Some insight on networking

[Kaidatsu]

So, pretty sure my router is ded. I can get connection threw modem and PC. The one I got was supposedly last awhile but died after two years. I don't want to go back to stock router, so looking for suggestions. Family of 5. Two of 'em are gamers, and one is a streamer as well. Rest just really use it for normal stuff. We have gig service, so it has to support gig connection. Perf Wi-Fi 6 too.

[tarfeef101]

There's gonna be opinions all over this, so forgive my brevity, but I really dislike getting into posts that turn into opinion/fanboy wars. 

I find that for a tech-savvy person, the best solution is a cheap, old PC running PFSense (sounds daunting but really is not any harder than off-the-shelf routers to configure), and a decent access point/points, and unmanaged switches if needed. 

 

It's simple, effective, and reliable (with the APs being your likeliest point of failure). When you set something like that up properly, the idea of "oh the network is acting up, restart the router" simply doesn't exist, and that's the best feeling ever. 

 

For that PC, I'd recommend:
- at least 2 ethernet ports, 1Gb or higher (one for WAN, at least one for LAN)

- 2GB of RAM

- 2 cores from 2012 or later? 

- really doesn't need much power, tbh. 

 

For the switch, just as many ports as you need for ethernet devices. ones like what I have which have 10Gb backhaul but many 1Gb ports for downlink are great because you can have many people saturate 1Gb at the same time. But probably not needed in most homes

 

For the APs, this is the big "opinion" section. Lots of fanboys of every company. I personally like TP-Link's Omada series of Access Points, they're cheap, not hard to configure, support all the fancy features I'd want like seamless handoff, and have been reliable for me. I'm sure you'll get Ubiquiti ppl in here soon, and probably a couple others. Do your googling, pick what you think works best for you. I'd just say "avoid mesh networks, and avoid consumer-grade all-in-one devices". The former are inherently less good than multiple APs which are managed by a controller and have their own ethernet connections, and the latter just die and/or aren't reliable, most of the time. 

[Kaidatsu]

31 minutes ago, tarfeef101 said:

There's gonna be opinions all over this, so forgive my brevity, but I really dislike getting into posts that turn into opinion/fanboy wars. 

I find that for a tech-savvy person, the best solution is a cheap, old PC running PFSense (sounds daunting but really is not any harder than off-the-shelf routers to configure), and a decent access point/points, and unmanaged switches if needed. 

 

It's simple, effective, and reliable (with the APs being your likeliest point of failure). When you set something like that up properly, the idea of "oh the network is acting up, restart the router" simply doesn't exist, and that's the best feeling ever. 

 

For that PC, I'd recommend:
- at least 2 ethernet ports, 1Gb or higher (one for WAN, at least one for LAN)

- 2GB of RAM

- 2 cores from 2012 or later? 

- really doesn't need much power, tbh. 

 

For the switch, just as many ports as you need for ethernet devices. ones like what I have which have 10Gb backhaul but many 1Gb ports for downlink are great because you can have many people saturate 1Gb at the same time. But probably not needed in most homes

 

For the APs, this is the big "opinion" section. Lots of fanboys of every company. I personally like TP-Link's Omada series of Access Points, they're cheap, not hard to configure, support all the fancy features I'd want like seamless handoff, and have been reliable for me. I'm sure you'll get Ubiquiti ppl in here soon, and probably a couple others. Do your googling, pick what you think works best for you. I'd just say "avoid mesh networks, and avoid consumer-grade all-in-one devices". The former are inherently less good than multiple APs which are managed by a controller and have their own ethernet connections, and the latter just die and/or aren't reliable, most of the time. 

PFSense? Is that an OS that I'm not aware of? I know routers run a custom OS, but not 100% sure how that works. Thought unless it's a small compact device, it wouldn't do me justice because I live in a small apartment complex.

[Eigenvektor]

23 minutes ago, Kaidatsu said:

PFSense? Is that an OS that I'm not aware of? I know routers run a custom OS, but not 100% sure how that works. Thought unless it's a small compact device, it wouldn't do me justice because I live in a small apartment complex.

Yes, https://www.pfsense.org/ is essentially an OS/firewall for routers. You can install that on basically any PC you want, so a small device with multiple network ports would certainly be doable. But its more work to set up and probably not going to be as cheap as a dedicated device.

[Akolyte]

5 hours ago, Kaidatsu said:

PFSense? Is that an OS that I'm not aware of? I know routers run a custom OS, but not 100% sure how that works. Thought unless it's a small compact device, it wouldn't do me justice because I live in a small apartment complex.

I like PFSense, but I will give you a warning:  Be careful of building your own router/firewall unless you know what you're doing.  It can be fun though, so I'd definitely suggest doing it, but not if you're building it to get internet - which is pretty crucial to your household.

