Selecting a small office router

My office network connection was recently upgraded from cable (5M/712K) to fiber (100M/10M), so need to upgrade my router (currently a Cradlepoint MBR1200B) to something that can handle 100M throughput.

One of the features I really like about the Cradlepoint is I can connect it to a cell phone hotspot for failover when the primary Internet connection is down.

Home office network <— Ethernet —> Router <---- WiFi ----> Smartphone with hotspot turned on

This way my office network can continue to function – especially my workstations which don’t have WiFi to connect to a cell phone hotspot directly. An associate mentioned they run pfSense on a H370M-ITX mini-ITX board and this exact fail-over functionality works well.

This article details how to set it up:

https://brendonmatheson.com/2020/08/07/wan-failover-to-4G-with-pfsense.html

It is unclear to me if OpenWRT will do this.

@khem mentioned the Turris Onamia:

https://www.turris.com/en/omnia/overview/

It appears this router runs some variant of OpenWRT.

Also found this site – lots of good information here.

Leaning toward a teklager solution, but not sure which OS yet …

I’m a big fan of Mikrotik (https://mikrotik.com/products). They have some routers which are Ethernet-only, some which are Ethernet and Wi-Fi, and some which also have a USB port which you can connect an LTE modem to and configure failover for.

The user interface to configure Mikrotik products is a little weird compared to most other networking products, in my experience. But the wiki is pretty decent about showing how to do things. Mikrotik have been quite good about software and security updates, supporting their products for many many years even though they don’t seem to promise anything specific.

If you want to run OpenWRT, I’d also suggest buying and assembling a PC Engines APU2 (PC Engines apu2 system boards) system yourself instead of buying an off the shelf already assembled system. It’s a fun little assembly project (I strongly recommend buying the heat spreader placement template (PC Engines apufix1a product file), the $1 cost is well worth the clarity for installing the heat spreader).

It looks like Teklager is a PC Engines reseller. You might get better pricing buying directly from PC Engines even with the shipping being a little expensive (just follow their online store instructions to get a shipping quote to understand the costs).

Just to clarify my fondness for Mikrotik, my home router is a RB2011UiAS-2HnD-IN (MikroTik Routers and Wireless - Products: RB2011UiAS-2HnD-IN), my office has a pair of hAP ac2 (MikroTik Routers and Wireless - Products: hAP ac²) creating a wireless bridge with proper MAC addressing on both sides to be transparent (Mikrotik do proper 4 MAC headers (sending Ethernet MAC, sending Mikrotik bridge MAC, destination Mikrotik bridge MAC, destination Ethernet MAC) which is very useful to me as it makes a Wi-Fi bridge look like an Ethernet wire, and I have a pair of hAP lite (MikroTik Routers and Wireless - Products: hAP lite) that I’ve played with a bunch and use for temporary solutions when needed.

My office network is 100Mb down / 10Mb up on Spectrum cable. My hAP ac2 units are spaced about 25 feet apart at office desk height and usually link up at about 600Mbps when using 2x2 MIMO and 80MHz wide 5GHz channel between them. Realistically I can consistently and reliably pass about 300Mbps of TCP or UDP traffic over the link when using iperf, which is good enough for my current needs.

@bradfa – thanks for the MikroTik pointer – look like very nice products.

Posted a question to the OpenWRT forum on radio configuration:

Most phones allow for tethering via USB, too. If your router has a USB port (PC Engines APU2 do) then simply connecting that to the router would work as a manual fail-over similar to your current configuration. Many hot-spot devices have USB ports but I don’t know if they allow tethering over that connection or not. There’s also a good selection of USB-based LTE modems on the market although I’ve not tried any myself.

I can see the advantage of using USB being you could write a udev rule so when the router sees the phone connect it automatically does the failover, then when you disconnect the phone it goes back to the normal connection routing. This would at least mean you don’t have to futz with any UI to do the failover, just plug the phone in and voila.

That is a neat idea to use USB tethering … originally, I liked the idea of WiFi connection to phone as then you don’t have to mess with any phone specific oddities over time, and it is easier to keep using the phone. However, I may try both. Hopefully, I’ll not ever need either

I contacted MicoTik and they claim their routers will handle my scenario, so I ordered a hAP AC2 to give it a try.

Another suggestion: Asus RT-AX88U – supports WiFi-6 and can transfer data at > 400Mps. Maybe once I get some more advanced devices around here, a WiFi-6 AP like that makes sense.

Some more input from someone who has worked a lot in WiFi:

Wi-Fi6 is huge. it’s a really, really big deal. Even for tiny IoT devices – its not just throughput, but on-air-time that Wi-Fi 6 addresses. it helps to support more devices than before

WIFI 6 makes difference if you play video games where latency matters but otherwise it just eats
more bandwidth if your service provider caps you then it might be important.

Interesting article on setting up a router on a PCEngines board using Nixos:

@bradfa finally getting around to setting up the hAP AC2 – thanks for the recommendation – I like RouterOS a lot. Still learning but was able to plug in my cell phone to the USB port and manually switch to using it for the WAN connection, so that should be adequate for my backup scenario. I really like the command line interface, and the fact that I can ssh to it, scp files to/from, etc. Also seems they offer good support/documentation and have a nice community built up around their products (132460 topics and 143545 members!!). Community is critical for supporting complex products like this. Much better experience than dd-wrt so far.

Cool! I’ve found that using the queue system with “default-small” queue type and setting the target download/upload to about 95% of the actual connection download/upload works very well for me in order to keep buffer bloat to a reasonable level.

I’m also a big fan of Mikrotik’s “4 MAC” wifi bridge ability, so that wifi bridges all appear to be connected by an Ethernet cable and all normal Ethernet operations work across a wifi bridge completely transparently. Any of the “3 MAC” wifi bridge modes (like relayd does in openwrt) will make a mess of the MAC addresses as seen on the other side of the wifi bridge.

Mikrotik router installed and mostly configured – now getting the following speeds:

• Workstation on Ethernet
  • down: 106.9Mbps
  • up 9.6Mbps
• Macbook WiFi 5g
  • down: 104.6Mbps
  • up: 9.6Mbps
• Macbook WiFi 2.4g
  • down: 82.5Mbps
  • up: 9.6Mpbs

Looks like 5g WiFi is optimized to be faster at closer ranges.

@bradfa do you happen to know if there is any built-in way to populate DNS entries from DHCP leases?

I found a script: Yet another DHCP to DNS script - MikroTik

This was a checkbox on my cradlepoint, so want to make sure I’m not missing something before implementing a script like this.

Sorry, I’ve never looked into this. I can see how it could be useful, though.

Mostly I just use mDNS for local network “DNS things” and it works well for me.

A post was split to a new topic: mDNS (Multicast DNS)

got to use cellular backup on router this morning – fiber was down for an hour or so. Worked well.

One thing that really impresses me with the MikroTik – you make a change in the UI, and it is instantly applied. This is very different from the cradlepoint where you make a change and things churn for 30s before the UI updates.