List of routers for FTTNx2 and VPN

Advanced feature discussion, beta programs and unsupported "Labs" features.
26 posts Page 1 of 3
by pratik » Sun Dec 18, 2016 1:19 pm
Currently I've ASUS RT-AC68R/U (T-Mobile router flashed with advanced tomato) and I'm on FTTNx2.
I use Sonic OpenVPN directly on my router since I don't want any traffic to go through ATT network.

However RT-AC68 seems to be insufficient for all encryption / decryption. I get around 13MBPs download speeds.

Is there a list of routers which work perfectly when used with FTTNx2 and openVPN (I would prefer a router with ability to flash advanced tomato / open/dd-wrt etc)?
If not can everyone start sharing what router they use for openVPN and service (FTTN/ FTTNx2 etc.)? And respective speeds.
by redolphin » Wed Dec 21, 2016 2:58 pm
I'm on a same boat and decided to build one linux box running as a router.

I'm waiting my FTTNx2 installation but when I tested with my comcast network I was able to see 90~100Mbps down with 40~50% of cpu (celeron 847) load.
by pratik » Thu Dec 22, 2016 8:33 am
redolphin wrote:I'm on a same boat and decided to build one linux box running as a router.

I'm waiting my FTTNx2 installation but when I tested with my comcast network I was able to see 90~100Mbps down with 40~50% of cpu (celeron 847) load.
Thanks.
Did you use any of the SBC? or normal computer?
And that CPU doesn't seem to have AES engine but I guess dual core 1.1GHz is making up for that.
Mainly how are you adding extra LAN ports and did you use DD-WRT x86?
by drew.phillips » Thu Dec 22, 2016 10:36 am
Last night I was doing some research and this box looks really promising. People report great throughput on OpenVPN using pfSense. (Pratik, I think this is also the same or a similar CPU to the board we were discussing the other day). All that's needed is a ram stick and sd card for installing pfSense.

I think there are still other good options that could be less expensive. I'm pushing someone I know at Mikrotik to get UDP and tls-auth into the next version of RouterOS. It's been in demand long enough and those would turn out to be the least expensive, highest powered devices that would do OpenVPN natively.

Otherwise, TP-Link is making some of the best off the shelf routers you can buy right now that will support OpenWRT and do VPN well.
Drew Phillips
Programmer / System Operations, Sonic.net
by pratik » Thu Dec 22, 2016 11:33 am
drew.phillips wrote:Last night I was doing some research and this box looks really promising. People report great throughput on OpenVPN using pfSense. (Pratik, I think this is also the same or a similar CPU to the board we were discussing the other day). All that's needed is a ram stick and sd card for installing pfSense.

I think there are still other good options that could be less expensive. I'm pushing someone I know at Mikrotik to get UDP and tls-auth into the next version of RouterOS. It's been in demand long enough and those would turn out to be the least expensive, highest powered devices that would do OpenVPN natively.

Otherwise, TP-Link is making some of the best off the shelf routers you can buy right now that will support OpenWRT and do VPN well.
That one is amazing. Yup we talked about these series of processors. I wish there were multiple options available with Braswell architecture (around 6W power consumption and AES engine). Can you link to TP-Link routers?

I'm leaning more towards Zotac mini PC just because I can probably use it for multiple scenarios (router + HDPC).
I wish there was something with the form factor of: https://www.amazon.com/dp/B019Z8T9J0/re ... B0179S50UU

And I'll keep an eye on Marvell board -- that one looks like the best candidate for setting up as OpenVPN router (https://www.kickstarter.com/projects/87 ... obin-board#).

Thanks
by drew.phillips » Thu Dec 22, 2016 12:21 pm
Wow that Qotom looks awesome, but why they'd put a CPU in it that lacks AES-NI (unlike the Celeron in the Zotac) is a mystery to me. Seems like it's totally geared towards industrial applications or a router for such applications that would certainly want VPN or security.

There were several good candidates, but the only one I recall off memory now was the Archer C2600 (OpenWRT link. If you wanna browse, check this link: https://wiki.openwrt.org/toh/start?data ... %2A~%5D=tp Look for current models w/ decent CPU's and other features you might want (e.g. AC wireless).
Drew Phillips
Programmer / System Operations, Sonic.net
by redolphin » Thu Dec 22, 2016 9:12 pm
pratik wrote:
redolphin wrote:I'm on a same boat and decided to build one linux box running as a router.

I'm waiting my FTTNx2 installation but when I tested with my comcast network I was able to see 90~100Mbps down with 40~50% of cpu (celeron 847) load.
Thanks.
Did you use any of the SBC? or normal computer?
And that CPU doesn't seem to have AES engine but I guess dual core 1.1GHz is making up for that.
Mainly how are you adding extra LAN ports and did you use DD-WRT x86?

It is just linux box with masquerade (or internet sharing) also I have one extra NIC at home, that's why I can build this system. But if I need to buy (or build) something, I will choose what you and drew.phillips mentioned ;)
by pratik » Fri Dec 23, 2016 4:15 pm
Ok I bought the Zotac (with 4GB RAM and 60GB SSD, I guess that RAM would be more than enough, if I need more then I'll buy later). Waiting for deliveries.

Here are things I'm planning to try:
1. Install dd-wrt x86 on it (please refer me other x86 router specific configs/OS if available). Try DHCP and few other settings to single computer.
2. Try adding router instead of computer.
3. If first 2 steps are good, install Ubuntu on it and try to replicate first 2 steps inside VM (hopefully with complete control over networking, 2 CPU cores and some RAM)
4. If successful then I'll use it like that otherwise revert back to step 1.

