Re: A FreeBSD-based Router
- Reply: Juan Manuel Palacios : "Re: A FreeBSD-based Router"
- In reply to: Martin McCormick: "A FreeBSD-based Router"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 05 Apr 2025 23:40:59 UTC
On 4/5/25 11:02, Martin McCormick wrote: > We have been using a Netgear wndr3400v2 router since February of > 2013 and it is probably time to take advantage of newer > technology especially since there have been no new software updates for > it in years. It also has a web GUI interface that must have, at > one time, worked for somebody, but nobody here because I have > thrown every browser at it I can get my hands on and the best way > to describe it is that each browser does okay with some web pages > on it but not others and anything related to passwords or the > changing there of seems to always make the most destructive > changes but never any beneficial adjustments so one doesn't > really know what got changed until later when this or that > function no longer works. > > If I do the factory default reset, that will certainly > set things back to originals while also deleting the dhcp table > so I don't really want to do that. > > What I really want is a modern router with a command-line > method of control which allows for good old text-base > configuration files for changing router settings as well as the > dhcpd server which it would also be running. > > My idea is to load a mini PC with FreeBSD and a router > engine which means that the mini PC would need to have at least 2 NICS. > > Is there any particular mini PC with a good track record > on running FreeBSD? I just put our Netgear router on a UPS so > that the occasional power glitches aren't as easily passed > through to our home network and hopefully a mini PC would not run > the UPS battery down as quickly as a full-sized work station > might. > > Before I retired in 2015, I ran the FreeBSD-based bind > name servers along with ISC Dhcpd for my employer and we had > virtually no issues at all with that particular scheme so that's > why I want to use FreeBSD in our house for this purpose even > though I use debian Linux for most hobby activities so I can say > good things about both unixen (I believe that is a correct form > of speech.) > > Our router is still working, knock on wood, but we > recently had issues with our ISP that so choked the router that I > thought it had crashed only to find out that it came back to life > when whatever traffic the ISC was throwing on to their system > went away and things got back to what passes for normal. > > The FreeBSD/dhcp environment we had for over 20 years was > run on Dell servers and we had one FreeBSD box that ran continuously > without a reboot for over a year so I know FreeBSD gets things > done. > > Thanks for any suggestions. > > Martin McCormick Network engineering in the age of the Internet is a never-ending learning curve with potentially disastrous consequences if it is done incorrectly (including not keeping it up-to-date). I have a SOHO network with a file server, various client devices, and residential Internet service. I want a safe and reliable network, but am not a network engineer. Back in the day, I started with a homebrew dial-up firewall router using a desktop PC, dual NIC's, and Red Hat Linux. It was a useful learning exercise. Later, I tried purpose-built FOSS distributions. pfSense was too powerful and complex for my needs. IPCop was a good fit and I used it for years. But, the PC was bulky, made noise, produced heat, and consumed power. Compact energy-efficient PC's have always come at a premium price. I tried a few Netgear products, but also had problems with the web user interface (WUI). More importantly, the devices tended to crash every few months; especially in summer. FOSS firmware (DD-WRT) helped with the WUI, but I bricked at least one device attempting to upgrade. When I added a Wi-Fi access point (AP), I soon discovery the hassle of trying to keep configuration settings synchronized across multiple network devices. Then I discovered Ubiquitti Networks and their UniFi lineup of products. The killer feature is the UniFi Network Application -- centralized high-level network command and control with one WUI to "rule them all". I bought a UniFi Security Gateway, a UniFi AP AC-Lite, rented a Linode VPS, installed Debian and the UniFi Network Application (via a Linode StackScript), configured everything, and have been up and running 24x7 ever since. The UniFi Network Application WUI has evolved over the years, but has always been very polished. Upgrades have been uneventful. Backup is achieved by downloading a configuration file. Restore is achieved by uploading a configuration file. I easily added incoming firewall pinholes and forwarding rules to allow remote SSH access from the Internet. At one point, I set up a VPN to allow remote Samba access from the Internet. I easily added two more AP's to my LAN. Technical support was excellent when I needed it. UniFi devices are Linux on the inside, so I can look; but I dare not touch. David