Networking/hardware newbie, Router Switch AP setup

Damn, I'm sorry. It shouldn't be that way.

Yes, exactly. They look awesome, but are under powered.

Smart, thank you. I'll connect an IDS on my switch then. I guess it's has good as connecting it between the modem and the router?

I see, and you are right. I should only run important stuff (so no wireguard/IDS). I'll just run the DNS server on there though. I don't need WireGuard but it's a thing I'd like eventually.

I meant, if the hardware can't keep up because of bad CPU/insufficient RAM. But I guess I'll see once I'm there. I just feel insecure a little about the whole thing :laughing:

Damn, the EAP1300 output at 300 mW where my old router output is 950 mW.

https://fccid.io/A8J-EAP1300
https://fccid.io/PY315200309/

So I guess I need to continue my search for an AP. Thank you very much, you saved me from huge disappointment. :heart_eyes:

I was trying to find that motherboard yesterday :laughing:. Thanks for sharing that. I guess I'll wait for the H2 then, everyone seems to like this device very much and since I'm no expert on networking, I'll trust you folks.

No idea what is a rango :thinking:

@Extarys
If you want OpenWrt as "base" you're more or less out of luck as far as aarch64 goes in it's current state as Marvell is the only "supported" option although the GL.inet box isn't (yet). Support for RPi4 is in very early stages so you might have some stability issues.

Wireguard is available on most major OSes by now in some way or another.
IDS is available as a package but there's no frontend and such functionality in OpenWrt and requires quite a bit of processing power including RAM especially at the speeds you've listed above. You'd probably need a i3-CPU or better to handle traffic at such speeds and at least 2G of RAM, 4G+ is most likely a good idea, do note that processing power can vary quite a bit depending on amount of rules.
A few distros such as Archlinux that has pi-hole as a package if you want to integrate it into a single box.
https://aur.archlinux.org/packages/pi-hole-standalone/
"AES-NI" is x86-specific, AArch64/ARM64 does however have dedicated instructions for AES.
Routing speed wont be an issue irregardless of platform unless the ARM box has really low clocks.

Regarding running multiple services on a router it's more or less up to you. You are adding potential attack vectors but then again you're looking at a home network not a fortune 500 company and you're most likely never going to be targeted specifically and even if you are it's very likely that it'll be an issue unless services are listening on WAN interface which they shouldn't in the first place.

I personally run FreeBSD on firewalls and also use it for various other services (including wireguard), it's well documented and very stable however you are expected to "do your homework" (ie read the handbook etc) before asking. I think it's a good experience if you want to learn however you might find some of the tasks a bit overwhelmning such as IDS as they're quite complex to setup however that applies to any OS more or less that isn't tailored for a WebUI from the start. OpenWRT is a good solution however it targets more resource restricted platforms which you might find a bit restrictive compared to other solutions for x86 and AArch64/ARM64. You can of course theoretically run anything on OperWrt if you'll willing to spend time porting software but I doubt you'd want that and do figure out workarounds for various services. It is however a good choice if you want to setup APs. Packet loss isn't going to be an issue unless you get some weird unforseen incompatibility issue.

Odroid H2 isn't a bad choice but it's in a kinda strange spot in terms of price and performance. It's faster than most ARM solutions however also noticable more expensive and I'm quite sure it still lacks in performance to handle linerate (Gbit) with all bells and whistles enabled (IDS, Wireguard etc). Do note that RAM is an additional cost to the H2. In general I'd say it's a better choice than PC Engines products.

Mini ITX builds will drive up the cost considerably, you're most likely better off getting a NUC-like device and additional NIC.

I would about the stability of USB-adapters but I guess you'll find out by yourself, it might work "good enough". You might want to do some research about different controllers.

Regarding choice of hardware it looks good having your budget in mind.

2 Likes

I suspect there will be no more production of those boards given Intel's lack of interest in producing those low power / low cost CPUs; same issue hardkernel has run into sourcing for the H2.

Apologies, I tend to device code name rather than model #, regardless, WRT3200ACM == rango, WRT32x == venom, and for all intents rango == venom, unless you really need the blue LEDs.