Ask Slashdot: Best Open Source Project For a Router/Wi-Fi Access Point?

An anonymous reader writes "My wireless router just died. I have an old netbook lying around that has a wired network interface and a wireless one. The wireless card is supported in master mode by Linux, FreeBSD, and OpenBSD. What does Slashdot recommend I use to turn it into a router/wireless access point? DD-WRT? pfSense? Smoothwall? Fedora/Ubuntu/OpenBSD with a manual configuration? I'm not afraid of getting my hands dirty and I know what I'm doing, but I want as close to zero maintenance as possible."

DD-WRT on Buffalo hardware

[AmiMoJo]

If you want something powerful but maintenance free then DD-WRT on dedicated router hardware is the way to go. Running an ARM system-on-chip without active cooling and everything on flash memory is going to be far more reliable than any kind of PC set up. DD-WRT does pretty much anything you want and you can get a root shell if you want.

For what it's worth I prefer Buffalo hardware. It's robust and performs well.

Re:DD-WRT on Buffalo hardware

[agoodm]

A properly configured and set up PC based router with appropriate active or passive cooling will be more reliable than ARM SoC based solutions due to the additional speed providing additional routing capacity. Most SoC solutions ive seen have insufficient power for reliable operation under anything more than a moderate load. Source: I manufacture and install PC based routers in places where ordinary routers are becoming unstable

Re:DD-WRT on Buffalo hardware

[AmiMoJo]

That's why I recommend Buffalo hardware. Their main market is Japan where symmetrical gigabit connections are quite common, so their hardware is capable of routing that. I find it to be reliable long term (5+ years).

Re:DD-WRT on Buffalo hardware

[johnnys]

This is probably not what the OP wants to hear (surprise! It's Slashdot after all) but I agree that a VERY good option is a Buffalo router. I bought a Buffalo WZR-600DHP running DD-WRT and it has been completely reliable in my SOHO environment. The feature set, tunability and capabilities of DD-WRT on this device are extensive and impressive.

I have tried DD-WRT on some older routers (Linksys) in the past and although the features were there the reliability and dependability were just not there. I had to reset every few weeks and reconfigure. So when I saw Buffalo was using DD-WRT I decided to try it and I have been very happy.

Re:DD-WRT on Buffalo hardware

[mellon]

I'm a little bit surprised to see DD-WRT getting such prominent billing. I've been using OpenWRT very happily for a long time, and had trouble getting DD-WRT to do what I want. It's possible that things have changed since I last investigated, of course.

I'm a bit biased in that I wanted something hackable; I've been able to make packages for OpenWRT and have them work with very little effort, and even been able to debug stuff under gdb on the router. This is probably also possible with DD-WRT, but when I investigated, OpenWRT seemed clearly easier to develop on. Building the router image from source was dead easy; customizing it was easy with "make menuconfig" and building packages within the build tree (with support for the packages in "make menuconfig") was easily done as well.

My point here isn't to say "don't use DD-WRT," because I have nothing bad to say about it; rather it is that it's worth considering OpenWRT as well. Personally I've had a lot of success with it, and recommend it highly as a development router OS.

Re:DD-WRT on Buffalo hardware

[mcgrew]

You guys all seem to be missing the point. He wants to repurpose old hardware without spending anything. I used to do something similar in my teenaged years (this was in the analog era) when I'd turn used transistor radios into guitar fuzzboxes. "But you can get a professional one for only $250!" Yeah, but I could turn a broken radio into one for $2.50.

If my aging router dies before this notebook does I'll probably do something similar with it. Plugging a new router in is no fun, building your own out of useless junk is.

Re:DD-WRT on Buffalo hardware

[saleenS281]

DD-WRT for all intents and purposes might as well be dead. At this point they've essentially stopped releasing updates unless you're paying for a subscription. And their last release for most hardware platforms wasn't even GA code, it was "pre-SPX".

Re:DD-WRT on Buffalo hardware

[fast+turtle]

Many folks make the same god damn mistake on the energy cost savings by getting a god damn router. Sorry but even in California (most expensive electricity in the U.S. @ 0.15 per kilowatt) your cost savings would need to be in the 100w per hour range to even be a Reasonable ROI (return on investment). $0.15 x 1kw (100 watts x 10 hours) is a meager $1.50. Take a cheap $40 router and you're looking at half a year minimum the payback to be worth it - that's for a system using 100 watts per hour. In the case of something low powered like an Atom based netbook - 20 watts for the CPU/Chipset (No Screen/GUI) you're now talking 2 years or better to even break even.

