I have many nerdy friends who have been Linux users for ages. But most of them don’t know such a thing as Openwrt exists or have never bothered to give it a try. It’s a very fun piece of software to play with and can be extremely useful for routing traffic. Wondering why it isn’t more popular/widely used.
TIL there are Linux people that don’t use OpenWRT. I always assumed everyone in the Linux community used it. It’s great.
Works great with mt7621 based routers if anyone ends up looking for something compatible.
I run a proxmox and run PFsense on it. They are both pretty similar but there were more tutorials for PFsense at the time.
It’s a joy to use on x86 hardware though. You can run as many services as you want.
IMO, I’d run pf/opnsense on an x86 box, but openwrt on a low powered device…
Did that years ago with a pfSense firewall connected to the DSL modem, with OpenWrt APs around the house…until the hardware couldn’t support the next version of OpenWrt… (not enough RAM?)
I use dd-wrt a little bit, then tomato and variant (usb, toastman, fresh) then Merlin for maybe 5 years now.
Broadcom routers are mostly not openwrt compatible
I actually took some older now somewhat defunct google wifi pucks and got them all set up on openwrt not too long ago. Really enjoy having them on something with a dedicated web UI and perfectly nerdy
Installed OpenWRT on my NetGear router like 2 years back, and it didn’t give me any trouble since then. BTW, the amount of configuration options it offer is mindbogglingly.
Just the capacity for network monitoring for troubleshooting makes it worthwhile. Not being able to SSH into Netgear’s firmware, let alone having access to tcpdump is an advantage right there.
I use OpenWRT on my Linksys WRT3200ACM because I used to have a cable connection that suffered from bufferbloat. The SQM feature made a huge improvement. I eventually switched to a fiber connection from a different ISP which does not suffer from bufferbloat, but I kept OpenWRT on my router.
I’ve used OpenWrt, DD-WRT, and Tomato firmware on the various routers I’ve had. I don’t think I’ve ever kept the stock firmware on any router I’ve owned.
I use pfSense at home now, but I’ve been considering switching to OPNsense. I still run OpenWrt on a portable router that I use when I’m traveling though. I won’t ever buy a router that I can’t run open source firmware on.
OPNsense is solid too, better than pfsense.
A portable router when you’re traveling?
This is my setup if you are interested: https://cameroncros.github.io/wifi-condom.html
Whether it is as secure as I would like, I am not sure, but it definitely seems better than just raw dogging a random wifi network.
Lmao. Thanks for the read and laugh.
A lot of places will restrict the number of devices you can connect. If I connect my router to the hotel WiFi, I can connect as many devices as I want. I also like having a firewall between my devices and the public WiFi. I can run a VPN on the router and have all of my devices go through it if necessary as well.
Interesting. I have heard of it but so far I didnt bother since my router is quite versatile.
My biggest fear is that it borks itself and I sit there at 10 pm on movie night without a network or internet to troubleshoot.
If if I chose to use it I would need to have the current router as a fallback either running 24/7 or on a dead man switch.
Some routers have dual partition setup.
Active and backup. When flashing firmware, it is flashed to the backup partition. If the router boots successfully, the newly flashed backup partition becomes active and vice versa. If things screw up, nothing happens.
Thanks for the info. Thats not exactly what I meant. I‘m not afraid of the router itself breaking at installation but freezing for example and not being able to reboot. I usually dont tinker with mission critical stuff.
The same thing can happen to manufacturer firmware. Only you’d have much less capability to troubleshoot, let alone fix it.
True but manufacturers are in big trouble if stuff like this breaks where I live so they are very eager to provide such service and additionally, the brand my router is from is generally considered rather good.
Not USian, I’m guessing?
Exactly.
Gotcha. Very different in the States in this regard.
I know you likely have moved on but it would be interesting to actually figure out the cause. What steps would someone need to take to reproduce the issue?
been running it for years now, no weird sudden stability problems whatsoever.
That’s exactly what I do. You can keep your ISP router and hook up your openwrt router to one of its lan ports and have two wifi networks.
It is not normal for it to just stop working
not at all.
Not at all what?
take a guess
Stable? In my experience OpenWRT is very stable. Can you share the hardware and software you were using?
my hardware configuration on openwrt is very stable too
As a person with hands, do you know about flamenco?
Yup. Running it on my home router, right now. It is awesome. A tiny, stripped down OS that you can install minimal packages on. Like a VPN client, or ad-blockers. If your router is compatible, I cannot suggest it enough.
