Up Your Home Network Performance – Build Your Own Router!

Internet connections continue to increase in speed, and for a lucky few, it’s possible to get a Gigabit fibre connection at home. However, if you’re intending to use this connection to its fullest, you might find that your off-the-shelf router has become a bit of a bottleneck. [Wes Fenlon] of PC Gamer had this very problem, and found the perfect workaround – building a custom router instead!

The main problem with commodity routers is a lack of processing power. With networks growing ever faster, the hardware in routers hasn’t kept up with the needs of demanding power users. To solve this, [Wes] grabbed an old PC he had lying around, packing a quad-core i5 CPU and 16 GB of RAM. Fitted with an enterprise-grade 4-port Gigabit LAN card, and running Netgear’s  (Sorry commenteers!) Netgate’s pfSense routing software, the old machine has enough power to be complete overkill for the application.

The side benefit of this method is configurability. pfSense has a far more powerful set of options than most common routers. It’s config page also runs far more smoothly, too. There’s also the possibility to run all sorts of useful plugins, like router-level ad blockers and traffic monitoring utilities.

Overall, it’s a great way to repurpose a surplus machine and improve your network performance on the cheap. Others have tried similar builds, too. It has us contemplating the possibilities for our own networks at home!

110 thoughts on “Up Your Home Network Performance – Build Your Own Router!

    1. It’s *also* a router. A router forwards packets between networks. That’s what this does. It’s *also* a firewall, and it *might* be a switch, depending on how the author configured the ports to behave. It can also be a dozen other things, like DHCP, DNS, etc.

          1. Shoes tied, lunch packed on ice in transport, dinner made ;)

            NGFWs (sorry, it’s easier) pack it all together. Purpose built with custom chips make it a “firewall”, or stateful packet inspector. Add gadgets.. slice and dice with the fastest on the wire possible off-loads.. without reoccurring licencing fees and selling your soul to one vendor.. article and project fits the mold breaking the mold on slower, purpose built, zero security SOHO routers.

      1. To give him the benefit of the doubt, perhaps he was implying that a PC running PFsense doesn’t qualify as a router because most NIC’s don’t have half a dozen RG45 ports?

  1. Always a cool project, if properly secured. Probably more secure then the average consumer router.
    Update that NIC firmware!

    The inefficiency of an old computer might make an off the shelf router cheaper in the long run.

    1. Indeed; deploying a old PC as a router sounds very UNcool to me. You would almost start to believe those reports that viewing a movie on your computer consumes tremendous amounts of energy. For a constant-on device like this, I would look really hard for something with a smaller energy footprint. Buying a new device to run software that has to run continuously may make economic sense.

      BTW; a debunking article about the energy use of viewing a movie is https://www.carbonbrief.org/factcheck-what-is-the-carbon-footprint-of-streaming-video-on-netflix

      1. this movie watching thing is only a problem if your electricity was generated by some crazy coal burning process, like in germany, otherwise you are good to watch your movies on a computer

    2. I’d weigh that against the cost of dealing with a router that is vulnerable to security issues, and potentially having to dispose of it once the manufacturer stops supporting it.
      It was VPN filer followed by the reports of Tomato based routers becoming targets for attacks that pushed me over and had me look into opnSense and pfSense.
      I’m running opnSense on a Lenovo Thinkcentre m92 Tiny. Anandtech has some measurements showing it between 12-39w which actually isn’t too bad when comparing against a number of wifi routers:

      I guess I should measure the power draw of my combined router and wifi AP (really a router but with the routing features turned off) to see what it really is. If I take the half way points for both pieces of gear, that’s 19w total for the 2 pieces of gear ((39-12)/2 + (11/2)).
      If I make the same assumption about the R6400 I replaced due to security vulnerabilities, issues with 3rd party firmware, and concerns over updates, that is a power draw of 11.61w. The delta is 7.39w.

      Say my electricity cost is $0.29/kwh. ((7.39/1000)*0.29) * (356*24)) gives me $18.77 per year.
      Lets just guesstamate an OK wifi router being $110. That means the consumer router has to be supported for almost 6 years to make up for the delta in electricity costs. It’s even longer if you go with a fancy router.

      I wanted to throw a comparison of the Banana Pi in here as a router but it looks like it’s software limited like other routers.

