nic, I also threw in a cheap SSD and upgraded the processor to a dual-core AMD Athlon. It was like $6 on Amazon.

Here's a video that I made explaining some of it, for those who are curious: https://www.youtube.com/watch?v=O8Lk07vi98o


Alternatively, there's some cool hardware out there that is more custom/indie such as Mikrotik (http://www.mikrotik.com) or Netgate (http://store.netgate.com)

"Run pfSense on an old x86 box"

I will one up that with: run pfsense on an old s86 laptop with two pcmcia card slots. Because xircom realport.

Because it is a laptop you'll never need KVM because KVM is built-in - no more fiddling with the com port or lugging over a monitor, etc. (also, built-in UPS is a nice bonus).

But my favorite part is that by using two xircom realport LAN cards[1], you end up with a device with three full size rj45 ports on it (assuming the laptop itself has one).

It's cute and sexy to have some tiny little embedded board, but the laptop wins for usability by a wide margin.

[1] http://reviews.cnet.com/adapters-nics/xircom-realport-2-card...

Good answer.

Although you do not even need pfSense. You just need a BSD with pf. You can run your own customized BSD image with a Soekris or Alix board.

Can you run BSD with Ubiquiti's boards? What if I do not want a Linux-based system? There is no GNU pf.

Or just run OpenBSD so you get the current pf version with new stuff in 5.3.

... and while we're at it: best alternative firmware? e.g. I liked DD-WRT, but they hadn't released version in ages - and e.g. use an exploitable version of the dropbear ssh server. I'm now using OpenWRT and am happy -- but I don't have enough time to really research.

I would say OpenWRT wins in this category. It's not based on open sourced Linksys firmware anymore, it's a embedded distribution designed from scratch for modularity and portability. It really is a awesome piece of engineering which is fun to use and well documented in detail. If you want to extend the features of the router and add things like openvpn, ntp server, traffic shaping, asterisk pbx, tftp server or whatever comes to mind, openwrt most probably has it packaged and ready to use.

I along with many others are waiting patiently for the new Alix gigabit board ~Q1 2014.


Passive cooling, 2-4GB RAM, AMD 1GHZ APU, 3 Gigabit ports, 2 MiniPCI cards for cell and wifi, Using 6-12W @ 12Volts.

People tend to overlook Thin Clients. There is plenty of these available on Ebay, and they are mostly low-power x86 boards with one PCI slot. I am using a Maxspeed Maxterm (that's an 800 MHz VIA C3) and am very pleased with it.

Some of the HP T-series thin clients are x86 and can accept a PCI-E riser. I ran one with a sempron 2100+ (fanless) and an Intel Pro/1000MT 2-port PCI-E card. It had 1GB of RAM and 1GB of solid-state disk-on-module, but the module used a weird reverse-gender 2.5" IDE connector, so I had to use pin headers to adapt it to an external USB HDD reader to install pfSense on it.

After that though, it ran great for a few years until the motherboard died. In all, $100 well-spent for a quiet and small pfSense box with enough power to handle 100mbit internet at wire speed.

Here's an example of what you can get these days:

http://www.ebay.com/itm/NG816AA-HP-Compaq-GT7725-Thin-Client... ($60 and it has either a PCI or PCI-E slot).

Now I'm happily on a Ubiquiti EdgeRouter Lite, which is a great little Debian ARM box that runs Vyatta for $100: http://www.ubnt.com/edgemax (protip: learn the CLI; it's very similar to Cisco's IOS)

Does it have more than one ethernet port on it? Otherwise, how can you use it as a router?

It has a built-in port, so you can always use a PCI Ethernet card to get two ports. You'll probably still need a switch, though.

If anyone is interested in a travel router - small as a pack of cards, can be powered by USB, 3g dongle compatible - I recommend the tp-link mr3020/3040.

Do take care that it needs some configuring, because it has only one Ethernet port used as wan & LAN [1]

I had a slightly related question on how to set up a wireless-only setup for a startup. Hope someone has an answer to that - https://news.ycombinator.com/item?id=6800737

[1] http://www.lambdacurry.com/2013/05/configuring-the-tplink-mr...

