Forgot your password?
typodupeerror
Wireless Networking Hardware Hacking Networking Open Source Build

Ask Slashdot: Best Open Source Project For a Router/Wi-Fi Access Point? 193

Posted by timothy
from the what's-the-nsa's-least-favorite dept.
An anonymous reader writes "My wireless router just died. I have an old netbook lying around that has a wired network interface and a wireless one. The wireless card is supported in master mode by Linux, FreeBSD, and OpenBSD. What does Slashdot recommend I use to turn it into a router/wireless access point? DD-WRT? pfSense? Smoothwall? Fedora/Ubuntu/OpenBSD with a manual configuration? I'm not afraid of getting my hands dirty and I know what I'm doing, but I want as close to zero maintenance as possible."
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Best Open Source Project For a Router/Wi-Fi Access Point?

Comments Filter:
  • by AmiMoJo (196126) * <mojo @ w orld3.net> on Saturday October 05, 2013 @01:11PM (#45045233) Homepage

    If you want something powerful but maintenance free then DD-WRT on dedicated router hardware is the way to go. Running an ARM system-on-chip without active cooling and everything on flash memory is going to be far more reliable than any kind of PC set up. DD-WRT does pretty much anything you want and you can get a root shell if you want.

    For what it's worth I prefer Buffalo hardware. It's robust and performs well.

    • by agoodm (856768) on Saturday October 05, 2013 @01:19PM (#45045299) Homepage
      A properly configured and set up PC based router with appropriate active or passive cooling will be more reliable than ARM SoC based solutions due to the additional speed providing additional routing capacity. Most SoC solutions ive seen have insufficient power for reliable operation under anything more than a moderate load. Source: I manufacture and install PC based routers in places where ordinary routers are becoming unstable
      • by AmiMoJo (196126) * <mojo @ w orld3.net> on Saturday October 05, 2013 @01:38PM (#45045477) Homepage

        That's why I recommend Buffalo hardware. Their main market is Japan where symmetrical gigabit connections are quite common, so their hardware is capable of routing that. I find it to be reliable long term (5+ years).

        • by johnnys (592333) on Saturday October 05, 2013 @01:46PM (#45045521)
          This is probably not what the OP wants to hear (surprise! It's Slashdot after all) but I agree that a VERY good option is a Buffalo router. I bought a Buffalo WZR-600DHP running DD-WRT and it has been completely reliable in my SOHO environment. The feature set, tunability and capabilities of DD-WRT on this device are extensive and impressive.

          I have tried DD-WRT on some older routers (Linksys) in the past and although the features were there the reliability and dependability were just not there. I had to reset every few weeks and reconfigure. So when I saw Buffalo was using DD-WRT I decided to try it and I have been very happy.

          • by icebike (68054)

            Add to this the fact that a laptop wifi card is not exactly known for its range, or power.

            I understand that this is slashdot and people want to turn sow's ears into silk purses and run Linux on their toaster ovens, but that doesn't make it a good solution. Just about ANY off the shelf wifi router will be a better solution.

            • by mcgrew (92797) * on Saturday October 05, 2013 @02:38PM (#45045965) Homepage Journal

              You guys all seem to be missing the point. He wants to repurpose old hardware without spending anything. I used to do something similar in my teenaged years (this was in the analog era) when I'd turn used transistor radios into guitar fuzzboxes. "But you can get a professional one for only $250!" Yeah, but I could turn a broken radio into one for $2.50.

              If my aging router dies before this notebook does I'll probably do something similar with it. Plugging a new router in is no fun, building your own out of useless junk is.

              • Re: (Score:2, Redundant)

                by icebike (68054)

                I'm pretty sure I didn't miss the point, as you would have realized if you read past the first sentence. (Yeah, I know, its slashdot, but for gods sake the world does not stop at the first piece of punctuation you encounter.!!)

                Even after his experiment, he will need a new router, for all of the reasons mentioned by several posters above.

              • by AmiMoJo (196126) *

                Such a system is unlikely to perform well or be reliable though. Older wifi cards in particular really, really suck. 2.4GHz is overcrowded in many places too, so shelling out for a 5GHz capable card is worthwhile.

                On top of that you have to factor in the cost of electricity to run the thing. Even a laptop is going to be several times the power consumption of an ARM SOC based router. By the time you have bought a reasonable wifi card and factored in electricity you might as well just have shelled out Â

    • by sribe (304414)

      For what it's worth I prefer Buffalo hardware. It's robust and performs well.

