Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Networking Build

Benefits of a Homebrew Router (arstechnica.com) 247

An anonymous reader writes: Jim Salter has posted an article explaining why it can be a good idea to build your own router, and how he put his together. Quoting: "In the consumer world, routers mostly have itty-bitty little MIPS CPUs under the hood without a whole lot of RAM (to put it mildly). These routers largely differentiate themselves from one another based on the interface: How shiny is it? ... I wanted to go a different route. A lot of interesting and reasonably inexpensive little x86-64 fanless machines have started showing up on the market lately. The trick for building a router is finding one with multiple NICs." Once assembled, the homebrew router blows away even high-end SOHO routers for throughput and performance. "Given that nobody's offering any Internet connections over 200mbps in my area yet, that makes my inner crypto nerd dance with glee. I could literally encrypt every single byte of my Internet traffic, in either direction, without a performance penalty." Of course, it won't do wireless, but you can get separate wireless access points to handle that.
This discussion has been archived. No new comments can be posted.

Benefits of a Homebrew Router

Comments Filter:
  • by anon mouse-cow-aard ( 443646 ) on Wednesday January 20, 2016 @08:28AM (#51335213) Journal
    raspberry pi, usb ethernet dongle, power supply... about 40$. does 30 mbps with full iptables, NAT, dual stack ipv4 and ipv6, speed test is 30 mbps flat out. my isp rate is 30 mbps ... If you have access to > 100mbps great, but outside of google cities isn't that kind of rare? Don't see the point of a 300$ homebrew router. been using a pi for years. have two spares. no moving parts, no fan, low power consumption...
    • by Anonymous Coward on Wednesday January 20, 2016 @08:34AM (#51335239)

      100Mbps at home isn't that rare if you don't live in some backwater country.

      • by bonehead ( 6382 )

        I live in a tiny, little hick town. It's a 45 minute drive to the nearest town with a population over 1000.

        My cable Internet gives me 100Mbps with a 2TB monthly cap,

      • Shoot I pay $80 for a 6 meg connection pipe. I hate DSL but Cable forced into a TV package I will not use and a 20 gig cap because they lobbied my local governments to prevent competition.

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Our cable ISP just upgraded us to 150/20. I had an old desktop lying around, and power isn't *that* expensive here, so I bought a two-port intel NIC and tried to remember how routing and firewalls worked in FreeBSD. (I'm sure Linux or OpenBSD would be as good, it's just what I happen to know best). It took a few days to get everything working (e.g. getting dhcpd to register the dynamic hostnames with named, not to mention the strange new world of IPv6 delegations), but it was kind of fun.

      • by gwolf ( 26339 )

        The main problem with using an old desktop as a router will be the ongoing, always-on electricity costs. You could have a system with a 300W one. How long until it pays for itself?

        • You may use an underclocked Core 2 Duo or AMD, that'd be much better than a Pentium 4.
          Not hard at all to replace the motherboard later but keeping case, power supply, hard drive, (PCIe) network cards.

          300W is also not really possible unless you do GPU grid computing, or CPU grid computing on a really overclocked and hot CPU.

    • by gmack ( 197796 )

      Not in a Google city but I have 120 mbps down and 20 mbps up. I ended up buying a couple of giabit cards for an HP Pentium 4 desktop with 4 gb ram I had laying around and it manages to easily keep up with the abuse I throw at it.

      Having said that, sometime in the future I will replace it with a $100 Chinese Atom mini desktop with 2 ethernet ports just to eliminate the fan noise in my livingroom.

      • by vux984 ( 928602 )

        Ugh... a pentium 4 is a space heater. :)

        • and pci-33 can't do gigabit much less more then 1 card at the same time shared bus.

          • by gmack ( 197796 )

            Thankfully it doesn't need to do the full gigabit. I managed 126mbps downstream and 20.4 mbps upstream so my connection is maxed so that was all I cared about at the time.

          • and pci-33 can't do gigabit much less more then 1 card at the same time shared bus.

