Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Phaytuh

OPNsense vs OpenWRT on x86

Recommended Posts

Posted · Original PosterOP

I have a Dell Optiplex 3020 that I was previously running pfsense on but ran into some configuration and update issues so I took it offline. Instead of re-installing pfsense would like to try something different and a little more user friendly. My primary focuses are the following:

        -Security. The firewall settings on my ISP's provided modem/router are a joke. I don't need anything extreme just something that actually works

        -Stability. Current ISP router flakes out occasionally and it's rather inconvenient

        -Bufferbloat. Currently if i run a speedtest using http://www.dslreports.com/speedtest I get a F in bufferbloat with the ping being as high a 2 seconds while testing.

        -UI / ease of use. Getting my hands dirty with pfsense was fun at first but it is way more complex than I need and required a lot of google and youtube to figure out.

        -Monitoring. I would like to be able to monitor total data usage (my family actually passed Comcast's 1TB cap this past month). Being able to see which devices are currently using the network would be nice too.

There are 8 people in my household with roughly 24 devices connected to the internet. Internet speed is roughly 70Mb/s down 5Mb/s up. Main traffic is video streaming, video conferencing, general web browsing, our voip landline, and occasional gaming/live streaming by me. Specific PC specs are i5-4590, 8GB ram, 64GB SSD, 4 port Intel NIC.

So my question is would OPNsense or OpenWRT be a better fit for my use case?

 

Here's a diagram of my home network.

Spoiler

Diagram.thumb.PNG.eda582e8c6ff51923332b2346076c790.PNG

 

Link to post
Share on other sites
12 hours ago, dtaht said:

openwrt with cake sqm would be ideal.

Have they made OpenWRT x86 easier to update yet?

 

I ditched it and moved to pfSense primarily because there wasn't an official 64bit version at the time and the person doing the custom build I was using had moved to pfSense due to the hassle of keeping it up to date.

Problem was OpenWRT is designed for actual consumer routers where you have a read-only NAND copy of the OS than runs entirely from RAM with a small allocation for read/write data.  This wasn't replicated in the x86 builds so an update required a completely fresh install every time.


Router: i5-7200U appliance running pfSense.
ISP: Zen Unlimited Fibre 2 (66Mbit) + Plusnet Unlimited Fibre Extra. (56Mbit)

Link to post
Share on other sites

I use openwrt primarily with the pcengines apu2. Where it's straightforward to update (x86_64 version) the flash card. I have also used a few SSDs with it.

 

In terms of "updates", well, if you do a major update, you still have to reinstall all your extra packages from scratch, but the config survives.

Link to post
Share on other sites
Posted · Original PosterOP
22 hours ago, dtaht said:

openwrt with cake sqm would be ideal.

Thanks. This is what I ended up going with.

9 hours ago, Alex Atkin UK said:

Have they made OpenWRT x86 easier to update yet?

 

I ditched it and moved to pfSense primarily because there wasn't an official 64bit version at the time and the person doing the custom build I was using had moved to pfSense due to the hassle of keeping it up to date.

Problem was OpenWRT is designed for actual consumer routers where you have a read-only NAND copy of the OS than runs entirely from RAM with a small allocation for read/write data.  This wasn't replicated in the x86 builds so an update required a completely fresh install every time.

In terms up updates I don't know yet. They do have a 64 bit version now which I used. Also, I installed it using my live ubuntu USB and was able to resize the read/write partition to take up the entirety of my 64GB SSD. I followed this official installation guide.

Link to post
Share on other sites

I put out a PSA over here with some more advanced tuning options. If cake works for you, tell yer IT department, or help a neighbor get it up and running.

 with

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×