      Seconded. I can give you plenty of reasons not to buy Linksys, or Cisco, or NetGear, or D-Link. I can give you 0 reasons not to buy Buffalo ;-)

      • Seconded. I can give you plenty of reasons not to buy Linksys, or Cisco, or NetGear, or D-Link. I can give you 0 reasons not to buy Buffalo ;-)

        And I can give you one reason yes to buy Netgear. My new Wireless N-150 WNR1000 cost me $9.95 through my cable company.
        Make that 2 reasons - It has run rock solid for ~3 years now on its standard firmware.
        Point: Always look at the overall ROI.

    • by _Ludwig (86077)

      FWIW, several of Buffalo's wireless routers ship with DD-WRT now.

    • by mellon (7048) on Saturday October 05, 2013 @02:34PM (#45045949) Homepage

      I'm a little bit surprised to see DD-WRT getting such prominent billing. I've been using OpenWRT very happily for a long time, and had trouble getting DD-WRT to do what I want. It's possible that things have changed since I last investigated, of course.

      I'm a bit biased in that I wanted something hackable; I've been able to make packages for OpenWRT and have them work with very little effort, and even been able to debug stuff under gdb on the router. This is probably also possible with DD-WRT, but when I investigated, OpenWRT seemed clearly easier to develop on. Building the router image from source was dead easy; customizing it was easy with "make menuconfig" and building packages within the build tree (with support for the packages in "make menuconfig") was easily done as well.

      My point here isn't to say "don't use DD-WRT," because I have nothing bad to say about it; rather it is that it's worth considering OpenWRT as well. Personally I've had a lot of success with it, and recommend it highly as a development router OS.

      • by saleenS281 (859657) on Saturday October 05, 2013 @03:27PM (#45046319) Homepage
        DD-WRT for all intents and purposes might as well be dead. At this point they've essentially stopped releasing updates unless you're paying for a subscription. And their last release for most hardware platforms wasn't even GA code, it was "pre-SPX".
    • by Alef (605149)
      I used to run DD-WRT once, and liked the configurability and stability. However, a gigantic security hole [cxsecurity.com] found in 2009 pretty much destroyed all my confidence in the competence of the maintainers with regard to security. Basically, it would execute commands (as root!) directly from the url of a request to the management interface. All an attacker would need to do is get you to click an embedded link somewhere, and you are owned. (My link above is safe, by the way -- did you click on it?)
    • Please do not talk to my 486sx25 with 12M of memory and 283M harddrive running an old IPCOP version. Works just great.

    • Not to mention the crappy WiFi (single crappy small antenna, likely 2.4Ghz only) on typical netbooks...

  • pfSense (Score:5, Informative)

    by kroby (1391819) on Saturday October 05, 2013 @01:16PM (#45045273)
    pfSense is a great open source router distro and should have no problem running on your net book. However, Sophos UTM/Astaro Security Gateway is a commercial product that is free for personal use. I recommend it if you need any UTM features such as gateway AV, IPS/IDS, Spam Filtering, and centrally managed AV.
    • by CrudPuppy (33870)

      I just retired my office wireless (three WRT54GL units) and replaced with a pfSense firewall and three Aruba Instant 105's

      For the pfSense, I used two Intel wired cards instead of the crappy onboards.

      I couldn't be happier. granted, the Arubas are probably a bit pricey for a house (depends on who you are)

    • pfSense is extremely limited on the Wi-Fi end. Otherwise, it's a great product, if you like tinkering with stuff and don't want a plug-and-play experience.

      • by pnutjam (523990)
        The 2.0 series works well with wifi. I have been running pfsense on Alix hardware using an Atheros chipset wifi card and it has been rock solid for at least 5 years. I update it occasionally, but it is truly no maintenance.

        If your wireless card is supported for AP mode it is a great solution, feel free to email me with questions.
        • What about wireless N and AC support? Officially, they're not supported...
          Fortunately, it's not something I have to mess with, since I only use pfSense for firewall/routing duties, along with an Asus RT-N66U for Wi-Fi.

          • by pnutjam (523990)
            That's true, neither of those are supported, but I expect N will be available soon. This guys appears to be cost conscious, so I doubt he is running N or AC equipment.
          • by adri (173121)

            11n will work on Atheros hardware when they either/or:

            * update pfsense to work against FreeBSD-10;
            * start releasing snapshots of pfsense that work against FreeBSD-HEAD;
            * backport the net80211, driver and userland tools from -HEAD to -8 (which I've done a few times, I've just not committed it to FreeBSD.)

            11ac is a different story. I'm going to let the Linux side shake out before I start work on the FreeBSD 802.11ac support.

            -adrian
            (FreeBSD wireless maintainer.)

    • by BLKMGK (34057)

      I use ClearOS and I believe the latest version will handle WiFi. It's free but there are pay for play options. It also functions as a firewall, does QOS for my network, VPN endpoint, blah blah. i was using a WRT54G up until recently too but have replaced it with an AX capable Asus router for which Tomato firmware exists. Thus far I've not yet felt the need to switch out the stock stuff though...