      I really hope AMD’s return to form will spark a new round of innovation around low wattage x86 CPUs and us that magical combination of low power consumption, decent performance, and low price PC hardware because it is a vastly easier ecosystem to target than ARM SoCs.

        1. Those are some pieces of router software I haven’t heard of before, I’ll have to have a look.

          I was gifted some embedded AMD boards by a friend a little while ago (I think they are running older APUs). I’ve been thinking about getting them out of store as they support PCIe in a standard slot and I can use a 4 port NIC to do some VLAN work and separate IOT stuff from other parts of my network.

          I hope we might see solid options for adding wifi capabilities to our x86 based routers and eliminate the need for a wifi AP. But the state of wifi cards is such that they don’t do well acting as a host.

    3. I run mine on an old server with a xeon e3 along with a few other vms tasked with other duties, but for those concerned about power usage, you could consider something like this I found the other day: https://www.amazon.com/dp/B078V6MT9D. It’s a 10w TDP CPU, and should still have enough horsepower to run most of the things you throw at it. Granted, you’ll still need to add your own memory and storage, but I can’t imagine it’d need much.

  2. That guy´s blog has too many ads, it makes the site hard to read and easy to lose interest. A pfSenserouter-running pi-hole could take care of it , maybe. A project for a rainy weekend.

    But one consideration would be power. The costs of a good router would be less in the long run than the cost of running that PC 24×7. Unless electricity is cheap where he lives.

    Of course, ISPs will not provide very good routers, because they have to be in their price wars with other ISPs, and then have to squeeze their shareholders margins from weak equipment, etc.

    1. Maybe it´s time to install an ad-blocker plugin on your browser ?
      I can recommend Ublock origin as well as Privacy Badger. Both together do a fine job at cleaning up ads from web pages.

      1. Ad blocker doesn’t work on that lousy site. This is what I get (without opening up the blocker):


        Thank you for visiting this site. Unfortunately we have detected that you might be running custom adblocking scripts or installations that might interfere with the running of the site.

        We don’t mind you running adblocker, but could you please either disable these scripts or alternatively whitelist the site, in order to continue. Thanks for your support!

    2. It depends a lot, there are some pretty power hungry wifi routers out there. Also, there are PCs that are running at a few 10s of watts. In my case, using back of the napkin math, I’d need a half decent consumer router to last about 6 years (meaning it is supported by the manufacturer and gets updates) to break even on the cost difference in electricity.

  3. Since the router is on all the time, power consumption is a big concern…. CPU’s throttle, but a typical PC will still approach 100W, even if the video card is removed.

    Go to your favorite on-line marketplace and search for “Firewall Appliance”. There are many options available for $200 to $400 depending on what is required. What you get is a cool running, <15W consuming, air cooled, multi-core CPU, multi-port LAN appliance that can be wall mounted in your IT closet and used for many things… NAS, Router, Home Automation, etc. Make sure you get a CPU with the built in AES-NI crypto hardware.

    Since home versions are "free", I've tried Sophos, and now I'm running pfSense on my fiber connection. The issue is that you MUST become a bit of a FW expert, as the software will find all sorts of inconsistencies that may be normal in your home network…. and will block or drop the packets, or add your IPTV streaming server to a blocked list. This leads to a low acceptance factor by the rest of the family when apps, VoIP applications, gaming, random web sites (or portions of a web site) get blocked, or the web TV stops working. In the interim, many of the features like SNORT and Suricata can be turned off if you get tired of dealing with them. Implementing OpenVPN and choosing what traffic pops-up in Australia is a great way to learn, and to slow down your teenager's gaming. But if my patience is tested further, I'll try the generic Intel version of Gargoyle-Router which removes a lot of this FW nuisance factor.

    No matter your outcome, the learnings with putting together a home built, repurposed, or new FW appliance are a worthwhile.

    1. I think you’d be surprised how low a typical desktop PC can go. Embedded hardware can do better of course, but I’ve got 2 office PCs on a shelf with 90W quad core CPUs, one with just an SSD and the other with 6 HDDs that are drawing 80W combined. Maybe that’s the tip actually, office PCs from big box manufacturers tend to have a lower power consumption because that’s beneficial in their intended use.

    2. I set up two ways to test power consumption of some systems and was quite surprised at how much they didn’t use. All the power consumption spitballs you find on the web seem to be doubled.

