Alternative recommendation to Turris Omnia

Hi,

I will soon be a new user of OpenWRT. I’ve been working with IT for many years now and have often heard discussions of DD-WRT and have never been fussed by it, was just happy to use my internet and get on with it. Now in 2020 I’m getting a bit more concerned for my privacy.

I did some searching on the internet and everywhere seems to recommend Turris Omnia. However, after reading information here and on Reddit, I can only see people having problems.

My intentions for use are to hide my browsing habits, not that I’m up to no good, just would rather my data isn’t mined for profit. I use pihole on my current micro server, with cryptdns, I use it for plex and use it as a NAS.

I have a server hosted in OVH and would be great to have a vpn link between the two allow access from any computer within the household to certain ports, I assume this is possible with any of the openwrt routers but worth mentioning?

Given my requirements I’m looking for something with decent processing power and RAM. I have ubiquiti access points so WiFi doesn’t need to be great.

I will have quite a lot of devices connecting, I’m a smart home advocate, so lots of WiFi devices but again the ubiquiti device can handle this if necessary.

I have a gigabit switch which supplies Poe to my cctv cameras.

Lastly, my broadband comes in at 1gbps, I have a fibre connection to the home.

I looked at the ac3200 as it seems lots of people are happy with this device but doesn’t seem like it’s got enough ram?

Love the look of the nighthawk x4s but 512mb compared to 2gb with the Omnia?

Budget I’m not overly concerned, the Omnia was expensive but wouldn’t like to spend anymore than that.

I’m in the UK.

Looking forward to getting started!

Some device numbers, H2+ is worth a look.

Would be a nice project to use a odroid, I did some reading in the forums here, doesn’t seem like people have had much success with drivers for the NICs yet? It seems like it won’t work out of the box with the latest stable release of openwrt

Yes, my understanding is that the RTL8125B driver is problematic, have not bothered to go upstream to see what the situation is regarding inclusion.

Edit: reading at the Hardkernel forum would indicate things are working with 5.9.rc1, someone with device could maybe take a kick at BLOBs with 5.4.x in OpenWrt as to working.

Check APU2 from pcengines.ch
Same quality as my Swiss watch

.ch gives me the fear

Edit; interesting as it seems it’s a Swiss company?

Do you really think an apu2 can cope with a 1 GBit/s WAN connection with VPN and potentially more on top? To my understanding the slightly dated GX-412TC CPU and its networking subsystem can just barely (but reliably) achieve routing at 1 GBit/s line speed on linux (less on *BSD), but to my knowledge there isn't much headroom left beyond that - so things like SQM or VPN could be a problem at those WAN speeds with this hardware. A more current x86_64 system (it doesn't need to be highend, just more than the old AMD Jaguar) and two or more ethernet card would be my recommendation instead.

Do you have a specific brand and model in mind which you would recommend?

Not really, but I'd look for mid- to high-end i3, lower-end i5 or low-end ryzen; modern/ high-end Atom might also work (but that might be marginal).

Oh so you’re recommending an actual pc or am I misunderstanding?

An i3 seems pretty powerful for a router given my current BT supplied router the smart hub 2 won’t have that?

The selection of apu2-like-but-faster boards is limited, while there are a few devices dispatched from china (e.g. qotom) there aren't that many alternatives in the mini-itx or below form factor (the situation gets much easier and cheaper in the µATX size range). The apu2 is almost perfect (especially with 2 WLAN cards in mind, enough PCIe slots is the big issue for small form factor boards), just that its CPU is quite dated by now (and with >500 MBit/s connections in mind (yes, it can do plain routing at 1 GBit/s line speed, but it gets dark quickly for anything beyond plain routing/ reasonable firewalling - and those things (e.g. VPN) are particularly interesting with fast WAN connections)).

Yes, there are high-end server class Atom boards, which would be interesting for these tasks, but those are really expensive.

Yes, Swiss quality.

A chinese a bit more pricy contender to Odroid H+ is ODYSSEY X86J4105800. Specs say it has Intel I211AT chips for 2x gigabit ethernet. A nice bonus or odd exception on the the board is embedded ARM-M0 microcontroller.

Based on what you’re saying these boards don’t seem fit for purpose.

A Raspberry Pi 4 should be fast enough to cope with your broadband. You'd need a USB-ethernet adapter and managed switch, but it should do the job.

The AMD on the APU is well past its best before date, even a rango outperforms it in the benchmarks provided in the link above; you can usually get a refurbished rango on the cheap. The H2 / H2+ becomes an even more interesting device if Hardkernel sees this board to fruition.

This is good news. I do some research on this to see if anyone is successfully running a pi4 with openwrt.
With regards to the switch, why does it needs to be a managed switch? I have a gigabit switch which does poe for my cctv but it’s unmanaged.

Plenty of people are. Mine's been up for 69 days currently without issue

It doesn't if you're using a USB-ethernet adapter to add a second ethernet interface. My bad in not being clearer initially.

RockPro64 (PCIe2x4 and SIMD)

I have recently updated from Banana PI R2 to this one:

https://www.ipu-system.de/produkte/ipu661.html

Basically because of the AES-NI support for OpenVPN. It should have enough power for your use cases also.