Latest tomato builds:

- http://at.prahec.com/ - http://tomato.groov.pl/

Loved the tomato firmware. Bought a Netgear R6300 with the hopes that it would be supported. Looks like it will never happen. Regret that decision.

I would check out the edge router lite from ubiquity. It runs edgeos, a fork of vyatta. Based off debian and has lots of options. Dual core mips64 cpu, cavium network processors for ipv4,ipv6 and ipsec offloading. All this for $99 or less http://amzn.to/1bBpdJ8

I have one of those sitting on my desk. It still feels a bit like early adaptor stuff, the edge router line is quite new, but looks very promising.

I really like vyatta, but now that vyatta is basically dead, I'm happy that it lives on in edgeos.

Don't be fooled by the GUI though, it's very incomplete, but the full feature set of vyatta/edgeos is there accessible in the CLI.

I'm a big fan of the WNDR3700, bought it on a whim a few years ago, the firmware it comes with sucks, but with *WRT it just works (I've got a V2, have a look at http://wiki.openwrt.org/toh/netgear/wndr3700 for details about versions).

With a powered USB hub and an external disk drive and a webcam, it functions as remote backup via. rsync and monitoring my home when I'm on vacation, when enabled it takes pictures every 2 seconds when there's movement in the frame. The pictures are uploaded offsite immediately.

I'm using OpenWRT and have had very little problems, only issue I've noticed is that the wifi transfer speeds are a bit slower (10-30%) than when using the factory firmware, but I can live with that.

    21:47:12 up 221 days,  5:22,  load average: 0.00, 0.01, 0.04


-General device testing is well served at SmallNetBuilder (the octoBox test environment used now is awesome), though the stock FW is obviously tested more often than not

-Ubiquiti gear is indeed pretty rad

-Old Broadcom-based gear is still holding up well for low throughput use using Tomato + variants (.. or even DD-WRT)

-I would probably avoid 11ac models for now (unless you have a compelling reason not to).. but if you do decide to go that route, the BCM470(8/9)x SoCs are Cortex-A9 based [versus the single-core MIPS based BCM4706]

.. for a bit more data, a somewhat thorough overview of available hardware is available via the below WD query (in table form)..


I am running OpenWRT on a Buffalo WBMR-HP-G300H without any issues. This model has an integrated ADSL modem and has a few USB ports. I have a USB hard disk attached and I use it as a media and bittorrent server. Over LAN it can stream an HD movie from the disk, but over wifi it seems too slow for that.

I have the AirStation N600 Buffalo router.

It's kind of annyoing that it comes with DD-WRT preinstalled, but it's half-assed and is not configured for easy modification.

I have not taken the plunge yet, because I do not want to deal with jtag cables if it bricks, and the whole "install our binary, and then do not even breathe in the direction of the router for 10 minutes" part does not inspire much confidence...

I got one of these with the idea of installing OpenWRT. No problems at all.

Telnet into DD-WRT, then wget followed by mtd.

The console approach makes it clear what's happening.


Did you have this problem running OpenWRT? https://dev.openwrt.org/ticket/11143

Yes, I have just tried and it does not work.

Too bad :(

The Wirecutter does pretty extensive lists of "the best" electronic products/gadgets.

Here's their networking section: http://thewirecutter.com/leaderboard/networking/

For OpenWRT, if you'd like a Netgear R6300 do not get the v2. I've been told on OpenWRT's IRC just recently its not supported so you won't get usb, ethernet, wireless etc.,pretty much all that is vital. Whereas v1 is supported and said to have worked, it's not on the officially supported hardware list. There isn't much info on this model with regards to openwrt I'm afraid. In fact, I'm atm busy trying to build a custom fw for it myself & will update if I manage to get it working. (Though fyi, I can confirm DD-Wrt is working for this model)


Its cheap, stable and un-brickable. So much so that there is a special tomato version dedicated to this model.[1]

[1] http://www.easytomato.org/download

Still not supported properly in OpenWRT, all these years later. (yes, I've got one sitting on the shelf waiting for this purpose)

I've had success with the Netgear WNR3500L running DD-WRT. It doesn't have 5GHz but it does 2.4GHz great and on the cheap. The one I'm running now I bought refurbished for $35 and its rock solid stable and performs well.

