Ok, my router is too old. I need to buy a new router.
The question is: what is the right router for me?
It must obviously support openvrt and be able to route 2 WAN at 1 Gbps each coming from my ISP and send them to two VLANs that are attached to several devices all at 1 Gbps.
I am not interested in WiFi as I will attach an external mesh device.
At the moment, my ISP provides me a terrible router, but is a dual core 1.5 Ghz with 512 Mb RAM and it is optimized for that type of connection, so it works, but it doesn't allow me to do anything different than browse the web (for example, VLANs which are essential for me).
Furthermore, it has a severe firmware issue that causes a substantial loss of packets between the LAN ports.
Would a Linksys WRT1900 router be good?
Any other suggestions?
I was looking for something to buy used for 80/100 euros.
a) dsa doesn't allow multiple CPU ports, yet. So only one of the two can be used right now.
b) even ignoring software (dsa-) constraints, what comes in (WAN) also needs to go out again (LAN), so one CPU port in, one CPU port out - leaving exactly none for your second WAN.
So I would need a 4 core CPU.
That's quite incredible. I think it's better to use 2 "normal" router connected in VLAN.
This should solve my problem spending much less money.
Am I right?
Thx again
You talk about different things now. Most CPU for Gbit devices are 4core. But a core is only a thing that processes bits.
What you need are ethernet ports on the cpu connected to the switch ethernet ports. Original the Linksys wrt1900 and 3200 devices have two data lanes between the switch and cpu but the dsa firmware we now have only supports one data lane at this point.
So that means with dsa the lan and wan data must share the same 1Gbit bandwidth in one data lane between the cpu and switch that in practical terms gives them about 500Mbit each.
Clear.
I wonder how the OEM firmware bypasses these restrictions, but I read something on the FAQ thread, I am going to read it again.
I think I will buy a 50 bucks router and I will use 2 routers connected on a VLAN (maybe I do not either need to setup a VLAN, it should be enough to use static routes to let the routers talk each other on a LAN port).
Hmm, 2x 1Gbe makes me immediately think "x86". Then again, having two slower ARM devices does give you some redundancy, in case you're worried about that. (And I'm sort of biased towards x86 as I've recently been playing with one of the aliexpress Celeron boxes with 4x 2.5 Gbe NICs.)
Honestly I am a bit confused.
My 10 year old Asus RT-N66U router with stock firmware gave these performance results:
1 - WAN connected to my ISP's router
2 - NAS on LAN port 1
3 - PC on LAN port 2
4 - Laptop on LAN port 3
Full 1 Gbps download from PC to NAS.
SIMULTANEOUSLY
Full 1 Gbps download from the Internet to the Laptop
So this little toy is doing simultaneously:
1 - Full 1 Gbps download on WAN
2 - Full 1 Gbps upload on LAN (1 and 2 are the laptop speed test)
3 - Full 1 Gbps download on LAN
4 - Full 1 Gbps upload on LAN (3 and 4 are the file transfer from NAS to PC)
So 3 Gbps on LAN and 1 Gbps on WAN.
As soon as I install OpenWRT, performance drops by 90%, but OpenWRT is the only one that allows me to configure 2 WAN and 2 LAN.
That's why I am moving to the "2 routers solution", so I can fully utilize my 2 Gbps for a low cost.
I still do not get why OpenWRT cannot give me the same speed. I mean, I read all of the FAQs, but I am missing some technical stuff... I think I have to study more
The LAN ports are switched, this traffic never leaves the switch fabric and isn't seen by the SOC/ CPU.
WAN-to-LAN traffic is offloaded to the hardware (hnat in OEM lingo, hardware flow-offloading for OpenWrt is available with mt7621a), which can speed up 'easy' traffic rules, but this is 'cheating' in a way, as it fails to work with more complex filtering scenarios (and make traffic accounting and similar things impossible, it's not without side-effects and potential bugs (e.g. PPPoE offloading has been problematic in the past(?))).
(mt7621 makes a great edge router for terminating PPPoE (kernel 5.10 and later), taking care of NAT and doing a first-order firewall with few rules and a lot of DROP/REJECT default policies. You can then use your favorite platform as a core router to do the expensive complicated stuff. The only firewall rules that need to be pushed to the edge are port forwards. And no, you don't need to do double-NAT, just make sure the mt7621 edge device has static routes so it knows what traffic to send via its link to the core router.)
So you should get one, But I would suggest that if the OP is accurate in terms of what you need, you are not going to get it at the price point mentioned. IMO you are looking at something in the range of a 5105 with 4 nics and two (un)managed switches off the two LAN ports (but I do not have a clear picture of your infrastructure). So something like one of the aliexpress options, or an odroid H3...