  • by opus_magnum (1688810) on Saturday October 05, 2013 @01:16PM (#45045281)
    either, but there are also Zeroshell and ClearOS.
  • zero maintenance (Score:3, Informative)

    by girlintraining (1395911) on Saturday October 05, 2013 @01:19PM (#45045301)

    I'm not afraid of getting my hands dirty and I know what I'm doing, but I want as close to zero maintenance as possible."

    DD-WRT. Pick a good router with a fast cpu in it if you plan on running P2P with it. My high-end Asus 'black knight' (one of the recommended high-end dd-wrt models) shits itself if you have more than about a 800 or so simultanious connections, because the CPU isn't fast enough. I would not recommend using a 'netbook' with a wifi card simply because it consumes a lot of power and you'll make up in lower power consumption costs what you'd spend on a purpose-built router in about 15-18 months.

    • Re:zero maintenance (Score:5, Informative)

      by dugancent (2616577) on Saturday October 05, 2013 @01:37PM (#45045467)

      TomatoUSB is another option. I prefer it over DD-WRT personally, but they are both good options.

      • Re:zero maintenance (Score:5, Informative)

        by Anonymous Coward on Saturday October 05, 2013 @01:58PM (#45045621)

        Agreed. I use the Shibby branch on my ASUS RT-N16. Been running strong about 2 years with no problems.

        http://tomato.groov.pl/

        • Re: (Score:3, Informative)

          by Anonymous Coward

          Ditto. Shibby on a Belkin F7D3301. Factory firmware on that thing was trash, which happens to be where I found the router to begin with. I was about to trow it out (again) but on a whim tried Shibby's TomatoUSB. Rock solid stable, coverage throughout the house, and it consumes like no power (doesn't even get noticeably warm). But yeah, Shibby TomatoUSB - good stuff.

      • Re:zero maintenance (Score:5, Informative)

        by spongman (182339) on Saturday October 05, 2013 @03:41PM (#45046387)

        Please mod parent up.

        Tomatousb is brilliant. Hardware compatibility is a little less broad than some of the others, but once you get t installed the usability is like butter.

      • Re: (Score:2, Informative)

        by Anonymous Coward

        Also, TomatoUSB and it's many variants are still updated, unlike DD-WRT which is so far out of date it's not even funny.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      DD-WRT in my experience can make "flaky" routers on default binaries suddenly WORK AS ADVERTISED.

      I've had both linksys and dlink routers that rebooted themselves constantly, DDWRT solved whatever was causing it and they're now rock solid!

      • Re: (Score:2, Interesting)

        by Anonymous Coward

        I had DD-WRT on my Linksys WRT54G v1.1, and it became flaky after I moved house (the wifi would intermittently stop working necessitating a reboot, not sure why but perhaps due to interference with a neighbours router as next door only switch theirs on when they are using it), but it became rock solid after I switched to Tomato (and I'm still using it).

    • Which Asus are you talking about? The RT-N66U and RT-AC66U, as well as the RT-N56U are known for being able to handle loads that would be unbearable on lesser devices.

      In any case, the N66U and AC66U (and the soon-to-be-released AC68U, which has a much faster processor than its younger siblings) have excellent official firmaware support and are compatible with tons of different OS, from slightly modified stock firmware (it's open source) to DD-WRT. They're also easy to load a different OS at will with no hac

      • I'm talking about the RT-N66U, with the latest stable version of DD-WRT; v24-SP2, July 2013 release. Through trial and error, I've found the max before the load average causes it to start choking and delaying packets is about 1300 connections, with a TCP timeout of 900 and a UDP timeout of 60. Note that these numbers are far below what the 'out of the box' defaults are. Those defaults may work if you are not using QoS, but if latency and buffer bloat is a concern of yours, then you're going to find it choke

        • Where did you get 300MHz from? I've always read 600MHz... In any case, if it's not enough for you, you might want to look into a dedicated router (like a pfSense box) or the RT-AC68U, since it has two CPU cores at 800MHz.

          Maybe DD-WRT is slower than the official/slightly modded firmware, 1300 connections sounds low-ish judging by what is commonly said about the N66U. Unfortunately, I have no numbers to share because I use mine exclusively as an access point, with routing delegated to a pfSense box...

        • by BLKMGK (34057)

          Ah so you've already got 3rd party firmware on it. Have you tried Tomato? I'd be interested to know how that worked, I've not yet felt the need to tweak my AC equipped Asus - yet. If that still doesn't work maybe consider building or buying a Microtik? It's pay for play for any but the most basic stuff - which requires a registration too - but might work on good hardware. I've played with it in a VM and it seemed pretty straightforward if not a tad locked down. Pretty sure they handle wireless. Any chance y

      • by amorsen (7485)

        are compatible with tons of different OS, from slightly modified stock firmware (it's open source) to DD-WRT.

