Trendy routers like to brag about advert blocking, sensible DNS, visitors management, safety layers, AI-this, and cloud-that. If I give it one other firmware replace, it’ll most likely begin providing life-coaching companies. And for some time, I purchased into all that. I let my router run most of my house community like some overconfident center supervisor who simply found dashboards. It “optimized visitors.” It “protected gadgets.” It made selections I by no means explicitly requested for. It additionally randomly broke issues: web sites timing out for no purpose, DNS slowing down prefer it wanted a vape break, and gadgets behaving otherwise relying on what nook of the crib they have been in, as if my Wi-Fi abruptly developed moods.
Each time I opened the settings, all the things appeared effective. As a result of, after all, it did. That’s once I realized one thing barely awkward. I had no concept what my very own community was really doing. So I did the one cheap factor and turned all of it off.
I finished trusting my router
When “it simply works” slowly stops working
Pankil Shah/MakeUseOf
Credit score: Pankil Shah/MakeUseOf
It didn’t collapse abruptly. That may’ve been too straightforward. As a substitute, it was dying by a thousand tiny annoyances. A web site that hundreds immediately… besides when it doesn’t; advertisements that disappear… besides after they sneak via like they personal the place, and that one machine behaves completely whereas one other acts prefer it’s related via a potato. Nothing was absolutely damaged, but it surely felt off. And that’s the worst sort of downside, as a result of you’ll be able to’t level to it. You simply really feel it. Like one thing in your setup is barely cursed.
So that you examine the router. Every little thing appears pristine with a clear UI, no warnings, and no logs that say something helpful. You get a well mannered little interface going, “All good right here:)” whereas your community is clearly gaslighting you. In some unspecified time in the future, I finished troubleshooting and began guessing, which, apparently, was my restrict. I went nuclear, in my very calm, Swedish manner. I turned off each “sensible” function. Out with filtering, DNS magic, and safety extras. I left routing and Wi-Fi the place they have been. And similar to that, issues stabilized. Not good, however steady. And that was sufficient to inform me precisely the place the issue lived.
I moved all the things off the router
One machine mustn’t attempt to do all the things
When you see it, you’ll be able to’t unsee it. Routers are genuinely nice at being routers. They transfer packets round all day with out complaining.
However the second they attempt to be one thing else? That’s when issues get bizarre. You get restricted controls, half-exposed options, and settings that look configurable however actually aren’t. It’s like being handed a steering wheel that solely turns typically. So I finished asking the router to be intelligent.
I gave it one job and moved all the things else someplace that truly desires to be configured. In my case, an previous Lenovo 310S desktop that had been doing completely nothing helpful for a lot too lengthy. It’s now operating Ubuntu 24.04 LTS, plugged in through Ethernet, and eventually doing actual work as a substitute of pretending to be retired. And right here’s the humorous half: Including one other machine didn’t make issues extra difficult; it made all the things make sense. As a result of now every bit has a task with no overlap, thriller conduct, or “why did this abruptly change” moments. Simply methods doing what they’re advised. Wild idea.
I rebuilt DNS and routing with Docker
Pi-hole, Unbound, and Nginx Proxy Supervisor changed all the things “sensible”
Very first thing to go was DNS and advert blocking. Out with the router’s “belief me, I’m blocking stuff” checkbox. In with Pi-hole and Unbound operating in Docker like adults. Pi-hole blocks advertisements throughout all the community, which is good. However the true magic is that it reveals you all the things: Each question, each block, and each machine asking for one thing it most likely shouldn’t. No extra guessing and no extra blaming “one thing within the community.” It’s both occurring or it’s not, as Pi-hole will fortunately expose it.
Unbound handles DNS decision regionally, which sounds boring till you notice it removes yet one more exterior dependency that may randomly sluggish issues down or fail in inventive methods. Collectively, they’re quick, however extra importantly, they’re sincere.
Then got here routing. Port forwarding on client routers is a type of issues that technically works, however feels prefer it was designed to check your persistence. Open this port, ahead to this IP, and hope you keep in mind why in two weeks. I changed all of that with Nginx Proxy Supervisor. Now all the things will get a clear subdomain. Providers stay behind correct URLs. SSL simply … works. And I handle all of it from an interface that doesn’t make me really feel like I’ve time-traveled again to 2009.
I set it up with out overcomplicating issues
A small Ubuntu field, a number of containers, and one key change within the router
Screenshot: Roine Bertelson/MUO
That is the half the place folks anticipate issues to spiral into complexity. It doesn’t. The Lenovo field runs Ubuntu with Docker and Docker Compose. That’s the entire basis with no over-engineering, and no “let me simply add Kubernetes whereas I’m right here” second. Every service runs in its personal container:
- Pi-hole does DNS filtering.
- Unbound resolves DNS regionally.
- Nginx Proxy Supervisor handles routing.
They don’t combat one another, and so they don’t overlap. They simply sit there and do their jobs like well-behaved introverts. The one actual change on the router was pointing DHCP to make use of Pi-hole because the DNS server. One setting is the second the facility shifted. After that, all the things began behaving like a system as a substitute of a set of well mannered lies. No firmware updates sneaking in new conduct, and no vendor logic doing “useful” issues behind the scenes.
Associated
I finished fumbling with Docker containers after studying these instructions
You possibly can handle Docker simply and effortlessly.
Efficiency improved, however the true win is visibility
DNS lookups are faster, pages load with out hesitation, and random hiccups are gone. However truthfully? Pace isn’t the headline right here; understanding is. For the primary time, I can really see what my community is doing. If one thing will get blocked, Pi-hole reveals me immediately. If DNS acts up, Unbound is correct there. If a service isn’t reachable, I do know precisely the place to look as a substitute of performing ritual restarts and hoping for one of the best. There’s no guessing anymore.
There is no refreshing the identical web page thrice prefer it would possibly abruptly determine to cooperate, and no blaming the Wi-Fi, the ISP, or Mercury being in retrograde. It both works, or I can see why it doesn’t. And when you’ve had that stage of visibility, it’s very arduous to return. As a result of the true improve right here isn’t pace, however management. And giving that again to a single plastic field that refuses to clarify itself? Yeah, that is not occurring once more.
