I am looking to replace my current APs with OpenWRT compatible hardware. The reason for this is just that tomato will probably never support WiFi-Mesh due to closed source WiFi drivers by Broadcom.
Current Situation:
3 Story House + Basement (Floor 0) - 4 Floors in total
3x ASUS RT-N18U APs running FreshTomato
There is an AP on each floor, except for the 2nd floor.
1x ISP Router/Gateway handling DECT, DHCP, DynDNS and Port Forwarding.
(Right now I don't see the need to handle these tasks by the OpenWRT hardware.)
I could replace the cable between AP0 and the ISP Router with the dashed line, so my ISP gets cut out of my network.
What is most important to me:
stability: The devices need to be reliable and run smoothly
at least 128 MB Flash and 128 MB RAM (I want to be future proof)
strong CPU: enough to max out my 40 Mbit Upstream with OpenVPN
at least 4 Gbit LAN Ports
at least 1 USB Port (preferably USB 3.0)
external antennas
dual-band WiFi
What would be nice to have:
maxing out my 100 MBit Downstream with OpenVPN
What doesn't matter to me:
I don't care about the look or brand of the device as long as it is running stable and all functions are supported by OpenWRT.
I would even buy some noname chinese hardware.
Special Tasks:
AP-1 will run an OpenVPN Client and act as a gateway for some network clients to route them trough the VPN.
AP-2 will only be running an adblocker for my smart tv.
AP-3 will have a 4 TB USB 3.0 HDD connected to it, beeing the NAS, DLNA Server and OpenVPN Server
Other than that all three APs will only act as stupid APs distributing the same SSID.
Maximum number of WiFi clients can range from 7 to 15.
Price:
I don't want to spend much more than 50 Euro / 60 USD for each AP.
I'm from Germany and have no problem with buying used hardware.
BTW: Any suggestions for antennas that spread out wide rather than up/down?
Since I will have an AP on each floor and WiFi-Mesh there is no need for the APs to spread the signal up/down.
From what I have been reading the longer an antenna is, the wider it will spread the signal.
The shorter the antenna gets the more will the signal spreading look like an apple around the antenna. Is this correct?
I hope this is enough information to provide me with some suggestions.
That's probably a bit too much for flash. You would be limiting your choices (or paying more) for no reason. Hardware advances very rapidly. You better get what you need now (or what you will be needing next yer), and then when they don't suite you, you just change.
Generally, that's how omnidirectnal antennas work anyway; the spread the waves in a donut-shape around the antenna. If you want the waves to go horizontally, you make the antenna vertical.
So are these dumb APs or not? Normally a VPN runs on a router. Maxing out OpenVPN at 100Mbps is a serious load, requires mvebu or x86, and substantially more than $50
The flash at 128 MB, you're probably pushing into NAND territory which is still a cost driver (even more for SoCs that don't boot directly off NAND).
128 MB RAM for today for a dual-band router, is barely sufficient.
100 Mbps OpenVPN is going to push you into the high-end ARM units or x86 hardware.
Omindirectional antennas are, by definition, good radiators in all directions. Physically small antennas, such as the on-board antennas, or the internal ones typically used for 2.4 GHz, are generally rather omnidirectional (not an "apple" -- which is likely a dipole pattern, which is directional).
Directional antennas radiate better in certain directions. They don't make the signal any more powerful, just send it in specific directions (like an old-fashioned megaphone). The "stick" or "rubber ducky" antennas on routers are generally moderately directive, a couple of dB (think 1-3 dB) of more power in all directions at right angles to their length, with a similar tiny bit less off the ends. It's not a lot, nor are there the sharp mulls or zeros that some illustrations show -- just keep the antennas roughly vertical and you might get a few meters more range on a given floor. Bottom line, antennas are the least of your worries with any reputable manufacturer.
I'll leave recommendation of devices to folks with knowledge of the European used market. I'd be very challenged to meet those needs with a US$180 budget, especially with high CPU demand on two of the three devices.
A high gain "omnidirectional" antenna focuses the signal toward a horizontal plane (when the antenna is installed standing vertical) instead of all directions. In most cases the users will be in that region of space rather than up in the air or below the ground.
Is 128 MB really to much flash? I mean, would 64 MB be enough for OpenVPN, WiFi-Mesh, DLNA, SMB? I'm new to OpenWRT so I have no clue how much space I really need. I thought the more the better.
Added the info about this device in my first post.
I also found that list, but a few months ago there have been many more routers listed there.
And now there are only a few left. What happend to the rest?
But 256 MB should be more than enough, right?
With 180 USD, do you mean 1 device or for all three?
I recently got my hand on a netgear r7500 v1 (sadly it was a v1) for just 30 Euro, but then realized 5 ghz band is only supported on the chipset of v2.
Thanks for explaining the antenna part, especially Jeff.
I also changed something in the OP about maxing out my downstream with OpenVPN, as I create the huge OpenVPN load most of the time directly on my PCs.
But since I am accessing my NAS sometimes remotely I would like to max out the Upstream with OpenVPN. My tomato hardware reached about 30 MBit/s (+- 5) with SHA512 auth-digest and AES-256-CBC cipher.
Depends on how far out you define "future" for "-proof". For today, yes, a reasonable option for a high-end ARM device. Might get three years out of that, given that they're rolling out 1 Gbps symmetric service here for around the equivalent of 50 € per month. That's going to be a challenge for even the high-end ARM routers, I think.
