this post was submitted on 07 Sep 2024
26 points (96.4% liked)

Selfhosted

40478 readers
381 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

I'm looking at getting a gateway device to replace the ISP router that sits between the internet connection and the mesh WiFi.

I am running pi-hole on a (very old) raspberry pi, but I know some gateways get quite fancy so I'm wondering if it's possible to have pi-hole on the gateway itself, to run as DNS and DHCP servers?

Other things I'm looking for in a gateway are VPN as a client (preferably Wireguard) and PoE ports for cameras.

If it's possible to host something like pi-hole directly on the gateway then hardware recommendations are appreciated!

you are viewing a single comment's thread
view the rest of the comments
[–] tychosmoose@lemm.ee 3 points 2 months ago (1 children)

The easiest part of your requirements are the custom DNS records. All of the platforms recommended so far can do this. OpenWRT has the advantage of WiFi capabilities. If you want the router to also be your WiFi access point then it may be your best option. But it sounds like you only need it to be a wired router, which is good.

As far as the ad blocking, I have done this with pi-hole, and with the built-in DNS and block capabilities of OpenWRT, Mikrotik and OPNSense. They are all fine. The router ones don't have the fancy web UI like pi-hole. So if you use that a lot you will be disappointed. Mikrotik's is the most basic and a new feature for them, but they are actively developing it. Plus their current routers can run containers, so you can run pi-hole on the router as a container if you want.

PoE ports as a requirement is what narrows your options considerably I think. You could get that from a separate switch. If you want that in the router itself then you have very few options.

Mikrotik has a lot of routers with PoE out. Their newest model in the RB5009 series can do either passive or 802.3af/at PoE out. Many of their older routers have passive PoE only. Make sure you know what your cameras need.

I had similar requirements as you and got this: https://mikrotik.com/product/rb5009upr_s_in

It has PoE out available on all 8 Ethernet ports. The default 48v power supply works with 802.3af/at PoE. It is a 96 watt supply, and can support ~76 watts of PoE downstream. If you need passive PoE then you would need to change to a 24v power supply.

Mikrotik RouterOS requires some learning to use its advanced features, but their quick setup defaults are good. And the platform is super reliable and flexible.

For DNS you would use their Adlist functionality along with a script similar to the one from BartoszP in this thread to enable DNS name resolution for lan hosts: https://forum.mikrotik.com/viewtopic.php?t=181640. That script is added to the DHCP server config to run when each client gets an address lease. And then you would add static name records in IP / DNS / Static for the other host.domain names you want your lan devices to connect to by name which can't be resolved via your upstream DNS server.

[–] Dave 2 points 2 months ago (2 children)

Thanks for all the info and the detailed response!

But it sounds like you only need it to be a wired router, which is good.

Correct, don't need wifi.

PoE ports as a requirement is what narrows your options considerably I think

I'm happy with doing this through a separate switch, but I'm happier if I can have less things to plug in. It's not a must have though.

Mikrotik has a lot of routers with PoE out. Their newest model in the RB5009 series can do either passive or 802.3af/at PoE out. Many of their older routers have passive PoE only. Make sure you know what your cameras need.

I don't have cameras yet, but I'm considering some Reolink ones. Happy to take suggestions. Am I likely to find a lot of difference in the PoE type or are most things compatible with each other?

[–] drakz_au@fedia.io 2 points 2 months ago (1 children)

As someone who is also a fan of having less things to plug in I must say, one pitfall of having an all-in-one device is that if it fails then EVERYTHING fails and you're left having to replace a (probably expensive, possibly hard to get) all-in-one device.

[–] Dave 1 points 2 months ago

Well I was hoping to spend the same amount and get one that does everything I wanted 😆. I'm happy with separating things if it make sense, but I have two power points and already have too many devices in that spot (fiber connection modem + ISP router + two raspberry pi's (one for pi-hole, one for home assistant) + a switch + RF sensor for detecting doorbell + more I'm probably forgetting). Some of these are powered from USB ports on other ones. Being able to replace the ISP router with a gateway that's also a switch that also handles the pi-hole would mean three of those devices become one, and it seems feasible!

[–] tychosmoose@lemm.ee 2 points 2 months ago (1 children)

If you're buying new cameras they'll be 802.3af PoE. Passive is becoming much less common. So that model router I linked would work great.

I think if you're a moderately technically inclined person you would be happy with that solution. If you are intimidated at the idea of writing or adapting some scripts, I would probably recommend a router on one of the other platforms plus a PoE switch.

[–] Dave 1 points 2 months ago

Thanks! I'll put it on my list 🙂