<font size="2"><font face="verdana,sans-serif">Another cool thing to note is that some of the higher-end hardware (not necessarily expense-wise) has more resources available (more than 400mhz for a processor and a more useful ram size. Whether it's an atom, dual atom, celeron, athlon or whatever processor machine or other hardware. This is not only good for running specific security and filtering software but if you want to run a VPN to encrypt / route all traffic through private servers or route all traffic to a remote machine / network it's a must. I use this kind of setup for a couple of my machines and though it can be deployed behind a switch, it can be a pain. I've also read about routing solutions done inside a VM and if you're doing that on a fast computer with a wireless connection for your Internet/network access on it and two gigabit lan interfaces (Cards or whatever) to handle the routing traffic it's possible, reliable and fast compared to some other hardware solutions.</font></font><div>
<font class="Apple-style-span" face="verdana, sans-serif"><br></font></div><div><font size="2"></font><font class="Apple-style-span" face="verdana, sans-serif"><br></font><div><font size="2"><font face="verdana,sans-serif"><br clear="all">
</font></font>The information transmitted in this communication is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged information. Any review, retransmission, dissemination, copying or other use of, or taking of any action in reliance upon, this information, or any part thereof, by persons or entities other than the intended recipient, is strictly prohibited and may be unlawful. If you received this in error, please contact the sender immediately and delete and destroy this communication and all copies thereof, including all attachments.<br>
<br><br><div class="gmail_quote">On Sun, Sep 19, 2010 at 2:37 PM, Casey Callendrello <span dir="ltr"><<a href="mailto:c1@caseyc.net">c1@caseyc.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Openwrt is decent, but as a long-time user it's been leaving wanting<br>
more. On the WRT54G, at least, the lack of ram and persistent storage is<br>
too limiting. The funky package management system is clever, but very<br>
limited.<br>
<br>
My next router will almost certainly be a bookshelf-style Intel ATOM<br>
mini-pc. They are are fast, cheap, efficient, and supremely<br>
customizable. It's hard to justify spending $$$$$ on embedded-style<br>
hardware anymore. Almost all of the miniboxen I've seen have either two<br>
gigabit wired interfaces, or one gigabit and one 802.11b/g/n card. I<br>
plan to just use a USB Ethernet adapter to connect to the cable modem<br>
(which won't be pushing enough traffic to cause a bottleneck anyways.<br>
<br>
All kinds of exciting things open up when your router has a real OS and<br>
hardware. For example, I really want to run my own DNSSEC-aware<br>
recursive resolver (begone, Comcast!), and that currently isn't really<br>
easy / possible in openWRT land. I would suggest sticking with pfsense,<br>
but moving to commodity hardware.<br>
<br>
Oh, yeah, ipv6 on openwrt is completely unsupported. It works fine, but<br>
don't expect any sort of configuration interface.<br>
<font color="#888888"><br>
--Casey<br>
</font><div><div></div><div class="h5"><br>
<br>
On 9/19/10 11:39 AM, Joel Jaeggli wrote:<br>
> On 9/19/10 10:57 AM, David Stein wrote:<br>
>> For years, I've been using pfsense on a PC Engines WRAP system as a<br>
>> home firewall. Now that pfsense is based on nanobsd, the WRAP board<br>
>> becomes a little cumbersome. It's time to move on. Any<br>
>> recommendations?<br>
>><br>
>> DD-WRT seems really popular. Perhaps on something from Netgear? A<br>
>> combination firewall + 4 port switch + wireless access point + cable<br>
>> modem would be great. Never seen one though.<br>
> cable modems are basically ethernet/docsis termination devices... your<br>
> overall sanity will greatly inrease if you keep the functionality<br>
> seperate as the modem is meant to be configured from the cable side.<br>
> while you're at it you can get a docsis 3.0 modem and be prepared for<br>
> both higher speeds and ipv6<br>
><br>
>> I definitely want something that I can upgrade without taking the CF<br>
>> card out and reflashing it. Right now I need a screwdriver to take<br>
>> apart my little WRAP system each time an upgrade comes out so I can<br>
>> get at the flash card.<br>
> if you want to fiddle with openwrt,<br>
><br>
> <a href="http://ubnt.com/rspro" target="_blank">http://ubnt.com/rspro</a><br>
><br>
> is a very cool board<br>
><br>
> by the time you add radios an enclosure and poe injector, it's a bit<br>
> spendier than they describe but it's a cool piece of hardware.<br>
><br>
>> Budget< $300.<br>
>> _______________________________________________<br>
>> Noisebridge-discuss mailing list<br>
>> <a href="mailto:Noisebridge-discuss@lists.noisebridge.net">Noisebridge-discuss@lists.noisebridge.net</a><br>
>> <a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss" target="_blank">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>
>><br>
> _______________________________________________<br>
> Noisebridge-discuss mailing list<br>
> <a href="mailto:Noisebridge-discuss@lists.noisebridge.net">Noisebridge-discuss@lists.noisebridge.net</a><br>
> <a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss" target="_blank">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>
<br>
_______________________________________________<br>
Noisebridge-discuss mailing list<br>
<a href="mailto:Noisebridge-discuss@lists.noisebridge.net">Noisebridge-discuss@lists.noisebridge.net</a><br>
<a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss" target="_blank">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>
</div></div></blockquote></div><br></div></div>