Benefits of a Homebrew Router

An anonymous reader writes: Jim Salter has posted an article explaining why it can be a good idea to build your own router, and how he put his together. Quoting: "In the consumer world, routers mostly have itty-bitty little MIPS CPUs under the hood without a whole lot of RAM (to put it mildly). These routers largely differentiate themselves from one another based on the interface: How shiny is it? ... I wanted to go a different route. A lot of interesting and reasonably inexpensive little x86-64 fanless machines have started showing up on the market lately. The trick for building a router is finding one with multiple NICs." Once assembled, the homebrew router blows away even high-end SOHO routers for throughput and performance. "Given that nobody's offering any Internet connections over 200mbps in my area yet, that makes my inner crypto nerd dance with glee. I could literally encrypt every single byte of my Internet traffic, in either direction, without a performance penalty." Of course, it won't do wireless, but you can get separate wireless access points to handle that.

raspberry pi about 50$ does just fine.

[anon+mouse-cow-aard]

raspberry pi, usb ethernet dongle, power supply... about 40$. does 30 mbps with full iptables, NAT, dual stack ipv4 and ipv6, speed test is 30 mbps flat out. my isp rate is 30 mbps ... If you have access to > 100mbps great, but outside of google cities isn't that kind of rare? Don't see the point of a 300$ homebrew router. been using a pi for years. have two spares. no moving parts, no fan, low power consumption...

Re:raspberry pi about 50$ does just fine.

100Mbps at home isn't that rare if you don't live in some backwater country.

Re:raspberry pi about 50$ does just fine.

Our cable ISP just upgraded us to 150/20. I had an old desktop lying around, and power isn't *that* expensive here, so I bought a two-port intel NIC and tried to remember how routing and firewalls worked in FreeBSD. (I'm sure Linux or OpenBSD would be as good, it's just what I happen to know best). It took a few days to get everything working (e.g. getting dhcpd to register the dynamic hostnames with named, not to mention the strange new world of IPv6 delegations), but it was kind of fun.

Re: raspberry pi about 50$ does just fine.

[DuckDodgers]

yeah, me too

Re:raspberry pi about 50$ does just fine.

Quad Core RasPi, 1 Gb RAM : $35.00 - $25.00 on SALE
Power Supply: Scavenged : FREE 5V @ 2A
100Mbps USB NIC : $5.00
Wireless b/g/n USB Dongle: $10.00
USB Hard Drive @ 750Gb: $45.00
8 Port unmanaged Switch: $15.00

OpenWRT: FREE / DDWRT: FREE

So, I have a router, a NAS, an FTP server, bittorrent, SSH Server, WEB Server, WiFiAP, TimeMachine, RSYNC, all running on a single box, with a power consumption of less than 10W under FULL LOAD.

I've got 4 CPUs, 1 Gb of RAM, a 30Mbps/6Mbps uncapped network connection, a hatred of Comcast, and tons of legal torrents to seed, and the Pi is hardly breaking a sweat.

Sure, it doesn't come in a nice pretty case, but I can replace individual failed components, and even upgrade.

Re:raspberry pi about 50$ does just fine.

[jarablue]

I have fios and live in New England? I can get 300mb with my FIOS app in 2 seconds. Not everywhere is hamstrung by slow speeds.

Re:raspberry pi about 50$ does just fine.

[AmiMoJo]

The only issue with the Pi is that some USB ethernet adapters really suck. They suck so much that 30Mb/sec is going to hammer the CPU. Also, BT offers up to 70Mb/sec, and Virgin offers up to 200Mb/sec.

I'd suggest a cheap router. I like Buffalo ones because they are well supported by DD-WRT etc. and even ones that are 5 years old can easily handle routing 100+Mb/sec with QoS and other niceties, as well as being low power. They are designed for the Japanese market where 100Mb was pretty passé these days in 2008. Gigabit switches and WAN ports, meaty processor, plenty of RAM etc and very robust. Probably cheaper than a Pi once you include a case, power supply and two good quality USB gigabit NICs.

