I decided to make my own router and firewall after seeing the possibilities there were out there to tinker with your home network, and the restrictions that normal consumer hardware imposes in their all-in-one router-switch-APs. The first thing I did was create 4 different networks to separate my own devices, multimedia devices, IoT devices and then my servers, into 4 subnets (and creatin the 4 VLANS that correspond to each one). From there I configured the firewalls to allow only the connections that were needed for each set of devices, limiting the IoT to communicate only with the internet (when required) or to my local HomeAssistant server. My Synology DS423+ is connected via LACP using both gigabit connecting to perform load balancing, as I can have multiple user accessing it at one time. Regarding DNS, I used the DHCP to point all my devices to a DNS filter I have running on my Raspberry Pi 3B, and from there I have it pointing back to a Loopback address on the router, where it converts the general DNS port 53 request to a DNS TLS tunnel request via port 853. I later ventured into the IPS/IDS that OPNsense includes, analysing the traffic coming in and out of the WAN interface. Originally I experimented using the IPS/IDS on all ports, allowing there to be traffic analysis between subnets, but the CPU would begin to throttle and cause a decrease in performance. I used five Stratum 1 servers here in Spain to sync to (using 1 as the active peer, 3 as candidates and 1 as the outlier) and used DHCP to push the OPNsense routers NTP server as being the prefer method. Update 27/04/2025) I have installed ProxMox on my Mini-PC and used 2 cores of my Intel N100, 8GB of RAM and 50GB of storage for a Pfsense installation, to which I reconfigured everything stated above. I also created a virtual IP to which I can connect to the ProxMox Dashboard, allowing me to make full utilization of the 6 2.5GBit Ethernet ports on the PC.