There 's been a lot of discussion about networks, routing, and using an old PC as a router

[G+_Ben Reese]

There's been a lot of discussion about networks, routing, and using an old PC as a router. At what point is it less profitable to build your own PC based router than to purchase a good router from someone like Cisco? For example, I presume another solution for the issue addressed on the last episode would be to build your own router with a PC and a few NIC cards since you'll have plenty of memory space for more IP addresses. Would an old Core 2 Duo be able to handle the traffic from 500+ devices?

[G+_Travis Hershberger]

The answer is..... "It depends."

 

For JUST routing, then a core2duo would handle a lot more than just 500 devices.  If you want to actually enable security features it would probably fall over kinda quick.  I use ClearOS at work, but we only have 15-20 devices connected at a time (VM with a single cpu, 2GB RAM, 40GB HD and 2 physical nics assigned.)  It's got every single security thing running that I can throw at it, and it does ok.  Wouldn't want to run all of that on a single box or VM with more than 50 clients or 100mbit internet connection tho.

[G+_Adam EL-Idrissi]

I agree with travis, it depends. I don't have business needs experience but for home use I prefer building. Not only do I like to get hands on but my pfsense box is way better than my Asus router minus the fact it doesn't have wireless. I know that's like comparing a pinto to a Lamborghini. I think it would also depend on what you're familiar with, the budget and support. With building your own router,depending on what you choose, the support is a forum.buying a brand name device,you can call someone and they should be able to help out. Some router os have paid support like pfsense or clear and some don't.

[G+_Eddie Foy]

The pros of having a PC do it, is it can do some other tasks too.  The big con, for me, is that it is like using 20lb sledge hammer to drive a brad nail. also with a desktop OS too many points of failures and vulns.

[G+_Ben Reese]

Where does power consumption and cost of running play into the decision? A small consumer router will likely cost a lot less to power than almost any desktop PC. Is that ever a concern or us the added benefit from the PC router worth the higher power bill?

[G+_Travis Hershberger]

Ben Reeves For home use a computer based system is overkill, and will use more power for sure.  For a 500+ seat infrastructure however, you're going to need even more cpu/memory than most old workstations can muster.  At that point you're probably wanting a purpose made piece of hardware, assuming you have the budget for one.

 

Of course the repurposed PC will be able to do so much more than any cheap router they're barely comparable.

 

So, if you want decent security, the PC as a router is the way to go, imo.

[G+_610GARAGE]

For a point of reference, my atom cpu on board micro atx board as a pfsense box; running on 220V, is pulling 32 watts (which includes the cable modem). My dell, 24 port switch is pulling 31 watts. This computer would probably strain under 500 internet active computers, but it works great for a small office. 

[G+_Stede Bonnett]

Ben Reese Like 610bob I run an Atom pfSense box (35W with 10W for cable modem) at home. I had a Core2 system before it (an old desktop) but I was 50W-65W even with optimizations.

Examples: -5W for removing a stick of RAM, -5W for switching from 3.5" to 2.5" drive, -7W by upgrading to a new 80+ rated PSU (old one likely had leaking caps), +10W for adding in a 2nd PCIe Gigabit NIC (eek).

To build the small dedicated Atom box with dual on board NIC's I waited for some sales, used spare RAM, and spent <$150 including a small SSD. In power it saves maybe $20/year, but it's smaller, silent, and has proven to be quite reliable.

At work I have an old rack-mount quad-core box (used to run ESXi) with 16GB RAM and 4 Gig NICs and a bunch of virtual interfaces handling 100's of devices (including rules-based routing between management, guest, and production networks) with some selective content filtering as well and it's got plenty of headroom.

[G+_Stephen Hart]

If you use electric heat, you will not pay any extra during months that you were heating your house anyway. A computer is just an electrical heater that happens to process bits before all the energy becomes heat.

[G+_Ben Reese]

Some heaters are more efficient than others though.

[G+_Ben Reese]

Thanks for all the feedback! It sounds like pfSense is probably the software router to go with? Travis said he uses ClearOS on a VM... Are there any other good options - especially with firewall or cloud services built in.

[G+_610GARAGE]

Ben Reese  Technically speaking, electric heaters are %100 efficient. No power is lost in the generation of heat.

 

Stephen Hart A computer is not just an electric heater. Work is being done. Changing silicon from an insulator to a conductor is not a free process. Not to mention that the motors spinning the hard drives and fans are producing work and heat. It also doesn't make sense to justify a computer's energy bill because you can use the heat. In the summer, you will have to cool the computer down, which will be more costly than anything you saved with your heat bill. I hope I don't sound like a jerk, but I work in the heating and air conditioning field, and this stuff is kinda drives me nuts. :)

 

Since I completely went off the rails, I feel the need to bring myself back onto topic and suggest this wikipedia article. It has a list of many router/firewall os'.

 

http://en.wikipedia.org/wiki/List_of_router_and_firewall_distributions

[G+_Stephen Hart]

I didn't say it only produces heat. It's that all the energy to run motors, change silicon, etc eventually becomes heat. I have to heat my apt for 8 months of the year 24 hours/day so it is free to run many computers in that time. I only need to run an air conditioner a few hours a week in the summer, so it doesn't cancel out the winter.

 

A lot of families could lower their stress level if they didn't nag their spouses and children about leaving lights and computers on in the cold months when it doesn't reduce their electricity costs at all.

[G+_Travis Hershberger]

Ben Reese While I use a software based router in a VM, properly securing it takes a number of extra steps.  Like setting rules in the host so that the two networks aren't allowed to talk to each other.  It is a great bit of experience and something to brag about once you get it done.

[G+_Dallam Oliver-Lee]

Ben Reese Fr. Robert Ballecer, SJ Bryan Burnett I have my own used Watchguard Firebox x750e off of eBay for $50. My internet connection is 60M down and 5M down. No BIOS flashing required on this model. It uses only 50watts of power and runs a 1.4Ghz Intel Xeon. I upgraded the RAM from 256MB to 512MB and swaped in a 2GB CompactFlash. I have been running pfSense for over a year it's been wonderful. Here is where i started: https://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox

[G+_Ben Reese]

Thanks for the advice on the show. I look forward to your pfSense build. I don't know why I didn't think to check the pfSense website for machine requirements. Unfortunately, my newest desktop isn't even Core2Duo, so I doubt I'll be doing this build anytime soon ?

 

For now, I'm pretty happy with DD-WRT on my Linksys, but this is something that I want to look into more in the future.