Looking for Gbit / multi-Gbit router available in the EU

I'm looking to replace my TP-link Archer AX50 with an OpenWRT-compatible (all-in-one) router with good support. I have a gigabit connection, so gigabit routing is a must. I also have a few devices with 2.5Gbit networking support and I was told by my ISP tech that they're already expanding 10Gbit to some places, so devices capable of >1Gbit routing are also to be considered, but I'm aware that the prices on these might be too prohibitive.

I have spent the afternoon reading through the pinned post for enthusiast HW recommendations, but most of these are either unavailable where I am (EU), aren't Gbit capable or have unfavorable opinions about limited support attached to them.

I'm new to OpenWRT, so I'm unsure whether the following features are available on all (or no) models, but some of the features I'm looking for are:

  • OpenVPN / Wireguard server support
  • Wifi 6 ( or Wifi 6E)
  • VLAN support (Guest & IoT)
  • Ability to use a local IP as the uplink DNS server (screw you TP-Link)

I'm also open to router-only + separate WAP recommendations as I have a separate modem from my ISP and might end up getting a managed switch in order to separate my wired-only IoT devices to their own VLAN. I'm also in the waiting list for a RPi 4B 8GB that I don't have any use for so far, so feel free to tell me your thoughts on using it as a router. I've been hearing conflicting opinions on that for Gbit routing though.

As for why I'm leaving the Archer AX50 – I don't really have any real problems with it (Gbit routing fine, OpenVPN fine, WiFi fine, Guest VLAN support), but I've had a sour taste in my mouth since it was revealed that TP-Link sends your browsing info to third parties without your consent. It also hasn't received a firmware update for a year now, even though they seemingly promised one after the fiasco. It also won't let me change the DNS server to a local IP so I could block this traffic, and is not supported by any open firmware. Because of this, I would like to avoid TP-Link HW as to not support the company, but I am aware that my options are somewhat limited.

For anyone looking for the same thing, I also posted about this to Reddit some time ago here (but was subsequently linked to this forum).

1 Like

and

would be the starting poinst (no, not the ancient APU2-APU6).

Especially with >>1 GBit/s in mind, you're quickly down to (non-Atom) x86_64, which can be a valid competitor, both on prices and idle power consumption (if chosen wisely).

Thanks for replying!

I have also already read through the So you have 500Mbps-1Gbps fiber and need a router READ THIS FIRST pinned post, but it doesn't help much with actually choosing hardware - the OP just says that "a RPi is an option" and "this no-longer-available all-in-one PC is an option", and the HW mentioned in the replies has the same problems as that in the enthusuast HW post in that it's either not available anymore or not capable of (>)1Gbit. As for the point of the post though, I am aware that I'm looking for a pretty powerful machine and am ready to spend some coin.

As for the other post you linked, I'm not sure what I'm looking at. There seems to be a lot of people suggesting not-yet-supported HW, and a lot of it is a little too technical for me to understand. I'm looking for something that I can rely on with OpenWRT. Please LMK if I'm missing something, the thread is pretty beefy at >300 replies.

Especially with >>1 GBit/s in mind, you're quickly down to (non-Atom) x86_64, which can be a valid competitor, both on prices and idle power consumption (if chosen wisely).

Are there any specific devices you could link so that I could get a better idea of what we're talking about?

all in one I have unfortunately failed to find: it is either good wifi and slow routing or the other way around. That is in addition to OpenWrt not running well yet on new and modern hardware.
I ended up splitting this requirement into two: 1) an OpenWrt border gateway (wrt3200acm) and 2) an off the shelf wifi mesh (wired 3 x eero 6+). This can easily route 1Gbps and shape close to that, but it is just an example that will not meet your "multi gigabit" requirement.

Thanks for getting back to me!

I have seen a few suggestions for the WRT3200ACM and it looks pretty cool, but unfortunately it's nowhere to be found where I am. The same goes for the Eero 6+. I'm also fine with no Gbit on WiFi as the house is wired throughout and there's just a few phones that use wireless.

I'm fine with having a router-only + AP setup, so please feel free to leave any other suggestions if any cross your mind. (I really tried to look myself, but the area is so full of lies and half-truths that I always run short.)

On another note, is mesh any good? I remember hearing about the tech a long time ago and people seemed to think it wasn't worth it. I have always been fine with what the all-in-one provided as my house is small enough, so I was thinking about just getting two regular APs to get every corner.

