Hi, After I have been playing with Linux for uni work (Thank you to everyone who has helped me) I feel like challenging myself to build a custom router using linux over the summer. Anyone have any suggestions on which Distro to use, and any specifics I should include (beside 2 Nics ) DT.
I used to have a home rolled adsl modem router. I used a Soekris 4801 and a sangoma s518 adsl card with intel mini pci wifi g of which I forgot model, running vyatta distro. It was really nice and solid but I out grew it when higher dsl speeds were made available. I would recommend looking in used market for such sbc like Soekris or Alix as they are much more efficient to run for such things than regular desktop oriented parts. I recently got one MSI LX800 itx board to use for making something like it again with gig-e but I got lazy and just bought a nice off the shelf modem router gigabit, wifi n with voip and usb sharing capability since it is hard to find the adsl2+ cards with capability for higher speeds for not insane costs.
You can't go wrong with IPCop. It is extremely powerful and completely secure. I wouldn't call it exactly easy to use, but there is plenty of documentation about each and every feature.
I'm on cable and this will be for routing a second segment within my existing network so I only need ethernet connections
Ok, then maybe if you can't find good price on sbc, maybe one of the Via ITX with 2x lan then use a switch. Probably cheap solution and you can keep a low power requirement still with something quiet and without any moving parts if can get model with onboard CF slot, or failing that use IDE to CF. There are a few decent networking oriented distro. I liked vyatta best, but also played around with ipcop, x86 ddwrt, zeroshell, leaf, untangle, clear. They each have their quirks and cons.
Software: pfsense - bsd based, quite popular in enterprise segment openwrt - - very modular, small memory footprint ddwrt - only good if all functionality you require is built-in, otherwise it becomes a mess very quickly hardware: I would stay away from Realtek or any other low budget NICs. if budget allows it - intel dq77mk MB (vt-d support, intel nics). if you want something low power - intel atom D2500CCE MB (dual intel nics). if you don't need gigabit NAT - pc with single NIC (like intel nuc) + managed switch. Or you could always run everything in VM environment on you main PC.
I'd second ipcop. I ran it for a couple of years on a salvaged P166 and it was great. the hassle of configuring it paid off when i came to setting up some of the more advanced stuff in Tomato on a WRT (after trying ddwrt and openwrt). If you happen to have a physical 24/7 machine already with multiple NICs (a long shot i admit) you should be able to run ipcop in a VM to try it out.
I quite like PFSense. BSD based, but similar type of system. I wouldn't recommend Smoothwall, though, seems to be a nightmare to keep running (Although could be a config issue I never got to the bottom of..) - I switched our system at work from that to PFSense. I think my uncle runs IPCop, or at least did, but it's been a while since I've used his network, so I can't say whether he still does. If he does, then that's an easy three years that it's been running.
+1 for pfsense I have great experience using it. The hardware is playing very important role on project.
Are they still going? I used them for many years with my DX2 and then P90. From my memory it was easy to set up and use.
yeah they're still going. less activity i think, but i think they've got their features down so there's not a lot to add. if you can be bothered learning all the ins and outs it's incredibly capable and relatively scalable, but it'll always be for the niche of people who can't make do with either an out of the box router, or one that uses a custom firmware like tomato, dd/open-wrt etc. Once you get into the enterprise space where you might want to use a larger subset of it's features you're probably in the territory to get brand built/supported kit from someone. As a learning exercise i found it really useful; i couldn't tell you which bits, but a reasonable part of my background knowledge of networking/routing comes from setting up and using ipcop.
got say smoothwall is very very nice, I got into it a while back during a UEFI rootkit virus headache I was resolving and wanted a secure web access.
I had a play with the sophos home router that was some fun went out and bought a router for what i needed, will be playing with some of these open source routers later
Nope, plus the fact that it's closed source makes my skin crawl. If it's free make it open, if its not free what are you hiding? Or have them disabled important features making you want to upgrade to the non free one.
My advise would be to go with either m0n0wall or pfsense. If you are on DSL then try looking to get hold of a Draytek Vigor 120 Ethernet Modem (I have one hooked up to my firewall at home) to do true PPPoE connectivity from the router and ADSL modem for your WAN. Thewy are a little expensive but rock solid. My line was estimated to get 20meg with TalkTalk and I'm getting about 22/23meg which is good. In my last place the same modem got 21meg when TalkTalk estimated 12 to 18 meg.