I wanna try setting Linux box as is as a router but I don't think I've enough knowledge to do this.

I'll update again once I try these.
by drew.phillips » Fri Dec 23, 2016 5:29 pm
pratik wrote:Ok I bought the Zotac (with 4GB RAM and 60GB SSD, I guess that RAM would be more than enough, if I need more then I'll buy later). Waiting for deliveries.

Here are things I'm planning to try:
1. Install dd-wrt x86 on it (please refer me other x86 router specific configs/OS if available). Try DHCP and few other settings to single computer.
2. Try adding router instead of computer.
3. If first 2 steps are good, install Ubuntu on it and try to replicate first 2 steps inside VM (hopefully with complete control over networking, 2 CPU cores and some RAM)
4. If successful then I'll use it like that otherwise revert back to step 1.

I wanna try setting Linux box as is as a router but I don't think I've enough knowledge to do this.

I'll update again once I try these.
Nice! Look forward to hearing the results. 4 GB of RAM is plenty. It'll barely use any since the OS uses very little and most of the memory consumption goes to switching and NAT tracking which is still small.

I'd say install DD-WRT or OpenWRT on it as step 1 like you said (I think DD requires a paid license to configure wireless adapters which costs about $21). Personally I think either one is fine, but OpenWRT might be a little easier to install and is modular rather than one static image so you can upgrade easier and add packages for different things.

Not sure what you mean by "2. Try adding router instead of computer". The Zotac will be the router (put the Pace in DMZPlus mode so it bridges to the Zotac. The Zotac will get a public IP and the Pace won't do any firewalling and DD/Open will handle all that.

It'd be an interesting experiment to then put Linux on and virtualize the router software (presumably you want to do this so it can be a router / media PC?). I honestly can't say how that would hold up streaming 1080p video over VPN and then rendering the video under the 2 VMs but it might very well be just fine.

Unless it's purely for educational purposes, there's no great reasons to install Linux and set it up as a router. That's essentially what DD/Open are; Linux OS's with a GUI that make it easy to manage like a router. If you run Linux, you'll probably end up installing some kind of firewall manager to avoid configuring NAT, port forwards, and security rules on the command line. Then you'll need to script something yourself to ensure the VPN connection stays up and drops traffic if the VPN goes down. And then whatever else you wanna do router-wise will be manual and it'll be a bunch of independent things rather than managed from a nice web interface.

On another note, I just bought the TP-Link Archer C2600 to try installing OpenWRT on and see how it does with the VPN. I'll post back when I get it and have some results.
Drew Phillips
Programmer / System Operations, Sonic.net
by pratik » Fri Dec 23, 2016 7:55 pm
drew.phillips wrote:
pratik wrote:Ok I bought the Zotac (with 4GB RAM and 60GB SSD, I guess that RAM would be more than enough, if I need more then I'll buy later). Waiting for deliveries.

Here are things I'm planning to try:
1. Install dd-wrt x86 on it (please refer me other x86 router specific configs/OS if available). Try DHCP and few other settings to single computer.
2. Try adding router instead of computer.
3. If first 2 steps are good, install Ubuntu on it and try to replicate first 2 steps inside VM (hopefully with complete control over networking, 2 CPU cores and some RAM)
4. If successful then I'll use it like that otherwise revert back to step 1.

I wanna try setting Linux box as is as a router but I don't think I've enough knowledge to do this.

I'll update again once I try these.
Nice! Look forward to hearing the results. 4 GB of RAM is plenty. It'll barely use any since the OS uses very little and most of the memory consumption goes to switching and NAT tracking which is still small.

I'd say install DD-WRT or OpenWRT on it as step 1 like you said (I think DD requires a paid license to configure wireless adapters which costs about $21). Personally I think either one is fine, but OpenWRT might be a little easier to install and is modular rather than one static image so you can upgrade easier and add packages for different things.

Not sure what you mean by "2. Try adding router instead of computer". The Zotac will be the router (put the Pace in DMZPlus mode so it bridges to the Zotac. The Zotac will get a public IP and the Pace won't do any firewalling and DD/Open will handle all that.

It'd be an interesting experiment to then put Linux on and virtualize the router software (presumably you want to do this so it can be a router / media PC?). I honestly can't say how that would hold up streaming 1080p video over VPN and then rendering the video under the 2 VMs but it might very well be just fine.

Unless it's purely for educational purposes, there's no great reasons to install Linux and set it up as a router. That's essentially what DD/Open are; Linux OS's with a GUI that make it easy to manage like a router. If you run Linux, you'll probably end up installing some kind of firewall manager to avoid configuring NAT, port forwards, and security rules on the command line. Then you'll need to script something yourself to ensure the VPN connection stays up and drops traffic if the VPN goes down. And then whatever else you wanna do router-wise will be manual and it'll be a bunch of independent things rather than managed from a nice web interface.

On another note, I just bought the TP-Link Archer C2600 to try installing OpenWRT on and see how it does with the VPN. I'll post back when I get it and have some results.
Yea forgot about OpenWRT, I may actually try OpenWRT even before DD-WRT.

I've 3 devices which needs wired connection, don't have switch so just going to connect my current router at the end of Zotac (mostly acting as a switch / Wireless extender etc.). Zotac will still be main router/gateway.

Router + HDPC is just wishful thinking if it works then good even if it doesn't I still get router.

I agree with using Linux as router that's why I said I don't have enough knowledge about it and most probably won't even bother with it.

And yes keep us updated about TP-Link.
Thanks
26 posts Page 1 of 3

Who is online

In total there are 28 users online :: 0 registered, 0 hidden and 28 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: No registered users and 28 guests