from rezz@lemmy.world to selfhosted@lemmy.world on 01 Sep 00:37
https://lemmy.world/post/35270338
Hi Lemmy gang -
Too many answers online across Reddit and misc forums, so I come to you.
I am looking to ditch my mesh net corporate ware Linksys setup for a variety of reasons.
From my cursory research, a mini PC for routing, or an otherwise dedicated box that I can OpenWRT/wireguard (EDIT: modem -> router box -> local net), then separately do the access points as desired, probably seems ideal. Would like 3-4 Ethernet’s and not two.
Should I get a hardcore commercial router? A mini pc for routing?
I will again decouple the media networking etc to a different box/PC. Mainly, I want to have the networking hub, and family WiFi, setup in the spirit of self hosting / OpenWRT / Wireguard outbound (thinking tailscale or headscale later, I’m a Jellyfin veteran).
But I am a total noob as far as getting really into networking, Linux things, etc. A simple noob hardware and setup guide is my desire.
Thanks fam.
#selfhosted
threaded - newest
We’re missing crucial information.
What bandwidth do you get from your ISP? Do you want to run things like IDS/IPS? what kind of throughput do you want from wireguard?
What it takes to connect a 100/10 DOCSIS based service is completely different to a 1/100 service is completely different to an 8/8gbps fiber service.
You said wireguard on the modem… your modem shouldn’t be doing any routing of tunnels at all. I’m almost suspecting that you don’t know what the difference between a router and modem is because of this “misspeak”. If you don’t, you need to go watch some networking basics youtube videos and get a firm understanding before you commit to buying stuff that you have no idea what you’re doing with.
In my case, I’m blessed with 8/8 fiber. I have a full fancy supermicro server running opnsense. 10gbps on the wan side, 40gbps on the lan side for multiple vlans (about a dozen). It’s overkill because my ISP offers it… but that means that the “router” I’m using to use the 8gbps is also ~$2k cost to do it. With big bandwidth comes big processing overhead if you want to do any form of protection and tunneling (VPN or SDN).
You shouldn’t really care how many interfaces your router has outside of potentially doing LACP sort of redundancy. Use a switch to get more ports for your devices.
I was lazy in my langauge. I meant DOCSIS modem -> router/firewall with everything -> access points or hardlined ethernet recipients. Current setup is Arris dedicated (non-wifi) 3.1 to Linksys mesh.
99% of demands are local network performance. No mega streaming needs or huge external traffic. Upload on wireguard (Jellyfin or otherwise) will be pretty limited to a single user at once. But this is not critical. Local network is my usecase.
I am 500/50, will probably up to fiber as soon as it’s available. But again not a lot of external traffic, hyper limited.
So get a switch between the router/minipc/whatever and the rest of the local network instead of many on-board ethernet?
Then yes, you’d probably be fine with any competent minipc and your favorite flavor of firewall… I would recommend OPNSense personally, but there’s others out there that I’m sure would meet your needs.
Just about any decent minipc can handle 1gbps from what I’ve seen a few years ago. You need much bigger horses to get up to 10gbps. But wouldn’t know what the minimum specs would be… I’ve been stuck in the higher end world for a while… So that information has kind of vanished from my memory… Someone else can chime in? I suspect the little baby n150 units could probably do 1gbps. Especially since you’re only doing minimal throughput on your wireguard as well (I have a few nodes and can push into 1gbps, so once again I’m resource heavy… and thus don’t have the lower requirements committed to memory anymore).
ISP -> ARRIS modem -> minipc -> Switch -> anything else you need including access points.
All of the “routers” that have wifi and a boatload of ports (unless we’re talking enterprise stuff) are all hybrid devices that are router+switch+AP, this is convenient for typical consumers, but quite restrictive for those who want to go prosumer or higher. For example… Wifi 7 just released last year. I swapped my AP out and now I have it. I can also mount that AP into the ceiling where it will give me the best coverage. Rather than the consumer answers of “replace the whole unit” or “add a shitton of mesh nodes that ultimately kind of suck” solutions that manufacturers love cause you spend more money on their products. Or other answers like you want to add a PoE device… well now that consumer unit is useless to you.
Your setup is way overkill
I’ve shared it on lemmy before somewhere…
Yeah found it… This thread. lemmy.saik0.com/post/1588364
For the stuff I do… it’s not overkill at all. By a metric of any individual’s house… yeah… it’s pretty overkill.
For router recommendations, I’d go with a Gl-inet router. they run OpenWRT out of box and smacked the hell out of my previous Netgear gaming router in both wireless range and stability, especially on 5GHz. I have the Flint 2 right now and I believe they just released the Flint 3 but the one I have is more than enough for my home network.
I personally wouldn’t run their stock firmware as it is only OpenWRT based not regular OpenWRT.
I’m happy with the stock, but they do at least make it easy to swap firmware.
Just get a decent device with enough ram and CPU. Typically home usage doesn’t require that much in the way of resources. I personally like MediaTek with hardware NAT but if your CPU is powerful enough you should be perfectly fine with software NAT/routing.
What is the software setup when you’re actually configuring the minipc/box? Beyond the hardware architecture of the local network, what is the actual stack I should be pursuing and how is it implemented?
For example: I read lots of great things about OPNsense, Wireguard, DietPi… but I don’t know what the exact stew should be and how to set it up ELI5 style.
I would just buy a device with OpenWRT support