Advice for DIY Router

Ultim8 · 29 Nov 2011 at 09:10

Ok after building myself a decent little freenas box and seeing it outperforms anything you can buy I want to play with making my own router.

I want it too also deal with the wireless.

Can anyone give me some advice on hardware but more importantly which software. I cant find a good place to compare but so far smoothwall looks good.

Also important info is that Im not a business or anything critical, I just do this for fun at home to learn. I want to have more control over my home network and see whats going on around the house.

sidethink · 29 Nov 2011 at 11:33

I'd suggest pfSense for this. Its superb.

My only note of caution would be to take care with the hardware you want to use, pfSense is based on BSD and is a little more fussy about things like driver support and so on. Their website and documentation wiki are very good however.

tntcoder · 29 Nov 2011 at 11:41

I use a Debian VM with two NICs for my home router/internet gateway, one to an ADSL modem and the other to the internal LAN It uses iptables for NAT/firewall and DNSMasq for dns forwarding and DHCP.

Dark Stat is also a nice web app to show you network loads and various statistics

Ultim8 · 29 Nov 2011 at 11:44

thanks sidethink I'll look into pfSense, out of interest why do you rate it vs say smoothwall?

Koalaboy · 29 Nov 2011 at 11:53

Be sure to check out the Mikrotik Routerboards as well - whilst not completely self-build, they're very capable and very much hands-on.

The soon-available RB751 handles the wireless as well, in a very compact little box.

(I currently use an Alix 2D13 running M0n0wall, which is excellent, but plan to switch back to an RB750 shortly - if you really want a DIY router, the Alix boards are stunning, if a little pricy)

LizardKing · 29 Nov 2011 at 12:08

Ultim8 said:
thanks sidethink I'll look into pfSense, out of interest why do you rate it vs say smoothwall?

PFsense is more user friendly and more functionality.

Though if its just for home use its probably overkill once you factor in the hardware needed (Virtualisation aside) a dd-wrt router will be much better suited while still providing plenty of configuration options.

sidethink · 29 Nov 2011 at 12:37

LizardKing said:
PFsense is more user friendly and more functionality.

Though if its just for home use its probably overkill once you factor in the hardware needed (Virtualisation aside) a dd-wrt router will be much better suited while still providing plenty of configuration options.

Lizardking hits the nail on the head.

I think pfSense is a little more keenly updated and supported than Smoothwall (although that wasnt always the case) but Smoothie is still an excellent product.

BSD forms the core of many dedicated firewall/router appliances since it has some inherent advantages against other OS's in that regard. Its general reputation is for ultra security and ultra stability, if configured correctly.

Again, I wouldnt be overtly negative about the other options, instead I would just reach for the generally best regarded tool for the job - and most folks I know that have rolled their own gateway devices in the SMB sector end up using pfSense.

If you are a little more limited in choice of hardware a homebrew Debian based setup or Smoothwall may be a better (and totally acceptable) option.

sidethink · 29 Nov 2011 at 14:58

I would also add that pfSense is derived from m0n0wall which is derived from FreeNAS which is derived from BSD.

So the style of GUI and a lot of the core code under the bonnet (syntax, paths etc.) will be familiar to you if you are experimenting with FreeNAS already.

Koalaboy · 29 Nov 2011 at 20:08

Just remember that pfSense doesn't have IPv6 support in the 2.0 release, so you have to track the 2.1 development.

That's the main reason I stuck with M0n0wall and/or Mikrotik. Of course, you could always add it in to a custom build.

Ultim8 · 30 Nov 2011 at 10:03

thanks for all the suggestions guys, I think I'm gonna try a few of the suggestions here.
I'm guessing there quick to setup?

paradigm · 30 Nov 2011 at 10:20

Also consider untangle.

LizardKing · 30 Nov 2011 at 22:30

One that i've been meaning to have a play with is Zeroshell.

For the simple fact you can do this with it!

Shame there is no easy way of getting a copy running on Amazon's EC2

Koalaboy · 30 Nov 2011 at 22:56

LizardKing said:
Shame there is no easy way of getting a copy running on Amazon's EC2

.. or that it's another one that doesn't support IPv6 (that I could see anywhere, at least).

Volitous · 30 Nov 2011 at 23:53

is ClarkConnect still kicking around? Always used to be good at this sort of stuff.

LizardKing · 1 Dec 2011 at 01:16

Koalaboy said:
.. or that it's another one that doesn't support IPv6 (that I could see anywhere, at least).

I cant imagine IPv6 will play any part in private networks for a long time yet.

By which point i'm sure they will have the support needed.

Koalaboy · 1 Dec 2011 at 11:57

LizardKing said:
I cant imagine IPv6 will play any part in private networks for a long time yet. By which point i'm sure they will have the support needed.

I've been running it at home (dual-stack) for well over a year... Just because many people are slow to catch up, doesn't mean it shouldn't be a requirement in routers - it's not exactly a *new* technology.

Sure, I'm not necessarily 'average' with a /27 for IPv4 and a /48 for IPv6, but it's definitely available and although it costs more than budget-internet-R-us, it's no more expensive in real terms than I was paying for 14.4k back in the day. It's most definitely a 'private' network in my house, except for my PS3 and the odd server.

It's network providers *and* router manufacturers/software who need to get this support in so that people can use it. The excuse of "It's not really needed yet" doesn't work with routers, because people can't use it until the routers support it.

The sooner people can move to IPv6, realise why NAT is bad and generally become free from the limitations of IPv4, the better.