If you can wire your AP(s) to an ethernet backhaul, there's no need (at all) for a 'mesh' - simple (good/ fast) APs will do a better job as any mesh.

Just look for small/ low power x86_64 systems with two ethernet ports or at least the option to add a (cheap) second ethernet card. Lots of small form factor devices meet these criterias, as do some more networking specific mini-PCs with (typically-) four ethernet ports. Make sure to go with (relatively) current hardware, with your profile probably a low-end i5 or high-end i3 or low-end ryzen - and obviously the network cards you need (big decision between 2.5GBASE-T or 10GBASE-T).

1 Like

I tried both eero and google mesh (both wired) and they are very good. The simplicity beats the daylights out of an "all in one" Netgear R7800, that I used to run and constantly tweak.

I personally do not like anything x64 due to power consumption (will drain UPS faster and cost more), need to manage BIOS separately, sometimes bulky, sometimes you need an additional network card, other times it costs several times more than an ARM system, sometimes you need to build your own firmware to get the right drivers included. I did not not like RPi4 due to a separate dongle (additional moving part). Nano R4S has two ports and is a decent option, but seems to be work in progress.

For a border router you are are looking for CPU (frequency and cores) so I went to Table of Hardware: Ideal for OpenWrt , sorted by CPU (it is not a numeric sort) and started looking from the fastest one available at reasonable cost. I ended up in wrt3200acm or wrt32x at the time. OpenWrt config is very transferable form one router to another, so no need to spend money to future proof: use for a year or two and move on to a new router, unlike proprietary ones. Config can even be scripted and also automatically applied, so moving to a new router is actually fun.

If you want an x64, then there are already recommendations in this thread.

Neither of these are options for >>1 GBit/s WAN speeds.

The problems here are >1 GBit/s and VPN (keeping SQM in mind as well) at those speeds, and that leaves you with very few options other than x86_64.

1 Like

Below is a relevant quote from the OP: >>1Gbps is not a must. Future proofing is also not necessary for OpenWrt, especially with DSA: config and scripts are easily transferable. A good x64 is needed for VPN at 1Gbps, but a Brume can run Wireguard at 280Mbps and easily route at 1Gbps, which might also be an option for OP. So instead of unnecessary and expensive future proofing, OP could pick something that works for the next year or two and then upgrade one single component: the border gateway. Should cost less longer term.

I have a gigabit connection, so gigabit routing is a must. I also have a few devices with 2.5Gbit networking support and I was told by my ISP tech that they're already expanding 10Gbit to some places, so devices capable of >1Gbit routing are also to be considered, but I'm aware that the prices on these might be too prohibitive.

fwiw, newer firmware dated May 2022 is available from TPLink's US website.
https://www.tp-link.com/us/support/download/archer-ax50/#Firmware

Archer AX50(US)_V1_220526

If you compare the previous releases for US and EU, the actual firmware .bin image for AX50 has the same filename and are identical when binary compared.

It may contain a fix for the Homeshield bug?

Would installing a separate DHCP server on the LAN solve the DNS issue?
ie. don't use DHCP and DNS servers on the stock AX50.

Oh, I mean, I don't need those speeds for the VPN-connected devices if that's what you mean, just any remote acces to my NAS at all is fine haha

I'm sorry if this is a dumb question, but does that mean, for my lack of a better description, "any Windows-compatible PC?" I'm a little worried about intercompatibility with the various network cards, as there's so many I wouldn't even know where to troubleshoot if something went wrong haha.

networking specific mini-PCs

Is there a whole market for those devices? You're blowing my mind a little right now.

Shouldn't I be fine if I connect the built-in port to a (managed) switch and route everything thorough it including the modem? Or is the built-in port not Gbit capable, or is there another issue I'm not seeing?

Nano R4S has two ports and is a decent option

You're not the firs to suggest that board, but I would rule out all of these because there's no way I'm getting my hands on one in a reasonable timeframe or for a reasonable price. I wouldn't be bringing the RPi 4B 8GB specifically into the conversation if I hadn't been in a waiting list for one for half a year now.

wrt3200acm or wrt32x

I have seen many recommendations for these and would go for one if I could. Unfortunately none are available that wouldn't require overseas shipping to where I am.

Interesting, I only check for online updates in the web UI and the last one I got was 30/07/2021.

It may contain a fix for the Homeshield bug?

