OpenWrt news, tools, tips and discussion. Related projects, such as DD-WRT, Tomato and OpenSAN, are also on-topic.
Is OpenWRT x86/amd64 a worthwhile alternative to pfSense, OPNsense, etc.?
Not to start a flame war or anything, but
I was just curious what people think of OpenWRT run on x86 equipment vs pfSense?
I'm asking because I currently use pfSense, but it seems like the GNU ecosystem is moving a lot faster than BSD and Fauxlaris these days, which also means there could be more attention being paid to fixing the plumbing, if you will.
Anyone up in here done any A/B testing against pfSense or OPNsense on their amd64 router rigs to see how each one performs? How'd that go down?
Do people find OpenWRT is suited for using higher-end equipment, or is it mostly tuned for running on low-power equipment, RISC chipsets, etc.?
Is there any enterprise-focused OpenWRT support packages or a group that sells such packages? Or a foundation? What % of your userbase would you say is using OpenWRT in lieu of other x86 offerings?
Opnsense and pfSense are enter`prise ready.
Openwrt is just ..GNU/linux (and I like it)
Just adding to your comment. OPNsense is a fork of Pfsense, which is a fork of m0n0wall that's based on FreeBSD.
Never thought about it... but didn't know OpenWRT is GNU/Linux based. I've only used it on one device for testing purposes. I like how configurable it is... but its a lot lol, the UI could be better.
OpenWrt for x86-64 is much improved the last couple years, it's a rock solid and fast (Linux based) alternative to pfSense (FreeBSD based).
Features: with it being Linux based there are way more pre-built packages. For example, I installed USB 3.0 storage and Samba4 support to have a share drive on my network (for my PC and Kodi on Shield TV), it was a quick installation has webui (LuCI) support, with great performance and stability. Many other apps like sqm, adblock, advanced-reboot, attendedsysupgrade, irqbalance, wireguard, etc. allow for so many useful networking features. The latest Linux LTS kernel is supported, includes DSA, nftables, WPA3, and WiFi 6 support. For QoS there is SQM with options using Cake and Fq_Codel to eliminate bufferbloat. x86-64 processor support is there, i226-V (2.5Gbit) ethernet, eMMC/NVMe drives, etc. all have drivers available.
Performance and stability: there are pros/cons but but no major differences. Both Linux and FreeBSD are performant and stable OSs. The ARM support on OpenWrt is awesome, routers like the R7800 and WRT3200ACM are very fast and will do SQM Cake at around 500Mbits. For gigabit routing it's achievable with most SoCs in the past 5-8 years with software flow offloading. If you want gigabit QoS shaping go with hardware like x86-64, NanoPi R4S, or a device with a newer SoC like the ipq807x or MT7986, which remain more power efficient alternatives to x86-64.
Downloading images: main branch snapshots are updated every day or two. If you don't want to be on the bleeding edge, there are yearly stable releaes with updates to those every few months.
Latest builds are here: https://firmware-selector.openwrt.org/
The community is very active on reddit and on forums here: https://forum.openwrt.org/
Just wanted to second this post - OpenWrt is great on NanoPi R4S.
Have they fixed the whole upgrade process? My problem with running openwrt on x86 is that a while ago upgrading was a pita.
I switched from pfsense to OpenWRT at home.
Some of the drivers were:
pfSense was single threaded as far as traffic was concerned. I think this was with FreeBSD 11, but it's been awhile. OpenWRT is a Linux kernel and multi-threaded by default.
Updates. pfSense is great kit, but for a not insignificant amount of time the latest version of pfSense was running on an EOL OS. Again, FreeBSD 11. Not deprecated. End of life.
Features. pfSense does everything you want a router to do in an Enterprise environment. OpenWRT isn't vying for that space. A minimal install of OpenWRT is tiny and you install the additional packages you need for your environment. Everything you need. Nothing you don't.
Features 2. I was looking for bleeding edge stuff. Particularly WireGuard. pfSense was not ready to implement it and then had it's whole debacle. It's ok not to be bleeding edge but I appreciate the package system for OpenWRT and it's standard Linux kernel gives all the flexibility that comes with.
OpenWRT is excellent as a router. Far more than just for wireless access points. I probably wouldn't install it in a business environment, but that's not what OpenWRT is trying to be. (Though it could probably do the job just fine if it had to)
I've been running them both. They are both great platforms.
You can tune, tweak and customize OpenWrt immensely.
Updating is easier on pfSense. OpenWrt sometimes overwrites your configs and app packages on upgrades.
Ease of use is comparable once you get Luci installed for web management, but pfSense has better Quality monitoring.
Performance is great on both.
NAT rules are much easier to manage on OpenWrt, and it has a great out of box experience. Literally it starts routing the second you turn it on.
I'd say spend some time with them both in the lab and figure out how it applies to your applications.
Not really. I would never swap out my pfSense for an OpenWRT. Use them together and you have the best solution a budget can offer.
pfSense/OPNsense make for better core and edge routers. OpenWRT is better suited for access points, switching and intra-routing. Have used this mix for some years and has been rock solid.
Use both, pfsense as a router/firewall and openwrt on all your ap's with wifi roaming
if you want supported version of OpenWRT with hardware, you might check https://www.turris.com/en/ . Although they struggled a bit in the past to keep pace with OpenWRT.