      I had two ways of metering, one was a battery backup power supply, not really a UPS, more capacity. Something near a kW/h capacity, but maxes at 400W output. This has a power draw meter on it, 3 figure digital, only starts reading at 25W though with 1W precision. The other is a clamp ammeter with a modified short extension cord to read off.

      So I had two machines I was looking at, one with an 89W X2 the other with a 65W Core2 2 drives a piece. Baselined them “doing nothing” with no special configuration, meaning windoze was doing it’s housekeeping still probably, maybe even downloading updates. Both came out around 40W fairly steady… This is at the wall, after PSU losses. Doing minor tasks, bit of browsing, this hardly increased, even though CPU load would jump to 100 on and off. These were using onboard graphics, Radeon 6100 and intel 950 IIRC. Then also I tried them while transcoding video, and wall power went to 65-70W still a bit below TDP of CPU +25W guesstimate motherboard +10W per drive…. Then I tried them with two HD-5850 cards in, performing hash functions, and even though I was running off one card for the desktop the idle consumption barely changed, think it was up to 45. Then I ran the load, and was just shy of 300W at the wall, when expectation was this should be somewhere near 175W+175W+89W+25+10+10 all over 0.8 to account for PSU loss.

      This was confirmed on the two separate measurements, amp clamp and battery backup unit. Which both were always within 1W of each other. I think there was an edge casey 2W one where it calculated out at a .49 or .51 and it went the other way. I had planned to repeat testing with a lower wattage Socket A and lower wattage 775 CPU which I had on hand, but project came to a halt for other reasons. Just saying these weren’t the low watt poster children, and for old systems it may be worth grabbing a replacement CPU for pocket change, or actually ending up money ahead if you sell your old one, since price tends to sort by speed, and once things are a few years old they can get very cheap if not high end.

      I would expect that with aggressive power saving, utilising clockdown features to the fullest, and maybe suspend to RAM if appropriate, one could knock down the idle consumption quite a bit. The monitor was not included in the test and can be a significant power draw though, so make sure that goes off.

      So I would conclude that it’s possible to run old desktop hardware at quite low power consumption, and it follows that it should be possible to run laptop/notebook hardware at half that again, which you can also pick up dirt cheap especially if it has a broken screen. (Need to find one with a good interface for a second NIC though and a good primary NIC)

      1. Using an old portable would be the way to go for this, not only for lower power consumption (though probably still more than a standalone router, most of which draw something like 20W max) but because you get a built-in UPS.

    3. I did the exact same custom router but using an i3 8Gen /w 16Gig ram and Centos. A barely stand at 17W of power consumption, approximately the same as my (power hungry) ISP’s router.

    4. I just checked the (near) idle power usage of my everything and the kitchen sink hand me down homelab/everything else server.
      Dell server chassis, raid card, 8xinternal lff drives (sas/sata) and one external usb drive, dual 6 core xeons cpus (sandybridge era), 128gb of memory, redundant power supplies. This is way more hardware than needed for a router

      135w idle.

      A typical cast off desktop PC is not going to even get close to that at idle. Better yet a lot of small form factor machines only have 90w power supplies, that’s peak draw. Some usff machines are under 60w peak (mobile cpus and chipsets)

      Yes their draw is going to be higher than bespoke router with a tiny arm cpu, but it’s not so much a difference as you believe.

      1. I’m using a Thinkcentre M92 for my router. I need to measure the power draw but Anadtech did this power check with it: https://www.anandtech.com/show/6162/lenovo-thinkcentre-m92-system-review-pintsized-power/3

        I figure I might be at the half way mark with mine. That makes it pretty competitive with consumer routers. I did some rough calculations comparing my mini PC and wifi router I’m using as an AP against the Netgear r6400 I replaced due to getting tired of it seen in all the security bulletins and the Netgear would have to be in service for just under 6 years to break even on the cost of electricity.
        And that assumes the router doesn’t get pwned before then.

  4. CNX-Software had a nice one yesterday, the Odroid H2+ : https://www.cnx-software.com/2020/06/18/odroid-h2-plus-sbc-gets-upgraded-to-celeron-j4115-processor-2-5gbe/

    Alternatively, I think there are a couple of rather powerful Arm boards that one might choose, e.g. https://www.solid-run.com/nxp-lx2160a-family/honeycomb-workstation/ And yes, it says “workstation”, but 4 10GbE SFP cages doesn’t say workstation to me, it says router!

