For a while I have been planning to switch from an all-in-one wifi router to having separate devices because that way they can be upgraded piece by piece instead of having to replace the whole thing.
I am confused about the role of the firewall.
If I have a router running OpenWRT, does it have a firewall included? Either by default or by installing certain packages?
Or is it required to have a separate firewall running opnsense/pfsense?
If not required, what would be the benefits that would lean in favour of separate firewall?
use case: small home network 2-3 users. some internal self hosting and maybe one day external self hosting.
ETA: The best internet I could subscribe to where I’m at is 1024 Mbps down, 50 Mbps up. So don’t worry about wasting fibre speeds. :(
My assembled components so far are: router, WAPs, switches, ethernet cable and cable modem.
Thanks for any advice.
Yes, that’s what I was talking about. And yes, OP has said in other comments that they have gigabit upstream. OP’s original question was about why some people use openwrt as just an AP and use a separate machine for a firewall. I gave a common reason.
Personally, I’m building a NAS with 8 SAS drives controlled with an enterprise RAID controller and 2.5gbps ethernet. Total cost is under $300 (including drives) since it’s all used hardware. Enterprises have moved past 1g/2.5g ethernet and SAS 2 a while ago, so lightly used hardware is cheap.