PFSense Machine

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › PFSense Machine

Oubadah

676 posts

Ultimate Geek

#87320 25-Jul-2011 21:31

I'm after a good router, and PFSense keeps popping up. I'm not in the mood for scratch building a system at the moment, and I'd probably end up spending far too much, so what are your recommendations? Should I look at those atom based mini PCs, or maybe a second hand server off TM?

1 | 2 | 3

676 posts

Ultimate Geek

#497812 25-Jul-2011 23:20

What about this: http://www.trademe.co.nz/Computers/Servers/Servers/auction-393393551.htm

I have a dual port intel NIC. It's PCI-X 133MHz, will it run in a PCI-X 100MHz slot?

michaelmurfy

meow
13240 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#497825 26-Jul-2011 00:09

PFsence is good, very good in fact - I ran it on a old Celeron 500 for a few years with no issues, until I moved to a Cisco Router that runs everything.

On my network I just have a Cisco Router doing DHCP, IPv6, Firewalling and actually getting everything over the ADSL line, inside the network I have a server - but not just any old server, it's Pikachu.

Pikachu runs some Virtual Machines to do random tasks (Streaming video to the TiVi + my Tablet - Downloading legal media and also storing it too) - I used a old laptop that got pretty owned in the Earthquake which Apple refuses to fix.

It's more or less just keeping it simple for me, the Cisco is stable and does its job well, while Pikachu does what the Cisco doesn't. I guess the message I am trying to get across is just do what's right for you, do you want a screaming 2U server that sucks as much power as a small fan heater or do you just need a firewall + router? Grab a router that can run DD-WRT and do it that way.

Makin' it easy:

Grab a Dlink DIR-615 (they run cheap - make sure you also get the right revision) and shove DD-WRT on it, almost does as much as PFsence does. Unless if you run a high traffic network you won't notice a thing except that you have more cash in your wallet to buy beer with.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

raytaylor

4014 posts

Uber Geek

Trusted

#497837 26-Jul-2011 01:15

+1 DD-WRT
Can be installed on many different models of ethernet router (pay for it if you want to install into a wireless access point)

PFSense does the job well, but for a small 6 computer network its a little overkill
Personally I use kerio control as it has the gigabyte accounting system but its a paid-for product.

I think you can also install DD-WRT on an x86 pc with two network cards. Not entirely sure on this though.

Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here

Oubadah

676 posts

Ultimate Geek

#501581 3-Aug-2011 19:35

Is a DIR-615 with aftermarket firmware really going to be a significant upgrade over my current DIR-655?

muppet

2566 posts

Uber Geek

Trusted

#501590 3-Aug-2011 19:48

Have you looked at the Microtik routers?

http://routerboard.com/

Audiophiles are such twits! They buy such pointless stuff: Gold plated cables, $2000 power cords. Idiots.

OOOHHHH HYPERFIBRE!

michaelmurfy

meow
13240 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#501600 3-Aug-2011 20:00

muppet: Have you looked at the Microtik routers?

http://routerboard.com/

While they are nice, they are not really for the regular home user >.<

The DIR-615 with custom firmware will be far better.

muppet

2566 posts

Uber Geek

Trusted

#501601 3-Aug-2011 20:01

michaelmurfy:
While they are nice, they are not really for the regular home user >.<
The DIR-615 with custom firmware will be far better.

Yea but he said "good" router, not "crap" router.

Audiophiles are such twits! They buy such pointless stuff: Gold plated cables, $2000 power cords. Idiots.

OOOHHHH HYPERFIBRE!

Equinox IT

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.

Virgil

Dangerous Chocolate
206 posts

Master Geek

ID Verified

Lifetime subscriber

#501629 3-Aug-2011 20:54

pfSense is a good choice, very configureable if you wish, or works well with minimum setup as well. I ran it (and still do, as a backup) on a little Atom box, and it never raised a sweat, serving a reasonably busy (100Gb / month) home network.

The only reason I ditched it was to run Gargoyle Router Firmware on a TP Link TL-WR1043ND so that I could do bandwidth quotas and throttling of the teenagers.

That server you linked to on Trademe would be way overkill for what you want to do.

If you are going to be paying for the hardware anyway, my suggestion would be as others, buy a semi-decent router capable of supporting DD/WRT and variants, and run that - smaller, quieter, cheaper, better.

Of course, if you like tinkering with computers and hardware as a hobby, by all means get a small box and install pfSense or similar on it.

