Making Your Own Router

[NathanTheGr8]

So I would like to make my own router. I have found some info about this on the web but most is over 2 years old so I figured it would be a good idea to start a new thread.

old links

https://teksyndicate.com/videos/inboxexe-0035-build-your-own-damn-router-nas

https://www.youtube.com/watch?v=uKnJdB2t1Uc

I have some old hardware that could run a router or I am open to the idea of making a new system or buying an already made board like logan mentioned.

http://www.ebay.com/sch/m.html?_sacat=&_mPrRngCbx=1&_udlo=&_udhi=&_sop=12&_nkw=alix&_ssn=varia-store&LH_PrefLoc=2&_arm=1&_armm=63&_ruu=http%3A%2F%2Fwww.ebay.com%2Fsch%2Fm.html%3F_sacat%3D%26_mPrRngCbx%3D1%26_udlo%3D%26_udhi%3D%26_sop%3D12%26_nkw%3Dalix%26_ssn%3Dvaria-store%26_arr%3D1

Here is the softare I hear people talking about

https://www.pfsense.org/

http://www.smoothwall.org/download/

maybe dd-wrt?http://www.dd-wrt.com/site/index (not sure if that can run on normal hardware)

So yeah any guidance from networking gurus would be appreciated. I am pretty familiar with linux and not afraid to make some scripts for config files. Thanks

[TheRoss0411]

Cool

[DarrenP]

 

So I would like to make my own router. I have found some info about this on the web but most is over 2 years old so I figured it would be a good idea to start a new thread.

old links

https://teksyndicate.com/videos/inboxexe-0035-build-your-own-damn-router-nas

https://www.youtube.com/watch?v=uKnJdB2t1Uc

I have some old hardware that could run a router or I am open to the idea of making a new system or buying an already made board like logan mentioned.

http://www.ebay.com/sch/m.html?_sacat=&_mPrRngCbx=1&_udlo=&_udhi=&_sop=12&_nkw=alix&_ssn=varia-store&LH_PrefLoc=2&_arm=1&_armm=63&_ruu=http%3A%2F%2Fwww.ebay.com%2Fsch%2Fm.html%3F_sacat%3D%26_mPrRngCbx%3D1%26_udlo%3D%26_udhi%3D%26_sop%3D12%26_nkw%3Dalix%26_ssn%3Dvaria-store%26_arr%3D1

Here is the softare I hear people talking about

https://www.pfsense.org/

http://www.smoothwall.org/download/

maybe dd-wrt?http://www.dd-wrt.com/site/index (not sure if that can run on normal hardware)

So yeah any guidance from networking gurus would be appreciated. I am pretty familiar with linux and not afraid to make some scripts for config files. Thanks

 

DD-WRT only runs on actual routers, I'm pretty sure at least. I would run PF Sense and grab a couple extra NIC's. I don't suggest grabbing one of those things off eBay. A machine with 256MB of RAM can run PFsense. I'd suggest maybe 1GB for high traffic users. But i wouldn't buy one of those. 

[NathanTheGr8]

DD-WRT only runs on actual routers, I'm pretty sure at least. I would run PF Sense and grab a couple extra NIC's. I don't suggest grabbing one of those things off eBay. A machine with 256MB of RAM can run PFsense. I'd suggest maybe 1GB for high traffic users. But i wouldn't buy one of those. 

I was hoping to go with my old hardware for the cost saving because space and power consumption are not an issues. But still I have never really looked into this and I had never heard of PFsense or smoothwall. Just by the website PFsense seems the more modern option. Its feature set look pretty nice too. Have you personally ever done this or set up a PFsense system?

[KTFO|SGTmoody]

I use my old PC and run pfsense on that. It works fairly well. I have 3 add in Nic's so i have 4 ports on the back.  Its quite easy to setup for a basic router or it allows you to do some realy cool stuff with addon packages.

I also run PFsense in a VM on a server.  They work quite well like that two

 

I wouldent recomend the hardware you posted though.

[DarrenP]

I was hoping to go with my old hardware for the cost saving because space and power consumption are not an issues. But still I have never really looked into this and I had never heard of PFsense or smoothwall. Just by the website PFsense seems the more modern option. Its feature set look pretty nice too. Have you personally ever done this or set up a PFsense system?