        As long as you do not modify the kernel. They are Broadcom devices, so your kernel has to be compatible with the binary crap that came with the router.

        I'm not sure it is even possible to get a non-Broadcom router with decent performance these days.

    • by mcgrew (92797) *

      Get another cup of coffee, he wants his old netbook to be the router. He doesn't want to BUY one, he's a nerd. He wants to make one out of junk. I commend him for it, I do the same when I can.

      If I were doing the same thing with my setup, a wireless notebook and two wired towers, I'd slap a NIC or two (I'm sure I have some old ones somewhere) in one of the towers, feed the DSL to that and feed the home-made wireless router with that.

      I'd still want advice on the best OSes for the two routers.

    • by BLKMGK (34057)

      There's a Tomato release for your router - I have the AC version of that router. I've not yet loaded the 3rd party firmware but I've not run into limitations either - but I have at least researched it. My WRT54G used to run into limitations with many connections too - Tomato was able to help the stability greatly and might help you as well.

      I'd also point out that netbooks do NOT use tons of power and as cheap as power is it'll be years before he makes back the cost of an Asus router like your's...

      • 'd also point out that netbooks do NOT use tons of power and

        ... It's not the netbook per-se that sucks your wallet dry. It's the power brick. As long as it's connected, it's vampirically sucking juice, and depending on its efficiency rating and power correction factor. PCF is the reason why running your fridge is so expensive -- it doesn't consume as much electricity as your bill says it does, but whenever you put something across the rails that is an inductor (transformer, motor, etc.) the voltage and current come out of phase -- you are charged based on how much c

        • by RR (64484)

          I'd also point out that netbooks do NOT use tons of power and

          ... It's not the netbook per-se that sucks your wallet dry. It's the power brick. <snip> Your netbook may sip electricity... but the power brick it's connected to is probably nothing more than a transformer with a fat ass capacitor and a half-bridge rectifier in it.

          I don't know where you got your netbooks, but the netbooks I've seen have all used switching power adapters. [wikipedia.org] It turns out, all that metal needed for transformers and large capacitors and heat sinks makes them uneconomical for even cheap electronics.

        • by amorsen (7485)

          If your fridge is halfway decent, it will have an electronically controlled asynchronous motor with power factor correction.

          Practically everything else sold today will have power factor correction as well, unless its draw is so small that it doesn't matter.

          And the synchronization motor is not there to fix how meters work. It is there to prevent the grid breaking down. It would be there even if electricity was free.

  • OpenWRT (Score:5, Insightful)

    by Knuckx (1127339) on Saturday October 05, 2013 @01:20PM (#45045303)

    OpenWRT Attitude Adjustment 12.04; loads of packages available from official repositories, nice webinterface, and no commercial side selling product activation keys for certain features (like DD-WRT).

    • Re:OpenWRT (Score:4, Interesting)

      by Anonymous Coward on Saturday October 05, 2013 @01:33PM (#45045425)

      Yeah. OpenWRT is the way to go. You can build or customise everything and it has pretty decent documentation in the wiki.

      Development for DD-WRT is a mess and the documentation is awful. You can't trust the DD-WRT website with its database since it is massively out of date and has a ton of just plain incorrect information. You need to work out what specific blessed build number works for your particular hardware and revision but the only way to find that out is to trawl around in their forums with the huge threads. Once you've found a working build then don't ever upgrade since it is likely that they've broken it in mysterious ways in a later build.

    • Re:OpenWRT (Score:4, Insightful)

      by jonsmirl (114798) on Saturday October 05, 2013 @01:48PM (#45045533) Homepage

      OpenWRT is the way to go. Just buy a new, cheap commercial router and replace the software with OpenWRT. Don't mess with the laptop. It chews too much AC power and the wifi is probably not as powerful as the radio in the commercial router. You can buy fine 2.4Ghz router hardware for $30.

      DDwrt is a mess, OpenWRT project organization is much better.

      • Re: (Score:2, Interesting)

        by keith_nt4 (612247)

        As somebody who spent about 3 weeks (I'm kinda new to linux) trying to get OpenWRT working on my router I would like to disagree. I can't speak to DDWRT's organization but the OpenWRT community seems completely dead to me: the wiki is outdated/inaccurate/contradictory (often on the same page) and the forum seems dead as well except from one or two threads. Good luck finding any help from that "community" *.