    1. I’m contemplating getting a Odroid H2+ for my pfsense hardware however, it uses Realtek chipset for the gbe and pfsense doesn’t play well with RT chipset ethernets. I’m looking into if it’s possible to use an Intel based pcie gigabit nic (at least 2 ports) with it. If that works, IMA get one for myself soon

  5. There are tons of consumer routers that have enough horse power to do the job.
    https://www.smallnetbuilder.com/ for router review and benchmarks

    If you don’t like OEM firmware, make sure that the router can handle openwrt or tomato. I personally wouldn’t bother with DDWRT.

    There are also SOHO routers: Ubiquiti – EdgeRouter, MikroTik Routers

    You also have the option of running your router in a VM to avoid another box sucking power 24/7.

      1. NDA does not belong in open source project. i.e. some developers have more access than everyone else.
        OpenWRT is the FOSS way, so it is on my list. I see Tomato as a comprimise of the two as they also use binary blob for compatibility but without insider info.

        >DD-WRT has a license agreement and NDA in place with Broadcom that allow usage of better, proprietary, closed source wireless drivers (binary blobs) which they are not allowed to redistribute freely.

        >OpenWrt use only FOSS drivers. Fully open-source support for Broadcom wifi chips is very limited.

    1. Wait. VM?

      This is intriguing to me, if not practically (I’d never do it myself) then at least theoretically – until this article today it never occurred to me that yeah, all a router really is is mostly a cheap-ish linux box with special firmware + bigger antennas.

      It would make sense intuitively then to just integrate the firewalling, packet switching functionality into your end device (assuming an idealized scenario anyway like only 1 computer in your apartment)….. does anyone actually do that for real? I’d be concerned about stuff like Spectre-esque hardware vulnerabilities if I was shacking up with my firewall both in the same CPU. But wouldn’t that imply that separate hardware routers aren’t strictly necessary, except for convenience (multiple PCs, peace of mind security-wise)? I mean Intel thinks firmware-based TPM’s are good enough for the avg home user, so it’s not a stretch to lump your firewall in there too

      1. Your router (in a VM) doesn’t execute untrusted code. It simply do router/firewall stuff. i.e. parses the packets, runs a routing table and some management stuff. When you are surfing the web running all kinds of java scripts etc, all the router sees are packets and it won’t be executing its contents.

        Some people also runs other VM e.g. file server, media server etc. on the same host. While your consumer router might be able to do those, they are kind of weak.

        The host computer can infect the VM if you are doing unsafe stuff on the host side.

      1. Actually, I prefer to pick out the sand used in making the chips. Sand from Saudi Arabia lacks a certain, shall we say, ambiance? Bolivian sand, due to its higher altitude, has a “clarity” I prefer for the substrate, but Namibian sand has a bolder profile, essential for good MOS isolation.

        1. But don’t get me wrong, I believe that Saudi Arabian sand makes an excellent fiber for PCB construction!
          As for copper, if one can find some “old lode” from Butte, Montana, and refine it with Grand Coulee Dam electricity, then your circuits will be of netophile quality!

    1. Indeed. I can however agree with the comments above – if something that is on all the time going to a more power efficient option makes sense.

      Unless you are also going to use that spare performance – calculations per watt do vary but far less than minimum idle power draw – so if you are hosting a game server, website or what have you this could be the perfect option to do both at once. Which is inherently far better for the planet (keeps old electronics in use so no massive expenditure to make new and less shit in landfill) and has more efficient energy consumption than many separate boxes for each job (each separate box needs its own task scheduler kernel etc so there is more overhead).

          1. Lucky? at 6 cents? Wut? I pay like, just barely above 1 cent per kWh. The majority of the cost is the fixed costs for even having the power to the building, and those don’t matter if you’re drawing 1W or 1kW. Average prices when including the fixed price is around 6 cents here but it’s not really accurate to calculate on that on a per device basis.

          2. Daniel Jowithtwodotsaboveitnsson,
            I include the fixed monthly costs when I consider my monthly electric bill, divide the total KW by the total bill, and that is _my_ price per KW.

          3. That’s gonna help when you’re comparing electricity costs between areas, but doesn’t really give you the right picture when you’re considering whether X or Y device is going to cost you more to run… unless you like having the fudge factor.

        1. So do I…. 6 cents just for electricity! Yeah, right…. then add +transmission +distribution +various regulatory charges +tax… Where I live, quoting “6 cents/kWh” becomes a number for fools that believe in their politicians.

