TL;DR: Buy an ASUS Router compatible to use with Merlin Firmware, two 16GB USB sticks, then install Skynet, YazFi, and spdMerlin SpeedTest. :)

After years of trusty, reliable performance from my Buffalo WZR-600DHP AirStation I decided it was time to upgrade. When looking at new routers focused on the following capabilities:

  • Stable / Popular (no no-name brands, no niche products because I don’t have unlimited time to debug)
  • Hackable / Extendable (well, I have some time to debug, this is, after all, a lot of fun)
  • “Simple” mesh capability (very few home users need a true service mesh, I simply wanted a strong, wired signal no matter where I was in the house)
  • Fast (enough) processor and hardware to be in service a long time

I settled on Asus, despite their marketers’ shameless use of literally made-up words:

  • What the hell is “Double Gaming Boost” you may ask? Literally nothing. What they mean is “QOS” which comes standard on all modern routers.
  • Other Marketing Claims - I mean… just… who finds this appealing?

One could argue, though, that the marketing worked on me. The biggest reason to consider Asus, however, is Asus Merlin.

Merlin

“Firmware” is the software that runs a router. Modern routers use a full-fledged operating system, interface, and scripts to deliver all the features they promise. All routers ship from the factory with firmware written by the manufacturer, but in some cases third party firmwares are available that deliver more advanced or more flexible features.

Asuswrt-Merlin is a third party firmware does just that.

Check out their full list of added features, but what really matters is we can use third-party scripts to greatly enhance the functionality of the router.

Once Merlin is installed, and has the basic configruation done (wifi, basic settings), the real fun can start. Let’s get those third part tools installed!

NOTE: You need at least one USB Drive attached to the router. I recommend using two; I’ve found that a couple Corsair USB3 16GB sticks (which ran about $5 at the time of this writing) do the job very nicely. You need at least one for space to install scripts, and the second can serve as a swap file location for Skynet. You must format one of the sticks at ext4, use the faster stick/connection if possible.

Accessing the Router via SSH

The first step to getting our tools installed is to enabled SSH on the router:

Then you use a terminal program to access with ssh <router username>@192.168.50.1 where <router username> is whatever username you chose.

AMTM

Once you’ve accessed your router via SSH, run the amtm script (which ships with Merlin):

Type i and then <enter> to see a list of available scripts:

Skynet

Skynet provides an advanced firewall with threat detection, IP blacklists, and a very nice interface showing you what’s going on:

I’ve found it to be very simple and easy to use, and the bundled script interface provides all the tools needed to debug / whitelist / blacklist as needed:

YazFi

If you use your own adblocking DNS such as PiHole, the guest network function won’t work because PiHole itself runs on the private network, which the guest network cannot access. This breaks internet access for clients on the guest network. YazFi allows us to specify a custom (public) DNS for the guest network (among many other things):

The “Two way to guest”, “One way to guest”, and “Client isolation” options are also particularly handy for fine-grained control over client access to other parts of the network.

SpeedTest / Uptime Monitoring

These tools work hand in hand to show you the value you are (or aren’t) getting from your ISP. The SpeedTest shows the “real world” speed you’re getting:

Similarly the Uptime Monitoring shows some nice, simple graphs showing latency:


Asus Merlin is a great example of what’s possible with community-driven development and open source collaboration.