        I was exploring DDWRT at one point and that documentation said OpenWRT packages will work with DDWR

        • by markhahn (122033)

          yes, if you want to do fringe things that no one else in the community is interested in, then a community-supported system is a bad choice. surprise!

        • by RR (64484)

          ... the wiki is outdated/inaccurate/contradictory (often on the same page) ... I was exploring DDWRT at one point and that documentation said OpenWRT packages will work with DDWRT. ... * First I had to figure out my router would only run with the bleeding edge daily builds. Then I was trying to setup using local storage on router's USB port(s) then I was trying to get tftp-hpa configured, then I was trying to make the local storage/tftp daemon start/stop with a button press.

          Even if you could install OpenWRT packages in DD-WRT, I find OpenWRT to be more flexible because it leaves more storage space free. Seriously, I find no need for 3 hotspot daemons, 2 DynDNS clients and 6 different VPNs in my router.

          But I'm strange. I started using Linux for routers back before WiFi routers were invented. I'm comfortable with downloading the source and using Kconfig to remove unnecessary features, such as the GUI and the web server, so I could have space for stuff that matters to me. (IPv6 a

    • by mrmeval (662166)

      Yea, sure so tell me does it work or doesn't it work? DD-WRT just works. When all this babble is clean out and it says "Supported withotu BS" I may try it.

      Installation

      The WHR-G54S runs a tftp server at 192.168.11.1 on the LAN interface during the boot process. OpenWrt should be installed via TFTP, follow the instructions in the HOWTO section.

      If the device has been installed with OpenWrt in the past, it is possible that (somehow) the tftp server address is set to 192.168.1.1 (mine was)

      In the past there have

  • by mysqlbytes (908737) on Saturday October 05, 2013 @01:21PM (#45045309) Homepage Journal
    I recently got a Microtik router running RouterOS, and I have to say I love it functionality at it's price point. Even supports BGP if you are that way inclined. My DSL was annoying me, so I turned it to bridged mode, and now the new router does everything else. NAT seems faster, with pings being 3ms quicker which I was astonished at. My other idea was an old desktop running linux, but I worked out the pricing for hardware vs electricity. And within a year (in Ireland) I am going to save money with the Microtik router. The router uses about 7W fully loaded, whereas my desktop would be churning 250 watts fully loaded... This is my one: http://routerboard.com/RB2011UAS-2HnD-IN [routerboard.com]
    • by auzy (680819)

      Not sure if it is a common issue, but I have an atheros wifi card in mine, and I always found routerOS to be terrible for Wifi performance (we were getting 2MB/s over Mikrotik in bridge mode on wifi, compared to a cheap TPLink which was giving us 12, and less dropouts). Sorry, I wouldn't recommend the Mikrotik for Wifi. The software is really cool though (and, it might be better for PTP than as an AP).

      And, I wouldn't recommend a computer either (its a maintenance nightmare at the end. Its really cool having

  • Fix possible? (Score:5, Insightful)

    by jones_supa (887896) on Saturday October 05, 2013 @01:21PM (#45045311)

    My wireless router just died.

    Well, can it be fixed? Maybe it's just a dead AC/DC transformer or blown cap.

    • Best post yet! if you want to be DIY - then put on your big boy pants and DIY. Kudos to jones_supa

  • Just get a router (Score:5, Insightful)

    by SQLGuru (980662) on Saturday October 05, 2013 @01:22PM (#45045319) Journal

    Using an old laptop as a router isn't the most efficient use of your resources (time, money, energy, etc.). Sure, it can be done......but a router can be had for around $20 that is probably as good or better (I'm assuming your old laptop is at least 5 years old and probably G at best). Spending more would get you a better router (and if you shop around, even open-source compatible), but if the goal is to go on the cheap (assumed because you want to reuse a laptop), I'd still get a stand-alone router.

    But if you insist on going that route, go with Linux and manual configuration. Then you can use the laptop for other things as well. Print server, web server, etc.

    But in the end, giving the laptop to a group such as this: http://www.interconnection.org/ [interconnection.org] is better use of the technology.

  • Don't use a netbook (Score:2, Informative)

    by Anonymous Coward

    It's a bad idea to use a netbook from the perspective of power consumption. Compared to a dedicated system (often ARM or MIPS), a netbook's going to suck up a lot of power that could be better put to other uses. I'd personally suggest getting a commercially-available router that's well-supported by OpenWRT [openwrt.org], such as a Netgear WNDR3800.

    If you must use this netbook, then your best options are probably OpenBSD or Debian (stable), depending on hardware support and what you're comfortable with.

  • by ezdiy (2717051) on Saturday October 05, 2013 @01:26PM (#45045353)
    OpenWRT on cheapo commodity hardware - personally I'm using TL-WR1043ND, 4x1gigE/300mbps 2.4ghz N, USB storage [newegg.com] is best bang for 50 bucks.