          1. Which is why I won’t go and incur a 20 Megawatt hour “energy debt” by buying some new piece of trash before I check out if any of my old junk can fit the bill.

          2. RW is correct, if probably underestimating the energy cost of a new device – though that can vary considerably and good numbers are hard to find.
            Unless you are going to run something for a very long time its often better to use existing hardware on soo many fronts.
            1 embodied energy – how much energy it took to make (and transport)
            2 recycling/ heavy metal leeching – how much energy or harm getting shot of the old hardware entails
            3 the older stuff is often much more fixable – when something goes wrong on your modern all ball soldered chips you need some serious gear to have a hope but the old edge IC’s, PCI expansion and socketed processors types are doable with simple tools and replacement parts.
            4 security – older hardware is generally simpler – so its harder for a flaw to make it to production. Its also been around so long any flaws there are in it are likely well documented – so no nasty surprises.

            That said taking if we assume your old PC idles at 100w and needs to work up to 220W or more when its being used but the 10W maximum power of say a Pi 2 can do the job just as well (or even better) it should be worth the switch. Though you might have greater benefits to the environment sorting out your own energy supplies add some local solar etc – which cuts down on your use of harmful electric sources, and if you are backfeeding the grid makes the grid a tiny bit cleaner too!

  6. It’s a terrible idea to advise people to build a router out of pc parts such that it sucks electricity like crazy, while it’s easily replaced by a <$100 ubiquiti (or other) device that is silent, performs similar (or better!) and is quite hackable also. If you want to go that route, at least point to some non-pcgamer blog with a real howto on how to build something based on an APU or similar single board router.

  7. I wonder how fast would Raspberry PI 4 be in “router on a stick” scenario (= routing between two VLANs using single NIC, exchanging data back and forth with managed switch)… Will it give full 1Gbps half duplex?

    1. I thought it had been tested as only getting about 860Mbps on the gigabit just as a network client, so don’t hold your breath for getting 1Gbps when it’s working hard.

  8. I did this with an old i5 4th gen lenovo with 8gb of ram and a ssd. Not only did my network get a massive boost but i was able to secure it better and do pipe certain devices through a vpn with no issues

  9. PCEngines APU2 and either OpenWRT, Debian, or PFSense on the box will be more than enough for most users with the option to add on most anything one could possibly desire. With an attached SSD the box is more rugged than any other applicance I have used thus far.

  10. I transformed old 486 PCs in routers back in 1998 with a floppy distro called Coyote Linux:


    I had to put 2 ISA network cards supported by Linux, with the right jumpers for the right IRQ address.

    I equiped many student places with that solution at the time, routers were expensive.

    Then came the LRP project:


    After that I hacked the first wireless routers (LinuxAP, OpenAP, ISL3893). One day I heard a Linksys router (WRT54G) was running Linux, gave it to a geek friend over the weekend, on sunday I received a phone saying “I have a shell, there is an exploit in the ping.asp web interface!”. That ultimately gave birth to OpenWRT.

  11. I’m running a similar powered system running VMware with pf-sense, a small windows-installation, ubuntu server and OpenMediaVault on it, but with a 10 gig SFP+ network-card off ebay and a 24-port mikrotik switch with 2 SFP+ ports, and a VLAN for the WAN-port and untagged (No VLAN) for the rest of the network. That changed my ping-times from 20 ms (+-5) ms to a very consistent 7 ms. It also helped spreading the bandwith out, so when i’m downloading games on steam, my wife can still watch her netflix or browse facebook, which the the ISP router didn’t handle very well. The 10 gig gives me the advantage that even if several people are hammering the mediavault, there’s still bandwith for the rest of the house to use the internet. The managed switch also gives me the ability to easily and securely separate my own machines, guests on wifi, video-surveillance, server-applications, etc. Every port on that switch can be isolated from any other port, since they can be presented as separate networks to pf-sense.
    PF-sense has 2GHz reserved, so if it needs the power, it can have it regardless of the rest of the system, and it gives me the ability to run sooo much on the machine too.
    The whole system, including my UPS, switch and server uses around 120W, running a lot of different things. Some may see this as a lot, but compared to what i would need to pay a hosting company for running just what i run on the ubuntu-server would easily cost 4 times as much, and then i would still need the media-vault, router and switch at home.

