I am thinking about my network set up, and for some reasons, I wondering what would be a good solution for:
current modem / router from ISP (current dowload speed is 300 Mbit/s; I could upgrade to a theoretical 1 Gbit/s next year). No wifi repeaters / no powerline extenders. Only one (old) wifi bridge.
add a personal router between the modem/router and the devices, for additional security and privacy (and flexibility, if I want to change ISP ...)
I have read that it could be wise to isolate some devices. Therefore I would appreciate if I could have several wifi networks separated to each other (1 for work devices / 1 for personal devices / 1 for IOT / 1 for guests / 1 for kids)
is it possible to have different parameters for the different wifi networks? I mean, different DNS for instance, or apply a VPN to one wifi network only, or ad tracker blocking solutions - parent controlling to a single wifi network ...
most of my devices (currently 15 - usually not more than 5 simultaneosly connected) are wifi5 (only few are currently wifi6)
how expensive would be solution to do the above? I would look for a device readily available in Europe (France)
how complex would be to set up and maintain the above solution? Would it be possible with a graphical interface?
Thank you in advance for your suggestions
PS: It might appear that I am asking some very obvious questions, but IT is not my field, and I am not knowledgeable about networking, so please understand that I might ask for further explanations to your replies. Thank you in advance for your understanding
you can find supported devices filtered for latest release
pick which has more flash+ram, has gigabit ports, and supports 5GHz wifi (ac). ax may or may not work.
there is data for VLAN support. usually multiple SSIDs are supported, but check comments too: eg. there are devices which in theory support this or that but in reality some features are broken.
if you want to use more and or resource hungry services please bear in mind there is cost: either financial (you have to pay for stronger but more expensive device), or have to adjust your expectation. typically VPN, SQM, services planned for real servers (e.g. file sharing) or delivering more wan bandwidth require stronger CPU these typical home routers are short of. there is a good article here about what to expect if you have 500+ Mbps WAN for example.
price range is depending on your pocket's depth.
once you picked a device search this forum regarding experiences, issues. don't buy before checking real user reviews!
FYI I have setup my home network with following devices
Modem - from Cable provider; wifi turned off
Router - RPi4 2GB RAM + TP-Link UE300 running on OpenWrt
Switch - Linksys LGS108P (with 4 PoE ports + 4 unpowered ports)
Access Points - TP-Link EAP615-Wall running on OpenWrt (PoE, Fast Roaming 802.11r works outstanding)
Connectivity follows this route: Modem > Router > Switch > Access points + lan devices
On RPi4 router I have additionally installed
Adblock: centralized adblocking for all home devices
SQM QoS: traffic shaping to prevent Bufferbloat
Attended sysupgrade: for upgrading OpenWrt
parental control: to set time restriction based on MAC address on children devices
Network isolation with Guest Wifi / VLAN / DSA is in theory possibly, however I did not configure any of those.
OpenVPN on my work-laptop is preinstalled so I did not need to configure this on my router
Maintenance is 1 minute work per device when a new OpenWrt SP is released (start Attended sysupgrade)
Installation is a lot more work due to gaining knowledge in several areas (but it is fun though)
ps: an alternative router (smallest 1Gb router on the planet)
RPi CM4 2GB RAM|No MMC|No Wifi + DFRobot IoT Router Carrier Board Mini
The only problem though is that RPi devices are currently very hard to get.
You can monitor https://rpilocator.com/ for availability
pps: In case you need to setup vpn than I would advise to look into WireGuard
Hi @RadioOperator , for the moment I do not complain about the modem router, therefore I would say that a router should be enough. Otherwise I will think about adding an AP