Is OpenWrt for me? (for dedicated router only)

Hi. Networking and openwrt noob here.

I just wanted to know the consensus here--if openwrt indeed is not for me--before I finally go for the typical consumer WiFi router, or the "simpler" router-only TP-Link ER605 or TL-R605.

I'm looking for a budget dedicated router at around USD 60. (Our total budget is actually USD 150 for both router and AP, 1 piece each.)

I'm also considering MikroTik/RouterOS (hEX, hEX S, hEX Gr3, or hAP ac2), but a couple of people discouraged me on that because according to them I need to be "really computer network literate". Mikrotik, they say, is harder to work with, compared with openwrt. (I'm aware that openwrt can be flashed on some of them.)

I need a router that's impossible for me to brick due to my lack of skills. We also get occasional unannounced power outages and I need it to not brick when that happens while, say, the firmware is in the process of updating or whatnot.

Is there an easy way to identify whether a device is un-brickable? For example, someone told me that Newifi D2 is un-brickable because it's on "breed bootloader"--is that it?

I imagine that the flashing part is what I'm scared of the most, that's why I'm also considering Mikrotik/RouterOS.

Basically I just want to have a stable internet connection and setup, something I could hopefully set and forget and wouldn't have to fiddle with all the time.

I am on Linux Mint and although I can follow instructions and do a bit of CLI, I prefer GUI and clicking stuff

The router will be directly connected to our ISP's unreplaceable ONU, Huawei EchoLife EG8145V5. I will not set the ONU to bridge mode because, from asking around, it is not stable at the moment, and I'm not really up for troubleshooting and maintaining that. The ISP would do bridge mode-ing with higher plans only (not ours). I'm aware of the double nat issue but don't know how it would affect us.

Our setup would be: Huawei ONU < short ethernet cable > router < 2 Cat6 ethernet cables > 2 APs

(We already have a TP-Link AP and will get another one.)

Internet is fiber 60 Mbps both down and up. (We may upgrade in the future if needed, which is 100 "up to 200" Mbps). 7-10 gadgets (all wireless) across 4-5 adults and 2 kids. Use cases are online classes (Zoom), YouTube, light games, video-calls, torrenting, and occasional movie streaming. We do not mind not having WiFi 6 yet.

Our house has 2 levels at 10m x 10m = 100 square meters (or 1,075 square feet) at each level. All floors and walls are concrete.

I apologize, I know openwrt is for hobbyists and advanced users but if any, I just want to let you all know that even though I do not know how to do this I somehow understand and appreciate what openwrt can do. I wish to run the SQM package at the least, and then (optional) ad-blocking.

Many thanks in advance.

If you're worried about bricking the router, get something that doesn't boot from internal flash storage, like a small x86 or rasberry, etc.

If you're in US, I'd tell you to get a simplewan sw301da, or a roqos rc10, but those have gotten expensive, on ebay.

The sw301da could be bought for as low as $20, just a couple of months ago.

At least this aspect is easy to answer, https://openwrt.org/toh/start - not listed, not supported (seems to be mt7621 with 16/128).

Many thanks.

If you're worried about bricking the router, get something that doesn't boot from internal flash storage, like a small x86 or rasberry, etc.

I've thought about this but wouldn't unexpected power outages be bad for them, particularly the SD cards? The location for the router is kinda awkward (by the stairway). We have a habit of turning off the ONU every morning for it to "take a rest" when not in use. (We're in the Philippines, due to the warm climate we generally switch off electronics we're not using. But yes I'm aware that ONUs/routers are built for 24/7.)

Anyway, I'd rather get something we could simply unplug, without properly shutting it down.

Raspberries are attractive, though, not gonna lie.

At least this aspect is easy to answer, https://openwrt.org/toh/start - not listed, not supported (seems to be mt7621 with 16/128).

I'm sorry I was not clear, by "simpler" I meant simply skipping openwrt altogether and use a "user-friendly" or "consumer" router. Most reviews (here in the Philippines) praise TP-Link ER605 or TL-R605, but a few say they're unstable.

All in all, first concern is an un-brickable router, second is my basically zero knowledge on networking.

Rule of thumb is if you have some kind of "recovery mode" it's "pretty hard" to brick the device unless you overwrite u-boot for whatever reason. If you have little experience with networking I would be a bit hesitant of recommending OpenWrt as it can be pretty rough at times (you can make your device unbootable if you're not careful) and since it uses UCI which is a wrapper to various configuration formats/layouts it can be a bit confusing and hard to find documentation. That being said, there are pros and cons going this route depending on your needs. I personally tend to separate firewalling/routing to another device and use OpenWrt for access points simply because I find it much easier to maintain and flexible.

