Most broadband providers (ISP’s) provide you with a router to use with their service. These routers are usually locked down, provide poor WiFi and can be remotely controlled by your ISP or worse by hackers if the ISP has stopped updating the router or not patched bugs. This is why you should ditch your ISP router this blog will cover the many reasons why you should start using your own router.
You have the power to ditch your isp router
The core reason to ditch your isp router is giving you the power and control over your home network.
Instead of being stuck with your ISP’s router you can choose from a wide range of routers and other home network equipment like fancy WiFi Mesh systems.
You get to decide what drives your home network be it a consumer grade device from TP Link or an Enterprise level Firewall Router like pfSense.
This power of choosing your own equipment can unlock a whole set of features some of which will be covered in this blog and it can improve the performance of your home network and broadband connection like being able to achieve full broadband speed all across your house!
The possibility’s are endless and the sky’s the limit (well your budget ).
Better WiFi
A lot of issues and complaints people have with their broadband provider is WiFi performance and this is down to a lot of ISP provided routers having poor WiFi be it poor coverage, using older slower standards or just buggy firmware causing dropouts.
There are loads of better WiFi solutions available including mesh WiFi systems that can cover the whole of your house.
Being able to ditch your ISP router and replacing the WiFi element with a decent mesh WiFi system you can significantly improve your WiFi experience in some cases being able to achieve your full broadband speeds across the whole house.
The trouble with ISP Routers is there a one size fits all type deal and well not all houses are equal and can benefit from a more tailored solution by doing your research you can achieve the maximum WiFi performance for your house.
Another benefit to switching to your own router/WiFi equipment is being able to set and keep your own WiFi SSID (name) and password as some ISP provided routers do not let you change these settings or many do not bother changing them.
By setting your own WiFi SSID and password you don’t need to worry about changing this again (unless your password becomes compromised of course).
This means when you change ISP’s you wont have that headache of reconnecting all your devices to the new WiFi which will save you a lot of time.
Improving your WiFi by using your own equipment is something you can do without completely ditching your ISP’s router as most Wifi mesh systems for example will work in what’s known as WiFi AP mode where it just acts as the WiFi Access Point but not the router this is handy in the rare cases you are not able to completely ditch your ISP’s router.
VPN in VPN out
Most people will have heard of a VPN and many are using them now in some capacity.
VPN’s are Virtual Private Networks which essentially create a private tunnel between two points with the traffic inside that tunnel being invisible to your ISP and others snooping on your connection.
VPN providers such as NordVPN are becoming more and more popular these VPN connections create a secure tunnel between you and an exit node on the VPN providers network which allow you to choose different country’s to route your traffic.
These VPN providers offer privacy by stopping your ISP from being able to snoop on your traffic and allow you to access services from other county’s.
Most people using these services connect to them by installing the providers app on your device be it your phone or Laptop but did you know that if you ditch your isp router you can choose a router that supports these VPN connections!
There are many routers out there that allow you to create VPN clients that can connect to services such as NordVPN and you can then choose to route either all your home networks traffic or just select devices or even be really cleaver and route specific destinations via the VPN something known as split tunnelling.
By doing this you can cover any device you want including smart TV’s that may not otherwise be able to connect to your VPN provider.
While we have talked about connecting to a 3rd party VPN provider to protect outbound traffic to the internet you can also create your own VPN’s for inbound access to your home network or site to site VPN’s.
You can get routers that have VPN servers built in which allow you to setup a VPN connection that allows you to access your home network when your out and about.
An example of this is I have OpenVPN server setup on my pfSense router and OpenVPN client on my phone and laptop that allows me to access devices such as my CCTV system securely when I’m away from home, I even have it configured to route all my phones traffic back though my home network which means I get the same secure ad free experience as if I was at home.
I also have seral site to site VPN connections setup using another VPN system called WireGuard.
One of these site to site VPN’s is between my house and a relatives house where I have my backup server this allows me to backup my files from my NAS each night and also run some systems at my relatives house as a backup.
The other site to site VPNs are used to route my relatives TV’s internet traffic back to my house which makes them appear to be using the same public IP address as me which allows me to continue sharing certain streaming services.
There are a number of different VPN solutions you can choose from again the power is with you and what you choose.
