Date: Sat, 14 Jun 2014 07:51:50 -0400 From: Chris Nehren <cnehren+freebsd-stable@pobox.com> To: freebsd-stable@freebsd.org Subject: Re: Suggestions for low-power gigE firewall? Message-ID: <20140614115150.GB61092@behemoth> In-Reply-To: <CAFqOu6gbt=ipJusR3=xvoUBsPm%2B6WecuqDk1tLV7hRzaxiKQmg@mail.gmail.com> References: <20140613121732.GA61092@behemoth> <CAFqOu6gbt=ipJusR3=xvoUBsPm%2B6WecuqDk1tLV7hRzaxiKQmg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--+pHx0qQiF2pBVqBT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jun 13, 2014 at 21:06:01 -0700, Artem Belevich wrote: > On Fri, Jun 13, 2014 at 5:17 AM, Chris Nehren > <cnehren+freebsd-stable@pobox.com> wrote: > > Speaking of Soekris elsethread, I'm presently interested in > > picking up a small device to use as a router + firewall for my > > home network. I initially looked at what Soekris has to offer, > > of course, but they only have 4xgigE products (the net650x line). > > I don't need that many ports, but they don't offer anything that > > has just 2xgigE. I'd like something smaller than the net650x > > line[0], preferably similarly low power. > > > > The box will run pf, some form of local name resolution for the > > network, a RADIUS server for my wifi AP, and openvpn. It'd be > > helpful if the NICs and drivers support VLANs. > > > > Any suggestions? >=20 > ALIX apu1c may be an alternative: > http://www.pcengines.ch/apu.htm >=20 > The board is a bit cheaper - $145/$160, according to > http://www.pcengines.ch/order1.php?c=3D4 > The downside is that it's got Realtek RTL8111E NICs. I was initially concerned that the RTL8111E was in the same family as the dreaded 8139 (see the source for if_rl(4) for why I had apprehensions). However, I see that it's supported by the separate if_re(4), which is more comforting. While generally I'm trying to stick to server / workstation hardware, I realize I may need to compromise on that here to get what I want.=20 The APU definitely seems like what I will want to pick up, assuming I don't go with a used Juniper or something similar. Thank you, Artem and Kurt, for the information. > Or you can try Ubiquiti EdgeRouter Lite -- > http://www.ubnt.com/edgemax#edge-router-lite > The downside is that it's not a Tier-1 platform (mips). The hardware > under the hood is capable of a lot more than you could achieve on any > other box at that price point. If you can live with stock software or > willing to deal with rough edges of a new platform, this may work, > too. Hmm. I know that, by definition, I'm getting myself into some amount of work with setting up all the services I want. I'm more than a little wary, however, of having the network I need to pay the bills (I work from home) depending on a tier 3 (unsupported) architecture. If it was tier 2 I might experiment with it, but tier 3 is out of the question for my needs. Thanks for the pointer, though. --=20 Chris Nehren --+pHx0qQiF2pBVqBT Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJbBAABAgBFBQJTnDdWPhSAAAAAABUAIHBrYS1hZGRyZXNzQGdudXBnLm9yZ2Nu ZWhyZW4rZnJlZWJzZC1zdGFibGVAcG9ib3guY29tAAoJEBHA+GJAM0vPiAQP/AgT LkUIu+mRvxMcTJXZWg6E9IW0CpxyXAxeeyw2IGgR70K502DnBAORNSiPED4AKYQz fL5DIMpLaXh0PwyQPwEFJJ1RXiNJJBEYwTotq8g3j+nncIkw//PaZmGObjbH5Lp7 Ayx6Io//HAwVRWK68oKPdE1KQzUu94bMjGuFL5xWxPhLmIb3u7vOzcax/jaKO9fU acrpRjWET9w02mcbZvdmdY9vr2Fgsok9hhSOmejXRAdkOGFO5Dp8fBBcVfybzs5C gbNKTgzikEOgAyHzf9SzXU1Ffghra5gHkhYJzXw8Tz//zY/L0cOkiPM/Gg26c0/M ZziAx5eli5CHyYdyGB45yITrcRgs3lReh1qwKLzNif2M53Isu6+Pz2sD6dTyUL1B bXElkTUl8CpvcRfW4HgeIZYSCVUSkprOmoYl/jInuwx18OejX1OnZ0BxoAuZOlRW qeJTmb2i0ohb6K89O6AEUFn+uADLxr421O0+poZ8f6Kv3DWuQupI5Z4q61RVrE+h WBpOgLZ6buKbRECSRBfJtjzd37Nyl3pRf733pBRON2WQnowwyYsZ7AbNO8awsrVX MDb3xxwg1CpW4923fxgkBeacm9UtL+NqwhE7ItVOTLBO//8gQXrhFTX+iyVB2TiI Qw02dKuedHZ/6G6+IdUqg9G4CRieFe3vNqIZAaHq =jCv/ -----END PGP SIGNATURE----- --+pHx0qQiF2pBVqBT--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140614115150.GB61092>