A quick update on my AC810 adventures.

I’ve decided against zRAM – that would require a kernel rebuild and this device has no recovery mode.
Even though “free” showed only a few MB free (max I saw was like 20 MB, usually it shows 5-6 MB), I’ve never ran out of memory when running any software on the device.

Installed some additional software on the device, all built from source, including dependencies:
TUN driver, bash shell, latest hostapd, latest OpenSSL, nano editor and OpenVPN.
I didn’t overwrite any stock binaries just to be safe and instead used a simple wrapper script (which uses LD_LIBRARY_PATH) to run newly installed software.

An interesting idea came to mind when building OpenVPN – what if I could just take one of the WiFi APs (this device has two, one for 2.4 GHz and one for 5 GHz band) and bridge it to a TAP interface instead of doing routing to a tunnel ? Devices connecting to the bridged WiFi would then connect directly to my home network instead of being routed through a tunnel.
A true home WiFi away from home experience without any setup required !
Since OpenVPN is CPU-bound, I’m not expecting to get full speed, but around 40 mbps should be achievable with good 4G reception. More than enough for my needs (remote work and game streaming).

At first, I wanted to preserve dual-band WiFi and create a third SSID (WiFi driver claims to supports this) for the VPN bridge, but Qualcomm’s binary driver has a bug which causes WPA authentication responses from the client device to always be sent to the primary WiFi SSID instead of the secondary SSID, which causes authentication failures. Third SSID only works as Open WiFi which won’t do for me.
I have explored a possibility of using ath10k open source driver from Driver Backports instead of the binary blob (this device seems to use Atheros QCA6174 for WiFi) but again, I cannot install it without rebuilding the kernel due to cfg80211.ko being built into kernel which conflicts with Driver Backports.

So in the end, I had to dedicate one of the existing WiFi APs for VPN bridge. I’ve decided to use the 5 GHz AP for VPN bridge for now and leave 2.4 GHz AP for normal WiFi use but I’m not sure whether I will leave it that way.

UPDATE: OpenVPN was doing 24mbps max with CPU maxed out and a lot of packet loss. Switching from OpenVPN to SoftEther increased speeds to over 40mbps (and zero packet loss). Maybe it can do even more, will need to test in a different location with better 4G reception.
SoftEther was pain in the but to cross-compile (required manual editing of Makefile) and get working though and I also needed to use preloadable_libiconv hack to get past the iconv() stuff as libc on the modem did not have gconv enabled.