For a long time I just ran a Linux machine with a simple iptables-firewall. But when the need for wireless arrived, the choice fell on the Linksys WRT54G, which also took over the firewall duties. It was later replaced with a Netgear WNR3500L since it had Gigabit-ports.

Unfortunately, in a couple of years, most people have acquired wireless at home and the 2.4GHz domain was becoming very noisy with all neighbors. Then the ISP's started to ship their combined modem and WiFi-router to just everyone.

I realized that it was time to enter the 5GHz band, since my laptop already had support for this. I've also realized that I wanted to run OpenWRT, and the chipsets from Broadcom did not play well with the opensource community. So the choice fell on a TP-Link WDR3600. This dual-band router really does its job well and is basically made for running OpenWRT.

Why not DD-WRT?

DD-WRT felt phenomenal when it was released. All of a sudden you had SoHo-enterprise features that you never thought possible with cheap sub-$100 routers. But after a few years, I found the project a bit weird. There was never any stable releases, only new "builds" that seem to be the complete mess which builds that were stable or not. No changelogs, no security updates. The whole project seems to be a one-man-show, but at the same time some kind of commercial product? No one really knows. Are they still working on v24?

Why not OpenWRT?

OpenWRT is a great project. It is much more than just an alternative firmware; it is a complete solution for embedded platforms. But it is still "only" a Linux distribution to be fair, even if LuCI is a very nice interface. It also lacks some proprietary optimizations and features that only a manufacturer can have full knowledge of (due to NDA agreements, and so on...) There is also no continuous updates and security fixes. You simply have to nicely wait for a new release or build from trunk.

Hello RouterOS

I work with IT-security and networking equipment. It ranges from stuff sitting in a closet somewhere to 4-unit gear in noisy datacenters. These usually have very specific functions or exceptional performance, and exceptionally high price tags. What can you use at home, but without paying hundreds of dollars for hardware and licenses?

I can recommend the Latvian manufacturer Mikrotik with it's RouterOS and Routerboard. They made previously only a little more pricey pure router modules, but has now begun to use the same type of Atheros/Qualcomm chipsets such as TP-Link and others.


  • Has support for everything you would expect from entry/mid-level enterprise router.
  • They have different types of hardware depending on performance requirements ($40 to $2000).
  • They develop on their own hardware for their software and everything is tested, hence very reliable.
  • They have the opportunity to use the specific hardware support (NAT, crypto and forwarding in hardware)
  • They release new software continuously, and it is almost ridiculously easy to upgrade.
  • They have a proper CLI which is actually really good and useful (and colorful). Some big-player vendors should actually be ashamed when compared.
  • It is good quality radio design, construction and components.
  • Web interface is great to!
  • Larger models support encryption in hardware, providing lovely VPN performance.


  • Licensed - But new hardware includes one standard license, and it's not that pricey.
  • Their switches do not support IGMP snooping (Not quite sure this)
  • No "cluster" support - However, failover with standard VRRP is available.
  • Some of the cheap models (home-ones) have limited flash-storage - Not possible to use all functions/packages.

I myself have now this gear for the moment, on different physical locations.

  • RB260GS - Switch _ (SWOS, not RouterOS) _
  • RB wAP AC 802.11ac + 802.11n - AP
  • RB922UAGS-5HPacD - 802.11ac - AP + Firewall
  • RB hAP - 2.4Ghz 802.11n (2x2) - At my parents place

RouterOS Neighbours Neighbors list

Wireless performance Wireless performance is great to (2x2 11ac-40Mhz)