Re:raspberry pi about 50$ does just fine.

[Billly+Gates]

I live in Houston have get 6 megs a second. It is the only one that does not force an expensive TV package bundled agaisn't my will and a 20 gig cap for an ultra low price at $179 a month. Pfft

Homebrew used to be about doing better.

Homebrew used to be about doing better than what you could could get off-the-shelf.

In this case it sounds like it's better in some small, useless way, while being far worse in so many others. Now he's got throughput he can't actually use, but is missing critical functionality like wireless support.

I think this decline in the quality of homebrew reflects what has happened to the Linux community as a whole lately. The quality has dropped like a rock. So much Linux software has gotten worse. GNOME 3 looks awful. Systemd and PulseAudio still have caused me nothing but trouble. Firefox gets worse with each release. Wayland is nowhere to be found.

We need to restore the glory of homebrew projects. We need our homebrew projects to be better than the commercial off-the-shelf offerings. We need to not build something that's slightly better, but also far worse. We need to build something that's better in every way.

We need to restore the glory of homebrew projects!

Re:Homebrew used to be about doing better.

[PvtVoid]

I think this decline in the quality of homebrew reflects what has happened to the Linux community as a whole lately. The quality has dropped like a rock. So much Linux software has gotten worse. GNOME 3 looks awful. Systemd and PulseAudio still have caused me nothing but trouble. Firefox gets worse with each release. Wayland is nowhere to be found.

Yeah, Dude. I would never build a homebrew router because GNOME 3 / PulseAudio / Firefox. Those things make Linux routers totally worthless.

Re:Homebrew used to be about doing better.

[LordKronos]

Now he's got throughput he can't actually use, but is missing critical functionality like wireless support.

I personally gave up on wireless support in my router. First problem I was always having was finding a router that had all the features I want. DDWRT is a priority for me, but finding a single device that
1) supports DDWRT easily (ie: doesn't rely on me finding a specific outdated revision of the hardware)
2) is cheap
3) has gigabit ethernet
4) good wireless
5) has a good amount of memory

Getting all of these in one device is difficult. The next problem is that I'd periodically end up with wifi issues. I had issues now and then with different device. Then I got my OnePlus One and the problems got worse. For some reason that device always has connection issues. It would continually get disconnected (so often that I couldn't even backup the videos from my phone via smb...it would always lose connection in the middle and I'd have to start over. It might take 10 tries before a video successfully copied over). I tried 4 different DDWRT routers I had access to (4 different device models from 3 different brands) and had the same issues

The last issue is dealing with power outages. All of my networking equipment is in the basement on a battery backup. When power goes down, I'm able to maintain connectivity and continue working from a laptop without issue. However, locating everything in the basement means I have OK signal on the first floor, and terrible to no signal on the 2nd floor and front/back porch. To resolve this issue I put a 2nd DDWRT device (running as a wireless access point) on the first floor, but unfortunately it has no battery backup.

About a year ago, I decided to change my strategy. I ditched the 2nd device, turned off wireless on the router itself, and bought myself a Ubiquiti wireless access point. This solves a lot of issues
1) Wireless is now one less feature I need to concern myself with on a router
2) It's reliability has been impeccable. In 1 year, it has been rock solid, not requiring a single reset, and it's worked flawlessly (and performed well) with every device I connected it to
3) It's designed to use power over ethernet. It's power supply is plugged in to the UPS in the basement, then the ethernet is patched between the powersupply and my patch panel and through the regular house networking.
4) It looks really nice, so I can actually put it in a very central place in the house without it looking ugly. And at this location, the one device provides exceptional coverage for my entire house and the front/back yard.

Re:Homebrew used to be about doing better.

[fnj]

Now he's got throughput he can't actually use, but is missing critical functionality like wireless support.

