[lug] Building Linux Routers versus Existing Routers
stimits at comcast.net
stimits at comcast.net
Sun Nov 22 18:42:36 MST 2015
So far as hardware goes and power consumption, I'd probably be basing the router on the nVidia Jetson TK1:
I already have a couple of these along with mini-PCIe gigabit NIC. This NIC plus the integrated gigabit could probably do the job. I would rely on the ability for it to dish out DHCP through a gigabit switch on a single NIC while forwarding through the other NIC. Size is 5"x5", power normally uses about 5W under normal operation, 10W during average loads, and about 15W at peak. It does have a tiny fan, but this is rather quiet. I could actually get rid of the fan and add more passive heat sink for complete silence. It runs a full Ubuntu distribution, but if there is an ARMv7 port of pfSense, I could probably use that (or try to port just for the education).
Or...I have an old (generation 1) pentium that still works...I used to use that for a bridge with firewall and snort.
I'll take a close look at pfSense and see what I have that will work with it. I guess the big question is if you needed more than 2 NICs for anything other than data throughput and efficiency? Would you be able to do the same thing you do now with only 2 NICs if performance were not an issue?
----- Original Message -----From: Maxwell Spangler <maxlists at maxwellspangler.com>To: Boulder (Colorado) Linux Users Group -- General Mailing List <lug at lug.boulder.co.us>Sent: Sun, 22 Nov 2015 23:46:30 -0000 (UTC)Subject: Re: [lug] Building Linux Routers versus Existing Routers
On Sun, 2015-11-22 at 22:54 +0000, stimits at comcast.net wrote:
The situation is that I'm thinking about a router for a wired network where I want to assign addresses on an otherwise private gigabit network, and have the router make the outside world available by another gigabit network which runs on a cable modem in bridging mode.
What else would I need to know about to choose between a home-brew linux router and a commercial router?
Power consumption, Noise, and physical space are three factors you didn't mention.
Using commodity parts, especially if they are donated, is the cheapest way to go and gives you the most control over your solution. Using an opensource firewall like pfSense gives you a nice GUI on top so you don't have to do all the management and monitoring via command line.
I have a site where we operate two firewalls running pfSense with one onboard NIC and two inexpensive PCIe NICs. It's very reliable, satisfying and meets our needs.
But they take up the size of 2x small-form-factor PCs, use a reasonable amount of power (50-100W) and produce a certain amount of noise.
We'd prefer an embedded appliance using a low power ARM chip and 2-3 gigabit NICs, but those appear to cost between $200-300+. So for us, like you, spare parts have worked out nicely.
FWIW, It's amazing how much data old CPUs can push. When you operate old PCs interactively they never seem fast. Partly due to large apps and partly due to old video cards. But when you only have them push bits on a wire, they can be very satisfying. My x86 based Linux NAS pushes large files to me at gigabit speed using an Intel Core2 Duo E7300 chip from 2008 and it's got plenty of CPU to spare.
Boulder, Colorado, USAhttp://www.maxwellspangler.com/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the LUG