Hi, I'm a little confused and I hope to clear up that doubt. Having to subscribe NordVPN to take advantage of greater privacy and anonymity I purchased an AR750-S ext router to which I installed OPENWRT.
I would like to configure my VPN directly on the router but what I would like to understand first is the following question...
in terms of better privacy and anonymity the best configuration is:
Single router connected directly to the DSL telephone jack;
LAN-WAN cascade router (vodafone station - ar750s).
I believe that by eliminating the vodafone station and purchasing a router like fritzbox 7530 openwrt privacy and anonymity are better. While a cascade router would contaminate security and compromise anonymity.
Could anyone explain the right configuration to me better?
You may improve performance if you set up VPN on a more powerful device.
But it doesn't matter for privacy/anonymity, also Tor is more suitable for those.
Okay, I thought that with a LAN-WAN cascade router, anonymity was a little compromised and it was better to use a router connected directly to the phone DSL socket.
Okay anyway once the firmware is OPENWRT the device type is irrelevant?
The principle is that everything along the link between the VPN client and the VPN server need not be trustworthy at all. So it really doesn't matter what devices are involved.
Of course you need some sort of DSL modem since the ar750 is only a router.
The only OpenWrt supported VDSL hardware would be the Lantiq vr9/ VRX2xx series, which works fine, but is rather low-end (it already struggles to deal with routing a 100/40 MBit/s VDSL2+vectoring connection and super-vectoring isn't supported by the hardware at all). Running a VPN connection on this hardware in addition to the modem/ router tasks is completely beyond its abilities (well, it works, just not with satisfactory performance).
The reason why VPN providers prefer cascaded setups, is because this approach avoids having to deal with the additional complications of SIP (phone) or IPTV uses, which would need special care to set up (policy based routing, special VLAN tags, IGMP snooping/ proxying, etc.), as your ISP's phone/ TV services wouldn't be accessible over your VPN tunnel (let alone thinking about the SIP/ phone hard- and software necessary). If you know what you're doing, you can get this sorted on a single router (with an external modem), but that is more complicated than killing the problem with hardware.
Be aware that even though the Fritz!Box 7530 has basic (good) OpenWrt support, its internal VDSL2 super-vectoring modem and the FXS/ DECT hardware needed for VoIP phone needs are not supported and lay dormant (effectively 'degrading' it to a Fritz!Box 4040).
I have no problem with VOIP, I do not use it and I do not care, a fritzbox 7530 is ideal since it is the only one in the series to have a DSL port in relation to the speed it offers.
My question was whether a cascade router was dangerous to privacy and anonymity compared to a router connected directly to the ISP's DSL socket.
The upper level modem/router is not required to be powerful.
But to achieve higher speed on VPN, you should use a device with good CPU performance.
So, splitting modem functionality to a separate device can reduce the overall costs.
Another reason is to delegate responsibility for internet connectivity on the ISP.
