Jump to content
Covecube Inc.
  • 0
Christopher (Drashna)

High End "Custom" Routers

Question

For those that are not as familiar with this topic or ... why you'd want to do this, let me quickly sum it up:

Control, speed, reliability. And Control.

 

I've been running pfSense for a while, as a custom router. Instead of a normal consumer router, such as a linksys or asus or belkin router. I've been happy because it gives me more options and more control over the network.

 

But between some performance issues with pfSense, and then it not booting back up... I've had to replace my router. I have a Linksys WRT610N v2.... but it's been less than stable. Wireless dies on it, and if I even try to enable QoS (Quality of Service, aka Traffic Shaping) or WMM (wireless QoS basically), it crashes my router. Hard. Every 10 minutes or so. 

 

So I did so looking and shopping. I found a very nice little box that is an Atom CPU, low powered, and supports 2 NICs. And I got a license from Sophos for Home/Free use. Installed it and set it up. Absolutely love it.

 

http://www.newegg.com/Product/Product.aspx?Item=N82E16856205007

This is the box I got. IT doesn't come with RAM or drive, but I had both. 

And it idles at around 5-10% CPU usage.

 

If you're inclined on building your own router, then I highly recommend Sophos. It's a bit "draconian", but it has a great firewall built in. It also uses Squid I beleive to filter the traffic (and block things if needed), as well as to virus scan contents as you browse. Much like Untangle or pfSense. But it's all free, and requires a little more than a couple of clicks to setup.

 

For anyone interested, I've been writing about it here:

https://drashna.net/blog/2014/02/adventures-with-sophos/

 

 

 

Share this post


Link to post
Share on other sites

Recommended Posts

  • 0

The other thing that would affect system requirements would be when adding integrated wireless access points. I'm curious as to when you might get one of those and we'll see how that affects performance?

Share this post


Link to post
Share on other sites
  • 0

I ended up getting a Ubiquti Edge Router Lite, $100 and runs a dual core 500MHz MIPS processor. Processes one million packet-per-second, runs a custom OS named Edge OS which is based on the tried and true Yvatta. Full CLI access over SSH and Serial, and the web interface is gorgeous with full AJAX compatibility and CSS3 styling.

 

http://www.ubnt.com/edgemax#edge-router-lite

 

I freaking love this little thing.

.

Share this post


Link to post
Share on other sites
  • 0

I ended up getting a Ubiquti Edge Router Lite, $100 and runs a dual core 500MHz MIPS processor. Processes one million packet-per-second, runs a custom OS named Edge OS which is based on the tried and true Yvatta. Full CLI access over SSH and Serial, and the web interface is gorgeous with full AJAX compatibility and CSS3 styling.

 

http://www.ubnt.com/edgemax#edge-router-lite

 

I freaking love this little thing.

.

Does it do web/content filtering? I can't seem to find any documentation on this, all other aspects look fine.

Share this post


Link to post
Share on other sites
  • 0

Yep, although I currently have it setup for non-transparent/non-caching proxy, it has full blown Squid installed and supports SquidGuard rules.

 

It's a two command process:

  • set service webproxy listen-address 10.10.0.1 disable-transparent
  • set service webproxy url-filtering squidguard block-category porn
  • save
  • commit

http://community.ubnt.com/t5/EdgeMAX-CLI-Basics-Knowledge/EdgeMAX-Web-proxy-service-for-filtering/ta-p/684781

http://ahmeddirie.com/technology/networking/url-filtering-and-blocking-crap-with-vyatta/

 

Basically the router runs Vyatta, which is built on top of DebianSqueeze, you have full control over it and can install whatever you like from any repository. I even installed MySQL on it to test it out, handled my small XBMC databases just fine. I ended up removing it because I didn't want my router to do anything but route.

Share this post


Link to post
Share on other sites
  • 0

Yep, although I currently have it setup for non-transparent/non-caching proxy, it has full blown Squid installed and supports SquidGuard rules.

 

It's a two command process:

  • set service webproxy listen-address 10.10.0.1 disable-transparent
  • set service webproxy url-filtering squidguard block-category porn
  • save
  • commit
http://community.ubnt.com/t5/EdgeMAX-CLI-Basics-Knowledge/EdgeMAX-Web-proxy-service-for-filtering/ta-p/684781

http://ahmeddirie.com/technology/networking/url-filtering-and-blocking-crap-with-vyatta/

 

Basically the router runs Vyatta, which is built on top of DebianSqueeze, you have full control over it and can install whatever you like from any repository. I even installed MySQL on it to test it out, handled my small XBMC databases just fine. I ended up removing it because I didn't want my router to do anything but route.

Pretty cool stuff, but unfortunately I don't have time to learn command lines. I have to stick with a GUI.....well to be fair, I have been looking at the Ubiquiti products for a long time, and plan to put them in at one of my customer sites, but for now will go with Sophos for my home router.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...