    The system is reasonably specced to run openvpn gateway for home network and serve USB drive miniNAS via smb.

    DD-WRT is basically GUI polish for people who don't wan't to delve into scary command line, but otherwise nowhere near as flexible as openwrt is.
    • by robot5x (1035276)

      +1 to this, except I'm using the gargoyle build on my tp-link.

      the features on it are amazing - I have a lodger who wants to use my whole data allowance in a single day. I set gargoyle to cap his usage at x GB per month, and once it's hit he gets 32kbps. I could have set it to kick him off the lan completely but I'm a nice guy.

      Not quite as nerdy as OP requested but cost $50 and damn it just works

    • Yes, I've used both DD-WRT and OpenWRT and agree the TL-WR1043ND is a great little device especially for the price. I've bought, configured an used quite a few. Occasionally you get a dud, but you will know pretty quickly and just RMA it to newegg or amazon.

      On the DD-WRT vs OpenWRT front, OpenWRT is definitely the more up-to-date option, but my biggest problem, with it is lack of QoS and bandwidth control out of the box. Sure, there are plenty of scripts and such available for this, but I'd like to get u
  • by TheGratefulNet (143330) on Saturday October 05, 2013 @01:28PM (#45045381)

    I'm using an atom cpu with several onboard intel gig-e ports.

    fanless and has been pretty reliable so far. my 50mbps cable connection stays up and the 'router' has not needed rebooting in the month or two that I've been using it so far.

    • DD-WRT is no walk in the park. It's difficult to find a stable version for newer hardware, if there even is a recent release considered stable. Examples: I bought a router that was supposed to be compatible, but it turned out that the only release available wasn't stable. I installed it anyway, but I later found out it wouldn't accept a manually entered IP (due to a javascript problem on the web GUI - resolved in a later release) which turned into a huge headache. On another release (different router),

    • by hawguy (1600213)

      I'm using an atom cpu with several onboard intel gig-e ports.

      fanless and has been pretty reliable so far. my 50mbps cable connection stays up and the 'router' has not needed rebooting in the month or two that I've been using it so far.

      I've been very happy with pfSense running on a PC Engines Alix2d13 [pcengines.ch] board. The board has 3 100mbit ethernet ports and 1 miniPCI slot for Wifi expansion, but I think there's limited driver support for 802.11n capable cards. I already had an Asus 802.11abgn wifi router, so I'm using that router for Wifi, and the pfSense box just as a firewall, VPN server, and a home webserver. I have dual WAN connections and use pfSense to failover from the primary connection (Comcast 50mbit) to the backup 3mbit DSL connecti

    • by iMouse (963104)

      I've been using pfSense for the last 3 years or so and really love it. pfSense just by itself isn't the best solution for Wi-Fi, but combined with APs or routers in bridged mode loaded with Tomato, DD-WRT, OpenWRT, etc, you can do a lot with it. Include managed switches with VLAN support, multiple NICs and you can nearly run an entire infrastructure off of it.

      The captive portal has been improved since 2.0 and received a lot more features with the recent 2.1 release. There is also support for plugins that

      • yeah, I usually do installs with both pfSense and OpenWRT, each doing what they do best. With VLAN capable switches, there are really many awesome topologies you can handle.

        I have to say that AP mode wasn't that good on 1.2.3 but everybody says it works well on 2.x and everything else does work well, so it's probably the only all-in-one solution for the OP that can do an all-GUI config.

  • Overkill? (Score:4, Informative)

    by kheldan (1460303) on Saturday October 05, 2013 @01:37PM (#45045455) Journal
    In my opinion: Unless you're planning on also running servers (web, FTP, mail, etc) on your new "router/access point", then it's complete overkill to use even a netbook for that. Additionally, you'd be potentially opening yourself up to a world of hurt since your netbook, being a general-purpose computing device at heart, is going to be more vulnerable to outside attack than a purpose-built router/gateway/wireless access point.
    • by fa2k (881632)

      Overkill isn't a problem in itself. It's not like the extra power is doing any harm.

      Additionally, you'd be potentially opening yourself up to a world of hurt since your netbook, being a general-purpose computing device at heart, is going to be more vulnerable to outside attack than a purpose-built router/gateway/wireless access point.

      How exactly? The software packages in the summary are specially designed for routing. It's not like the S/W becomes more vulnerable just by running on a faster CPU

      • by kheldan (1460303)

        How, exactly?

        I believe I addressed that already: Because it's a general-purpose computing device, and in spite of all the precautions you can take with it, it's still vulnerable to exploits that can take control of it and cause it to run an attacker's code. It being connected directly to the public Internet increases that threat.

