I have yet to find a better piece of hardware/software than the Edgerouter Lite / Edgerouter X for near-gigabit NAT, for the price.
Sure, I could build something x86 that uses more power and costs 2-3x the price, but it's nice to have a single box that "just works".
Every year or so I look to see if there's anything better, and for the past 2-3 years I have yet to find anything. I had been using the ERL, then bought an ERX when they came out, switched all my stuff (including ipsec VPN tunnels) over to it to "test" for a while.. and then a year later, I've not had a driving reason to switch back to the ERL yet. The ERX is flat-out amazing for ~$50.
I have a system on the "outside" (static IP, hosted server) and then all my "internal" stuff is behind the EdgeRouter's NAT. Hence, the desire to have near-gigabit for when I'm transferring stuff to the server on the "outside".
I like Ubiquiti gear; in fact today I set up a UAP-AC-LR access point to test against the performance of my Google OnHub, which is a year old and seems to be kinda flakey lately..
It also isn't reliant on binary kernel blob drivers to obtain full speeds, so you arn't stuck on old kernel versions in the future with known exploits.
Ditto, but unfortunately I'm on my third ERL, lightning having taken out two others (North Carolina summers are rough). If I lose another, I'm going to switch to fiber between the cable modem and the router. I've already tried a lighting suppressor between the two w/o any luck.
Anyway, great little boxes. I'm also very happy with the AC lite APs.
Btw, I originally started with Vyatta years ago on a spare PC after outgrowing a SOHO router. I was very happy when Ubiquiti forked off from that.
I help to maintain a page[0] that keeps a current list of the more powerful wireless routers that support OpenWRT and DD-WRT. This arstechnica article is about wired routers (they say an article on wireless versions will be arriving soon) but maybe it is still helpful.
That list looks pretty sparse. What's it take to add more entries? For example, I would expect to see the TP-Link Archer C2600 near the top of the performance charts given its QCA IPQ8064 SoC and 4-stream ath10k radios. I'm assuming you aren't actually testing all these models, so it shouldn't take too long to pull together the relevant information on everything under https://downloads.openwrt.org/snapshots/trunk/ipq806x/generi...
Also, if this list ever does grow to be more than two screens long, please add actual filtering rather than just sorting; some of us are only interested in routers that don't need proprietary wifi drivers.
Thanks for your suggestion! What filters would you like to see there? I have had some comments also along the lines of it being not obvious enough what the "sort" buttons do; Do you think the page is to "bare bones?"
As for the C2600, I do not believe it is stable yet, and still being worked on. I deliberately don't put "trunk" only builds on the page because not everyone is sufficiently technical to deal with them. It should show up soon though by the looks of things (will be stable soon-ish).
Definitely include a more detailed explanation of the criteria for inclusion and rankings, and if possible a breakdown of the sub-scores that went in to the final score (this can be a separate page per device, since it would clutter the main chart). It sounds like some of this (the weights, at least) is subjective, so transparency is important.
If this is really aimed at the less technical/experienced crowd that can't cope with the command line, then you need a lot more background information explained: the hardware revision bait and switch business model, what the benefits actually are of open-source router firmware, the major differences between DD-WRT and OpenWRT (and LEDE). Explain that Broadcom WiFi is about as open-source friendly as NVidia graphics, and that DD-WRT can do very little to help with WiFi issues on those hardware platforms.
It would be great if you could offer guidance for what constitutes fast enough, ie. that "tri-band" routers won't help anything, client WiFi devices don't support more than 3 streams, and an ARM processor isn't necessary if your WAN is only 100Mbps. Also add warnings for devices that only support 100Mb Ethernet on the WAN port or all ports, and make sure to cap the amount that their WiFi speeds can contribute to the performance score.
Alternatively, if your target audience is people who know generally what kind of hardware they need and just need to know which product currently delivers that at the best price and with third-party OS support, then add filters on major categories like NIC vendor (BRCM/QCA/MTK), built-in flash quantity (because 8MB isn't always enough), and radio MIMO class.
More generally, it doesn't serve the public good if your chart is just abstract bragging rights that can be gamed by things like including more RAM than necessary or a useless extra radio for a 150% price increase. The market should be discouraged from producing overpriced overpowered devices that have no real-world use, even if they are to some extent hackable.
