Jump to content
Not connected, Your IP: 100.24.113.182
rkid

Router recommendations

Recommended Posts

Hi all,

Can anyone suggest a new router for me? I currently have an ac68u but I'm getting a bottle neck when using shibby tomato and openvpn to connect to Airvpn. I'm getting around 10mbs download speeds when my max is around 70 in non VPN mode - yes not the best but it is the best in my area.

I'm interested in either a wired router to place infront of my current network and turn the WiFi routers into WiFi switches or just a new WiFi router. Having done some research it will need an awesome processor and ram capacity. Oh and obviously openvpn capabilities either natively or via ddwrt or alike.

Thanks

Share this post


Link to post

Would recommend a Netgate SG-1100 as your wired router front-end.  It's about $170.  You can customize almost any setting since it's using PFSense as the firewall and BSD as the OS.  Then, you can use your current wifi as an AP only, depending, of course, on your home layout.  I use OpenWRT on my wifi AP and it works extremely well.  Caveat - I only connect to AirVPN on my desktop.  I don't run it through the sg-1100.  I could if I wanted to, but given all the problems with locality, rather than create a bunch of client and software exceptions, I will just go online with my desktop, or connect to AirVPN using a mobile app if a need arises.  I also use PFBlocker on the SG-1100 and it does a great job filtering all the network garbage and ads.

Hope this helps!

Share this post


Link to post

FWIW, the dd-wrt forum community has pretty much settled on the Netgear Nighthawk X4S R7800 router as their standard recommendation for those wanting solid performance, reasonable cost, and super dd-wrt support, the latter because the R7800 appears to have become the primary dd-wrt development platform.

Share this post


Link to post

Solid wifi performance does not equal solid openvpn performance.

If you want good openvpn performance get the asus AC86 (eighty six) and install Merlin firmware.  It's got an AES-NI CPU so it'll rock openvpn.

Share this post


Link to post

I'm not sure if it is a router issue. When I run a speedtest on WiFi and cabled connections, the CPU of the router doesn't go above 18% and the ram has plenty of free space.

Can anyone suggest any other problems to explore?

Share this post


Link to post

As has been mentioned many, many times before on this forum, nearly all consumer grade Wi-Fi routers will not have the CPU to really max out the connection in terms of raw speed. I have the AC86 and while it is a great AP in terms of Wi-Fi speed, it never, ever could get above about 40 Mbps when connected to any Air server running as a router. I finally put together a micro-ATX PC running pfSense and I can maintain multiple active connections to Air (failover), multiple virtual LAN's, pfBlocker (ads/malicious sites), and an OpenVPN server, with my connection nearly maxed to my ISP's limits.

For what you will typically spend on the Wi-Fi router, invest a little bit more (if you can) and get a pre-built pfSense box or build one. Then use your existing Wi-Fi router (or just get a decent one) and use it as an AP. In the long run, you will be much happier with overall performance.

Share this post


Link to post

To add to my comment above re dd-wrt community recommending the Netgear R7800 (an AC2600 router, IIRC) typically its users report router OpenVPN performance around 70 Mbps (and wireguard performance twice that).  I run the less capable (AC1900 class) Linksys WRT1900ACSv2 here and have seen up to 60 Mbps OpenVPN (2.4.9) performance through Air servers, though half that is more typical for me.

Share this post


Link to post

I use the AC86 with Merlin firmware & OpenVPN, thanks to the processors AES-NI  support my speed is about 150 Mbit on average. I would love to build a box that would max out my 500 Mbit connection but you need some serious hardware, and that's pricey, for now my AC86 is fast enough

Share this post


Link to post
6 hours ago, NLVPN said:

I use the AC86 with Merlin firmware & OpenVPN, thanks to the processors AES-NI  support my speed is about 150 Mbit on average. I would love to build a box that would max out my 500 Mbit connection but you need some serious hardware, and that's pricey, for now my AC86 is fast enough


It doesn't take much actually.  An x86 processor with AES-NI in pfsense can do it if the network between you and the vpn server allows.  Most of the time though the network will be the limiting factor, not the CPU.

Share this post


Link to post
9 hours ago, go558a83nk said:

It doesn't take much actually.  An x86 processor with AES-NI in pfsense can do it if the network between you and the vpn server allows.  Most of the time though the network will be the limiting factor, not the CPU.
I disagree, but I'm open to suggestions, please advice on the configuration I would need to max out my 500 Mbit connection with OpenVPN.

Share this post


Link to post
10 hours ago, NLVPN said:
19 hours ago, go558a83nk said:

It doesn't take much actually.  An x86 processor with AES-NI in pfsense can do it if the network between you and the vpn server allows.  Most of the time though the network will be the limiting factor, not the CPU.
I disagree, but I'm open to suggestions, please advice on the configuration I would need to max out my 500 Mbit connection with OpenVPN.


I built a pfsense box with an AMD A6-7400K CPU back in 2015 for $121.  Later I added an intel dual NIC for another $40 or so since the realtek NICs I was using weren't the best.  It does 600mbit/s openvpn from a single server in a multi threaded download, if the network "allows" it.

Share this post


Link to post
3 hours ago, Staff said:
@NLVPN

Hello!

Also consider that you can have robust load balancing with a pfSense (and in general *BSD) box and AirVPN:
https://nguvu.org/pfsense/pfsense-multi-vpn-wan/

Kind regards
 

Yes, this is what I do for downloading big files.  It's rare that I'm able to hit that 500+ mark from a single connection both because my ISP and intermediate networks just aren't "allowing" it, or because the VPN server isn't up to it.  But when spread out it's much easier.  That said, some endpoint servers won't allow you to multi wan and it won't help with bittorrent either.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...