New home firewall / router

router1I have been having some performance issues with my home firewall.  Last year I upgraded my networking to use a Cisco e3000 running tomato firmware.  This configuration worked well when I paired it with an airport extreme to be the dedicated wireless access point.   I had moved to a dedicated wireless AP as we added more wireless devices in the house.  This also allowed for my wireless repeater/bridge in the office to have better connections.

Previously in 2009 I had used just a netgear router with DDWRT. This was quickly overpowered by the number of connections I have in my home.    I did a quick inventory yesterday to see what the kind of numbers were were talking about.  There are about 16 devices using my wireless:

  • 2 Nintendo DS
  • 2 tablets (ipad, etc..)
  • 3 iPhones
  • Tivo
  • Windows Media center
  • 2 wireless cameras
  • wireless printer
  • 3 Laptops
  • Wii

To help with this issue I decided to build a more robust firewall router.  This would allow me to shape traffic better and add some QOS rules.  I tried a few versions of firewalls.

My original intent was to build a low power dedicated server for routing and firewall.  I chose an atom processer mini-itx board.  I’ll share the hardware info in another post.   I thought for sure that I was going to use smoothwall. I had some experience with it in the past.  router2Unfortunately I decided against it in the end.  I gave each a shot to be in stalled.  Overall, the untangled had the easiest install but I really never got it working.  It could have been that I configured the system behind my existing network, but I did not have a good experience once it was setup.

As I said earlier I had intended to use smoothwall.  The install did not go well initially.  I did not have a CD-ROM on my new system, so I tried to do a usb boot.   smoothwall somehow did not install properly.   I ended up getting a usb Cd-rom to do the install only to find out that one of the nic cards was not recognized.   I decided after that to give monowall a shot.   I got half-way through the monowall install and my Cd-Rom failed.   I was frustrated enough that I just decided to throw another package on it to try. 

I installed pfsense and have not looked back. It is a BSD based application and has been working perfectly.   I added a few packages to the system.  Ntop – to monitor bandwidth and systems.  SQUID proxy for proxying and tracking all web usage.

Overall, the usage of opendns and the proxy has significantly increased web performance at our house.

