Skip to main content

Gadget Wisdom

Can’t Buy a New Router But You Can Build One

Recently, the FCC in the United States banned foreign made routers made by some of the most popular manufacturers…which means…well, pretty much all not already approved from popular brands. It means you can continue to buy current routers, but any new technology…not so much. The ruling is something of a joke. For one, manufacturers can just continue to sell old models of routers without new innovation.

The argument is that foreign entities can compromise these devices, however, they could compromise the existing ones, and even the new ones…they could deploy updates at any time and open a hole that wasn’t there previously. So, what is the solution? For me, that was build my own. I had gone back and forth on this over the years.

For one, if you wanted to stay with the most common routers, there exist many third party firmwares for consumer routers. These are open source options that give you more control, like dd-wrt, and openwrt. Routers are effectively little computers, and very limited ones at that. These routers have:

  • low power and relatively slow CPUs
  • extremely limited RAM
  • limited space to store additional programs

There is a lot of room therefore to move up. Instead of using a purpose-built router appliance, you can simply replace it with a low-power PC running router software Modern low power CPUs like the N100/N150 series are perfect for this function. You can use a mini PC, or there are manufacturers offering ones with specifications specifically in mind to act as firewall and router appliances. A more powerful processor gives your new router plenty of room for advanced networking functions.

To run my router, I chose Opnsense. Opnsense is an open source firewall and router, with a load of features and installable extensions.

  •  Enterprise-grade firewall controls
  • VPN support
  • traffic shaping
  • DNS filtering
  • detailed monitoring and logging

The default gives you a robust and secure router, and beyond that, any enhancement you can imagine can be added. And because it is modular, you can install additional functionality through plugins. This makes it far more flexible than most commercial routers.

What could be considered an advantage of building your own router is separating routing from Wi-Fi. It means you can upgrade and maintain these systems separately. These systems don’t actually have to live together. By addressing each piece individually, you can have better quality equipment, more reliability, and easier upgrades. If Wi-Fi standards change (and they always do), I can simply replace the access point without touching the router.

My Opnsense instance handles a lot more than a simple embedded appliance can. It:

  • Secure Site to Site VPN to multiple locations
  • Private VPN for my laptop and phone when on the go
  • Encryption for self-hosted services
  • Advanced firewall rules
  • DNS Management
  • Network isolation for IoT devices

For technically inclined users, it is relatively easy to get started and expand and learn over time. I cannot say how many times I have dug deep into the options when I added those VPNs, when I moved securing LetEncrypt certifications for my homelab onto the router, and more.

It isn’t just a long term solution, it is an adventure.

 

 

 

 

David Shanske

Published on April 6, 2026
Categories:
Homelab

Leave a Reply

Your email address will not be published. Required fields are marked *

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)

Get New Posts By Email