Best router for home use?

gabe [he/him]@literature.cafe to Selfhosted@lemmy.world – 99 points –

I am planning to eventually build my own home server, and when I do I will hook it up via ethernet. But I do want to switch away from the generic FIOS router and use my own for more control over my data and security. Any recommendations?

92

You are viewing a single comment

If you want the full control use https://opnsense.org/ on a mini pc or in a VM on your home server.

Can this work with the "off the shelf" mesh routers.

This seems like it's geared toward higher power hardware that's not generally available on a consumer-grade router.

You could buy a $300 consumer router and it would be worse than just using an old PC with OPNsense.

Except that the old PC is probably less efficient at a lower clock than an AR based consumer router. You'll get more performance and features, but it will be more expensive to run.

I guess if you live in a place where electricity is super expensive this will matter. A good majority of self-hosted people don't seem to care much as they have server racks full of old hardware.

The Fujitsu Futro S720 consumes about 6 Watts and it's great for OPNsense!

Please don’t host a router on a Hypervisor VM. That does not benefit security. First of all a router is an integral part of the (home) network, therefore it should not be dependent on anything, like a hypervisor. You want to be able to replace or update your server/ hypervisor independently from each other, for example in 5 hrs your router might be still rocking all data, but you would want to upgrade your home server / hypervisor. Furthermore all those OpenWRT, PFsense, OpenSense kernel/ OS hardening is more effective on the hardware itself, especially all RAM/ Memory based security measures. Also if you truly want to be more secure, you use dedicated hardware for multiple reasons, performance is dedicated to only routing/ firewall processing (no other service/ VM can block or slow down packet processing), reducing the attack surface (less software, less attack surface), easier to update.