        • by fa2k (881632)

          My point was that the routers you buy don't have the routing logic implemented in hardware -- it's just your standard ARM (or MIPS?) system on a chip, running BSD or linux and software like dnsmasq. Some routers may have more "embedded" style OSes than that, but with all the functionality they're putting into the new ones, I think many need an advanced OS. (The backbone and ISP routers have more custom hardware). While non-x86 systems are more secure for the same reason that non-Windows systems are more sec

  • Power consumption (Score:4, Informative)

    by pla (258480) on Saturday October 05, 2013 @01:38PM (#45045481) Journal
    Keep in mind that while a dedicated consumer-grade wifi router draws around 5W, a netbook will draw 20-25W (possibly more).

    Although that may not sound like much, a 24/7 load of 20W, at $0.15/KWH will cost you $2.16/month. You will break even vs just buying a low-end (Rosewill, etc) new router in about 10 months, or two years for a mid-consumer-grade LinkSys/DLink.

    Admittedly, your solution will give you just about the highest-end wireless router you can get (limited by the radio in your netbook, of course), theoretically supporting any networking feature available with Linux. In practice though, how often do you really need anything beyond WPA2, IPv4 routing with a basic "block everything except what I allow" firewall, and perhaps (if you use VPN a lot) IPSec support?
  • I use a build of Tomato [polarcloud.com] by Shibby [groov.pl] on my Asus "Black Knight" RT-N66U . It has tons of features and is easy to setup. You could also try some of the other Tomato builds.

    http://tomatousb.org/ [tomatousb.org]
    https://en.wikipedia.org/wiki/Tomato_(firmware) [wikipedia.org]
    • by BLKMGK (34057)

      I have one of the supported Asus with AC onboard. So far I've not felt the need to switch to Tomato although I've used it previously on a WRT54G. So far the features I've found have worked fine and the router hasn't disappointed. Can you tell me what new or different features you found in Tomato to warrant switching? I've already got a VPN solution, I don't need a NAS, this isn't a primary firewall for my network nor do I need to use any sort of dynamic DNS from it. Mostly so far it's just an AP, albeit one

  • I only buy hardware where OpenWRT can run. With USD 50.- you can buy a TP-Link box and get a great router later on.
  • by billakay (1607221) on Saturday October 05, 2013 @01:55PM (#45045603)
    Look at the CeroWRT project (http://www.bufferbloat.net/projects/cerowrt). They have a fork of OpenWRT that is kept up to date quite often, and includes a lot of fixes for bufferbloat issues. The firmware gives a very low latency experience with very little effort.
  • You could do worse than take a look at http://www.clearfoundation.com/ [clearfoundation.com] and the community edition of ClearOS.

    In my opinion it provides Cisco-like capability on any old PC you have lying around. That old PC almost certainly has more power and capability than any typical end-user-grade router in the $30 to $120 market.

    Disclaimer: I have no relationship with ClearFoundation except that of a user since 2003.

  • OP talks about FreeBSD and OpenBSD but not NetBSD, while it is as relevant as the other alternatives. Not better, nor worse, IMO: they are all capable.
  • My money is on OpenBSD [openbsd.org] for projects like this. You get very compact base system that still has all the stuff you need in there for a project like this. And even my old PF tutorial [home.nuug.no] has enough info to get you up and running.

    But with the man pages and the OpenBSD FAQ [openbsd.org] you really have all the information you need at your fingertips.
    • The BSD's pf (or packet filter) is the best stateful packet inspection-style firewall, bar none. I'll go to my grave knowing this; but it is difficult to master the many configuration options. Luckily there are lots configuration examples and I like its flat, one config file style of doing it, like most BSD utils. If you really want to use BSD as your firewall software I would grab the latest rel. of OpenBSD, fire up pf, and play with it for a bit, see if it might work for you. On the other hand, after year
  • by fa2k (881632) <pmbjornstadNO@SPAMgmail.com> on Saturday October 05, 2013 @02:26PM (#45045893)

    Many people say to get a router instead because of power consumption, wireless signal strength and stability.

    You have to work out the power use yourself (some figures have already been posted by pla). Keep in mind though that a laptop using 20 W also provides 20 W of heating. If you're in a hot climate, you may lose twice by having to run the AC harder. If in a cold climate, with electric (resistive) heating, the 20 W may essentially be free most of the year. Also, if you can eliminate other devices (like a VPN gateway) with the laptop, that could be a win. On the other hand, if you need wired network it seems you can't even get away with an extra switch, as the laptop doesn't have enough ports -- here the dedicated ones clearly win.

    The wireless signal can be tested. If you can boot a live-cd you could set up host AP mode and test speed by transferring data and latency with ping.

