I wrote about how I use pfSense as my home gateway system but that is no longer true. I have replaced pfSense with DD-WRT which uses iptables rules customized for DD-WRT and my own personal choices of configuration options which suit my home networking needs. I am not looking to start a flame war so I will start out by saying there is nothing wrong with pfSense, but the hardware I was running it on. I like having a more advanced home network, but only on the cheap and, most importantly, the hardware didn’t provide the features I was looking for.
My pfSense server was an old Dell Inspiron 4000 laptop with only two network ports. The BIOS didn’t have the option to restart after a power failure and the display doesn’t work. I didn’t consider the setup easy to troubleshoot for novices knowing how ISP supports expect that little blue box in every home. Should someone call an ISP for tech support, the ISP would tell the troubleshooter to power cycle the home router and the ISP would be more likely to describe the Linksys router than a Dell laptop on the network. I simply don’t consider this a user friendly piece of hardware. For home networking, I have always preferred to use hardware built for the task. You can find a really nice micro-ATX board, case, and accessories to build a pfSense hardware solution, but that comes to well over $300 US and I didn’t see any benefit to spending that kind of money for home use.
So, my goal was to replace the server with something that has 5 ports, powers on after fail, is easy to power cycle, and is gentle on the wallet. I’ve known about the replacement firmwares for home based routers, but I really loved how feature packed pfSense was in comparison. DD-WRT provides all of the features I wrote about in my Home Network Features article so I still have PPTP and OpenVPN support. Additionally, I also get VLAN support which enables me to make a DMZ on a switch port for my home server. I haven’t done so at the time of this publication, but my plan is to use the VLAN feature in a port on its own subnet eliminating the need for two gateways so the design will have one gateway serving the whole network.
You will often see many advocates of PC based routers tell you those “little blue boxes” are toys and you should use pfSense or Untangle to get any real performance. Keep in mind that I worked at an ISP in the old days using a 200 mHz Pentium Pro as the gateway router and it handled tons of traffic. Those little blue boxes have enough power for most home users and room to spare. Take a look at the resource diagram and note that there is ample memory, CPU, and storage space.
Signal strength is also available in this GUI.
- Wireless router and dd-wrt (damirkucic.com)
- Know Your Network, Lesson 5: Bonus Features and Further Resources [Video] (lifehacker.com)
- Secure your browsing using a home VPN (sriramk.com)
- Breaking SSL on Embedded Devices (myassgeek.wordpress.com)