Don't be obtuse, anonymous idiot. Wireless has absolutely nothing to do with routing. Nada. Make each piece do one job well. Limit single points of failure to taking out one function only. The cable modem, router, and wireless access point should each be completely independent items.

There are issues with this...

[mellon]

More memory doesn't necessarily make things faster if you have multiple streams and limited bandwidth. You can wind up with a situation where you have a lot of data queued in the buffer, and this botches TCP congestion control so that you wind up getting really poor throughput. Google "bufferbloat" for details. Using a crappy external wireless AP makes this worse. You really do want the wireless card to be treated as a first-class network interface on your router. Unfortunately, wireless drivers are usually closed-source, often have internal bufferbloat problems and other bugs, and can't be updated.

The article's main point, that a faster CPU in the router is wicked awesome, is completely true, of course. You just want to make sure you're running a recent Linux kernel that does a good job of queuing in the presence of a congested link. :)

EdgeRouter is exactly this!

[UberLord]

Ubiqiti EdgeRouter is exactly this: dual core MIPS64 @ 1Ghz, 512Mb memory and a removable USB flash stick for storage.
https://www.ubnt.com/edgemax/e...
This is ample for my needs. I bought the 3 port version about a year ago for £80.

https://blog.netbsd.org/tnf/en...

As of today, NetBSD-current has an uptime of about 6 months - which is when I made the last kernel modifications to support the NPF firewall.
This is more uptime than any other SOHO gear I have and the performance of the unit is exceptional.

OpenWRT for $25

[GlobalEcho]

These guys sell a tiny "travel router" (or just the board if you like) that goes for $25 on Amazon. Crucially it has 2 ethernet ports (albeit only 100Mbits), along with Wifi. It ships with their modified version of OpenWRT but takes only a couple minutes to flash to the latest fully open-source version. From there, going further into homebrew is trivially easy. I find it a better starting point than a raw Linux distro, and the low power consumption just cannot be beat. If you want to go Linux and don't have a fat pipe, I recommend it.

Re:net6501

[alantus]

Overall I've had a positive experience with Soekris devices. However, let me tell you why I won't be buying any more of them:

1. Cases badly designed for cooling. Unless you add a fan, you will have to put the case vertically in summer.

2. Disregard for OS support/integration. These things are supposed to work on Linux and BSD, but when something goes wrong (ie: the device hangs) or the hardware doesn't work as well as it should, they just blame the OS and don't even investigate. They might offer an RMA if its under warranty, but the issues will continue for sure.

3. As soon as their latest device comes out, support for the older ones stops. For example, they promised to add USB boot support for the net5501, but as soon as the net6501 came out, they just forgot about it.

Other minor ones: closed BIOS and the price is not great.

The Unifi USG ain't bad either

[zerofoo]

For those of us who want quality, but don't want the hassle of complicated configs, the Unifi USG is pretty nice as well - and it's cheap.

https://www.ubnt.com/unifi-swi...

So far, I'm a big fan of what Ubiquiti is doing these days.

Easily done.

[Lumpy]

Mini ITX motherboard, case and power supply. All done if you buy one with two ethernet ports, or just add a ethernet adapter for the second.
I use a gigabyte H77N-WIFI it has dual ethernet and absolutely rocks with a small SSD and only 2 gig of ram. Blows out of the water absolutely every bit of "router" hardware with even a very low price processor.

Run IP-COP, Momowall, pfsense or Smoothwall and you are done in less than a couple of hours with a device that makes Cisco enterprise stuff look like a toy.

ClearOS is the way to go for an x86 router

[Varka]

www.clearfoundation.com It's a super nice piece of software.

Use case

[silas_moeckel]

Ok so you're going to fiddle with making your own firewall.

You use a dedicated bit of hardware, $240 for a useless fixed config box. I can get a more powerfull laptop that is also silent and can run multiple VM's for the same to less. It also has a built in UPS and wifi that may be able to used as an AP a usb3 to gigabit dongle takes care of the second port.