As an example, I have an old HP system with a 700Mhz Celeron (P3 era) using the Intel 810 chipset. Max power is 100w (PSU rating). In testing, the system uses 10w and can successfully boot from a floppy drive (pfsense). Note that it has 512M of ram (most $40 routers only have 4M) plus the CPU is 10-20 times faster. Hell pfsense or anyother floppy based router OS can damn near fit into the CPU cache. Now the cost to convert this to a router/ap is $0.00 for the simple reason it's already got a 10/100 nic and I have an unused b/g wifi card (PCI based) that can be installed. All I need is a bit of time to configure the unit and once done, it'll outperform any >$100 SoHo router on the market simply because of the amount of memory and cpu speed. All it will cost is some time/effort to setup. Value is priceless because I also learn how to do it.

Re:DD-WRT on Buffalo hardware

[AmiMoJo]

Such a system is unlikely to perform well or be reliable though. Older wifi cards in particular really, really suck. 2.4GHz is overcrowded in many places too, so shelling out for a 5GHz capable card is worthwhile.

On top of that you have to factor in the cost of electricity to run the thing. Even a laptop is going to be several times the power consumption of an ARM SOC based router. By the time you have bought a reasonable wifi card and factored in electricity you might as well just have shelled out £50 for an 802.11n 5GHz capable router and stuck DD-WRT one it. Even a Buffalo 802.11ac router is under £100 now.

pfSense

[kroby]

pfSense is a great open source router distro and should have no problem running on your net book. However, Sophos UTM/Astaro Security Gateway is a commercial product that is free for personal use. I recommend it if you need any UTM features such as gateway AV, IPS/IDS, Spam Filtering, and centrally managed AV.

Re:pfSense

[pnutjam]

The 2.0 series works well with wifi. I have been running pfsense on Alix hardware using an Atheros chipset wifi card and it has been rock solid for at least 5 years. I update it occasionally, but it is truly no maintenance.

If your wireless card is supported for AP mode it is a great solution, feel free to email me with questions.

I've never actually used

[opus_magnum]

either, but there are also Zeroshell and ClearOS.

zero maintenance

[girlintraining]

I'm not afraid of getting my hands dirty and I know what I'm doing, but I want as close to zero maintenance as possible."

DD-WRT. Pick a good router with a fast cpu in it if you plan on running P2P with it. My high-end Asus 'black knight' (one of the recommended high-end dd-wrt models) shits itself if you have more than about a 800 or so simultanious connections, because the CPU isn't fast enough. I would not recommend using a 'netbook' with a wifi card simply because it consumes a lot of power and you'll make up in lower power consumption costs what you'd spend on a purpose-built router in about 15-18 months.

Re:zero maintenance

[dugancent]

TomatoUSB is another option. I prefer it over DD-WRT personally, but they are both good options.

Re:zero maintenance

Agreed. I use the Shibby branch on my ASUS RT-N16. Been running strong about 2 years with no problems.

http://tomato.groov.pl/

Re:zero maintenance

DD-WRT in my experience can make "flaky" routers on default binaries suddenly WORK AS ADVERTISED.

I've had both linksys and dlink routers that rebooted themselves constantly, DDWRT solved whatever was causing it and they're now rock solid!

Re:zero maintenance

[spongman]

Please mod parent up.

Tomatousb is brilliant. Hardware compatibility is a little less broad than some of the others, but once you get t installed the usability is like butter.

Re:zero maintenance

Ditto. Shibby on a Belkin F7D3301. Factory firmware on that thing was trash, which happens to be where I found the router to begin with. I was about to trow it out (again) but on a whim tried Shibby's TomatoUSB. Rock solid stable, coverage throughout the house, and it consumes like no power (doesn't even get noticeably warm). But yeah, Shibby TomatoUSB - good stuff.

Re:zero maintenance

I had DD-WRT on my Linksys WRT54G v1.1, and it became flaky after I moved house (the wifi would intermittently stop working necessitating a reboot, not sure why but perhaps due to interference with a neighbours router as next door only switch theirs on when they are using it), but it became rock solid after I switched to Tomato (and I'm still using it).

Re:zero maintenance

Also, TomatoUSB and it's many variants are still updated, unlike DD-WRT which is so far out of date it's not even funny.

Re:zero maintenance

[Samizdata]

Nthing. As I said above, I had an old Buffalo that I put Tomato on (as I was on a metered ISP that had no way to check usage). Later I moved over to the Shibby branch since it had some feature I wanted (like DNSCrypt). Nary a regret of any sort.