We have a Ubiquiti ERL at our office on a gigabit Ting connection. I have consistently seen 948mbps through it on speed tests. I'm not sure how the author saw only 200mbps.
The article says that was the "out-of-the-box" experience. After upgrading to the latest firmware:
> The newer firmware certainly delivered higher peak throughput: up to 800mbps or so, if you click your mouse just fast enough at just the right point of one of the easiest tests. I'm not sure that's an "upgrade." The improved peak throughput comes at the cost of stalled connections, peaky and unpredictable ceilings, and tremendously degraded throughput in the more demanding 10K tests. This would be a downgrade for someone with 100mbps or 200mbps cable, in my opinion.
The ERL supports offloading for various protocols and features. I'm pretty sure IPv6 offload is disabled by default, at least for older firmware versions. Not sure about IPv4 or other protocols. Having offload disabled would have a huge effect on performance.
Just a random note... there are very limited site-to-site scenarios where the IPSec offload will actually kick in. I wasn't able to get offload working for any kind of remote access scenario, meaning it's not usable as a VPN (unaccellerated strong crypto on the MIPS is < 10 Mbps)
With a Type-1 hypervisor on a box with an IOMMU, different VMs can serve as router, NAS, desktop and personal cloud. Router and NAS VMs would have dedicated PCI devices, the rest can be virtual. Easy to try different router distros.
This is similar to what I do. I run Debian as the host machine and then have guests running on QEMU/KVM. I don't use IOMMU, I simply create a bridge on each physical ethernet. This allows me to add other "router/vm" on the WAN side and play with some additional isolated "networks".
Same, but I'm using Open vSwitch[0] to tag internet traffic which goes to the router VM. I was using IOMMU but on non-Intel NICs the interupts were killing the throughput in OpenBSD.
Would be nice to see how good is more expensive Mikrotik hardware. If $69 hEX (720MHz MIPS) is the winner in a midrange category, maybe $179 Mikrotik RB3011UiAS-RM (Dual 1.4 ARM) will just blow away the whole competition?
Good question. I use the $69 version (Newegg had it on sale for less) and I'm very happy with it. Not sure what my overall thruput is, but for all the data xfers we do we never think it's a network issue. Stuff gets moved in a few moments.
Making a diy router is a fun project if you're interested in the nitty gritty details of things like firewall rulesets and dns resolving. And in the end you're left with a powerful and flexible router.
I went overboard with my own setup. Got a SuperMicro 5018A-FTN4 rack mount server with an Intel Atom C2758 to serve as my pfSense router. Handles Internet routing (250/20 Mbps), and has a 10GbE connection to my switch for the rest of the network for inter-VLAN routing. I have a Cisco Aironet 3702i delivering WiFi. Very overkill for a house but it was a super fun project.
I should probably do some testing to see its real throughput, to see if my efforts were worth it. I should blog about it too, because it's likely a unique setup that would be interesting to others.
For my home setup, I run pfSense on top of QEMU/KVM on an i7 Haswell 1U box with 2 eth ports. I have a bridge for each eth instead of IOMMU. I can max out the 1gbps ethernets without a huge hit. I then have a Mikrotik Gigabit 24 port switch that everything gets hooked into. A bit overkill, but it's nice to have.
Sure, I could build something x86 that uses more power and costs 2-3x the price, but it's nice to have a single box that "just works".
Every year or so I look to see if there's anything better, and for the past 2-3 years I have yet to find anything. I had been using the ERL, then bought an ERX when they came out, switched all my stuff (including ipsec VPN tunnels) over to it to "test" for a while.. and then a year later, I've not had a driving reason to switch back to the ERL yet. The ERX is flat-out amazing for ~$50.
I have a system on the "outside" (static IP, hosted server) and then all my "internal" stuff is behind the EdgeRouter's NAT. Hence, the desire to have near-gigabit for when I'm transferring stuff to the server on the "outside".
I like Ubiquiti gear; in fact today I set up a UAP-AC-LR access point to test against the performance of my Google OnHub, which is a year old and seems to be kinda flakey lately..