Super Router Thread

[Trig0r 204]

So, off of the back of that thread...

 

Am I right in thinking that people are using routers from their ISP in modem mode, plugging it into a machine and then using that for firewall/router/internet control?

 

Could you, in theory then go from the router, to a NIC in your server then out of another NIC into the network?

 

I'm in need of something that'll do DHCP and internet profiling, ie turn off the offsprings WiFi at certain times, limit bandwidth etc...

 

Think this could be a good use of my old Gen7...

[schoondoggy 858]

Modem to Router/Firewall/UTM to core network switch

PFsense, Sophos and Untangle are popular.

Untangle launch a $50 per year full feature version for home use that is quite popular.

The 'How to run Untangle at home' tab has a nice comparison;

https://www.untangle.com/untangle-ng-firewall/untangle-at-home/

[itGeeks 184]

The setup would depend on the type of equipment your ISP supplied, If its a modem only then follow what schoondoggy said. If its a modem/router combo the setup would depend on the ISP and the type of services you have. FiOs and ATT U-Verse are examples that you need to keep there modem/router in-place in router mode if you have Phone and or IPTV service with them.

 

1. Hew is your ISP and what type of services do you have with them?

2. Do you have a modem or a modem/router combo from the ISP?

3. What is the speed of your internet both down/up?

4. When you say you have an old Gen7 laying around do you mean a Core i7? a Core i7 is way overkill unless you have very fast internet such as GB Fiber.

5. How many devices do you have on your network? I had around 45 devices and FiOs 150/150 internet and I was able to run both the new Sophos XG and Untangle on a low powered Atom D525, That said Get yourself a Celeron J1900 or a N3700 with 8GB of memory would serve you well

 

6. I use the paid version of Untangle, Its a steal at 50.00 a year for "home use", They even have a live demo if you wan't to have a look http://demo.untangle.com/auth/login?url=/webui&realm=Administrator

[Trig0r 204]

ISP is Virgin Media.

They supply a router which you have to keep but you can run it in "Modem" mode which I have done before, then connected my own router to it..

200 down 10 up.

Gen 7 as in HP Microserver Gen7..

[schoondoggy 858]

The Gen 7 N54l should do fine with 4-8GB of memory:

http://www.cpubenchmark.net/compare.php?cmp%5B%5D=2513&cmp%5B%5D=2131&cmp%5B%5D=477

 

You could use the bays for something else:

http://homeservershow.com/forums/index.php?/topic/9682-recycled-n36l-external-storage-for-hp-p222-raid-and-sophos-utm/

[Trig0r 204]

At the mo the Gen7 has the following.

 

N40L

16Gb

2Tb Seagate

2Tb WD Red

1Tb WD Green

500Gb WD Blue

 

I'd already looked at that thread you linked as I have a dead Gen7 as well that a friend gave me and was looking to use it just for the bays, got the external cable but not the adapter, mmmm, more things to think about...

[LVLouisCyphre 3]

I know this is an old thread.  I'm a retired IT networking professional.  I've done it at home and for my clients and former employer professionally in the IT business for decades.

Quote

Am I right in thinking that people are using routers from their ISP in modem mode, plugging it into a machine and then using that for firewall/router/internet control?

The correct term is bridging mode.

Quote

Could you, in theory then go from the router, to a NIC in your server then out of another NIC into the network?

There's no theory about it.  This has been done for decades.  My firewall/router machine twenty years ago was a generic P54C-90 machine with 32 MB RAM running FreeBSD with the internal interface being an Intel (8461) Pro/100+ Management card and the external NIC being an SMC 8013 connected to my cable modem.  The machine was yawning with lots of CPU idle waiting for something to do. 

 

If your switch supports VLANs, you don't need a separate NIC.  You put your ISP on a separate VLAN and do interVLAN routing.  Switches that support VLANs are dirt cheap.  If the only thing the box is going to do is firewall/gateway functions then it will only be used for egress and ingress traffic and you can do it via a single ethernet port with VLANs.  I own two HP Microserver G7 N54Ls and the bad thing about them is the lack of PCIe slots especially if you install the IPMI card. 

 

I think this is overkill for a HP Microserver.  It's meant to be a NAS which is why I have my pair.  It will do the job.  Every FreeBSD machine in my network I have prepared to take over firewall/gateway functions. 

Quote

I'm in need of something that'll do DHCP and internet profiling, ie turn off the offsprings WiFi at certain times, limit bandwidth etc...

FreeBSD, OPN and pF sense will do this.  If you're not a CLI guru, then you want OPN or pf Sense.

 

[oj88 128]

Running Untangle HomePro on a HP G7 N40L with 250GB HDD, 4GB RAM and a dual 1GB Intel NIC.

[nrf 130]

At one point I used an N40L as a router but needed a bit more oomph.... now I use an un-needed tower PC with 4 NIC cards in it. amazing how g7 microservers still keep popping up here. one random bit of wisdom here, in the area of linux based routers/firewalls I have read that the single-port NICs are better handled by the drivers than the multi-port NICs. And of course Intel is best for this purpose.

Edited January 22 by nrf

[oj88 128]

Nice to know. Fortunately, I haven”t had any issues with mine as far as NICs are concerned. I’ve used this N40L with Sophos, pfSense, and of course, Untangle, in dual and quad 1gb NIC combinations.

 

With almost every filter enabled in Untangle, the G7 can easily do 250mbps, in and out (that’s as fast as my ISP will allow me).

 

Useful little servers. I have three N40L still unopened in their original boxes... remnants of when the company I worked for practically gave them away. I took six.