DNS - Get rid of those pesky adverts
DNS stands for Domain Name Server they are servers that convert domains such as bbc.co.uk to IP address like 151.101.192.81.
You will have an internal DNS server on your home network in most cases running on your router this handles DNS requests for your home network and then will forward any requests outside your home network to a DNS server upstream (in most cases).
By default if using your ISP’s provided router you will be using your ISP’s DNS servers now in some cases you can change these DNS servers in the routers settings but you may not have the full set of options or woorse not be able to change them at all!
Why is this important?
The DNS server you use to resolve internet address makes a huge impact on your internet experience, performance and security.
If your using a standard non encrypted DNS server then not only will the DNS server provider be able to see your requests but anyone snooping on the network will be and in the case for ISP’s DNS servers its also how they filter/block certain sites in most cases.
There have also been cases where ISP’s DNS servers have gone down which made it appear the whole internet connection went down for users if they had been using a different DNS server they would not have been impacted.
If you ditch your isp router you can take full control over your DNS both for your internal home network but more importantly for requests out to the internet.
You can choose a router that supports setting your own DNS server settings including using secure methods like DoH which encrypts all DNS requests and choosing a DNS server that supports AD, phishing and malware blocking and even ones that can filter and block a number of site categories.
You can choose to set a DNS server to a public one ie AdGuard which offer one for Ad blocking and a Family one that blocks Adverts, Malware, Phishing and adult sites.
You can also use one like Cloudflare which again offers family friendly DNS filtering or Quad9 which focus on Malware.
Some routers have built in DNS filtering for blocking Adverts and other sites such as PFBlockerNG plugin for pfSense.
You can also opt to run your own DNS server such as a pihole or Adguard for home both free and can block adverts and malware etc you can even set them up in a mode that turns it into a full recursive DNS server meaning your not using a public DNS server that can snoop on your DNS requests.
You can also opt to use a DNS server that has the lowest latency which can improve the speed of web browsing.
Security
One of the core themes running though this blog and why you should ditch your ISP’s router is Security.
Many ISP provided routers are woeful at best when it comes to security with poor Firewalls, lack of security fixes meaning they are full of vulnerabilities which often leads to the routers being hacked and used by criminals for BotNets .
For a device so central and critical to running your entire home network and with cyber security more important than ever this is where using your own router can really help defend you.
You can choose equipment that is secure by design meaning for one it is still in support by the manufacture and has security features built in to help lock down your network.
Choose one that supports the latest encryption standards for WiFi, VPNs, DNS etc.
More advanced router/firewall options can offer things like:
- IDS/IPS
- Plugins for Anti Virus./Malware, Advanced Threat protection etc.
- Granular Firewall control
- Country blocking /GEO bocking, allowing you to block traffic to/from certain countries this can improve security by blocking traffic to/from areas that pose a high security risk.
- Logging, choosing a router/firewall with more advanced logging can help with visibility into your network and identifying potential security threats.
- Being able to setup VLANs (Virtual Local Area Network) where you can separate/segregate your network into multiple networks ie to have your IOT devices sperate from your main network and create a guest network.
By choosing to ditch your ISP’s router you can take full control over your home networks security giving you the power to fully secure your home network.
and much much more
There are many more reasons to ditch your ISP router it all fits under the core theme of having complete control over your home network.
A few more examples include:
- Upgrading your entire home network to faster speeds not just with WiFi but wired speeds such as 2.5Gbps,10Gbps and beyond.
- Being able to setup multiple internet connections with auto failover see our blog here for more on that
- Stop ISP’s weird tools built into some ISP routers that can cause issues such as Virgin Media’s automated speed testing in their Hub5x
- Control which Broadband Network Gateway (BNG) you get connected to ie connect to a location closest to you. Wont work with all ISP’s but I was able to do this on my connection by rejecting DHCP leases from the London based BNG which then connected me to Manchester improving my latency from 10ms to 3ms! You can also do this with some PPPoE based ISP’s by setting the name.
- Use Andrews and Arnolds L2TP connection providing better peering and routing etc and can get around issues with routing with your ISP and give you a real IPv4 and IPv6 address’s if your behind CGNAT.
The list endless!
You can see how I’ve got my home network setup here showing how far you can get using your own router etc!
In the next blog I will cover some ways to use your own router which varies depending on your ISP and broadband type.