Most off-the-shelf devices have too slow of CPU for a low latency/buffer router. The Raspberry Pi 4 is easily fast enough but needs to use USB3 network adapters which require packages not in the default rpi4 OpenWRT image. Not insurmountable, but a consistent pain every upgrade.
Now I run OpenWRT on one of those x86 mini PC boxes with 4x 2.5GBe Intel NICs because my wirespeed is 2 Gbps symmetric, so I needed just a bit more oomph than the Pi could provide. The hardware is somehow even _less_ reliable than a Pi 4 - I'm already on my third machine in 3 years. I would love to find something more reliable.
I'm curious what your experience would be like with a Pi5/CM5 solution using PCIe for your ethernet. It is pretty easy to have spare boards and SD cards around for Pi setups. I've had good reliability with Pi setups using good passive cooling (no fan to die).
Network enthusiasts are likely to already have separate switches and WiFi points. Let the router just route.
Otherwise it Just Works™, as it should.
Not to bell the cat, but some sort of symbolic build for the WRT54G(L) should still be possible… right?
A starter is here: https://intercity-vpn.de/files/openwrt/wrt54gtest/minimal/
Here's a blog post about this, not sure if it was the same one I followed:
https://blog.thelifeofkenneth.com/2010/09/upgrading-ram-in-w...
That's better than a fully commercial world or a fully "pure" world with no functionality.
From my experience, there is sufficient amount of routers based on well-supported chips which work okay with OpenWRT.
When I consider to buy a new router, I go to the OpenWRT device support page, filter for features I would like to get and choose one of the supported routers listed there.
It’s not user friendly at all.
Given that, I feel GL-inet users rarely visit the advanced section (Luci).
I find it easy to understand and to use. From my outside perspective it seems like basically just Linux with a nice web UI.
If you've tried Cisco routers - you can export ALL configurations by running command `show running-configuration`, or `display current-configuration` on Huawei routers, or `show configuration commands`on Vyatta/VyOS/EdgeOS, which can then be restored onto a brand new router by just right click pasting that log into the ssh session.
That's VASTLY superior to ANY GUI. IMO. YMMV. IANAL. Views are my own. But it is.
Evaluating a return to it from some time in pfSense--it is wonderfully simple. At the same time, its the wrong abstraction for most people who want to manage childrens' devices and iots because it is no abstraction, the operator must know many implementation details that aren't worth knowing outside the system.
I never had any issue with OpenWrt which I couldn't solve and it just works. Its uptime is pretty much the uptime since when the power goes out due to storms and such.
But I wished there was something similar but for "big" (in a relative sense) devices. I feel lot of the constraints OpenWrt is based on are not really that applicable when you have hundreds of megabytes of flash and RAM, and that is starting to become a common thing for routers these days. Even their own OpenWrt One router has 256M flash and a full gigabyte of RAM. That is not all that resource constrained anymore. What I would love is to have something that would be closer to "normal" linux distro while getting the networking goodies and ease of configuration from OpenWrt.
I'm super glad openwrt exists, and their uci config predates systemd's attempt to build a cohesive consistent whole system configuration pattern & is epic, but given the capabilities of these systems it feels so worthwhile to de-specialize the environment, to make it more boring.
What I really want is Kubernetes oriented tools that can manage hostapd & something like dawn or openert's usteer for band/ap steering. And some other ancillary wifi tools. Maybe maybe a setup for radius/enterprise, instead of just psk. You can do so much more with it, but at its core openwrt is 90% packaging for openwrt. It's not even particularly super well tuned hostapd: theres so much wireless config one can go try & enable that really is just additional 802.11 specs hostapd supports, they may improve your openwrt wifi experience.