I suspect that demanding, knowledgeable users will be moving more and more to the path of an x86-class router and discrete APs. My Archer C7 v2 units work "fine" as VLAN-enabled APs at 16 MB flash, 128 MB RAM. They're getting to the point of EOL between wireless performance of chips brought to market 5-10 years ago and the availability of three-radio devices for those of us who "have to" use a wireless backhaul. A current router you buy today would likely serve well as an AP longer into the future than it would as a router, even more so if you believe that application software is appropriate to be running on a router.
Ok, this clarifies things. You should know that by using the ISP router you give 100% access to your internal network to any ISP employee and anyone who compromises the ISP provided equipment, which may be rarely updated and have long standing flaws that are targeted by botnets.
So, with all that and your goals in mind, here's my suggestion:
Buy a WRT32X ($127 new here in US on Amazon) and place it behind the ISP Router. Add your USB HDD to it to act as the NAS, and install OpenVPN on it to act as server/client (though by FAR I'd recommend wireguard over OpenVPN if you have choices). This device also acts as the AP for the floor it's on. Beware there can be some interference from USB 3.0 to the 2.4GHz band, so get yourself a good quality USB3 cable to minimize this, and run it at right angles to the antennas.
Buy two TP-Link EAP225v3s, run wire to the 3rd floor and put one there, run wire to the basement and put one there. If needed put a PoE switch next to the WRT32X to do the PoE for the APs. These really are DUMB APs not running OpenWrt, just providing an access point, all the "smarts" would be in the WRT32X where you have CPU and RAM to run everything you want. The second floor will be served either by the 1st floor AP or the 3rd floor AP. Try to put them with some horizontal separation so that they aren't just stacked on top of each other.
Learn about VLANs and set up a separate network for your SmartTV, run adblock for this entire network (so you can easily add additional SmartTVs or connect tablets or whatever)
If you can separate out network clients that should always route through the VPN break that out into its own VLAN as well.
EDIT: 5) keep the ISP supplied device specifically for the DECT phone service.
I have my Archer C7 V2 sharing an NTFS HDD and running SMB and miniDLNA, with 16 MB of FLA. I imagine 32 MB should be comfortable for what you are asking.
If the TV is the device that will play media the most then I would have miniDLNA on the device in that floor if it can be connected by cable, especially if you will be playing files that doesn't need trans-coding (e.g. not demanding of the router at that floor). That way you don't overload your network with high volume of data necessarily, and you also avoid interruption of video steaming if WiFi drops. Or you could have the miniDLNA server on the main router but have the AP connected with cables to both router and the TV.
I think you mean if it can not be connected by cable. Your suggestion would be to limit wifi retransmission congestion. If it's connected by cable, the issue is moot, as the gigabit bandwidth is enough to stream something like 100 HD streams.
Yeah I was thinking of wiring up only the APs, of course if you need to wire more devices, then $15 dumb gigabit switches provide more ports where needed.
@jeff
Since I am based in Germany, I am absolutely not worried about getting anything like a symmetric 1 GBit fiber connection in the near future. Before this happens, hell will freeze.
I just got my 100 Mbit VDSL connection one week ago. Before that I had some crappy LTE connection, that was unable to provide a consistent 16 Mbit downstream. Feels like the universe is dropping on my devices now.
@dlakelan
The WRT32X costs about 200 Euro new/used in Germany, which I am not really willing to spend. Having to buy at least 2 more APs. Other than that it would surely fit my needs well.
You guys don't know some shops that ship this to Germany? (maybe even avoiding taxes? )
VLANs I will do sir! I guess you will here me screaming for help, once the new hardware is set up.
@Hegabo
The TV is connected by WiFi, which is working pretty fine for streaming. I could however also run a flat cable to AP1.
I quickly created a small layout of my network setup, see Post 1.
Might want to look at @slh's suggestions and the comments following
His opinions have always held weight with me, and he's much more familiar with the European market and its availability and pricing than I am.
Edit: It wasn't long ago that I was thrilled by a 30/3 xDSL connection. The changes in availability and pricing have been over the last 3 years or so, and you did mention "future-proof" as a desirable attribute.
Yeah, that's a lot, particularly since you can get a Mini PC for less and it will have way way more power to route and be NAS etc.
Of course no WiFi
Even at 100Mbps if you want SQM (and you do) and OpenVPN, you're best off getting the mini pc, consolidating services, and considering it as a longer term investment. The Mini PC will route and NAS at satisfying performance for a decade. Current devices below the level of WRT32X or ZyXEL Z2 are kinda sorta adequate for speeds available today. Only those two (or ones similar in price) have headroom at all for your speeds with SQM and NAS etc.
From a capital investment strategy, buying the mini pc + a smart switch + 2 or 3 external APs is going to provide high quality high speed performance for much longer than the cheaper up-front route of buying something like Archer C7s used and distributing them around. Of course you have to have access to the cash...
I've long been a proponent of used Archer C7 v2s (and have five) at ~US$30-40. However, if IPQ40xx-based units (like the NBG6617) are available in Europe for not much more new, I'd be buying those in a heartbeat over the Archer C7.
Well, f it's working fine then you don't need to run a cable until you need it. I just presumed that you will be streaming 8k videos or something, or why else would you be worried about the 100 mbps?
)