            That's OK, he only has to be able to reach 120 Mbps, which shouldn't be a problem. Wikipedia suggests that no P4 chipset had PCI 66 MHz support, which is optional since PCI 2.1 (even in non-PCI-X systems.) The only PCI-X system I've owned was AMD-based, and it also had GigE on 32-bit 66 MHz PCI internally. But maybe Wikipedia is wrong, and it's possible to get double-speed PCI out of a P4. Probably not, though. Using a P4 is a bit insane. I chose a used C2D because it was almost as cheap as a used P4, but c

    • Re: (Score:3, Interesting)

      by Anonymous Coward

      Quad Core RasPi, 1 Gb RAM : $35.00 - $25.00 on SALE
      Power Supply: Scavenged : FREE 5V @ 2A
      100Mbps USB NIC : $5.00
      Wireless b/g/n USB Dongle: $10.00
      USB Hard Drive @ 750Gb: $45.00
      8 Port unmanaged Switch: $15.00

      OpenWRT: FREE / DDWRT: FREE

      So, I have a router, a NAS, an FTP server, bittorrent, SSH Server, WEB Server, WiFiAP, TimeMachine, RSYNC, all running on a single box, with a power consumption of less than 10W under FULL LOAD.

      I've got 4 CPUs, 1 Gb of RAM, a 30Mbps/6Mbps uncapped network connection, a hatred of

      • by alantus ( 882150 )

        Sounds wonderful.
        Do you count your uptime in minutes or hours?

        • by gwolf ( 26339 )

          What is your experience with such gear?

          I have several ARM boards, ranging from the well-known Raspberries (Pi B, Pi 2), Bananas (M1 and M3), Beaglebone Black, a nice packaged computer (CuBox-i), a SmartTV UG007 HDMI stick, even a MIPS Creator CI20. I don't have them all always-on (just three of them), but (barring underpowered power sources, which really suck) don't have any stability issues.

        • I've run a Raspberry Pi as a server (DNS, DHCP, LDAP, Kerberos, SMTP/IMAP, webmail, MediaWiki) for 3 years with only one restart necessitated by stability issues, when my DHCP server inexplicably stopped dishing out IP addresses and refused to play until the box was restarted.

          That's much better stability than our ops guys ever seem to manage in the office.

      • and the that usb bus limits you to about 35-40MB max the hard disk also eats into that on the pi.

    • Pretty much anywhere you get cable you can get at least (but probably more than) 100mbps. Considering that cable is almost everywhere, it's not that rare.

      Now if you're stuck with DSL, I'm sorry.

    • by AmiMoJo ( 196126 )

      The only issue with the Pi is that some USB ethernet adapters really suck. They suck so much that 30Mb/sec is going to hammer the CPU. Also, BT offers up to 70Mb/sec, and Virgin offers up to 200Mb/sec.

      I'd suggest a cheap router. I like Buffalo ones because they are well supported by DD-WRT etc. and even ones that are 5 years old can easily handle routing 100+Mb/sec with QoS and other niceties, as well as being low power. They are designed for the Japanese market where 100Mb was pretty passé these

    • Except for when you are using your LAN. For example, a NAS.

    • What's the internal throughput? Are you still limited to 30mbps?
    • USB Ethernet limits network and any disk is also on the same bus.

      Most cable systems are pushing 50-100+ for most. XDSL2 45-75 (some areas 100).

      gigapower 300/300 or 1G / 1G

  • by Anonymous Coward on Wednesday January 20, 2016 @08:32AM (#51335227)

    Homebrew used to be about doing better than what you could could get off-the-shelf.

    In this case it sounds like it's better in some small, useless way, while being far worse in so many others. Now he's got throughput he can't actually use, but is missing critical functionality like wireless support.

    I think this decline in the quality of homebrew reflects what has happened to the Linux community as a whole lately. The quality has dropped like a rock. So much Linux software has gotten worse. GNOME 3 looks awful. Systemd and PulseAudio still have caused me nothing but trouble. Firefox gets worse with each release. Wayland is nowhere to be found.

    We need to restore the glory of homebrew projects. We need our homebrew projects to be better than the commercial off-the-shelf offerings. We need to not build something that's slightly better, but also far worse. We need to build something that's better in every way.

    We need to restore the glory of homebrew projects!

