My Linksys router died this morning - fortunately, I had a spare Netgear one laying around, but manually replacing all DHCP reservations (security cameras, user devices, network devices, specific IoT devices) and port forwarding options was a tedious pain. I needed a quick solution; my job is remote, so I factory reset the Netgear (I wasn’t sure what settings were already on it) and applied the most important settings to get the job done.
I’m looking for recommendations for either a more mature setup, backup solution, or another solution. Currently, my internet is provided from an AT&T ONT, which has almost everything disabled (DHCP included), and was passing through to my Linksys router. This acted as the router and DHCP server, and provided a direct connection to an 8-port switch, which split off into devices, 2 more routers acting as access points (one for the other side of the house, one for the separated garage, DHCP disabled on both).
If going the route of a backup solution, is it feasible to install OpenWRT on all of my devices, with the expectation that I can do some sort of automated backups of all settings and configurations, and restore in case of a router dying?
If going the route of a smarter solution, I’m not sure what to consider, so I’d love to hear some input. I think having so many devices using DHCP reservations might not be the way to go, but it’s the best way I’ve been able to provide organization and structure to my growing collection of network devices.
If going with a more mature setup, I’m not sure what to consider for a fair ballpark budget / group of devices for a home network. I’ve been eyeing the Ubiquiti Cloud Gateway + 3 APs for a while (to replace my current 1 router / 2 routers-in-AP-mode setup), but am wondering if the selfhosted community has any better recommendations.
I’m happy to provide more information - I understand that selfhosting / home network setup is not a one-size-fits-all.
You must log in or # to comment.
$150 fanless N100 pc with 4x2.5gbps from aliexpress and install OPNsense on it.
If going the route of a backup solution, is it feasible to install OpenWRT on all of my devices, with the expectation that I can do some sort of automated backups of all settings and configurations, and restore in case of a router dying?
That’s what I do. Every device runs OpenWRT except my ONT. Backing up is just a cron script that calls each one and pulls the config.
For my router, I ended up buying an old Barracuda LoadBalancer 340 and installing OpenWRT (it’s an x86 device so it was super easy). It’s a little over-powered for a router, but the price was right. It’s got more than enough spare resources to run some extra stuff, including Docker, so I’m probably going to throw my PiHole container on there since I haven’t been impressed with AdGuard Home (which is available in the repos).
I’m not very experienced with OpenWRT - how sensitive is it to device changes? If your Barracuda dies tomorrow, do you have to purchase the same brand / model, or could you slap your saved config onto a similar device? Is there some sort of device compatibility to consider?
The barracuda I have is
basicallyan x64 board in a 1U half-depth case with two extra network adapters (3 total including the onboard one). I have two of them: one’s running OpenWRT (my router) and the other vanilla Debian.So if my router one dies, I can just either pull the drive from it or restore a config backup to another suitable PC that has two NICs (or promote the second unit I have).
The config in openwrt is abstracted. So if the hardware and NICs are totally different, you might need to reconfigure the device names in the config so they’re referencing the right NICs, but everything else should “just work” (e.g. WAN and LAN are just arbitrary labels).
I run Opnsense on a Proxmox VM (I followed this guide). I’m quite pleased with it. Opnsense is probably going to be more secure than any consumer router firmware, but you’re going to have to make a bigger upfront investment in hardware. I had never used Opnsense prior to using this system, and the fact that I’m running it on Proxmox is a huge benefit. If I’m ever about to do anything I’m unsure of, I can snapshot the VM in Proxmox. If my router config breaks as a result of my tinkering, I can easily restore from the snapshot.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters AP WiFi Access Point DHCP Dynamic Host Configuration Protocol, automates assignment of IPs when connecting to a network DNS Domain Name Service/System IP Internet Protocol PiHole Network-wide ad-blocker (DNS sinkhole) PoE Power over Ethernet SSH Secure Shell for remote terminal access Unifi Ubiquiti WiFi hardware brand
8 acronyms in this thread; the most compressed thread commented on today has 12 acronyms.