If you read through the articles, they only admit that the bug was that there were too many DNS requests, not that they were sending all data to Homeshield regardless of whether you enabled it or subscribed to it at all. Still not a very good situation.

Would installing a separate DHCP server on the LAN solve the DNS issue?

I actually do have Pi-hole with DHCP enabled on the LAN and all my devices query DNS to it fine. The router even lets you change the DNS server broadcasted by the DHCP server to one on the same LAN. What it doesn't let you do is change its own uplink DNS server to one on the same LAN, which it uses for the DNS requests generated by itself / queried to it directly.

Like the one in Need a reliable OpenWrt router/wifi box - #40 by phinn
and Advice on N5105 mini-PC's - #2 by shdf

While you can get ARM64/aarch64 platforms that does several Gbit/s they're still "niche" meaning that they're rather expensive and/or only partially supported as most rely on hardware processing which usually isn't supported in OpenWrt (and may also apply to mainline Linux).

You should also be aware that OpenWrt mainly targets low power/performance so you're going to miss out on newer hardware features unless you patch and compile your own firmware. If that doesn't sound appealing just look at another distro such as opnsense and/or pfsense for instance (x86 only) or at running a full blown OS.

As it is right now I wouldn't recommend you to spend a lot to get "multi" Gbit capable hardware, just get something that does Gbit speeds and upgrade further down the road once it's actually needed. I would also like to stress that SQM is not by any means some kind of requirement especially on high speed connections (it does indeed serve a purpose however) as it will kill performance on Gbit connections due to its single threaded processing.

Just go with something like this and some kind of of AP/Mesh system (these are easily found on eBay from Germany)

I personally run several RockPro64's (https://www.pine64.org/rockpro64/) with an additional PCIe NIC that runs rock solid but there's a bit more thinkering involved however I'm very happy with the result. Unfortunately these boards aren't very common in the EU yet. You can also replace pi-hole with something like https://github.com/0xERR0R/blocky or some solution using Unbound to avoid having to run a separate device and/or a VM.

Edit: Don't type replies in a hurry :wink:

1 Like

if you live in england you have a belkin rt3200 good routeur for cheap price

Oh. I wonder why I never learned that when I was researching open-source FW, OpenWRT always came out on top for pretty much everything. Is the same true for DD-WRT?

Looking a bit deeper into it now, I see quotes such as

I want to have wireless in my router. That's easy! You should use OpenWRT. [...] You should NOT use pfSense or OPNSense - they don't support 802.11ac and have sub-optimal 802.11n support.

from here (teklager.se), but also

what ended up switching me over [to OPNSense] was the multi-wan support. It just isn't very good in OpenWRT.

from here (OPNSense subreddit).

I'm also a little skeptical about the fact that OPNSense/PFSense seem to market themselves as firewall FW, not router FW. I'd love to read more if you happened to have some good resources, so much of the internet is filled up with wirte-fast-say-nothing articles that I don't know where to look. It seems that an OPNSense router-only box + separate APs w/ OpenWRT would be an ideal setup, like the one you linked?

I also can't find a list of supported devices for OPNSense (apart from this HW requirements support page), is it just any x86-64 machine? Does OPNSense actually run as a program on a standalone OS?

I'm sorry for so many questions, I am learning a lot right now.

Unfortunately, not from England and the RT3200 isn't available here either. I'm starting to think there's a mob controlling what can be sold here haha

I think so, the missing point in that list is IMHO is "low cost"... or put differently OpenWrt IMHO aims at making the traditionally cheapish cost-optimized "home-routers" more usable by allowing users to escape the traditionally tight constraints of the original firmware and extend the lifetime by (often not always) offering much longer software updates and even new features. Such devices are still often severely limited in storage size so OpenWrt put a lot of emphasis on keeping things small (constraints that do not really exist in middle to upper-end x85/ARM computers).

So both OpenWrt and I guess DD-WRT (never used it myself so no first hand experience) have a decent reason for existence, but driving state of the art hardware capable of doing interesting (CPU-intensive) things at the top end of consumer internet access link speed is not really one of these reasons. :wink:

Check the feature set of OPNSense/PFsense before you go that route; very likely that this is a decent match for your requirements, just not guaranteed. Firewalling is traditionally somewhat harder than pure routing (which after all with a few settings any linux or freebsd box will do for you) so I guess this is where the "senses" pitch their capable firewall (and firewall control GUI) hard, as these add the value.

1 Like