I've done one PFSense setup before. I did it at work. It was a pain in the ass. 

[KTFO|SGTmoody]

I've done one PFSense setup before. I did it at work. It was a pain in the ass.

All mine have gone ok.  it can by funny with settings some times and just requires a reboot but for the most part its easy to setup.   Was you running it on dedicated hardware?

[DarrenP]

All mine have gone ok.  it can by funny with settings some times and just requires a reboot but for the most part its easy to setup.   Was you running it on dedicated hardware?

I was running it on a dedicated server. It was complete overkill. 

[Raid]

How experienced are you with networking?

How experienced are you with Linux? *BSD?

What features do you require from your router? WiFi? Firewall? Sixteen separately configured ethernet ports? A fancy web interface?

What old hardware do you have laying around?

Do you want something that just works or something you can tinker with?

[NathanTheGr8]

I use my old PC and run pfsense on that. It works fairly well. I have 3 add in Nic's so i have 4 ports on the back.  Its quite easy to setup for a basic router or it allows you to do some realy cool stuff with addon packages.

I also run PFsense in a VM on a server.  They work quite well like that two

 

I wouldent recomend the hardware you posted though.

I don't think I mentioned the hardware I would set it up on. The old rig I would use has like an AMD Athlon something and like 4GB of DDR2. It just has one nic so I would need another card. Running it in a VM interests me. Because I have a debian server running Proxmox, https://www.proxmox.com/, which is a type2  hypervisor. If I could make a VM and install PF sense on that as my firewall it would be great. The server running the vm has 4 nics and really good hardware (a 6 core xeon and 32 GB of ECC ram). My only question about the VM is would it be able to go directly go to the VM or would it get stuck in the hypervisor?

[KTFO|SGTmoody]

I don't think I mentioned the hardware I would set it up on. The old rig I would use has like an AMD Athlon something and like 4GB of DDR2. It just has one nic so I would need another card. Running it in a VM interests me. Because I have a debian server running Proxmox, https://www.proxmox.com/, which is a type2  hypervisor. If I could make a VM and install PF sense on that as my firewall it would be great. The server running the vm has 4 nics and really good hardware (a 6 core xeon and 32 GB of ECC ram). My only question about the VM is would it be able to go directly go to the VM or would it get stuck in the hypervisor?

Sorry not tooo sure what you asked there. Im going going to go with what I think you mean.

 

I have my pfsense in a VM with one port facing a bridged port and the others facing virtual ports to give internet access to those VM's  So if you have setup your virtual networking correctly you can do what ever you like.

I would check that PFsense works in proxmox first though. Im sure it does as its just another linux dist  but I fore sure know its a pain in the rear on Hyper-V

 

Are you able to expand on your question a bit more?

[NathanTheGr8]

How experienced are you with networking?

How experienced are you with Linux? *BSD?

What features do you require from your router? WiFi? Firewall? Sixteen separately configured ethernet ports? A fancy web interface?

What old hardware do you have laying around?

Do you want something that just works or something you can tinker with?

networking I am kind of bad, but I am comfortably setting up routers, and thing like DDNS and OpenVPN servers.

I pretty good with linux. Not a master but I can do about anything as long as I have a lot of time and google. I managed a debian server running a samaba share, vpn server, plex media center, and a bunch of other stuff for my fraternity house. 

I don't want Wifi, I want a great firewall with lots of features and a fancy web interface (I am comfortable with the terminal interfaces but I find a GUI easier for somethings) I would just need a to nic set up with one hooked up to the modem and the other hooked up to a 48 port switch.

I have an old system with some kind of AMD athon CPU and 4GB of DDR2. I also would be open to making a VM to run the firewall if that is possible.

I would prefer something that could do both, however I am comfortable with tinkering with a system. 

Thanks for your help

[NathanTheGr8]

Sorry not tooo sure what you asked there. Im going going to go with what I think you mean.

 

I have my pfsense in a VM with one port facing a bridged port and the others facing virtual ports to give internet access to those VM's  So if you have setup your virtual networking correctly you can do what ever you like.

