Note I'm not looking for Wi-Fi, just router.
Can anyone direct me to some devices that have worked well for you?
1 Like
You're not specifying any speed, so I'm going to say x86.
But the Marvell devices might be good enough, esp if you skip wifi.
Wrt1200
Wrt1900
Wrt3200
Btw, there's no straight line between amount of cores and performance.
Good point. I was falsely thinking quad-core was needed to get solid gigabit internet.
As a reference point, Sophos XG 85 Revision 3, an absolute entry-level commercial x86 router from 2017 running Intel Atom E3xxx something or other, was rated (with stock firmware) for a firewall throughput of 3 Gbps. So any recent device with 1.2 GHz or faster processor and industry standard Gigabit NIC shouldn't have a problem keeping up with the Gigabit Internet connection.
Personally, I've had a pretty good run with various Sophos models, both from the XG family and the SG family that it replaced. Sophos makes their customers retire their hardware every few years. The most recent round of retirements was in August 2022, when Sophos stopped supporting XG 85, SG 105, and XG 105. All three are four-port models running some kind of Intel Atom with 2 or 4 GB RAM and solid-state storage ranging from 4 GB eMMC to 64 GB SSD depending on model and revision.
SG 105 (Revision 1 or 2) is by far the easiest to get (it has an IA32 BIOS, which FreeBSD no longer supports, so the pfSense/OPNsense crowd doesn't want it). With OpenWrt, however, this just doesn't matter; it installs and runs beautifully.
Another model in the same boat (IA32 BIOS) is SG 115 (also Revision 1 or 2). Technically, it's in support until March 2025, but people retire it all the time nonetheless.
XG 85, despite the FreeBSD-compatible BIOS, has few takers in the pfSense/OPNsense community (with 4 GB eMMC, its storage space is sufficient to run the embedded, aka "nano", OPNsense, but no more). So once again, we have a piece of hardware perfectly suited for OpenWrt.
Not to sound like a total Sophos fanboy, 2- and 4-port mini-PCs can be interesting. Older 2-port options include Intel NUC, Zotac Zbox, and the like (Zignbox, Datto, and I am probably forgetting a bunch). If you want something new, shiny, and with warranty (never mind the price), take a look at Protectli (they have 2-, 4-, and 6-port models). If you want new and shiny, but price is a consideration, look at Qotom, Topton, and/or Vnopn (funny names, but in the age of the search engine, distinctiveness is king).
I am sure there are good options outside the x86 realm as well (high-end consumer routers, sometimes called "gaming routers", may be worth a look), but I don't have personal experience with those.
1 Like
Forgive me if I sound snarky 
, but you did specifically state you're looking for a router only. In that case just about any Intel/AMD desktop x86 CPU (with the possible exception of ultra-low-power Atom/Celeron devices) from the past 10 years can easily do it without breaking a sweat.
Even my ultra low power Jetway NF9HG-2930 (Celeron N2930, usual TDP 4.5W only) can route 1G without problem, I have been using it since 2015.
I also have Linksys WRT1900ACv2/WRT3200ACM, routing 1G also no issue with offload enabled.
No, this is a reasonable point. But I've found that such a solution uses a lot more electricity than purpose-built routers.
My linksys WRT1900ACS could only push about 800Mbps. Perhaps I had too many clients?
Keep in mind if you plan on adding processor heavy things in the future such as SQM or even firewall rules in which offloading would have to be turned off drastically lowers what the router can route.
2 Likes
ODROID H2† has two 2.5 GB NICs, 2x USB 3 and draws around 7 W running as a firewall here (at the wall, includes PSU losses). That's probably less than some of the high-end routers. Most of my amd64 boxes don't draw very much, with an aging i3-7100T at around 25 W, including a quad Intel server NIC. Just don't bother with a high-performance video card.
† Replaced by the H3, which I haven't tested
With well selected components (mostly PSU and mainboard, and of course no dedicated graphics), x86_64 does not need to draw that much power (even if I'd generously calculate the 4-port ethernet card with 1.5 watts per port, so ~6 watts give or take). Around 10-15 watts (semi-idle) should be achievable even with 'normal' (but well chosen) desktop components, 5-10 watts with more specialized notebook- (x)or Atom ones (and the i3-7100T suggests an SFF or tiny system to me).
Just for reference, I've been running an Atom j1900 based LAN server for the the last decade that's chugging 6 watts out of the wall (including PSU, 2.5" spinning rust, single network port up, system doing normal background tasks).
But now those newer ARM boards are actually doing better, the NanoPi R6S running full speed routing 2.5G is ~5W only, so I am leaning towards those devices for home use now.
I'd consider what level of OS support and ongoing security patches you're going to get.
I agree that the nanoPi R6S looks great on paper. Digging into it a bit this morning I see that doesn't seem to be supported by OpenWrt or Armbian. There are concerns about the security of the provided kernel. See, for example, NanoPi R6S – A Rockchip RK3588S router - #4 by maurer
If things have improved in the last few months, at US$120 and at least orderable (unclear if deliverable, a common problem with SBCs right now), it is an interesting opiton.
1 Like
For up-to-1-GBit/s requirements, Tips for getting cheap used x86-based firewall with full Gbit NAT (a PC Engines APU) if you are in the US are attractive alternatives.
I have a WRT1900ACS which I'm using for a FTTH link.
I can confirm it doing 750/500 while near-idling. This thing should be able to do gbps routing without any issues.
Yes I know about that, but I am looking forward for mainline support because of this. Yeah 6.3 looks a bit far away but at least once it's in mainline we can compile the one we want, a few weeks ago I ordered one and tried to play around with it.
Check out the Topton N5105 boxes on aliexpress. They have 4 x 2.5Gb Intel ethernet phys and a good CPU for $210 including storage and RAM. I haven't actually done the proper performance testing on the one I have, but I'd be very surprised if it doesn't push a gigabit through the uplink. They are fanless too which is very nice.
I'd be very surprised if it didn't, a lot older and weaker CPUs are capable of doing it.
Basically any MT7621 device will push 1Gbit routing with HW offloading. Mikrotik RB750Gr3 and Unifi ER-X are my favorites. Both consume less then 4W routing at max speed.
2 Likes
Are there any anomalies for the Sophos boxes like the SG115 than a standard x86/64 OpenWrt install?
1 Like