OpenWRT

[Knuckx]

OpenWRT Attitude Adjustment 12.04; loads of packages available from official repositories, nice webinterface, and no commercial side selling product activation keys for certain features (like DD-WRT).

Re:OpenWRT

Yeah. OpenWRT is the way to go. You can build or customise everything and it has pretty decent documentation in the wiki.

Development for DD-WRT is a mess and the documentation is awful. You can't trust the DD-WRT website with its database since it is massively out of date and has a ton of just plain incorrect information. You need to work out what specific blessed build number works for your particular hardware and revision but the only way to find that out is to trawl around in their forums with the huge threads. Once you've found a working build then don't ever upgrade since it is likely that they've broken it in mysterious ways in a later build.

Re:OpenWRT

[jonsmirl]

OpenWRT is the way to go. Just buy a new, cheap commercial router and replace the software with OpenWRT. Don't mess with the laptop. It chews too much AC power and the wifi is probably not as powerful as the radio in the commercial router. You can buy fine 2.4Ghz router hardware for $30.

DDwrt is a mess, OpenWRT project organization is much better.

Re:OpenWRT

[markhahn]

yes, if you want to do fringe things that no one else in the community is interested in, then a community-supported system is a bad choice. surprise!

Consider a Microtik Router?

[mysqlbytes]

I recently got a Microtik router running RouterOS, and I have to say I love it functionality at it's price point. Even supports BGP if you are that way inclined. My DSL was annoying me, so I turned it to bridged mode, and now the new router does everything else. NAT seems faster, with pings being 3ms quicker which I was astonished at. My other idea was an old desktop running linux, but I worked out the pricing for hardware vs electricity. And within a year (in Ireland) I am going to save money with the Microtik router. The router uses about 7W fully loaded, whereas my desktop would be churning 250 watts fully loaded... This is my one: http://routerboard.com/RB2011UAS-2HnD-IN

Fix possible?

[jones_supa]

My wireless router just died.

Well, can it be fixed? Maybe it's just a dead AC/DC transformer or blown cap.

Just get a router

[SQLGuru]

Using an old laptop as a router isn't the most efficient use of your resources (time, money, energy, etc.). Sure, it can be done......but a router can be had for around $20 that is probably as good or better (I'm assuming your old laptop is at least 5 years old and probably G at best). Spending more would get you a better router (and if you shop around, even open-source compatible), but if the goal is to go on the cheap (assumed because you want to reuse a laptop), I'd still get a stand-alone router.

But if you insist on going that route, go with Linux and manual configuration. Then you can use the laptop for other things as well. Print server, web server, etc.

But in the end, giving the laptop to a group such as this: http://www.interconnection.org/ is better use of the technology.

Don't use a netbook

It's a bad idea to use a netbook from the perspective of power consumption. Compared to a dedicated system (often ARM or MIPS), a netbook's going to suck up a lot of power that could be better put to other uses. I'd personally suggest getting a commercially-available router that's well-supported by OpenWRT, such as a Netgear WNDR3800.

If you must use this netbook, then your best options are probably OpenBSD or Debian (stable), depending on hardware support and what you're comfortable with.

Re:Don't use a netbook

[jones_supa]

Actually it's not that bad. A netbook idles at 10W, which is on par with the power consumption of a DSL modem.

OpenWRT on good commodity home ap

[ezdiy]

OpenWRT on cheapo commodity hardware - personally I'm using TL-WR1043ND, 4x1gigE/300mbps 2.4ghz N, USB storage is best bang for 50 bucks.

The system is reasonably specced to run openvpn gateway for home network and serve USB drive miniNAS via smb.

DD-WRT is basically GUI polish for people who don't wan't to delve into scary command line, but otherwise nowhere near as flexible as openwrt is.

pfsense

[TheGratefulNet]

I'm using an atom cpu with several onboard intel gig-e ports.

fanless and has been pretty reliable so far. my 50mbps cable connection stays up and the 'router' has not needed rebooting in the month or two that I've been using it so far.

Overkill?

[kheldan]

In my opinion: Unless you're planning on also running servers (web, FTP, mail, etc) on your new "router/access point", then it's complete overkill to use even a netbook for that. Additionally, you'd be potentially opening yourself up to a world of hurt since your netbook, being a general-purpose computing device at heart, is going to be more vulnerable to outside attack than a purpose-built router/gateway/wireless access point.

Re:Overkill?

[fa2k]

Overkill isn't a problem in itself. It's not like the extra power is doing any harm.