    The stability is hard to gauge. Both netbooks and consumer routers can be quite bad. I ran a Dell Insiron 1501 as a router for a few years and didn't have any problems (except a ExpressCard NIC, which was later replaced).

    I wouldnt' go for the laptop due to not having wired network, but otherwise I would definitely pick it. It's great for hosting small DIY services like a webcam. I wouldn't host internal-only services beyond those typically hosted on routers, for security reasons (e.g. if the webserver first binds to the local interface, then after an update binds to both interfaces).

    • by fa2k (881632)

      I ran a Dell Insiron 1501 as a router for a few years and didn't have any problems (except a ExpressCard NIC, which was later replaced).

      So I can actually reply to your real question, sorry I forgot about that:

      -- On the Dell I used Fedora. Not recommended. Too many updates and the configuration system is constantly in flux. Apart from that, it did the job perfectly.

      -- OpenWRT. Seems good, has its own package manager. I used it on a TP-Link access point to provide advanced network services including an IPv6 tunnel. It was not stable on the TP-Link, so I don't have much experience (would become unresponsive after about ~ 1 week). Seems like th

  • So far the comments are advising that you replace your router with another stand-alone router that car run open firmware, and I agree. But the calculation is different if you want to run an always-available hard disk on your network. You see, consumer routers sometimes have a USB port, but the bandwidth of the USB connection is so atrocious that it's almost unusable. You'd be lucky if you had access to 1/10 of the theoretical USB2 bandwidth. This is where homebrew routers excel. Any normal-ish motherboard -
  • by nurb432 (527695) on Saturday October 05, 2013 @02:50PM (#45046063) Homepage Journal

    Hands down the best choice for commodity hardware where you it it to 'just work' once its setup.

  • there are several reasons why i outsource my wireless to a dedicated piece of off-the-shelf hardware that connects to a linux router. pci and USB cards have poor support and arent really suited for the task. for example:

    open source ralink 802.11g chipsets in TPLink and other wireless cards have a sleep mode bug that causes the access point to disappear when using hostapd in the 3.10 kernel..its been a bug for quite a while. the AP cannot be recovered until the cards module is reloaded. in some cases, thi

  • PFsense is really at a professional level since 2.0 was released. I've had it on a little box with a Zotac AMD mobo with a 2 port Intel NIC for a couple of years and it's really fantastic. The GUI gives you access to all the knobs you need and the concept of converting all unix config files to one giant XML bundle really works for an embedded router platform. I've got a pretty complex setup & I'm pretty sure I could install & restore the whole thing & its half-dozen packages to a new box in le

  • by nuckfuts (690967) on Saturday October 05, 2013 @04:34PM (#45046729)

    I pay for 2 static IP addresses from my ISP, but using OpenBSD I can actually use 4. Here's how it works:

    1. * DSL router is in bridge mode. (Routing and NAT are handled by my OpenBSD box)
    2. * My ISP assigns me a /30 subnet. Normally this would mean only 2 "useable" IP addresses because 1 would be used for the default gateway and 1 for the broadcast address. Instead, all 4 IP addresses are added as aliases to the PPPoE interface.
    3. * NAT is performed using pf. (In my case, I have multiple internal LAN's, each one NAT'd to a different external address).

    OpenBSD with pf makes a fantastic router/firewall. I'm sure the same thing can be done with other OS's, I just happen to find pf to be very good. OpenBSD's documentation is also great.

  • Have a look at m0n0wall. It's based on FreeBSD and is configured using a PHP web GUI to configure the NICs and firewall.

    Back in the day I used is as a wireless access point running on a Pentium 1 system with 48 MB RAM, booting off a 16MB compact flash card.

      http://m0n0.ch/wall/ [m0n0.ch]

  • OpenWRT on AR716X hardware is the best in the tree right now.

    I have WDR TP Link 4300 using the latest GIT.

    Quite excellent, and using the latest 3.8 driver tree for Atheros Wireless and you get really good throughput.

    I imagine when Kernel 3.12 comes online, it will be pretty fantastic.
    The 4300 routers have been a mainstay at my house, pushing High Def video and Video gaming for about 6 computers and 4 tablets, 4 phones.

    The detachable antennas allow reallly good reception improvements as the key to good wirel

  • Running on an old Athlon X2 4200+/4GB/320GB, based on Redhat

    Kinda overkill, but I'm running a caching server, bandwidth shaping, mail server with antispam, dual wan, VPN, along with other goodies. Beats *any* off the shelf router. Besides, it won't kill itself for unknown reasons in two years...

    Not sure about all packages being 100% open source though...

    http://en.wikipedia.org/wiki/ClearOS [wikipedia.org]

COBOL is for morons. -- E.W. Dijkstra

Working...