You install ubuntu and throw a few iptable rules in, because obviously years of getting to a sane default with pfsence etc means nothing.

You still need a wifi AP and generally the standalone AP's cost more than a router.

If you're doing this would assume you allready have a VM hosts in the house that you could just run pfsence on. I did this for a decade. You can get 40+ mbs of vpn traffic out of a high end wifi router. Mind you routers used to come with bits like the BCM5365P that could do 75 mbs in hardware (and that is an ancient 2005 ish chip).

Yep

[koan]

Bought a dual NIC fanless MITXPC never looked back, I love the machine it's quiet reliable and small.
You can get them with more than 2 NIC's as well (I suggest you do for versatility reasons) there are a few builds you can run on these things PFSense, Smoothwall, etc.
http://www.mitxpc.com/
http://www.smoothwall.org/
https://www.pfsense.org/
http://suricata-ids.org/downlo...

refurb Cisco Liquid-8

[raymorris]

I don't pay any attention to fanless, but refurb Cisco and other high-end gear can often be had for a song.
Liquid-8 Technology has some deals. http://stores.ebay.com/Liquid-...

Re: net6501

[iamgnat]

Ubnt edgerouter

I'm a fan of their stuff so I recently picked one up to play with and use as a backup to my Juniper.

While the features are there actually configuring and using them is a PITA that is wrought with frustration if you have any experience with real enterprise level gear.

The biggest frustration for me was it's inability to load full structured (e.g. not a list of set commands) config files from a default configuration. The problem is that rather than wipe the existing config and apply the new one, it does it sequentially and not in a transaction. This causes problems when it realizes that you've deleted the default firewall, but it fails to remove it because an existing interface is still referencing it even though later in your config you change the settings for the interface and remove said reference. In such cases it also leaves the configuration in an odd state as some things get applied and other (even unrelated to errors) aren't.

After 2 months of fighting with it and still not being able to replicate my Juniper config I ended up dropping another $400 on a new Juniper to be my backup/dev router.

I like the idea of the Edgerouters, but they just aren't there yet. At least I'm only out $50 for it though. It certainly has a lot for $50!

But why?

[thegarbz]

No really why?

Performance? I have a 200/40 connection at home. The cheap nasty ISP provided piece of shit all in one modem, wifi router, gigabit switch in a sexy looking package has absolutely no issue with performance.

I also have a nice server with multiple gigabit NICs in them. All unused. I wouldn't think of using it as a router. There is just really no point.

Re: net6501

[joao.cordeiro]

Net6501 is crap. I have a 5501 and it was already crap. And here is why: It is largely overpriced. It has only 1 core and low frequency, and no special functions from good i5 or i7. Ram is always low for a x86. Every ethernet is its own device.. So, vlan and bridging happens on the kernel side AKA cpu. You can easly buy 2 or 3 arm based custom routers for its price, all 4 cores and all with switch chip with vlan support.

Netgear R7000 NightHawk Router + Custom Firmware

[foxalopex]

My home router is a NetGear R7000 NightHawk Router with TomatoUSB firmware by Shibby. Tomato firmware is notoriously stable on most of the platforms it supports and it's feature loaded with VPN and a huge number of other features. It also features an extremely nice front end GUI interface and is more than powerful enough for fast Internet applications. I originally ran my Router as a piece of software on my VM Server but eventually found it much nicer to have a dedicated piece of hardware handling it. Besides, if you're not a fan of Tomato then there's also OpenWRT and DD-WRT. Thou I've found DD-WRT to be unstable on some hardware. Regardless, this is probably the cheaper and simpler way of doing it.

Re:net6501

[Billly+Gates]

For home use??

Linksys has updated it's WRT54 and does do alot for $200. I have emulators for training myself for a home lab which by 2016 are very decent with pfsense and GNS3 in a VM.