Hello!
I will test OpenWRT and OpenVPN with multiwan3 function to load balance between 2 openvpn providers.
What router do you guys recommend that has "hardware acceleration" for this purpose?
Price range about 150-200 euro (200USD)
I will not use wifi, only wired.
Thank you all !!
An x86_64 board with AES-NI and at least two Ethernet phys, preferably Intel over Realtek. Minimum of dual core; additional cores are unlikely to further speed a single VPN connection (VPNs are typically single-threaded). If needed, an off-board, managed switch.
I assumed you meant "failover" rather than "load balance" for the two providers, based on the illustration. If you truly have both running simultaneously, then at least three cores would be recommended.
Look at AliExpress for "mini PC router AES-NI" and similar searches
https://openwrt.org/toh/hwdata/linksys/linksys_wrt3200acm
https://openwrt.org/toh/hwdata/linksys/linksys_wrt1200ac
https://openwrt.org/toh/hwdata/netgear/netgear_r7800
https://openwrt.org/toh/hwdata/zyxel/zyxel_nbg6817
https://openwrt.org/toh/hwdata/linksys/linksys_ea8500
This 5 seems to be the best right now, but i dont know if they have AES-NI.
I should prefer not to buy a no-brand box from aliexpress.
Thank you!!!
I conducted benchmark testing OpenVPN connection.
Connections speed to ISP on both sides 100Mbps
On server side real PC server.
For testing used IPerf 2.10
On client side:
I choose Linksys WRT32X
Thank you!
It will be the Linksys WRT32X
or
a mini-pc from china that could be really low quality: Aliexpress
Thank you again <3 !
I would agree that "cheap, Chinese" x86_64 boards are perhaps not the best choice for a critical piece of infrastructure. I presently use PC Engines APU2C4 and APU3C4 boards and find they have low power consumption (under 10 W running a desktop distro including dual Samsung SSDs under ZFS), reasonable performance, and very good reliability. Their processor, however, is not as powerful as other options available today.
There are more powerful options (that I have not personally used, or are "as rare as hens' teeth") out there at moderate cost, such as the offerings from https://fit-iot.com/web/, https://up-board.org/, https://www.hardkernel.com/shop/odroid-h2/, and a couple others that I can't find links to right now.
The benchmarks that @oslyak provided are insightful. The FX-8320 is probably a good point of comparison, as isn't a "screamer", with single-core Passmark performance as one measure of around 1400. For comparison the AMD Ryzen 5 2600x has single-core Passmark of 2143.
I can't provide further recommendations as I don't own any of the newer, better quality, x86_64 boards. From what I have read, the WRT32X seems to be a solid unit. In Top ten routers currently in use? - #4 by slh, slh states
Both mvebu and x86_64 can be used for 1 GBit/s WAN speeds.
It all boils down to upstream support, Marvel Armada 38X have very good support although you might want to start looking at 64-bit ARM instead of 32-bit...
Is it possible to install OpenWRT on a mini PC or "faster" hardware ?
Thank you!
Yes, OpenWrt does support x86/ x86_64.
above 100mbit/s i would recommend a mini-pc.
mvebu (WRT32x) is capable, but still pretty limited in contrast to a "real" pc.
Where can we find a "mini pc with AES-NI" that is well tested?
Not a chinese alibaba hardware that could be very good or very bad in quality.
Thank you! 
everything is made from "cheap chinese hardware" dont kid yourself 
3y 24/7 mini-pc from alibaba - no problems yet
This data looks too much weird. When I tested on last weekend, it was working well.
So the setup will be: Modem -> Mini PC -> WiFi Router
Right? But how can I whitelist some devices which should't go via the VPN?
When the VPN is runnig via Mini PC, the Mini PC can just the the WiFi Router? 
This won't describe the right setup. The Mini PC can just see the router. Can I set the router in bridge mode? Is this the soulution?
Jalapeno Board would be able to do this and I think pretty easily. Built in hardware nat and hardware crypto. Just get a switch, not sure where you are located but monoprice is not bad for switches I use their 8 port gigabit and its solid to me.
As for load balancing VPN not sure on that I personally use Wireguard.
Superb post sir! Thanks for sharing!
Presuming that by "router" you mean the "WiFi Router" you previously mentioned, then I believe that you need to do is use it as AP (and that's only if the Mini PC doesn't have suitable wireless card), so you basically set a static IP for the AP in the same subnet as the Main PC and connect it to the LAN port in the AP.