    • by PvtVoid ( 1252388 ) on Wednesday January 20, 2016 @08:48AM (#51335295)

      I think this decline in the quality of homebrew reflects what has happened to the Linux community as a whole lately. The quality has dropped like a rock. So much Linux software has gotten worse. GNOME 3 looks awful. Systemd and PulseAudio still have caused me nothing but trouble. Firefox gets worse with each release. Wayland is nowhere to be found.

      Yeah, Dude. I would never build a homebrew router because GNOME 3 / PulseAudio / Firefox. Those things make Linux routers totally worthless.

    • Home grown used to be a reference to some substandard pipe filler. How the times have changed.
    • by LordKronos ( 470910 ) on Wednesday January 20, 2016 @09:07AM (#51335367)

      Now he's got throughput he can't actually use, but is missing critical functionality like wireless support.

      I personally gave up on wireless support in my router. First problem I was always having was finding a router that had all the features I want. DDWRT is a priority for me, but finding a single device that
      1) supports DDWRT easily (ie: doesn't rely on me finding a specific outdated revision of the hardware)
      2) is cheap
      3) has gigabit ethernet
      4) good wireless
      5) has a good amount of memory

      Getting all of these in one device is difficult. The next problem is that I'd periodically end up with wifi issues. I had issues now and then with different device. Then I got my OnePlus One and the problems got worse. For some reason that device always has connection issues. It would continually get disconnected (so often that I couldn't even backup the videos from my phone via smb...it would always lose connection in the middle and I'd have to start over. It might take 10 tries before a video successfully copied over). I tried 4 different DDWRT routers I had access to (4 different device models from 3 different brands) and had the same issues

      The last issue is dealing with power outages. All of my networking equipment is in the basement on a battery backup. When power goes down, I'm able to maintain connectivity and continue working from a laptop without issue. However, locating everything in the basement means I have OK signal on the first floor, and terrible to no signal on the 2nd floor and front/back porch. To resolve this issue I put a 2nd DDWRT device (running as a wireless access point) on the first floor, but unfortunately it has no battery backup.

      About a year ago, I decided to change my strategy. I ditched the 2nd device, turned off wireless on the router itself, and bought myself a Ubiquiti wireless access point. This solves a lot of issues
      1) Wireless is now one less feature I need to concern myself with on a router
      2) It's reliability has been impeccable. In 1 year, it has been rock solid, not requiring a single reset, and it's worked flawlessly (and performed well) with every device I connected it to
      3) It's designed to use power over ethernet. It's power supply is plugged in to the UPS in the basement, then the ethernet is patched between the powersupply and my patch panel and through the regular house networking.
      4) It looks really nice, so I can actually put it in a very central place in the house without it looking ugly. And at this location, the one device provides exceptional coverage for my entire house and the front/back yard.

      • I have a small nettop with AMD E-350, and it works fine as:

        * ADSL/Wifi Router. Does IPv6 like a champ as well.

        * File server

        * Media box- it's connected to the TV & speakers.

        * Backup device

        * 2nd machine for some software experiments.

        * Whatever else I want it to be.

        I tried looking into getting some ARM SOC or off-the-shelf router, but decided it's not worth the hassle. The only thing I would gain is lower power usage, for much weaker CPU/GPU/memory/storage, and much more problems deali
    • I don't think the problem there is the free software community and homebrew, the problem is sucky PC wireless cards and poor Linux drivers. Fixing that isn't trivial.

      It would be interesting to try, though. In my area, Comcast's pricing for 150 Mbps down is only $14 per month more than 25 Mbps down. I upgraded my service, then realized my router only has a 100 Mbps port on the WAN side. That's not a huge problem, I lived with 25 Mbps down for ten years. But now I'm looking at upgrades, and I would p
    • The reason that homebrew projects were so awesome is that they were developed by talented people looking to build out their CV's and earn recognition. Those talented people have now been hired into soul-crushing monotony while their projects have been handed down to those of a more mediocre ability by comparison. Things will stagnate until the next generation of talent hits the labor market and then it will all start over again. Don't worry, your exploitation of those with drive and ambition can resume in a

      • The problem is that for the most part, there isn't going to be a "next generation". The next generation can't do anything like that stuff, and their tech talents involve writing crap like Gnome3.