Of course, its WiFi, so I'm already wishing I had AC so my portable devices were as fast as my wired desktop. But I don't think that will ever change. WiFi will probably never catch up to our ever increasing internet download speeds.

been running various Tomato flavors w/VPN for many years, first on WRT54GL, now Asus RT-N16. currently run Toastman builds [1] but Shibby [2] is good too.

[1] http://www.4shared.com/dir/v1BuINP3/Toastman_Builds.html#dir...

[2] http://tomato.groov.pl/download/K26RT-N/

I love DD WRT.

As for router models, development seems to be slow these days - I can only recommend the older Linksys routers, the Belkin F7D4301 and the many TPLinks (WR7-10xx series in particular)...

But any model that has a stable DD WRT release should be good - most important thing is the processor and Flash/RAM size in my opinion...


ASUS RT-N66U is nice, didn't have a need for AC. I have that and an older Netgear WNR3500l (v1) running upstairs and down same SSID different channels. Tomato is my firmware of choice although ASUS with Merlin is pretty solid.

There were some pretty good router deal on Black Friday, be on the lookout for the ASUS on Cyber Monday I'd say.

Other than price, can anyone give me a rundown of any benefits to this approach over an Airport Extreme? Other than ideological benefits. Do they perform better, or are there things I can't do with the Apple device? I'm not sure I want to deal with headaches here. Thanks.

I've done pretty extensive comparisons between one of the old Airport Extreme Dual Band units that look like a white Mac Mini and run some flavor of NetBSD and it performs slightly (~10%) better than both my old WRT54G and superior-specced WNDR3700 running DD-WRT builds. I still use the WNDR3700, not for performance, but for features and configurability. The APE basically just sits and serves a network disk.

I use AirPort hardware all over the place and the one thing that annoys me to no end is the fact that I have to reboot the thing any time I change any configuration. This means that adjustments have to be more carefully planned and take much longer than with any other hardware.

The old Netgear WNDR3700 is one of the best because of very good 2.4 GHz range and lots of RAM.

I've had a bad impression with the v3 release. In the past year I've had two hardware failures and recently had an issue with the Netgear firmware causing upwards of 80% packet loss. Switching to DD-WRT fixed the packet loss issue. The v3+ routers also only have DD-WRT builds so far as I can tell, and switching to another firmware is damn near impossible once you switch to DD-WRT. That said, with DD-WRT it works and works well so long as the hardware doesn't fail.

Just make sure you don't get the v3 version... I had a WNDR3700 v1 that was working great, needed to buy another one, and didn't check that the whole radio chipset changed with v3 and is not supported. Still works well with the stock firmware, but kinda disappointing...


I have three of these -- they've all experienced range or stability failures.

The Asus N66u is highly regarded:


I have one myself but have not loaded Tomato on it yet.

I've used DD-WRT before and it bothers me that their releases are seemingly far and few between. Even my commercial router with its original firmware got more updates than DD-WRT. Just some food for thought.

Netgear lists their current models that they support for open firmware here http://www.myopenrouter.com/ - thats how I chose one.

The ASUS RT-AC66U supports Tomato

You can find the firmware here: http://tomato.groov.pl/download/K26RT-AC/

This Asus router scores a 95/100 from me. I ran a pfSense machine and separate AP for several years and bought this when the machine died. The RT-AC66U has been almost as solid and capable as the dedicated pfSense setup, without the extra power usage that comes with running an x86.

I am a bit surprised I only caught one mention of the Buffalo N600. I know it doesn't have AC, but it runs DD-WRT for all that I need and has full gigabit ports on the switch.

I have a DLINK DIR-615. Cheap, easy to install (just flash via webinterface) and nearly unbrickable. Although not very powerful, i find it is a nice device to try out new stuff.

I'm suprised no one has mentioned MikroTik.

Take a look at their RB750[1] which is about $40.

[1] http://routerboard.com/RB750

because it is wired only, without gigabit ports.

I've been generally impressed with TP-Link's kit, although it is cheap, so don't expect it to hold up in a hostile environment (e.g. lots of dust).

Carambola-2 with dev-board. No hassle, low price and compact.


I recently bought a Linksys 1200. Works beautifully with DD-WRT. Or the Linksys 2500, if you want more power.

I can also recommend Netgear WNDR3700 if you want 5Ghz.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact