Router Build

[timwhit]

Some background: I bought a Linksys WRT150N a couple years ago. It worked alright until a couple weeks ago when it started locking up daily and driving me crazy. I reset it to factory, but the problems persisted. I replaced it with a Linksys BEFSX41 (v. 1) that is 7 years old. It doesn't lock up, but it's WAN port appears to be limited to 10Mbps. I flashed it with the latest firmware, but the WAN port was not affected. This is unacceptable to me as my connection is good for 20Mbps burst and 15Mbps sustained.

The way I see it, I have three options.
1. Buy another consumer grade router, which will probably have more problems. Let me know if I'm wrong here.

2. Buy a WRT54G and put DD-WRT or another third part firmware on it. I don't know if this will fix shitty hardware.

3. Build my own.

I want to look at building my own, but it doesn't seem to be very cost competitive with the other options. A couple questions:

1. I was thinking about this barebones system to start with. Does anyone have experience with it or a similar barebones system? It has dual NICs onboard (Realtek, ugh). It will need RAM and some kind of disk. What else will I need to complete the build?

2. What software do you recommend? I've heard of Untangle and Smoothwall? I'm sure there are others, but was looking for recommendations.

 

[ddrueding]

I've used Smoothwall in the past with great success. I'm actually considering running a smoothwall in a VM on another machine, with a pair of NICs dedicated to the VM. Not sure how well that would work, but it would eliminate the hardware complexities/expense.

 

[timwhit]

I've used Smoothwall in the past with great success.

Thanks for the vote of confidence, I'll try Smoothwall if I go down the build my own route.

I'm actually considering running a smoothwall in a VM on another machine, with a pair of NICs dedicated to the VM. Not sure how well that would work, but it would eliminate the hardware complexities/expense.

I don't have a server. I have a HTPC, a desktop, a couple laptops, and a couple Android phones. I don't think my desktop is the right place to run a router. I don't want a computer I use daily and screw around with to cause every other computer in the house to lose it's internet connection. Plus, I'm trying to get better up time.

 

[ddrueding]

Yeah, I don't have a server, either. I would probably run it on my wife's machine, as I consider that "mission critical" when it comes to up time, maintenance, and general reliability.

 

[CougTek]

The more modern WRT160N rev3 can be flashed with DD-WRT. IIRC, it has faster hardware than the aging WRT54G. Avoid rev2 (for the WRT160N) since it cannot be flashed with DD-WRT.

The Jetway/VIA C7 combo will consume ~20W with the RAM and hard drive. That's about twice as much as a low-end router like the WRT160N. It's also a lot bigger. It doesn't do wireless network. Finally, it's more than three times more expensive than a WRT160N.

 

[MaxBurn]

Why not a small business grade item like:

http://www.amazon.com/exec/obidos/ASIN/B000H97UC0/ref=nosim/9938135-rg2422-00-20?s=merchant

http://www.cisco.com/en/US/products/ps9931/index.html

If I ever started having trouble with my something like eight year old 3com office connect I would seriously look in the small business sections of the major players.

 

[Bozo]

You might look in the Salvation Army or Goodwill for a used PC to build your router. Super cheap.

 

[Sol]

I use a Ubiquity Routerstation. It runs OpenWRT out of the box and costs about half as much as that bare bones system (It doesn't come with a case or power supply though).

There are a couple of other options for dedicated router platforms aimed at the wireless ISP market, I went with the Ubiquity one because the software stack is completely open source. It's proven pretty reliable so far.
(My Internet connection has gone down a few times because of the crappy USB ADSL modem I'm using but the routers always stayed up. And I'm kind of impressed that the device will actually connect via a USB modem. OSS for the win.)

I've also used Smoothwall in the past and found it good, but these days I'm more concerned about space and power consumption than the initial cost of hardware.

 

[Mercutio]

I built my own WAP/Router using an ARM-based system and a couple mini-PCI NICs. I essentially followed a guide someone else wrote to get it up and running with a custom Linux install. It cost about $600 to get all the hardware but it's been utterly reliable.