Additionally, you'd be potentially opening yourself up to a world of hurt since your netbook, being a general-purpose computing device at heart, is going to be more vulnerable to outside attack than a purpose-built router/gateway/wireless access point.

How exactly? The software packages in the summary are specially designed for routing. It's not like the S/W becomes more vulnerable just by running on a faster CPU

Power consumption

[pla]

Keep in mind that while a dedicated consumer-grade wifi router draws around 5W, a netbook will draw 20-25W (possibly more).

Although that may not sound like much, a 24/7 load of 20W, at $0.15/KWH will cost you $2.16/month. You will break even vs just buying a low-end (Rosewill, etc) new router in about 10 months, or two years for a mid-consumer-grade LinkSys/DLink.

Admittedly, your solution will give you just about the highest-end wireless router you can get (limited by the radio in your netbook, of course), theoretically supporting any networking feature available with Linux. In practice though, how often do you really need anything beyond WPA2, IPv4 routing with a basic "block everything except what I allow" firewall, and perhaps (if you use VPN a lot) IPSec support?

Tomato

[PlasmaEye]

I use a build of Tomato by Shibby on my Asus "Black Knight" RT-N66U . It has tons of features and is easy to setup. You could also try some of the other Tomato builds.

http://tomatousb.org/
https://en.wikipedia.org/wiki/Tomato_(firmware)

Beat bufferbloat while routing

[billakay]

Look at the CeroWRT project (http://www.bufferbloat.net/projects/cerowrt). They have a fork of OpenWRT that is kept up to date quite often, and includes a lot of fixes for bufferbloat issues. The firmware gives a very low latency experience with very little effort.

Recommendation for ClearOS

[Lacrocivious+Acropho]

You could do worse than take a look at http://www.clearfoundation.com/ and the community edition of ClearOS.

In my opinion it provides Cisco-like capability on any old PC you have lying around. That old PC almost certainly has more power and capability than any typical end-user-grade router in the $30 to $120 market.

Disclaimer: I have no relationship with ClearFoundation except that of a user since 2003.

Hardware router vs laptop

[fa2k]

Many people say to get a router instead because of power consumption, wireless signal strength and stability.

You have to work out the power use yourself (some figures have already been posted by pla). Keep in mind though that a laptop using 20 W also provides 20 W of heating. If you're in a hot climate, you may lose twice by having to run the AC harder. If in a cold climate, with electric (resistive) heating, the 20 W may essentially be free most of the year. Also, if you can eliminate other devices (like a VPN gateway) with the laptop, that could be a win. On the other hand, if you need wired network it seems you can't even get away with an extra switch, as the laptop doesn't have enough ports -- here the dedicated ones clearly win.

The wireless signal can be tested. If you can boot a live-cd you could set up host AP mode and test speed by transferring data and latency with ping.

The stability is hard to gauge. Both netbooks and consumer routers can be quite bad. I ran a Dell Insiron 1501 as a router for a few years and didn't have any problems (except a ExpressCard NIC, which was later replaced).

I wouldnt' go for the laptop due to not having wired network, but otherwise I would definitely pick it. It's great for hosting small DIY services like a webcam. I wouldn't host internal-only services beyond those typically hosted on routers, for security reasons (e.g. if the webserver first binds to the local interface, then after an update binds to both interfaces).

Re:RouterOS

[mcgrew]

Google is your friend (I hope you're not spamming).

pfsense

[nurb432]

Hands down the best choice for commodity hardware where you it it to 'just work' once its setup.

Hybrid; use a router as a wifi bridge

[Khopesh]

I've done this in the past. My routing computer's wifi has never been able to compare with a wifi router, but if you ignore the "wan" port and plug your linux box into one of the other ports, you can use the wifi router for wifi only (essid, etc) and your own router for how traffic flows to the internet and to your wired network. The best of both worlds.

Utilizing "extra" IP addresses

[nuckfuts]

I pay for 2 static IP addresses from my ISP, but using OpenBSD I can actually use 4. Here's how it works:

1. * DSL router is in bridge mode. (Routing and NAT are handled by my OpenBSD box)
2. * My ISP assigns me a /30 subnet. Normally this would mean only 2 "useable" IP addresses because 1 would be used for the default gateway and 1 for the broadcast address. Instead, all 4 IP addresses are added as aliases to the PPPoE interface.
3. * NAT is performed using pf. (In my case, I have multiple internal LAN's, each one NAT'd to a different external address).

OpenBSD with pf makes a fantastic router/firewall. I'm sure the same thing can be done with other OS's, I just happen to find pf to be very good. OpenBSD's documentation is also great.