    • Well, at least he has a reasonable expectation that it won't be completely full of security holes and that he can easily update it when a vulnerability does turn up.
    • How was this modded up? I actually thought it was a troll.
      A router != a wireless router or even a wireless access point and wireless support is not "critical functionality" for the device.

      Anyway, he mentions that he used the much hyped Ubiquiti WAPs to cover the wireless functionality that he lost from the Nighthawk.
      Assuming those live up to the hype then he gave himself a) better routing functionality than the previous solution b) better wireless functionality than the previous solution.
      I call that homebre

      • I love my Ubiquiti WAP, I set it up once and haven't done anything to it since. It sits on the ceiling pumping out the wifi for all the tablets/phones/laptops in my house without any issues.

      • And then you go into a rant about the quality drop of Linux on the desktop which is kind of bullshit to be honest. I don't know if you remember how bad things were 10-15 years ago but it was definitely much worse than it is now.

        In some ways, not in others.

        You're right, the infrastructure stuff Is mostly better. Installing Linux is much easier than it was 15 years ago for instance; most hardware is supported well and installers have gotten really good. Sound support seems to work well these days (except fo

    • by fnj ( 64210 )

      Now he's got throughput he can't actually use, but is missing critical functionality like wireless support.

      Don't be obtuse, anonymous idiot. Wireless has absolutely nothing to do with routing. Nada. Make each piece do one job well. Limit single points of failure to taking out one function only. The cable modem, router, and wireless access point should each be completely independent items.

    • no decline in the homebrew here *hips*
    • Integrating wireless isn't really ideal in many situations-- large house, apartments with high noise floor, etc. The access points can do much better in these situations.

      Personally, I switched to Ubiquity EdgeRouters; you can make it just a plain Linux router if you wish, managing packages individually as needed. If you are sufficiently paranoid, it makes a lot of sense, and there are options from $60-350 on the router side all with the same software, but giving you up to gigabit port speeds.

  • by mellon ( 7048 ) on Wednesday January 20, 2016 @08:32AM (#51335231) Homepage

    More memory doesn't necessarily make things faster if you have multiple streams and limited bandwidth. You can wind up with a situation where you have a lot of data queued in the buffer, and this botches TCP congestion control so that you wind up getting really poor throughput. Google "bufferbloat" for details. Using a crappy external wireless AP makes this worse. You really do want the wireless card to be treated as a first-class network interface on your router. Unfortunately, wireless drivers are usually closed-source, often have internal bufferbloat problems and other bugs, and can't be updated.

    The article's main point, that a faster CPU in the router is wicked awesome, is completely true, of course. You just want to make sure you're running a recent Linux kernel that does a good job of queuing in the presence of a congested link. :)

    • by gmack ( 197796 )

      It has been ages since the Linux kernel maintainers modified the kernel to avoid excessive buffering [kernelnewbies.org] so that's not really a problem anymore. With small amount of ram typical of most home routers, you end up with a NAT table overflow where the device can't keep track of all of the connection and either expires old connections early, refuses to allow new ones, or in Cisco's case hard crashes. It doesn't take much to run into the limits, I have seen bittorrent bring a home router to it's knees.

    • You really do want the wireless card to be treated as a first-class network interface on your router.

      I respectfully disagree. I think most people's PoP in their homes isn't necessarily ideal for their only AP (yes, I know some need multiple AP's). It's probably better to have the AP separate so it can be centrally located in the house for best coverage.

      My setup has the AP centrally located in the house in a closet with PoE, which is far away from where my service enters the house.

  • by UberLord ( 631313 ) on Wednesday January 20, 2016 @08:52AM (#51335309) Homepage

    Ubiqiti EdgeRouter is exactly this: dual core MIPS64 @ 1Ghz, 512Mb memory and a removable USB flash stick for storage.
    https://www.ubnt.com/edgemax/e... [ubnt.com]
    This is ample for my needs. I bought the 3 port version about a year ago for £80.

    https://blog.netbsd.org/tnf/en... [netbsd.org]

    As of today, NetBSD-current has an uptime of about 6 months - which is when I made the last kernel modifications to support the NPF firewall.
    This is more uptime than any other SOHO gear I have and the performance of the unit is exceptional.

