I use Linux on all my personal computers and privacy respecting ROMs on phones, and Pi-Hole, but a part I haven’t really taken a look at is my network at home.
I currently have my ISP’s smart router in bridge mode connected to a brand name Wi-Fi 6 router with a wireless “mesh” range extender. I really like the range extender because it has an Ethernet port so it’s basically a “free” Ethernet plug for that room connected to a high power Wi-Fi transceiver that’s faster than a lot of on board Wi-Fi antennas.
But I feel like it’s probably not the best thing privacy and security wise? I already don’t use the app and luckily it still has a web interface for management, but I don’t know how secure the firmware is or if it has any corporate “analytics” or not. I’m thinking a PFsense or similar router software on Linux box to connect to the bridge port of my ISP’s router since I was told the “Ethernet” cable connecting from it to the fiber modem won’t work with a store bought router, I assume it has some kind of DRM?
I already have an old PC in mind to convert to a router. I assume I could just use the onboard Ethernet port to talk to the router and add my own USB NIC to connect to the main switch?
I don’t know what to do for Wi-Fi though, could I buy two dedicated access points and put them on different floors, and have them both connected to the wired network? How hard would it be to have those be the same Wi-Fi network and have devices actually switch between them depending on location?
Also, most of my NICs and switches are from the thrift store or eBay for higher end used server parts. Is that bad? As in how worried should I be about the firmware running in those being tampered with by whoever owned it last?
Ahh, another cultured person. The only thing you’ll get out of having a pfSense or Open sense box is a better firewall. If you want to properly segment your network with vlans and what can talk to what. My setup sounds like the same as yours. ISP box in bridge mode > Asus RT-AX86 (stock firmware cause I’ve been lazy) > pi-hole > network. I have a little Asus travel router in the garage in mesh mode.
I have two avenues to travel for an upgrade. I could grab on of those N100 boxes that they have on Amazon with the dual NIC and throw pfSense on it and AP mode the Asus router or I can spend money, cause I like nice things and grab a Ubiquity UDMpro and one of there PoE switches, cause I like PoE, and then throw the Asus stuff in AP mode.
I personally like Ubiquity cause it isn’t Chineseium or Cisco with their shitty patching. Both options also give me experience messing around with industry standard firewalls (for the job experience). It really comes down to if you wanna stick with open source or not.
Sorry, I don’t understand your Ethernet cable from the fiber box to router question.
I also have one of those USB NICs, never tried it like that though. I’d assume it’ll work. Only one way to fins out.
I haven’t meshed with many straight APs that aren’t Ubiquity. The have a network controller app that has a webpage that let’s you set them all up. I’m surprised your WiFi router doesn’t have an AP mode.
Buying used is good, just factory reset everything you get. Keep that stuff out of the landfill.