[Thread #921 for this sub, first seen 14th Aug 2024, 19:05] [FAQ] [Full list] [Contact] [Source code]
I’m spoiled now. I prefer ubiquiti equipment for my network, security camera, and even door access.
However, if you prefer completely open source I can recommend opnsense and openwrt. Personally I prefer a single point of configuration… So all ubiquiti for me… It makes it easy to restore a complete network configuration as you are discovering is a pain.
Maybe start with the new cloud gateway max as a router if you are interested.
As for backup, you can also buy a e.g. Lenovo M920q minipc, buy a pci-e riser, buy a dual port ethernet card, set up an pfSense (or OpenWRT) VM, pass-through the ethernet card directly to the VM. The VM is very backupable, since you just copy the VM state and save it somewhere. This would only work for the router though, since the AP’s that’d be running OpenWRT wouldn’t be VMs. This is at the cost of having to deal with an additional layer for the VMs.
I guess the problem you’re asking about in regards in regards to cross-device portability of a backed up config is valid. If you had a four ETH port router, backed up the config, and then uploaded it on a two ETH port router, you’d run into trouble, but I have no experience here.
You can also install OpenWrt on some switches these days (PoE also reportedly works with realtek-poe module):
- https://forum.openwrt.org/t/support-for-rtl838x-based-managed-switches/57875/
- https://openwrt.org/toh/views/toh_standard_all?dataflt[Device+Type*~]=Switch
That way you’d have a fully open OpenWRT-only network lab, so you’d always be working with the same system.
deleted by creator
I used to use OpenWRT on various devices, but two years ago I got a UDM-Pro, a USW-16-POE, and a few Unifi APs and cameras. I run pi-hole on the UDM-Pro. I have no complaints. It is more expensive than piecing it all together using OpenWRT and some Raspberry PIs, but way easier.
No issues or anything so far with the Unifi devices? That’s good to hear. Do you have any third-party integrations with your Unifi devices, or is it as locked of an ecosystem as I’ve read others say? I don’t think I’d mind taking the plunge, as long as it has good customer service and support.
Be prepared to be hostage of their cloud services… Unifi was all cool until they introduced the Cloud Key and a few other things.
Can’t you just not use their cloud services? It makes you create an account for setup, but once setup was done I never touched it.
If you’re looking for a more mature networking setup, I would definitely recommend splitting up your router, switch and AP duties into separate devices. It gives you the most flexibility for when you want to tinker or change things.
For a main router setup, I would recommend OpnSense. It’s has a cloud backup feature which allows you to automatically backup the configuration to a Google Drive xml file whenever it is changed.
The XML config file stores all your leases so you don’t have to worry about reassigning DHCP reservations. If you load the config onto a new system, like for an upgrade or if the router hardware fails, usually you just have to change the interface mappings and you’re good to go.
As far as APs/switches, I would recommend Unifi or Mikrotik. Unifi has a fancy dashboard you can use to adopt new equipment and restore/change configs from, but I find Mikrotik easier and simpler to backup and I like that i dont have to host a controller to make config changes.
I would not recommend unifi for a mature solution. It sure works nice as a glass panel, but it will get limiting if you will have a desire to hack around your network. Their APs are solid, though, it’s just the USG/Dream machine that I wouldn’t recommend.
Mikrotik software is very capable and hackable and you can run it in a vm if you feel like bringing your own hardware.
Another vote for Mikrotik, but only if you’re technical-minded and want to learn how routers work. One of the things I like the most about it is the ability to import/export the router config as plain text. That makes it very easy to do things like bulk-editing (I have a lot of IOT devices I need to configure), storing your config in version control for safe-keeping etc.
Unifi gear is super great value-wise. Their support is lacking, but their equipment is pretty easy to deal with.
UCG is great and cheap.
UDM Pro is more flexible / future proof but also more expensive. (you get POE, and access to the rest of their suite, but that access also comes with some hardware lockin)
They don’t do custom DNS, so a couple of PIE holes or a DNS service are prudent.