I hope their experiments with the "OpenWRT One" keep going. I'd love to see OpenWRT take a (deserved) bite out of the "SMB firewall vendors" like Netgate or OPNsense. Or just undercutting Wi-Fi vendors like Ubiquiti who base their work on OpenWRT anyway
Something I'm excited to try myself in future is running "OpenWISP" [1] to manage a small fleet (three) OpenWRT devices in parallel for a deployment in a shared workshop. This seems to also be something that OpenWRT could be better at integrating, but it's nice to see "a vendor" tackling it
> However, OpenWISP may not be the best fit for very small networks (fewer than 20 devices), organizations lacking IT expertise, or enterprises seeking open-source alternatives solely for cost-saving purposes.
I could wire up all of that manually. But I'm excited for the chance to learn something new
https://github.com/rubenbe/opensoho
It is still a work in progress, but it is easy to deploy (one golang binary based on pocketbase)
Was also surprised, then not surprised, to learn it's used as the front end on many of the new generation of 3D printers.
https://openwrt.org/toh/western_digital/mybooklive
They're slow, but great for stuff that doesn't need to be fast.
Modern mesh WiFi systems I've seen do that so well. I know in theory that I could create a VLAN + SSID on my OpenWRT router and APs just for iot devices to only access the internet. But setting that up on a TP-Link mesh was a couple of taps in their app. Doing it on my OpenWRT devices would be quite a bit more hassle.
OPNsense (and pfSense) are neat, but I personally don't need an IDS/IPS right now, and I like to be able to run the router fanless.
One thing that OpenWrt could use immediately, for basic home WiFi router functionality, is easier ways to add guest-like VLANs from the Luci Web-based admin UI. (I currently have a guest VLAN config that I partly cargo-culted with numerous steps in Luci years ago, largely based on a blog post, and that would be a pain to reconstruct on a new install.)
For techies whose households include non-techies, a little IDS/IPS could help keep some nasty traffic off your home Internet pipe, and I suppose that could now run alongside OpenWrt on some of the more powerful plastic boxes, or on a PC with the right WiFi devices/APs. (In addition to use of VLANs and routing to minimize damage from all the malware-infested devices, and also thinking "zero trust" for the techie stuff you run.)
I'd recommend downloading the Material theme for anyone complaining about the barebones look.
there is often a "recovery feature", an alternate boot partition [ i posted about this some time ago.]
if you configure your router so that it "bricks" you can boot in the last working configuration before your changes; rescue; and save to overwrite the brick partition. presumably you can do this forever, as long as you dont brick both partitions.
3 interrupted boot cycles would cause a switch to last successful boot partition.
in my case i had problems because of the curious way we have power failures here. the power would brown out and each phase of generation would send a peak and trough, equivalent to turning power on then off before boot completion 3 times.
if you want to be snazzy, you can play on this and work two partitions at once each configured for different purpose, and accessed by briskly cycling power thrice.
> In our hyper-connected world, we've become slaves to the endless scroll. Social media, news, videos - the algorithm-driven content feeds are designed to capture and hold our attention indefinitely. We tell ourselves "just 5 more minutes" but hours disappear. Our brains are being rewired for constant stimulation, making us less capable of deep thought, genuine connection, and meaningful work.
> The Big Internet Button breaks this cycle by introducing friction back into your internet consumption.
But out of all the router/firewall distros, OpenWRT it is by far the best.
You can run OpenWRT on them using the x86 build.
We usually have 5-10x of them around for emergency network tasks if everything burns down in a building.
The hardware situation has felt very tenuous for years now. Qualcomm support has felt so so bodged in. It feels perpetually like "this new chipset will finally get us past all the horrible half working hacks of the last barely working chipset" on and on, usually sort of working but only barely. I did finally get my IPQ8074A based router going (rax120) but it took so long, and needs an older wifi firmware (their 2.7) to work. But it feels like maybe slowly it could be getting better, maybe perhaps support will be more mainline less hacked next time.
