this post was submitted on 14 Feb 2024
13 points (88.2% liked)

homelab

6607 readers
1 users here now

founded 4 years ago
MODERATORS
13
submitted 9 months ago* (last edited 9 months ago) by [email protected] to c/[email protected]
 

I just recently got 1 gigabit up/down at home when they put in fiber. Now I'm looking for a router/firewall to use. I run a homelab with a few VMs.

I was looking at getting a Cisco router to tinker with, as I've just finished a course on IOS. What routers would you recommend (2nd hand) for less than 150€? Is Cisco even feasible at this price point or should I just get a mini pc and run pfsense/opnsense?

I've looked at the ISR900 and it seems to meet my requirements, but I am not sure if it also offers a web interface, which would be quite useful for me.

Bit of an unstructured post but I hope you'll be able to help me regardless.

EDIT: I ended up getting a mikrotik hAP ac3 router. It seems to meet my requirements and after trying the routerOS demo they have up I decided that it would work for me.

top 12 comments
sorted by: hot top controversial new old
[–] [email protected] 6 points 9 months ago (1 children)

Cisco and web UI are a nope all cisco enterprise exams are based on the cli with the exception of DNAC.

The ISR900 series has a max throughput of 250Mb so it will not work for your case.

Go for the opnsense on a mini pc. It will be more capable than a cisco router

If you are keen on continuing down the cisco line get GNS3 or EVE-ng setup and learn the cli with the iosv and iosv_l2 images.

[–] [email protected] 4 points 9 months ago (2 children)

Though so, thanks.

I'm comfortable with a cli, but in a homelab environment quick testing might prove easier using a GUI, so I'll probably go with the pfsense route then

[–] [email protected] 4 points 9 months ago
[–] [email protected] 1 points 9 months ago

@[email protected] why not OpenWRT? You most likely don't need anything more than that: https://lemmy.world/comment/7527708

[–] [email protected] 2 points 9 months ago

How much wifi and open-source do you really want?

If you are willing to go with commercial hardware + open source firmware (OpenWRT) you might want to check the table of hardware of OpenWrt at https://openwrt.org/toh/views/toh_available_16128_ax-wifi and https://openwrt.org/toh/views/toh_available_864_ac-wifi. One solid pick for the future might be the Netgear WAX2* line or the GL.iNet GL-MT6000. One of those models is now fully supported the others are on the way. In OpenWRT forum and Wiki you may also find throughput tests of some routers.

For a full open-source hardware and software experience you need a more exotic brand like this https://www.banana-pi.org/en/bananapi-router/. The BananaPi BPi R3 and here is a very good option with a 4 core CPU, 2GB of RAM Wifi6 and two 2.5G SFP ports besides the 4 ethernet ports. There’s also an upcoming board the BPI-R4 with optional Wifi 7 and 10G SPF.

Both solutions will lead to OpenWRT when it comes to software, it is better than any commercial firmware but there might be catch about open-source wifi. The best performing wifi chips are Broadcom and those don’t usually see open-source software support. MediaTek is the open-source alternative and while they work fine they can’t, unfortunately, beat Broadcom. As most hardware is Broadcom they have hacks that go behind the published wifi standards and get it go a few megabytes/second faster and/or improve the range a bit.

While there are things like OPNsense and pfSense that may make sense in some cases you most likely don't require that. You've a small network and OpenWRT will provide you with a much cleaner open-source experience and also allow for all the customization you would like. Another great advantage of OpenWRT is that with a great router like the BananaPi BPi R3 you've the ability to install 3rd party stuff in your router, you may even use qemu to virtualize stuff like your Pi-Hole on it or simply run docker containers.

[–] [email protected] 2 points 9 months ago

Currently running virtualised opnsense on Proxmox. works pretty damn well. WebUi is great, Pergormance is awesome and it just works

[–] [email protected] 1 points 9 months ago (1 children)

Mikrotik or Ubiquiti all the way! Don't touch Cisco.

[–] [email protected] 2 points 9 months ago (1 children)

I've had some bad experienced with Ubiquitis edge routers and their Unifi software, so I'd rather avoid them for a bit. I'll have to look into mikrotik!

[–] [email protected] 4 points 9 months ago

Personally they lost all credibility when they started to push for the Cloud Key. It's just plain abuse to make hardware that is unable to self-setup properly and run autonomously. I get the whys but still plain abuse.

[–] [email protected] 1 points 9 months ago

I got a mini pc and ran pfSense back in the day. I've been using pfSense ever since, though I'm now on their hardware (which costs more than your stated budget).

I agree with folks recommending Ubiquiti, but I'm also barely literate in the aspects of the market that matter. I just recognize the brand as trusted and we used their devices at a job I had.

For some reason, I have a negative view of Mikrotik - as though I've read something damning in a security-related article about them - but I can't back that up. If I did, it was only once.

Stay away from TP-LINK. I had one of their devices and it was garbage.

[–] [email protected] 1 points 9 months ago

IF it's possible you might be able to take the ISP SFP and put it in a SFP to RJ45 media converter and then you can use any 1gig capable router. I did this with my Telus SFP.

OPNsense or OpenWRT. I run multiple OPNsense firewalls for family members all connected together with a WireGuard Mesh.

Cisco is command line for the most part until get into the APIC NSX stuff. There's others but I'm only exposed to those 2 where I work.

[–] [email protected] 1 points 9 months ago

I run openwrt on all my stuff. Its not Cisco but it gives absolute control over your hardware.