"Stability" is usually down to the wifi driver/hardware which is usually the main reason why people find their network unstable and/or causes the router to crash. In general I'd say that IPQ4018/19 based hardware works very well in general, usually is troublefree as far as WIFI goes and isn't ancient hardware-wise. It may not the fastest hardware available but for your needs it'll be fine and if you get a device that can run OpenWrt you'll have the ability to switch at a later date in most cases.

I would advice against going for a SBC such as RPi / RockPro64 etc simply because you'll face more potential issues, it's overkill for your requirements and will make setup more complex.

I wouldn't, the RPi4 is stable, can route 1gbit, and is pretty much unkillable/unbrickable.
Only drawback it the single ethernet port, so you'll need to get an extra USB ethernet port.
I'd say it's an excellent choice, just as the other two devices I've mentioned.

You forgot the rest of the context including budget? RPi4 still uses a pretty bad SoC for networking and it adds up quite a bit if you factor in costs for case, psu, sd card etc it's also not very "user friendly".

Than that's the argument you should make.

It might need assembling, but on the other hand it's easy to install openwrt, just write the image to the uSD card, and you're done.

Bad in what way, it's not a complete disaster, considering it's capable of routing 1gbit.

There're tons of more expensive devices, incapable of doing it.

No hardware crypto, close to zero support apart from RPi Foundation etc. If anything go with the R4S which is at least cheaper and does most things better than the RPi4.

Worth taking into account is also that better performance (in some cases) doesn't necessarily translate into a better product for a given scenario.

The TL-R605 seems a good candidate to port OpenWrt to, considering that the Edgerouter-X has become difficult to find in stock. In this league of $60 wired only MT7621 boxes there is still also the RB-750Gr3, but it is a bit difficult to install.

The philosophy of both OpenWrt and RouterOS is to offer total control of the networking system as a block by block process. This does require knowledge of the concept of networking blocks and how they link together. More consumer-oriented firmwares, typically manufacturer's stock firmware, are based on clicking options to activate prepared "recipes" behind the scenes for various use cases. When you buy a proprietary router you're shopping just as much for the firmware and user interface as the hardware.

Small 5 port edge routers like the ER-X, RB750Gr3 and TL-ER605 are cute, fit in small spaces, and may even have some passive POE capabilities, but if you don't need any of that - you can probably get the capability you need for less cost from a high volume mass produced all-in-one WiFi router.

Something like a Linksys EA6350 V4 MT7621 based all in one device with WiFi that is also fairly compact in size with Gigabit Lan ports may be a good fit for you. If you can ignore the antennas on it you don't plan to use, it could be your edge router.

There are many all in one MT7621 options that would meet your needs. You might consider looking them over in the table of hardware, checking over their OpenWrt installation instructions, and comparing to what you can find available used or new locally.

I would not be looking at cobbling together a Raspberry PI4, power supply, PI case, USB dongle, and managed switch just to handle 60-200 Mbps. This is a great enthusiast set-up to handle Gigabit ISP speeds, but it's not what you need.

MT7621 will handle 100-200 Mbps SQM and adblock just fine. My ER-X is doing it now with <80 MB of memory in use - granted, I don't load up more than the default ad block lists (which seems to deal with most ads without blocking places I do want to go).

If you want to load up more block lists in memory and fire up WiFi networks, I'd try to get something with at least 256 MB of memory. Otherwise you should be OK with 128MB.

Which honestly is only an issue if you actually want to run services employing crypto and being bottlenecked by the CPU(s) in those calculations...

The raspberries have exactly the RPi Foundation going for them as well as an acceptable track record of getting new models and problems fixed (would be better if problems would not make it into released hardware), many of the other SBCs lack something like that.

True, but it is pretty hard to figure the quality of a product without actually testing it. But clearly, users requiring heavy crypto and/or averse to DIY solutions are probably better off with something more integrated than the RPi4. Then again the RPi ecosystem offers a few quite nice features, like GPS add-ons that can extract pulse-per-second from GPS data to allow great time-keeping in leaf networks (admittedly requiring packages not available under OpenWrt so not necessarily an argument for OpenWrt on a Pi).

So you're trying to downplay a very useful feature for a networking device and then start to go on about GPS etc which no one even mentioned and is by far less relevant to the discussion? Please keep replies relevant to what's being asked instead of going off on a tangent and as mentioned before it's not (even in the first post if people bothered to actually read) an option.

No I do not feel that I down play anything here, you seem to be constantly bringing up the missing crypto as a BIG deficit for the raspberry pi's without even the hint of an admission that this might not be a problem depending on the use-case. And here again you do not bring concrete examples where the pi 4B fails to achieve a specific performance goal due to the lack of crypto hardware acceleration. So which use-case do you have where the pi's CPU's are too weak to achieve the desired rate? Specifics please, a "useful feature for a networking device" is at best "nice to have" if it is not actually used.