I've heard good things about Ubiquity devices as well.

 

[Mercutio]

Here's my old thread. They don't sell the products I used any longer.

 

[ddrueding]

Ubiquiti makes awesome hardware at very competitive prices. I use their stuff for all of my WAN links. The main frustration is the high rate at which they release new products and the poor availability.

 

[timwhit]

The Ubiquiti options look promising. Is there anyone that sells completed kits based on the RouterStation or RouterStation Pro? I did some quick Google searches but don't find much.

 

[timwhit]

The more modern WRT160N rev3 can be flashed with DD-WRT. IIRC, it has faster hardware than the aging WRT54G. Avoid rev2 (for the WRT160N) since it cannot be flashed with DD-WRT.

The Jetway/VIA C7 combo will consume ~20W with the RAM and hard drive. That's about twice as much as a low-end router like the WRT160N. It's also a lot bigger. It doesn't do wireless network. Finally, it's more than three times more expensive than a WRT160N.

I think I want to avoid Linksys from this point forward, their products leave a bad taste in my mouth.

You're right about the Jetway system, it's too big for my office and too expensive. The power isn't that big of a deal. I estimate that the Jetway system would cost $14/year to run at 8 cents per kWh.

 

[timwhit]

Here's a Ubiquiti RouterStation Pro Kit on eBay. Would this work for my needs?

I like the pro better because it has gigibit NICs.

 

[ddrueding]

Looks really good. I'd add a wireless card to it though.

 

[timwhit]

Looks really good. I'd add a wireless card to it though.

I looked for one, but couldn't figure out what to buy. Any advice?

 

[ddrueding]

Depends on what you are after. Normal 2.4Ghz 802.11b/g? Super high-powered 5Ghz a?

 

[timwhit]

Depends on what you are after. Normal 2.4Ghz 802.11b/g? Super high-powered 5Ghz a?

These are kind of expensive. Anything cheaper?

I don't really care that much about wireless in my office right now, but might want to get something in the future. I guess I could always just buy another cheap AP.

 

[Mercutio]

You just buy mini-PCI cards. There are lots of choices. You should be able to get away with an Intel or Broadcom-whatever.

 

[timwhit]

I can't tell if the RouterStation Pro supports mini-PCI Express or not. If it does, will the Intel 622AN.HMWWB Mini PCI Express work?

 

[ddrueding]

"Three MINI-PCI Slots supports Type IIIA" I don't think that is PCIe

 

[timwhit]

The only mini PCI nic that Newegg sells is the TP-LINK TL-WN861N.

I've never heard of this brand before. Does anyone have a better place to look?

 

[ddrueding]

If you check the images for that NIC you see it has an Atheros chipset. Should work fine.

Of course, here is an Intel ABG NIC for $10.

 

[timwhit]

I am going to try to get one from a broken laptop. If that fails I'll order one.

Thanks for the hand holding.

 

[ddrueding]

No worries. The people here have saved my ass more than once.

 

[Mercutio]

I am going to try to get one from a broken laptop.

That's how I got my 802.11n card.

 

[timwhit]

I ordered the RouterStation Pro Kit from eBay.

I was looking into OpenWRT and it looks like there is no web interface by default. Does anyone know if it will be possible to add something like X-Wrt?

 

[ddrueding]

That I have no experience with. Hopefully Sol can step back in.

 

[Mercutio]

I was looking into OpenWRT and it looks like there is no web interface by default. Does anyone know if it will be possible to add something like X-Wrt?

Looks like you can. Even if you're just working with the shell, most of commands are things you're going to run once and then just let the device sit and be an appliance.

 

[timwhit]

Looks like you can. Even if you're just working with the shell, most of commands are things you're going to run once and then just let the device sit and be an appliance.

My 5 minutes of Google research showed the same thing. I have no problem working on a CLI, it's just nice to have a GUI to fall back on, especially for something I've never done before.