Do let us know what you finally decide on!

Cheers

Lurking ...

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#501636 3-Aug-2011 21:07

+1 for Microtiks, in a totally different league to domestic gear and very flexible.

As for a DIR-615 on stock firmware compared to DD-WRT, if you are not using the features the stock does not support then by and large the stock firmware is well up to domestic duty, a lot has changed in the last couple of years wrt to common garden router horse power and firmware ability.

Cyril

Oubadah

676 posts

Ultimate Geek

#501645 3-Aug-2011 21:22

Virgil:
That server you linked to on Trademe would be way overkill for what you want to do.

Of course, if you like tinkering with computers and hardware as a hobby, by all means get a small box and install pfSense or similar on it.

Yes, I saw the PFsense as a bit of a learning experience -somewhat for interest's sake. And with that overspec'd server I figured that even if the PFsense scheme went tits up I'd still have a useful server.

I don't know... TOO MANY OPTIONS!

So thes microtik things are just like the custom/purpose built mobos people have made for PFsense, but they have their own in-house software? http://routerboard.com/RB433AH

muppet

2566 posts

Uber Geek

Trusted

#501657 3-Aug-2011 21:42

Oubadah: So thes microtik things are just like the custom/purpose built mobos people have made for PFsense, but they have their own in-house software? http://routerboard.com/RB433AH

Pretty much, yea. They have a great OS that can do almost anything. I assumed you were after a commercial type device, not a consumer grade one.

But you don't actually say what you're after. So if you just want a consumer grade router with a few flashy options then yea, just a custom firmware is probably the way to go.

I flashed my home netgear (or netlink or something, I dunno it lives in the other room) router with a custom firmware. Really at the end of the day, apart from a lot of nerdy options, the only useful thing it gave me was the ability to SNMP poll it, so I could run Cacti against it.

Audiophiles are such twits! They buy such pointless stuff: Gold plated cables, $2000 power cords. Idiots.

OOOHHHH HYPERFIBRE!

timbosan

2159 posts

Uber Geek

#501660 3-Aug-2011 21:46

I can recommend Untangle, an alternative to PFSense, but with a much larger feature set. I have been running it for about 4 years, on various hardware and now use a AMD 3Ghz CPU, basic mobo, 2GB RAM and a dual Intel NIC, and for my home network its more than fast enough.

Note - if you do go down the route of using a PC based solution, make sure to use proper NIC's like Intel, as they can make a difference.

Untangle has spam filtering, ad-blocker, reporting, firewall, vpn etc etc.

Its pretty much install, configure and that's it. I only use the box to look at reports once a month.

Oubadah

676 posts

Ultimate Geek

#501661 3-Aug-2011 21:47

cyril7: +1 for Microtiks, in a totally different league to domestic gear and very flexible.

As for a DIR-615 on stock firmware compared to DD-WRT, if you are not using the features the stock does not support then by and large the stock firmware is well up to domestic duty, a lot has changed in the last couple of years wrt to common garden router horse power and firmware ability.

Cyril

I was also thinking along the lines of support/updates. D-Link's firmware on my DIR-655 is rubbish. Half the functions work erratically, or don't work at all. If you uncheck the 'enable wireless radio' setting, it refuses to save any of your port fowarding settings. There is a newer firmware available, but last time I looked most people were too scared to install it as it was reported to introduce a bunch or new issues, and there was no way to roll back to the older one. I suppose DD-WRT would be updated more regularly and be better bug tested than the D-Link F/W? But I don't know because the DIR-655 doesn't support aftermarket F/W.

raytaylor

4014 posts

Uber Geek

Trusted

#501668 3-Aug-2011 22:10

dd-wrt is amazing compared to stock standard dlink firmware.
Its a real eye opener when you look at what the hardware can auctually do when running a full featureset like dd-wrt.

Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here

MackinNZ

450 posts

Ultimate Geek

Lifetime subscriber

#501684 3-Aug-2011 22:59

I'm running Smoothwall Express 3.0 on an old P4 with 2GB of RAM. It works very well. Red interface connected to a DreyTek Vigor 120 in half bridge mode.

I agree with the comment earlier to use good NIC's. I bought Intel Pro 1000 GT's and disabled the PC's on-board NIC. I've run tests with cheap network cards and the throughput is much better when you use a better quality NIC.

1 | 2 | 3