One very recent example that's lovely to see is Qualcomm starting to mainline their Packet Processing Engine, for the IPQ9574 at least. Link and example hardware below. There have been various forks of openwrt that bundle in cobbled together versions of the software to use hardware offload/accelerators, lots of these. But it's been far from problemfree and are hard to maintain, especially trying to maintain kernel compatibility. https://www.phoronix.com/news/Qualcomm-PPE-Driver-Linux-6.18 https://www.524wifi.com/index.php/embedded-cpu-boards/dual-r... https://forum.openwrt.org/t/ipq806x-nss-build-netgear-r7800-...
It's good to see MediaTek present in openwrt space. One of the only other highly present chipsets available. The price is often quite good for pretty new wifi standard supporting routers. The anec-data I've heard is that driver maturity is not great, but at least there's motion & movement within the kernel, which springs hope eternal.
This was after using DD-WRT and various flavors of Tomato (especially Shibby and FreshTomato) for two decades on probably ~100 routers in various locations. Some of those locations were business production environments, with the routers providing VPN connecting sites across the continent as a backbone for VOIP telephony, remote user access, etc. (before the likes of Tailscale).
It's an important project and I have a great appreciation for all the work the developers have put into it. But I have to admit, I was underwhelmed. LuCI wasn't as robust as I expected (the "queue all your changes as a batch of commands" approach is a great idea, but its implementation has some rough edges that simply don't work - IIRC, where the UI isn't aware of conflicting config changes you've already queued). And I found in practice getting it to do things that are easy and reliable on FreshTomato, was frustratingly unintuitive, taking more steps than I'd expect, some seeming brittle/error-prone. I'm not averse to scripting, having written short novels of commands for previous OS's, and even custom-compiled binaries (e.g. to install iPerf, before it was bundled with the OS) and a whole custom FreshTomato build that added some admin pages for long-term bandwidth/latency graphing. So I'm open to learning new things, I just felt like I was doing more fighting with the OS than should be necessary.
One small example was configuring a Let's Encrypt certificate. This feels like it should be a near one-click operation. In my case it took a bit of testing and tweaking to get right - I wound up contributing my short solution back to a SuperUser answer: https://superuser.com/a/1904844/75522
Properly disabling IPv6 took more than just a checkbox. I had "No default route present, overriding ra_lifetime to 0!" messages logged, until I added "net.ipv6.conf.all.disable_ipv6=1" to /etc/sysctl.conf.
Maybe I'm just getting snagged by doing things in 'weird' ways. e.g. My inaugural router on it is a MikroTik wAP ac. Turns out you don't get a WAN interface out of the box when flashed on that device, and I had to manually create it. There wasn't really any documentation warning about that, and it took a while before I realized life would go better if I used a lowercase rather than uppercase convention (for better integration with built-in stuff that relies on its existence).
A lingering issue I haven't figured out yet is how to make a reliable "toggle switch" to turn on and off access to the internet for one device on my network (by IP or MAC address). I set up a firewall rule, but wind up having to manually run "/etc/init.d/firewall reload" and "conntrack -D ..." each time to kill any established connections. On FreshTomato it was just a checkbox you turn on/off. If anyone has advice on this I'd be grateful.
One last tip for anyone else using it on a router plugged into a Starlink endpoint that's in bypass mode (i.e. you want to be able to port forward). You'll get messages in syslog every 5 minutes due to short-lived Starlink IP:
daemon.notice netifd: wan (####): udhcpc: sending renew to server
daemon.notice netifd: wan (####): udhcpc: lease of ###.###.###.# obtained from ###.###.###.#, lease time 300
I'm not here to whine, just to suggest that anyone else thinking of making the switch manage your expectations and leave yourself some time to perfect things and get used to the new platform.
esseph•4h ago
nine_k•3h ago
aftbit•2h ago
shadowgovt•2h ago
Imagine how much progress could be made if a few other companies were forced to crack open their proprietary closed-source codebases...
bobmcnamara•58m ago
CursedSilicon•2h ago
wtallis•1h ago