Skip to main content OpenWrt as managed switch, wireless AP and firewall all-in-one device in a small homelab? : r/openwrt
Go to openwrt

OpenWrt as managed switch, wireless AP and firewall all-in-one device in a small homelab?

OpenWrt newbie here. Can a wifi-router with OpenWrt replace dedicated managed switch, wireless AP and firewall in a small homelab environment?

I would lose some nice feature from a dedicated managed switch like L3 switching and LACP (because most wifi-router only has one ethernet?), but for a small homelab this should not be a big problem. Another benefit of using OpenWrt is that I can get software support indefinitely (as long as the OpenWrt project continues).

I like the idea of having one single device managing the whole network. Any other caveats I need to look out for?

(I am planning to buy a GL-iNET MT-6000 btw, it costs about 100 USD in where I live)

POV: You’re building the next big thing with VS Code extensions and GitHub Copilot. 🚀
Learn More
developer.microsoft.com
Thumbnail image: POV: You’re building the next big thing with VS Code extensions and GitHub Copilot. 🚀
Sort by:
Best
Open comment sort options

Yes it will be fine . Most SoC have only 1 or 2 physical interface and rest of the ports In routers are managed switches. @D0_stack is wrong here

Yes, BTW openwrt is so light, you can run many many of them in proxmox at once

[deleted]

Comment deleted by user

OpenWRT is software based.

If you mean to say "OpenWRT passes layer 2 packets through the general-purpose CPU instead of using switching hardware", that is very misleading. I feel the need to correct this comment because it could give people entirely the wrong idea about how this works.

You use OpenWRT to configure the switching hardware in the device, and then the device switches packets. The MT-6000, for example, uses a switching chip that's supported by the Linux kernel natively - OpenWRT doesn't need to "understand that specific switch", OpenWRT just uses the Linux kernel DSA ( https://www.kernel.org/doc/html/latest/networking/dsa/dsa.html ) subsystem.

The switch, once configured, does not involve the router's CPU (or any "software") for each packet. Only packets that get routed (ie, not switched - layer 3) use "software".

And, in fact, OpenWRT also supports "hardware flow offloading". When flow offloads are enabled, only the first packet in a given stream is routed by "software", and any subsequent packets are processed by the device's dedicated hardware without involving any Linux or OpenWRT code. You could transmit a gigabyte of TCP data and execute zero lines of Linux code after the first TCP packet.

You think OpenWRT is going to be slow. It's not. I happen to have the hardware you referenced, the MT-6000 Flint 2. I can get 960Mbps throughput over a Wireguard tunnel. That's limited by my 1Gbps Internet connection. Device-to-device switching is wirespeed, even on the 2.5Gbps ports.

In my opinion, you should test something yourself before asserting how it performs.

Most multiport home router also has switch chip built in, of course it might not be able to compare with normal switch but still better than simple bridged ports.

More replies

Absolutely. That's what I use it for.

I have many Managed switch Ŕouter (of course) File server (samba) VLAN switch Access Point Log server Zabbix Proxy (not yet to be honnest)

OpenWRT is the best of the best

GL-MT6000 is a great choice right now. Just flash a new 'sysupgrade' main snapshot image, it's running great on mine for my home network. Plenty of ram and storage for Docker, SQM, Adblock, Samba, too.