    • Comment removed (Score:5, Interesting)

      by account_deleted ( 4530225 ) on Wednesday January 20, 2016 @09:09AM (#51335373)
      Comment removed based on user account deletion
    • by larkost ( 79011 )

      I recently bought their EdgeRouter X, which is a small 5-port router for about $50. I am very happy with it. There were a couple of bugs in the interface as I set it up, but they were easy to get around on the command line. Most important to me is that it is small enough that I could put it in my apartment's network box along with my cable modem. Two less pieces of hardware for my wife to have to see.

      https://www.ubnt.com/edgemax/edgerouter-x/

  • OpenWRT for $25 (Score:4, Informative)

    by GlobalEcho ( 26240 ) on Wednesday January 20, 2016 @08:55AM (#51335315)
    These guys [gl-inet.com] sell a tiny "travel router" (or just the board if you like) that goes for $25 on Amazon. Crucially it has 2 ethernet ports (albeit only 100Mbits), along with Wifi. It ships with their modified version of OpenWRT [openwrt.org] but takes only a couple minutes to flash to the latest fully open-source version. From there, going further into homebrew is trivially easy. I find it a better starting point than a raw Linux distro, and the low power consumption just cannot be beat. If you want to go Linux and don't have a fat pipe, I recommend it.
    • by karnal ( 22275 )

      Do you have the amazon link? I tried searching for a few different variations of gli and gl inet and domino... not finding this specific device.

    • by gmack ( 197796 )

      This is not as good as it appears. Their "Enterprise router" has 128 mb ram and there is no way that's going to hold up to a significant amount of simultaneous (connections let alone the 64 mb ram that most of the devices have,

      • This is not as good as it appears. Their "Enterprise router" has 128 mb ram and there is no way that's going to hold up to a significant amount of simultaneous (connections let alone the 64 mb ram that most of the devices have,

        Is that really an issue? According to this [informit.com], each NAT entry needs <200Bytes, in which case 2000 simultaneous connections (plenty for most any single dwelling) require less than 1MB RAM.

        It wasn't that long ago that even enterprise-class routers got by on 32MB or less of RAM.

        • by gmack ( 197796 )

          That's from 2002 and I wonder if that's even true of Cisco anymore. I have watched Cisco firewalls hard crash with too many connections on 256 mb ram.

          This site [khnet.info] seems to indicate 16 KB per connection, which doesn't leave much once you've subtracted the memory needed for OS/daemons etc..

  • Yes, that has higher power consumption than buying something brand spanking new. However, it was $50 with 4GB RAM and a 500GB disk. I have a separate AP, currently a WRT54g running OpenWRT. It was $10 or less, yard sale. I have a Phobos quad-intel card, I think I paid $5 for that. The savings cover the power budget delta for some time nicely, and eventually I'll get something else when it's cheap. The problem was, I couldn't find a cheap SFF with both dual ethernet and a PCI slot for my quad-ether card. The

    • I've never really understood why Firewalls with just one interface is an issue, been running that in different ways since 2000.

      • I've never really understood why Firewalls with just one interface is an issue, been running that in different ways since 2000.

        In theory, who cares, for a home network? In principle, do you trust your ISP? In practice, do you trust your CPE not to simply choke? I'd rather keep any traffic not destined for the internet away from mine, because my ISP is a semi-local WISP that is using absolute-cheapest hardware, and the CPE devices are garbage that has to be replaced every few years already.

  • by Lumpy ( 12016 ) on Wednesday January 20, 2016 @09:12AM (#51335387) Homepage

    Mini ITX motherboard, case and power supply. All done if you buy one with two ethernet ports, or just add a ethernet adapter for the second.
    I use a gigabyte H77N-WIFI it has dual ethernet and absolutely rocks with a small SSD and only 2 gig of ram. Blows out of the water absolutely every bit of "router" hardware with even a very low price processor.

    Run IP-COP, Momowall, pfsense or Smoothwall and you are done in less than a couple of hours with a device that makes Cisco enterprise stuff look like a toy.

  • www.clearfoundation.com It's a super nice piece of software.
  • Use case (Score:3, Interesting)

    by silas_moeckel ( 234313 ) <silas AT dsminc-corp DOT com> on Wednesday January 20, 2016 @09:30AM (#51335511) Homepage

    Ok so you're going to fiddle with making your own firewall.

