Spotlight on Open Source Router Platforms - Thoughts?
by Brian Klug on February 27, 2012 5:42 PM EST- Posted in
- Networking
We talk about networking quite a bit on AnandTech, covering everything from the upper end of home routers to WiFi stacks in smartphones and extending all the way up to 10GbE in the enterprise. What we haven't really talked much about is some of the open source networking software that's out there to improve and manage your network.
As router hardware is effectively general purpose hardware running a specific OS/application workload, it's possible to load custom firmware on your router provided it meets the right hardware requirements. It's akin to loading a custom ROM on a smartphone, all you need is a compatible platform. In some cases, that's limited to Broadcom or Atheros, but there are other solutions that run on embedded x86 as well.
The upside to loading a custom firmware on your router is a potentially significantly expanded list of features and improvements. Much finer grained QoS, packet filtering, OpenVPN support, local storage (SMB or FTP shares) from USB, better stability, control over WiFi power amplifier Tx power, and now of increasing import - tracking bandwidth usage. Many home/SMB routers simply don't offer good network monitoring tools, security features or just decent management, and the alternative is to go for some open source based firmware with many more options. Ultimately the tech-savvy home networker will buy a router for the platform and features (eg. CPU speed, RAM, WiFi options like 2.4/5 GHz or number of spatial streams), and choose a firmware to run atop that platform.
Over the years, I've personally tried m0n0wall and pfSense on embedded x86 platforms like PC Engines' ALIX and WRAP, as well as the more common options including OpenWRT, DD-WRT and Tomato on a variety of Broadcom based routers. I generally end up drifting back and forth, but usually use Victek's mod of Tomato-USB on either a WRT54G-TM or more recently a Netgear WNR3500L. I've been wanting to try out and review ASUS' RT-N16 router which seems to be gaining considerable developer traction in the DD-WRT and Tomato communities as well.
Tomato USB - Victek's Mod
I've tossed around the notion of doing a comparative look at all the open source home/SMB router platforms and thought it might be useful to get some feedback on whether this is something that you guys would be interested in, and if so whether there were any specific topics. Of course that would also be alongside a look at some of the newer 802.11n/GigE routers that are still compatible with the popular open source firmware distros all vying for the now somewhat aging WRT54G/GS/GL's crown.
I've shared a bit about what I use in my personal setup - but what about you guys? How many of you are using custom firmware on your router? If you are, what are you running?
Facebook
Twitter
RSS
56 Comments
View All Comments
kensiko - Tuesday, February 28, 2012 - link
Yes, I always was disappointed by all my purchases, I never found a router that is able to run without issue for weeks, serving 4 or 5 PC with LAN streaming and WAN P2P. I'm afraid to pay a premium price when I'm not sure the router will be stable for weeks.For now I'm using one of the cheapest routers, the DIR-601. With the stock firmware, I installed an electric timer to cut the power for 1 minute everyday. Then, DD-WRT came compatible with the router, I installed it right away and many problems went away, but I still needed to reboot sometimes. So I enabled auto-reboot each day. Since that, I rarely have to touch the router, it just works.
I'm looking to get more wireless speed and I would love to see a review of the different open source firmwares, to see if the wireless speed changes a lot when using them instead of the stock firmware.
trekker99 - Tuesday, February 28, 2012 - link
I have been using WRT54G since mid 2006 and DD-WRT almost as long (I really do not remember when I switched to DD-WRT, but it should be within a month or two). The latest stable "enough" build is rather old (from Aug 2010) but the last time I rebooted this router was about 7.5 months ago.I am interested in getting a new router (wireless-n with gigabit support) and would prefer one which has good custom firmware support (in case the stock is crap) as I am probably switching to fibre once my current contract is up. Any good sites with reviews on such stuff?
pvdw - Tuesday, February 28, 2012 - link
For high end wireless routers have a look at these models:AVM Fritz!Box
Draytek Vigor
Billion BiPAC
trekker99 - Tuesday, February 28, 2012 - link
Interesting, I will have to check if I can even get them in Singapore. Thanks!trekker99 - Tuesday, February 28, 2012 - link
Many of the models are integrated solutions, so it might not be worth paying extra for hardware you can't use (Draytek still has some interesting models which is not tied to DSL or cable).chrsjav - Tuesday, February 28, 2012 - link
I would love to be able to build my own wifi router. I figure this is possible with a small-form factor computer that has a few PCIe 1x lanes. Stuff those with mini-PCIe wifi cards and load up openBSD or linux. The security at the very least would be more trustworthy.My problem with current solutions is that by the time the open-source firmware community supports 3x3 5Ghz on my off-the-shelf wifi router, a new technology like 802.11ac comes out. I want to be able to drop in new mini PCIe cards to upgrade my router as new technology comes out.
bman212121 - Tuesday, February 28, 2012 - link
If you separate your AP from your firewall, you can just get the AP with the features you want, and plug the NIC port from the AP into an Ethernet card in your firewall. Put wireless on another VLAN so you can filter it accordingly. You can even use dot1q on some models so you can have multiple SSIDs with different networks. You'll still have the security from the firewall but you also gain the ability to position your APs in a better location.I seriously would suggest to anyone who wants to take their router to next level convert their existing "all in one router" into your Access Point for your new network. It's really easy to do, just turn off DHCP and plug one of the lan ports on it into a lan port on your new firewall. Wireless works exactly like before but now you can build a new pc running a much more powerful firewall.
A great choice is definitely PFSense. I would use the setup I described in the first paragraph. Connect your AP specifically to it's own network card on your firewall so it's on it's own network. So you'll have WAN, LAN, and OPT1(connection to AP). Turn on a feature called Captive portal. What this will do is present a splash screen for any computer trying to access another network from your wireless network. That person must put in a user / pass combo to be let through the firewall. This adds another layer of security that's even harder to bypass since they can't just try to brute force or decrypt your wireless key. Also, now you have the advantage of setting up a rule that might only allow them access to the internet, and no access to your LAN. This would allow you to have a guest network that is easy to setup and use without worrying about your friends virus infested pc being on your network.
mfed3 - Tuesday, February 28, 2012 - link
PFSense for the last 3 years. No competition.pvdw - Tuesday, February 28, 2012 - link
I love playing around with new firmware and getting new life out of old devices, but sometimes I just can't afford the timeSo I've upgraded to a Draytek Vigor 2850n. My main reason was actually the VPN endpoint, but it also has better performance than most wireless routers and a ton of customization options. It's technically a business router, but is a great choice as a performance home router (if you don't mind the boring styling).
Guspaz - Wednesday, February 29, 2012 - link
There's not much time investment involved. For a lot of these older routers, like the WRT54G series, installing a custom firmware is the same process as you'd install an update from Linksys, and some of the third party firmwares like Tomato have an easier to use and simpler to configure interface than the stock firmware.The problem is that you end up hitting hardware limitations with these older routers. A WRT54GL worked fine when we were all using 5-10 meg internet connections in Ontario/Quebec, but now that we're using 30-60 meg internet connections, it can't handle that sort of throughput. The 200MHz CPU, among other things, just doesn't cut it anymore.