I want to a network behind a Wireguard client (for the internet). I originally planned to do this on the router, but it’s processor is seemingly too weak for the required bandwith. Any ideas on how to solve this? What I thought of:
- A newer RPi or similar device - perf is questionable, but I’ve read good things. Adding a secondary needed Ethernet port is complicated? Also it’s rather hard to get one nowadays.
- An x86 device - too costly for this task, and old devices would consume too much power
- A cloud VPN - I’d be rather vary of flowing all my net traffic through a third party, and this much bandwith is probably costly.
Maybe a Mikrotik router? This one is pretty good, about $60 and it supports Wireguard with RouterOS 7.x.
https://mikrotik.com/product/RB750Gr3
It’s not for the faint-hearted, you need to learn a lot if you have never used one, but give it a week or two and you’re in for a treat. It’s a solution.
I use OpenWRT and Wireguard on my Archer C7 router, an inexpensive model.
This runs two wireguard connections - one for my work that routes traffic for about 4 different IP addresses, and the other for my private VPN that my phone/etc connect to when I am outside of my network, and gives me access to pihole and other local devices.
It works a treat.
RPi 3 or newer, or Asus Tinkerboard are probably the cheapest. Add in a USB network adapter if you want to put it in-band (LAN->switch/AP->RPi->fiber/cable modem), but you can also run it out of band (plug it into the fiber/cable modem as another LAN device, use its IP address as the gateway for the other devices that you want routed through the tunnel).
x86 route - Zotac makes/made some pretty good mini-boxes with 2x 1Gbps network ports. Fanless and pretty energy efficient, but yes, they will cost a bit more. Plus side - you can run a ton of other stuff on it.
If you want 200Mbps-300Mbps and cheap, you’re in x86 territory, sadly. Just look for anything x86 made in the last 10 years and it will do what you need. Some of the old HP and Lenovo SFF PCs are the size of a modern wifi router and only use 30W or so. They can be had on eBay for $100 or so.
Ask around in /r/homelab for some models.
Thanks! Do you have any performance numbers? All models seem to have a single core CPU and according to OpenWrt wiki (qca9563) can only do ~70Mbit - OpenWRT looks really like the easiest setup, but I’d like to have 2-300Mbit at least.
Luckily not true! The RPi4 (and 3 already) can deliver this speed. It will probably need some better-than-default cooling, but price/perf-wise I’ll go this route.
Some rando links:
I’ve never noticed performance issues - but I only have 50/20 over HFC (yay NBN), so it’s hard to compare to really high-demand situations.
Also, I have minimal traffic over my wireguard interfaces - a couple of servers I need to hit through the work VPN, and mostly only DNS when I’m out. Occasionally I’ll need to hit a LAN server (or something on another bridged LAN at the beach house), but again, my upstream link is usually the bottleneck there.