I would check that PFsense works in proxmox first though. Im sure it does as its just another linux dist  but I fore sure know its a pain in the rear on Hyper-V

 

Are you able to expand on your question a bit more?

yeah sorry I really sucked at phrasing that question. What I meant was how should the PFsense VM be configured so that it can be a firewall and the hypervisor is not between the firewall and modem without protection. I think you answered it unfortunately I am kind of bad at networking. I would assume you would have the VM in bridged mode so it gets it sown ip. I didn't know I could assign it its own nic. I would have to look into that, if so that would solve the concern I had. This kind of sounding more of a pain than I would like to deal with though, so I will probably just set up PFsense in a separate machine for simplicity.

[KTFO|SGTmoody]

yeah sorry I really sucked at phrasing that question. What I meant was how should the PFsense VM be configured so that it can be a firewall and the hypervisor is not between the firewall and modem without protection. I think you answered it unfortunately I am kind of bad at networking. I would assume you would have the VM in bridged mode so it gets it sown ip. I didn't know I could assign it its own nic. I would have to look into that, if so that would solve the concern I had. This kind of sounding more of a pain than I would like to deal with though, so I will probably just set up PFsense in a separate machine for simplicity.

ok.  Yeh I havent used proxmox that much so i couldnt say what buttons you exactly have to press to have your virtual network setup correctly.  But all you do is have one port on your VM facing a wan port on your server and ther other virtual port on the VM acting as a "switch" or facing another phisical port on your server.

You then just assign the ports when setting up pfsense and pfsense should automaticly pull an IP address for wan and give out a connection on your LAN.  and then latter on you can just add more virtual ports to the VM if you want to.  You could have 3 or 4 lan ports all of different subnets for different VM's on that server. so its quite versitile in that sense as you dont actualy need a phisical NIC for the lan stuff as long as its not leaving the server.

 

It just depends on how  you need this firewall/router setup.  Its easy enough to work out eventuly just by trial and error.

 

You can allways just install pfsense on the old machine and just fiddle with it.  Some of the firewall stuff on there can be quite cpu intensive so this isnt going to be a "press a few buttons and hey presto"  but its going to be a-lot better than your avarege router that you buy off the shelf.

[Raid]

networking I am kind of bad, but I am comfortably setting up routers, and thing like DDNS and OpenVPN servers.

I pretty good with linux. Not a master but I can do about anything as long as I have a lot of time and google. I managed a debian server running a samaba share, vpn server, plex media center, and a bunch of other stuff for my fraternity house. 

I don't want Wifi, I want a great firewall with lots of features and a fancy web interface (I an comfortable with the terminal interfaces but I find a GUI easier for somethings) I would just need a to nic set up with one hooked up to the modem and the other hooked up to a 48 port switch.

I have an old system with some kind of AMD athon CPU and 4GB of DDR2. I also would be open to making a VM to run the firewall if that is possible.

I would prefer something that could do both, however I am comfortable with tinkering with a system. 

Thanks for your help

Well then, I suggest you start with either pfSense or IPCop. This is mainly due to both of them being fairly noob friendly and relatively lightweight. There's a few important differences between the two however.

1. BSD or Linux

pfSense is based on FreeBSD. IPCop is based on Linux. Whilst you're not likely to notice this in normal operation this can cause issues when troubleshooting. *BSD also has worse hardware support in some cases.

2. Expandable vs. Lightweight

pfSense has a ton of add-on packages which do all sorts of wonderful things such as transparent proxy and intrusion prevention. A lot of these packages are also insanely resource hungry. IPCop has a traffic scanner/proxy add-on and that's pretty much it. Less packages used = less bloat.

pfSense can be fairly lightweight too if you don't install too many packages but the bloat in general has been creeping on it as time has gone by. IPCop (seeing as how it uses netfilter) can be expanded a lot too but that requires manual fucking around as opposed to just clicking a button.

 

IPCop can run on pretty much any hardware in its basic configuration (traffic scanning can be fairly resource intensive though). If your VM software supports Linux, there's a good chance it'll support IPCop. It'd also run just fine on your Athlon.

pfSense, as mentioned, is a bit more picky when it comes to hardware. A quick googling tells me that it ought to run in your VM software but whether or not your Athlon would run it depends highly on the packages added.