DynDNS? I’m not 100% sure what CF Tunnel does, but from my 2 min reading it seems that DynDNS would accomplish what OP described just as well.

Time to get a Brentrace, I guess.

While I agree with you these practices do bring prices down for consumers. I just have the TV off internet and use an AppleTV.

The router sees that the DNS server didn’t return a result for one of the queries, so it goes to an upstream DNS server hosted by the ISP where they provide the IP for the ad

Nope. That is done by the pi-hole itself. The router would send a request, then it either gets the IP or it doesn’t, there are not retries upstream.

Well I would create 2 networks in your OpenWRT, Net1 would be tunneled over the VPN and Net2 will break out locally.

On Net1 you basically keep what you have.

Then you assign the NC Server to Net2. You can even create a SSID for this network (call it Guest or whatever) for when somebody needs your WiFi. Or if you want to connect a device you don’t care sending outside the VPN.

Afterwards you can go and turn off the WLAN in your Fritzbox. The telephone will continue working over DECT most likely.

You will probably also need to “expose” the OpenWRT on your Fritzbox. What this does is forward all traffic, unfiltered, to your OpenWRT. You need to do your own research to see if you want to do this, otherwise just forward porta as you need them.

Well it would depend on how you are routing your traffic. What is your VPN doing? How is it configured? I am a network engineer, happy to give you a hand.

I would have it in one of two ways:

1. 2 different SSIDs/networks, one fully VPN’nd and the other directly connected to internet.

2. or use 1 network to rule them all and then PBR (policy based routing) for the VPN, meaning that you send only specific traffic through the VPN. This can depend on IP, port, protocol, etc. Definitely the most advanced (and fun!) option.

So I guess the OpenWRT has the Fritzbox as default gateway, right? In that case, you need to just add a static route to your Fritzbox so he knows that there is a 192.168.1.X on the interface that connects to the OpenWRT. But if that traffic is being tunneled the VPN, it won’t work.

You should set up the OpenWRT (as is, the most capable device) at the internet gateway and just use the Fritzbox as a repeater. If you need the Fritzbox as a cable modem then you are out of luck and probably need to buy a new device.

In your place I would ditch the Fritzbox as much as possible (as is, use it just as a modem) and connect everything to the OpenWRT. If you have special needs, the OpenWRT can also create more than 1 SSID with different networks. Definitely buy new hardware if needed.

Just gonna play devil’s advocate here.

If it is not a fanless switch, it is going to make a hell lot of noise.

Also consider your electricity bill. You will probably be better off buying a small Netgear from Amazon for 30 bucks than having an old Cisco 2960S running 24/7.

So, what switch is it exactly?

And the most obvious one: you can connect more devices! The reason why I have one tbh.