In March 2026, the FCC designated all consumer routers manufactured outside the United States as a national security risk, banning new foreign-made models from sale.¹ Eero, NetGear, and Google Nest are all affected, not just Chinese manufacturers, because they all produce hardware overseas.

The reasoning in the FCC’s National Security Determination is specific. Three Chinese nation-state operations, Volt Typhoon, Flax Typhoon, and Salt Typhoon, used compromised consumer routers to build botnets targeting US critical infrastructure: communications, energy, transportation, and water systems. The FBI and DOJ shut down one of these botnets in 2024. The ban follows directly from those incidents.²

I switched to a fanless mini-PC running OPNsense in 2022. The hardware cost about $200. The decision was partly practical: consumer routers frustrated me and I wanted visibility into my own network. It was also partly informed by the botnet reports that were already circulating at the time. A foreign-made box with opaque firmware sitting at the edge of a home network seemed like the wrong kind of trust to extend.

I wrote about the setup in more detail here.

The personal sovereignty concern and the national security concern are the same concern at different scales. OPNsense is open source and BSD-licensed. The trust is in the software, not the manufacturer. That was true in 2022 and it remains true regardless of what the FCC decides to do about everyone else’s routers.