  12. I decided to change from my own build firewall router to a Mikrotik router. Less power consumption, many updates, lot of configuration, cheap, etc. Use the router ISP is always a bad decision, but no all people realize that.

    1. Way to go!

      I’m using RasPi 3+ with ZeroShell (Arm image). I’ve disabled the WiFi chip. 2 NICs, one native for LAN and an USB LAN adapter going to the Cable modem (WAN).

      Suggest nmap scan on the WAN port and ensure you are not exposing any services on the public internet. Use iptables to lock down incoming connections on the WAN port.

    2. The current crop of “prosumer” routers are good value for money (I have both Mikrotik and Ubiquiti devices), but have the drawback in that as soon as you enable certain functionality, they become CPU bound, and performance tanks.

        1. Remember its not even real gilding! Going to be that copper based fakery too!
          (Though there are a few devices every now and then that actually are PROsumer and gilt with at least 8 carrat stuff- finding such good items is rare, though even the worst ones with the prosumer mark up are likely to actually work for the basic features properly more than a few mins at a time, unlike the really budget brands which much of the time can’t do anything at all right…)

  13. Why not use some industrial board like the ASRock IMB-150 it already has 2 lan ports and will be able to do the exact same.

    I still have to do it someday but already got the parts.

    A j1900 should be able to handle this job just fine and is way cheaper on the long run.

  14. Seems like I did a lot of this back in the late ’90s, but I used FreeBSD. All those discarded computers that weren’t Y2K compliant really didn’t have much of an issue. The vast majority only had a slight problem in the battery-backed RTC that meant you’d have to reset the year during the first reboot in 2000. Yet people discarded them. At that time things like Netgear, Linksys, …, inexpensive firewall routers, simply weren’t to be found. So throw in an extra NIC or two, load FreeBSD, configure the firewall… *viola*! Most of those machines ran years past the turn of the millennium without any maintenance, what so ever.

  15. Has any commenter here actually bothered to measure the power usage of such a config? Personally I’ve been running pfsense on a small HP machine as a router, firewall, dns etc. for many years, but if I take it down to add a power monitor my family are going to be really annoying. Can’t have interweb downtime round these parts right now. If I have the opportunity I will take some data ans report back.

  16. pfSense looks nice, but the BSD kernel did not like my hardware. I’m running vyOS on a similar setup with WiFi and 4xLAN card.

    For me the reason for this setup is that I can control the software that runs on the machine. Off the shelf solutions come with proprietary binaries and bugs and exploits get fixed at the vendor leisure.

    After my Linksys and Asus routers got pwned, I briefly had Ubiquity edgerouter lite – that began having issues with the LAN cables. I switched to the vyos setup and this was been running without a hitch for 5 years.

    1. Thanks for the tip on vyOS… will examine this carefully. As stated above, the FW issues pfSense and Sophos creates for normal stuff is a nuisance. Seems that vyOS is a router with FW, while pfSense is a FW that happens to have a router too.

  17. Back in the day, it was FreeSCO, registry modifications of Windows Internet Sharing, and/or a number of FreeBSD apps that I’ve forgotten (or probably brain-bleached out of my memory). Lots of ways (many, not so good) of turning a PC into a router and/or switch and/or firewall. I’ll have to give this article a try, though, if I can find a cheap card to convert my Xfinity coax feed into something my spare computer can handle…

    1. FreeSCO was great. Ran it for quite a while on a few locations. The most basic hardware to run it in my case was a 486 DX 33 and a 1.44MB Diskette drive combined with two 3Com 3c509 (EtherLink III ISA) cards.

      Great times!

      1. I think I had one 3c509 and one DEC DE-220 or something. Was running on a DX-2/66 which was the slowest 3.3V CPU I had, thinking it was most power efficient, not sure it made a whole lot of difference, because I think the board had a linear regulator. I spoiled it with a whole 16MB of RAM, it booted off the floppy. Then it went to a 10 port hub and a linksys 802.11b access point which kept overheating. It turned out this was a cozy plastic shell around a tin box, so I skinned it and put it on top of a cold air return duct, and it wifi-ed away quite reliably after that.