 

[Sol]

The cards are definitely mini-PCI not mini-PCI-E I use an Atheros based one (It was easier to just get the cheapest 108Mbit card I could find than try to figure out what chipset every card used.) but broadcom chips seem to be well supported also. (I'm not sure if there are any Intel wifi drivers though so you might want to check that out if you're looking to buy an Intel NIC)

There are a couple of web based GUI options, you can install them using a really nice package manager. I use luci which seems to be the most common one. It does everything I need and a lot of the extra packages seem to have plugins for it.

The Router Station Pro comes with OpenWrt Kamikaze which is not the latest version. I installed Backfire when I got mine but I'm not sure there's much in it really.

 

[timwhit]

Thanks for the confirmation, Sol. I will try luci when I get my RouterStation Pro.

 

[Howell]

I have found that it is usually the power brick that gets flakey way before the actual FW goes out. Do you have a way to test?

 

[timwhit]

I have found that it is usually the power brick that gets flakey way before the actual FW goes out. Do you have a way to test?

I'm using the same brick on the BEFSX41 that I was using on the WRT150N. No problems with the BEFXS41 whereas the WRT150N was locking up daily. Is that a decent test?

 

[Howell]

I'm using the same brick on the BEFSX41 that I was using on the WRT150N. No problems with the BEFXS41 whereas the WRT150N was locking up daily. Is that a decent test?

I would think so though I would also try the WRT with the other brick. A few months ago I had very similar problems as you with my WRT54GL running x-wrt. I ended up flashing it back to the Linksys firmware and the problems went away. I'm still not convinced I wasn't having problems with my line/modem though. YMMV.

 

[Stereodude]

You might look in the Salvation Army or Goodwill for a used PC to build your router. Super cheap.

That's great as long as you don't pay for your electricity. :rambo:

 

[LiamC]

I've used Smoothwall in the past with great success. I'm actually considering running a smoothwall in a VM on another machine, with a pair of NICs dedicated to the VM. Not sure how well that would work, but it would eliminate the hardware complexities/expense.

I've thought about doing this myself, but in a couple of networking forums where I've raised this issue, others have suggested it's a bad idea because if the box is compromised, then the potential exists for all the systems on the host are compromised. The consensus seems to be leave a router/firewall box all by itself. Can anybody comment on this? I'm not sure if its a valid concern or one of those work place myths. Conceivably you'd have to compromise the firewall/router and the VM.

 

[ddrueding]

I think it is significantly paranoid.

A) The *nix-based appliances are really secure, particularly as they receive regular updates.
B) The guest has very little chance of seeing the host.
C) As soon as your firewall is gone there are plenty of avenues to attack a windows box anyway.

 

[timwhit]

I received the RouterStation Pro today. It's smaller than I was expecting. I will hopefully get a chance to try it out tonight.

 

[timwhit]

I got the RouterStation Pro up and running. I initially screwed up the network configuration and was unable to connect to the router, so I had to do a hard reset on it and then I loaded what I believe is the latest version of OpenWRT. That part took me about 1 hour. It took an overly long time because it changed the default gateway IP for me.

Getting my cable modem working only took 15 minutes and required the modem to be power cycled.

I got DynDNS setup, which was somewhat straightforward.

I spent the last 45 minutes trying to forward a single port. I still haven't gotten this to work.

I have tried everything I can think of to get this working to no avail.

Here's what I have in /etc/config/firewall

config 'redirect'           
        option 'src' 'wan'     
        option 'dest' 'lan'      
        option 'dest_ip' '192.168.1.100'
        option 'dest_port' '4040'
        option 'proto' 'tcp'    
        option 'src_dport' '4040'
 
config 'rule'
        option 'src' 'wan'
        option 'proto' 'tcp'
        option 'dest_ip' '192.168.1.100'
        option 'dest_port' '4040'
        option 'target' 'ACCEPT'

Any ideas are appreciated.