Yet another "What device to buy" thread

gone_bush · January 28, 2025, 7:54am

I currently have an NF20Mesh - because that's the Tangerine recommended modem. The best that can be said about it is that's "satisfactory". Mostly.

Due to current serious NBN issues, a major shortcoming of the NF20 has become an issue - no tcpdump.

So I'm in the market for an OpenWRT / NBN compatible modem.

ENVIRONMENT:

single user (me)
no gaming
"outside" access required
I have a dynamic IP address
I have dynamic DNS
outside traffic split using NAT
currently 18 NAT rules - probably more in future
firewall not required - all hosts (linux) run their own iptables firewall
cost is a serious issue, max $150 (OK, $200 at a stretch) but would prefer < $100 (yeah, tell him he's dreamin')

Recommendations please.

frollic · January 28, 2025, 8:01am

That's AUD, right ?

KOA · January 28, 2025, 8:40am

Outside access depends whether you are behind CGNAT or not

gone_bush · January 28, 2025, 9:56am

I currently have a Class A IP address

lunar_rover · January 28, 2025, 11:37am

Class A includes CGNAT address block.

If you have a public IP you can use DDNS+plain VPN, otherwise you'll need something that supports NAT traversal, like Zerotier and Tailscale. Use IPv6 if available.

What's your bandwidth?

KOA · January 28, 2025, 12:17pm

Netbird is also good and open source

mk24 · January 28, 2025, 3:41pm

If dynamic DNS is of use to you that means that you do have a public IP (almost always a single address) routed to your line. Then you would use port forwards (reverse NAT) link different servers to an incoming port on the same IP address.

(NBN is apparently Australia's National Broadband Network initiative where the government paid for fiber trunk lines all over the country then various private companies sell local connections to homes and businesses over varying media.) Does this NBN involve making tunnels from the customer premises or does it look like a regular ISP to the end user?

On LTE you have more choices in hardware with a two-box solution where one box is purely an LTE modem then OpenWrt in the second box does all your routing.

gone_bush · January 28, 2025, 6:57pm

bandwidth is 20mbs

lunar_rover · January 29, 2025, 12:02am

Any recent device can handle this. I recommend MediaTek ARM, currently it has the best support(also used by OpenWrt One).

If you don't need high speed LAN you can forget about 5Ghz. 2.4Ghz Wi-Fi 6(or even 4) is ample.

Be sure to use SQM/QoSify instead of Hardware Offloading.

Summit48 · February 2, 2025, 1:23am

You should be able to pickup a EOL Ubiquiti USG-3P for about AU$ 50.

It boots off an internal removable 4GB USB stick, so that is very handy.

Install OpenWrt + Tailscale and you're done.

Tailscale works behind CGNAT and NO DDNS required.

root@USG-3P:~# cat /etc/openwrt_release
DISTRIB_ID='OpenWrt'
DISTRIB_RELEASE='24.10.0-rc7'
DISTRIB_REVISION='r28417-daef29c75d'
DISTRIB_TARGET='octeon/generic'
DISTRIB_ARCH='mips64_octeonplus'
DISTRIB_DESCRIPTION='OpenWrt 24.10.0-rc7 r28417-daef29c75d'
DISTRIB_TAINTS=''
root@USG-3P:~# tailscale version
1.78.1
  go version: go1.23.4
root@USG-3P:~#