 

I would get an Asus Router like an AC-58U, Asus updates their firmware often, they work pretty well and have Trend Micro protection built in - which gives you that extra layer of protection at no noticeable performance cost. For free.

 

If you want to build a router - I'll list some of my advice below (keep in mind my advice does not mean it's the best option)

 

I'll some ideas for custom router/firewall options below and you can choose what you want:

• PFSense - This is a reliable, tested, Firewall distribution.  I recommend it if you've got some networking experience already, and have a little Linux/Unix knowledge so you can navigate the documentation and troubleshoot issues if you need to.
• OPNSense - I prefer this to PFSense, but it's all personal preference.  It's more free easier to navigate (in my opinion), it has an IPS built-in - which is useful for extra network protection for your household.
• Sophos XG Firewall Home - If you aren't using this for commercial use, and don't mind using proprietary software, this is a great option.  It's got great AV, mail filtering, very easy to use, and great protection all around.  It's got some good enterprise features.
• Untangle - This is really easy to use if you want an easy firewall solution.  It's got some restrictions in it definitely, but as a home user you shouldn't run into any issues.   You can't run it in high-availability, and you can't use LDAP authentication on it as an example.
• IPFire - This is really easy to install, but be warned... it's an advanced firewall and you should be prepared to go through some extra configuration to make sure the firewall is configured properly.  This is the most secure and lightest option in my opinion.

If you want to build a custom router to just be an internet gateway (no IPS, Antivirus, Web-Filtering, etc), then you should be fine with 1-2GB of RAM and a single core even.

 

If you want to have more fun and build a firewall you can use as an internet gateway and have an IPS, Antivirus, etc.  You should have around 4-6GB of RAM and a Dual core.

 

You can also install any of these in a Virtual Machine as a test if you'd like to experiment with them before you commit.

 

[Kaidatsu]

11 hours ago, Akolyte said:

I like PFSense, but I will give you a warning:  Be careful of building your own router/firewall unless you know what you're doing.  It can be fun though, so I'd definitely suggest doing it, but not if you're building it to get internet - which is pretty crucial to your household.

 

I would get an Asus Router like an AC-58U, Asus updates their firmware often, they work pretty well and have Trend Micro protection built in - which gives you that extra layer of protection at no noticeable performance cost. For free.

 

If you want to build a router - I'll list some of my advice below (keep in mind my advice does not mean it's the best option)

 

I'll some ideas for custom router/firewall options below and you can choose what you want:

• PFSense - This is a reliable, tested, Firewall distribution.  I recommend it if you've got some networking experience already, and have a little Linux/Unix knowledge so you can navigate the documentation and troubleshoot issues if you need to.
• OPNSense - I prefer this to PFSense, but it's all personal preference.  It's more free easier to navigate (in my opinion), it has an IPS built-in - which is useful for extra network protection for your household.
• Sophos XG Firewall Home - If you aren't using this for commercial use, and don't mind using proprietary software, this is a great option.  It's got great AV, mail filtering, very easy to use, and great protection all around.  It's got some good enterprise features.
• Untangle - This is really easy to use if you want an easy firewall solution.  It's got some restrictions in it definitely, but as a home user you shouldn't run into any issues.   You can't run it in high-availability, and you can't use LDAP authentication on it as an example.
• IPFire - This is really easy to install, but be warned... it's an advanced firewall and you should be prepared to go through some extra configuration to make sure the firewall is configured properly.  This is the most secure and lightest option in my opinion.

If you want to build a custom router to just be an internet gateway (no IPS, Antivirus, Web-Filtering, etc), then you should be fine with 1-2GB of RAM and a single core even.

 

If you want to have more fun and build a firewall you can use as an internet gateway and have an IPS, Antivirus, etc.  You should have around 4-6GB of RAM and a Dual core.

 

You can also install any of these in a Virtual Machine as a test if you'd like to experiment with them before you commit.

 

Building my sounds like a lot of fun, but the bottom line is. Will I get the same or better performance if I I just do my own? I know the cons are I have to handle everything myself and there's no warranty on it and stuff. 

[Alex Atkin UK]

10 hours ago, Kaidatsu said:

Building my sounds like a lot of fun, but the bottom line is. Will I get the same or better performance if I I just do my own? I know the cons are I have to handle everything myself and there's no warranty on it and stuff. 

Consumer routers are generally underpowered, they put in the slowest CPU they can get away with and have to use tricks to get that performance up to handle Gigabit, which often disables useful functionality.

 

If you pick the right hardware a PC will wipe the floor with a consumer router in performance without losing that advanced functionality.  You don't necessarily have to build one, there are a few vendors making low-power PCs specifically for running pfSense or other router OS.

For example I picked up one of these recently off Amazon, though I'm currently still using this one.