    You use a dedicated bit of hardware, $240 for a useless fixed config box. I can get a more powerfull laptop that is also silent and can run multiple VM's for the same to less. It also has a built in UPS and wifi that may be able to used as an AP a usb3 to gigabit dongle takes care of the second port.

    You install ubuntu and throw a few iptable rules in, because obviously years of getting to a sane default with pfsence etc means nothing.

    You still need a wifi AP and generally the standalone AP's cost more than a router.

    If you're doing this would assume you allready have a VM hosts in the house that you could just run pfsence on. I did this for a decade. You can get 40+ mbs of vpn traffic out of a high end wifi router. Mind you routers used to come with bits like the BCM5365P that could do 75 mbs in hardware (and that is an ancient 2005 ish chip).

    • What's wrong with "fixed config" here? It's not like network technology is going to change significantly soon. If you've got two gigabit interfaces and enough horsepower to route between them at line speeds, you'll be set for a long time. Sure, if you start feature creeping it might become an issue, but I'd rather use the right tool for the job.
    • "a more powerfull laptop ... has a built in UPS"

      I once tried running an old netbook as server (dns and files, not routing) with UPS. When the power outage came, half a year later, it shut off immediately. Moreover, it didn't boot on its own when the power came back. With the lud closed, it was always kind of hot.

      Apparently, Li-ion batteries need to be discharged every now and then to keep their calibration. The charging hardware seemed to think that the battery was fully charged while it was really empty. I

  • by koan ( 80826 )

    Bought a dual NIC fanless MITXPC never looked back, I love the machine it's quiet reliable and small.
    You can get them with more than 2 NIC's as well (I suggest you do for versatility reasons) there are a few builds you can run on these things PFSense, Smoothwall, etc.
    http://www.mitxpc.com/ [mitxpc.com]
    http://www.smoothwall.org/ [smoothwall.org]
    https://www.pfsense.org/ [pfsense.org]
    http://suricata-ids.org/downlo... [suricata-ids.org]

  • by thegarbz ( 1787294 ) on Wednesday January 20, 2016 @01:25PM (#51337813)

    No really why?

    Performance? I have a 200/40 connection at home. The cheap nasty ISP provided piece of shit all in one modem, wifi router, gigabit switch in a sexy looking package has absolutely no issue with performance.

    I also have a nice server with multiple gigabit NICs in them. All unused. I wouldn't think of using it as a router. There is just really no point.

  • I already had a server, so when I got gigabit fiber Internet and my old router would only give me ~300 mbps with NAT, I fired up a VM, gave that a couple network ports, and installed the free-for-home-use Sophos UTM. I then repurposed my old router to be simply a wifi AP. The Sophos is giving me high 800s, low 900s throughput just doing NAT and firewall, and dips down to 300 mbps or so if I enable IPS (Intrusion Prevention System.) The interface and documentation aren't the best, but work well enough I s
  • by foxalopex ( 522681 ) on Wednesday January 20, 2016 @02:35PM (#51338385)

    My home router is a NetGear R7000 NightHawk Router with TomatoUSB firmware by Shibby. Tomato firmware is notoriously stable on most of the platforms it supports and it's feature loaded with VPN and a huge number of other features. It also features an extremely nice front end GUI interface and is more than powerful enough for fast Internet applications. I originally ran my Router as a piece of software on my VM Server but eventually found it much nicer to have a dedicated piece of hardware handling it. Besides, if you're not a fan of Tomato then there's also OpenWRT and DD-WRT. Thou I've found DD-WRT to be unstable on some hardware. Regardless, this is probably the cheaper and simpler way of doing it.

  • I was reading the article earlier, and I used to do this with a mandrake distribution on an old PC via iptables. I'd do it again, but I don't see any of these mini PC's that have 3 or more gigabit LAN ports so that I can preserve the load balancing setup I have with the cisco RV320 i'm currently have.

    Anyone seen any of the low cost boxes with 3 or 4 gigabit ports? I realize that potentially a USB ethernet dongle might be possible, but I doubt any USB-based solution would be robust enough.

In the long run, every program becomes rococco, and then rubble. -- Alan Perlis

Working...