But is it? For any real network performance measurements end-to-end interpretable timestamps are really useful, and something you can achieve with a raspberry pi on a (comparatively) shoestring budget... also note I did offer this as an example of nice features possible with a pi and did not try to sell this as a must-have feature, unlike your "but the missing CRYPTO" argument, which you seem to consider not as a nice add on other SBCs bring to the table but a severe deficiency in the raspberries. I am probably in a bad mood today, but for this smells like using different yardsticks for your and my arguments...

I find this a bit condescending, but....

Well, then here I go, arguments for the raspberies are:
a) pretty good availability
b) resilience against power outages, by allowing to keep easy fully bootable back-up copies of the system on SD cards, and the ability to flash on a different device, no need to aver re-flash on the router itself (although honestly, a cheap UPS/powerbank might be an easier way to solve that particular issue).
c) relative mature add-on/component eco system
d) relative cheap option that allow actual packet processing at close to 1 Gbps link rates

Argument against are:
a) only one ethernet port (can be worked around, but ony with additional hardware, either an USB ethernet dongle and/or a manageable switch to use VLANs to seprate WAN from LAN)
b) missing components for a full fledged WiFi-router, like decent WiFi, switch ports (see a))
c) price, for the OPs 60/60 access rates other all-in-one solutions can be considerably cheaper than the whole raspberry pi4B package including USB dongle switch and AP(s) (but note if for coverage one AP per level is desired, it might be attractive to put a wired only router like a raspberry pi under the stairs and ideally place those two APs to optimize for WiFi coverage).

I'm constantly bringing it up because it is an issue which you seem to deliberately ignore and/or not even mention which I would honestly would call a disservice even so you seem to be very keen on going off topic just for the sake of it. If you want to weight pros and cons between different SoCs create a thread about this subject, don't hijack.

But I note this is ALL you do in this regard "bringing it up", without being apparently willing to tell us what crypto acceleration actually will help users like the OP with specifically. IMHO this is not as helpful as it would be if you would explain how this feature can make a difference (bonus points if you show how this applies to the OP's 60/60 link where a 4 core raspberry 4B would stutter due to lacking crypto hardware)...

I would, if I would see that as a showstopper. For the OP I fail to see how that would make a difference though. If the question was "I need/want to do stream encryption/decryption at 1 Gbps link rates" this would IMHO be a much better line of argument.

Yes and no, yes I go off-topic, but no it takes two to tango, and you seem always willing to come along, but suit yourself.

I did not highjack this thread, only offered a mild counter point against your apparent "raspberry hatred". Yes, Pi's are not the pinnacle of SBCs and for many applications one might find a better suited more specialized SBC, but they are not half as bad as you paint them. Neither the missing crypto nor the need for a USB dongle appear as dire as you paint them...
Now, I am willing to eat my hat, change my position, and publicly apologize, if you bring in data showing how the missing-crypto and dongle issues are real life quantitative problems.

Hi Santan,

For the price point you are looking at, I would join in on some of the recommendations for MT7621-based devices.

Let me recommend the Netgear R6700v2 / R6800 / R6900v2 (all the same router inside) as great choices. They are generally available for reasonable prices on eBay. I have never been able to brick a Netgear device. There is program called "nmrpflash" that you can use to recover and re-flash them almost no matter what you've done to them. That tool is easy to use, and using it doesn't require any extra hardware or disassembling the device to attach to a recovery port.

If you are looking at something a little more home-brew, then rather than Raspberry PIs, which aren't really built to be routers, might I suggest a Banana PI R2 or R64. Both of them are built from the ground up to be routers, they both run OpenWrt, and they are both expandable. That being said....

...I tend to agree with diizzy's assessment here with respect to the home-brew devices. For a first go around, I think you are on the right track to look for an existing router that is hard to brick and going with that.

BTW, @santan welcome to the community!

Thank you again for your replies.

I'm now leaning towards TP-Link ER605 (unsupported). I realize that if I do want to play with opewrt I should give myself more time and allow for messing or bricking stuff, things that are inconvenient and could unnecessarily stress me out for now.

I wanted to separate the router and AP because arguably that's the best setup for a home network, except for the inconvenience of running ethernet cables and installing wall mounts, but we got that covered.

Regarding SBC's, I would not consider them for now. Given the awkward location of our ONU at the hallway of second floor, I'd rather choose a device I could easily unplug, unlike a computer (SBC). But I'm really delighted to know that they're resilient against power outages. Anyways, I reckon SBCs are more advanced. I'm more concerned about getting started, although tbh that would be when I could finally afford to play or maybe brick a router, which is not now.

Neat, neat, and neat.

I would imagine myself being more comfortable with an SBC (geared towards routing) than any consumer/business wired/wireless router.

Thank you everyone for your time.

I suspect you misunderstand?

An all-in-one can be just a router too. You can turn off the wifi radios in OpenWrt. Heck, you can even remove the antenna's if you like (you do not have to of course, but if they do not look nice and you do not need them anyway....)...Viola! Now you have a router only device.