        I found the name put a lot of people off trying it, because linux was in legal battles with SCO and I couldn’t explain fast enough that it meant free cisco, ppl just went to “SCO, ewwwwwww”

        1. “I found the name put a lot of people off trying it, because linux was in legal battles with SCO and I couldn’t explain fast enough that it meant free cisco, ppl just went to “SCO, ewwwwwww”

          Which was pretty much my reaction when I read it in the top comment…
          (not having heard of it before)

  18. Reminds me of back in the day I ran LRP as a firewall between my cable modem and thinwire ethernet network. It had so little memory/CPU if someone tried to hack it, it crashed and rebooted! Write protected floppy, so completely secure.

  19. I enjoy running pfsense VM as my firewall/router for my home network. There are VM servers behind the pfsense VM. It simplifies my home network allowing me to spin up other servers like Plex, FreeNAS, Minecraft and Transmission all on one Workstation.

  20. I’ve seen a few articles like this lately, and they all say routers are underpowered and have bad software. Maybe stop using consumer routers or try your hand in ddwrt? I switched to a ubiquiti setup a year or so ago and never have issues, and I didn’t have to spend a ton of time configuring it either.

  21. I use an intel nuc running Fedora and Shorewall for my router/ firewall. i think it’s a celeron, definitely not an i5. It draws about 10 watts. It will do 900 mbits / sec, so not underpowered.

  22. Switches use specialized asiics, not sure about firewalls. Routers seem to typically have pc based/equivalent cpu’s

    Apologies if this gets posted.twice..im gonna go get the paper get the paper

  23. I’m using a Dell 7010 i5 SFF with a server grade Intel dual GB card and OPNSense as my firewall/router. More than capable of handling anything I throw at it. It runs on a VM, along with a Linux install serving as a media server and a stat collector for my IoT network.

    Before that, I had an Optiplex 745 handling the job running pfSense for 5 or 6 years non-stop, til the hard drive finally died. Then I replaced that with another HDD, put OPNSense on it and ran it for another couple of years til I replaced it with the above last week.

  24. I want to try this but my Synology RT2600ac router is quite great and convenient with its features and it works great running it alongside my pi-hole machine.

    Will definitely go this route in the future though once I work out what I need for self-hosting.

  25. I’ve been using cable modems with modified cooling and PFSense rigs for years. I’ll never use an all in one. we just switched my friends home from an all in one access point modem router to a pfsense rig, a switch and some access points. His internet doesn’t give him shit anymore. it just hauls ass 24/7

  26. Build your own pfSense router its well worth the effort and the expense
    There are just a couple of things to consider when doing such
    1) If your technical and build and configure your own networks, then follow Lawrence Systems guide to building your own pfSense router/firewall device.

    2) If you are not technical and are not fully aware of what your doing and not familiar with PC construction, then go to netgate and purchase a product from them

    Either way, the firewall, router you will acquire will be far more capable than anything you will get over the counter from your local retail box store

    Now if you are in category # 1, there are some considerations for you
    1) Only select an intel processor that supports AES… you can discover this by googling the processor you considering and finding the ark intel page for that processor … AES will be at the bottom of the processors list of features, under security and reliability

    2) Only select Intel server grade network cards for your pfSense box either 2 port or 4 port PCIe Cards

    3) Pay attention to the box your selecting to use for pfSense.
    3a. make sure to select a commercial grade box from Dell, HP, Lenovo etc. as such hardware is up to the task of daily operation.
    3b. Pay attention to the box size and if it has expansion ports and the mainboard has PCIe expansion slot, If you get a small form factor case, you will need a low height adapter for your NIC, which can be rather difficult to find. For that reason, try to focus on cases that allow full height cards
    3c, The determent of putting a used system into play is the power supply. You have no idea how many hours its been used therefore my suggestion would be to replace it before putting your box in service. You won’t need a large power supply because you won’t be using that many resources. However, you will need a reliable power supply.
    3d. Consider using an SSD drive about 120GB since that would be overkill for most installs.
    3e. You will need to seek out later constructed devices that can be used as wireless Access Points. You don’t need over kill here a simple AC 1200 router that can support operation as an AP is just fine… a couple of those strategically placed will provide you with complete home coverage. If your old WiFi Router supports bridge mode then you can use it as your Wireless access point if you like, just remember some of those old Wifi routers will automatically turn on Guest mode and you can’t configure some of them with guest mode turned off. (had that problem with Linksys)

    Finally …. Research and plan … don’t go into your initial install of pfSense, turning on a bunch of services. Keep your initial box stock, then add and test later. as you grow and learn.

    Research, Plan, setup and get the system installed.
    Its a project I am glad to have accomplished.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.