Also, my router’s manufacturer had the gall to ask (force) me to sign up and get an ID with them in order to get to the back-end of my own router. Jesus Christ, privacy red flag much?
I could not install OpenWRT fast enough.
I mean, what does one have to do to replace an ISP owned router and what are the benefits? How much does one have to know in order to setup a connection? How does one get connection details from the ISP owned router? How much does a replacement router cost?
My ISP owned router allows me to configure NAT forwarding, replace the DNS, setup a DMZ, assign static IPs to MACs, turn off the internet at specific times (e.g at night), configure parental controls (allows websites, internet access) per device, and probably a few other things I haven’t discovered yet.
If you mean a DSL modem or cable DOCSIS, I don’t think those are easily replaceable. But you can definitely put an OpenWRT device right behind it and use that. It’s pretty straightforward (plug in the upstream side, wait for it to get an address, done).
As for how much you need to know… okay. That’s a tricky question because, the most you mess with OpenWRT, the more some stuff becomes automatic, and that makes it easy to forget things. That’s not on you, that’s on me.
That said, thinking about it a little, the defaults are pretty workable right after installation. You’ll have to set an admin password on the OpenWRT box (it nags you until you do these days), which should be familiar. Turning up wifi is a little tricky at first. I would recommend reading through the quickstart guide once or twice before digging into OpenWRT configuration because it lays out all of the basics that you need to get going. It’s about as well written and useful as the manuals for access points were way back when.
One thing I would recommend is, if you build an OpenWRT box, setting it up before you plug it in and use it as your network gateway. It’s much easier to poke at it without having “When is my network going to come back up?” rattling around in the back of your mind.
Most the things you mentioned are barely doable on some of the modern all in one modems where I live.
On mine I’ve got separate wi-fi networks for inside and guest, I run zenarmor for ads and malicious junk, I run a proxy, I do my DNS on it for all my internal docker instances, and more. I realize I am doing more than your average person, though.
You can run a VPN like wire guard, ad blockers such as Adguard Home or pihole or even media servers on your openwrt router.
I see. Well, I have a homeserver for that, which runs all my services, so an openwrt router wouldn’t be an upgrade.
But probably without a homeserver, an openwrt router would make sense and use less energy.
For my ISP it’s actually cheaper to not use their modem+WiFi router as they charge a monthly lease on the equipment. I declined it and they provided me with a modem for free. All I have to do is plug the modem to my own router and that’s it!
The features you listed seems pretty standard to all routers these days.
The features you listed seems pretty standard to all routers these days.
You and @yeehaw@lemmy.world have very different experiences 😄
Haha, true. I was referring to routers specifically, not the all in one’s.
I do know about it, but I don’t even have internet at home.
Though I do use DD-WRT on my WRT160NL which I use at school. For me it acts as firewall + setup-free VPN + DNS Ad blocker (NextDNS). I also have separate passwordless guest network on it if someone wants to use my router. Separate subnet, unbridged with net isolation and AP isolation enabled. And also QoS set to “Bulk” while my network is set to “Maximum”. And also forced DNS redirection enabled, so that everyone who doesn’t use DoT or DoH uses NextDNS.It cannot run modern versions of OpenWRT.
You really want to either update to a supported release or stop using it entirely. It is very insecure to run network equipment with known security issues
About a million years ago, back in 2007/2008 that is, there was this small company called Hexago that did R&D in IPv6 networking, they were behind the Frenet6 project and created the networking stack and the TSP client that would let you tunnel a /56 IPv6 network over a dynamic IPv4 connection.
One the projects was a tiny hardware router, I honestly forget who made it, but Hexago would buy them, then we would flash each one with WRT+TSP client custom image, the idea was you plug this in your network and you have IPv6 connection in your network without doing any magic configuration.
It worked well until we lost finding.
So yeah, OpenWRT is old and not just for Linksys routers :)
No, for home I’ve only ever used pfsense or opnsense.
I used dd-wrt for a few years, but I realized I didn’t need it as my new router have the functionality I want. I also realized my router had much better throughput with the stock firmware.
I personally use it on a protectli with the 2.5G ports. I also replaced my ISP modern with a protectli running OpnSense. Decided to opt into that as my solution to have two different softwares protecting my network and also so I could scope internet facing devices at the OpnSense level instead of internal to the network. Just in case they get compromised, they can’t access the rest of the network. Call me paranoid… But I also find it much easier to manage lol.
