this post was submitted on 11 Aug 2023
6 points (100.0% liked)

networking

2803 readers
1 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 1 year ago
MODERATORS
 

For a while I have been planning to switch from an all-in-one wifi router to having separate devices because that way they can be upgraded piece by piece instead of having to replace the whole thing.

I am confused about the role of the firewall.

If I have a router running OpenWRT, does it have a firewall included? Either by default or by installing certain packages?

Or is it required to have a separate firewall running opnsense/pfsense?

If not required, what would be the benefits that would lean in favour of separate firewall?

use case: small home network 2-3 users. some internal self hosting and maybe one day external self hosting.

ETA: The best internet I could subscribe to where I’m at is 1024 Mbps down, 50 Mbps up. So don’t worry about wasting fibre speeds. :(

My assembled components so far are: router, WAPs, switches, ethernet cable and cable modem.

Thanks for any advice.

you are viewing a single comment's thread
view the rest of the comments
[–] imaradio@lemmy.ca 1 points 1 year ago (1 children)

ok, ok, I don't know how numbers work oops

I doubt the WAN would provide the advertised top theoretical speed most of the time; I just don't want to be running at like 10% of potential or something like that. If I were to do that I should at least get a cheaper plan.

[–] Ajen@sh.itjust.works 1 points 1 year ago (1 children)

You might see a 10% performance hit with gigabit internet depending on what you enable in openwrt and how fast your hardware is. On the other hand I wouldn't compare openwrt speed against the advertised speed. Test the actual speed you get by plugging your computer directly into your modem.

[–] imaradio@lemmy.ca 1 points 1 year ago (1 children)

I mean I don't want to take a 90% performance hit lol. I can def live with 10% hit.

[–] Ajen@sh.itjust.works 2 points 1 year ago (1 children)

My bad. Yeah, you'll be fine. On the other hand, if you want to spend hundreds/thousands of $$ on network and server hardware, that's also an option ;)