I just moved into a new apartment with a 2GbE fiber internet connection, so I would like to build a router that can actually take advantage of the speeds I’m paying for.
I am thinking of building something like the son of the forbidden router. Ideally I would like to use a W680 motherboard and a 12400k, like Wendell in the video, but the availability of W680 mother boards being what it is, I don’t think that’s gonna be possible.
Use Case
virtualized with XCPng or proxmox
PFSense
pihole
Grafana + Prometheus + Loki
Misc. docker containers (excalidraw, some personal projects)
Right now my home lab consists of a 2006 iMac running gentoo (because I think it hilarious to have to compile everything on that old hardware), a thinkpad with a broken screen running fedora, and a raspberry pi running pi hole. I’m beginning to upgrade, and the forbidden router seems like it might be a good place to start.
Plan
B660 motherboard, must have 2.5GbE Intel nic
12400 CPU
32G RAM
4port Intel i225 nic expansion card
2 nvme ssds raid1 for all the storage
So for my use case, does this seem like an alright plan? Will the lack of ECC memory be a problem? Are there alternative options I should consider?
Kinda in a similar boat as you when it comes to the faster than 1Gigabit internet, but in my case it’s 1.5. I tried pfsense and opnsense under proxmox and it was okish, but also kinda a pain in the ass when something goes wrong.
My honest opinion, unless you are planning to do deep packet inspections of the traffic and some complicated firewalling just go with either the of the off the shelf routers or one of those NUCs that have 2.5 or 10 gigabit ports on them for the native pfsense install.
A lot of the modern routers have hardware features that enable full use of 1+ gigabit of WAN without destroying router’s CPU.
I dunno in my opinion it’s just easier to have a dedicated hardware for a router. The rest of the stuff you can run on your server behind the router’s firewall. If you ever have to do maintenance on your hypervisor it will also leave you without your router, without lan and without internet connection.
ECC is a nice to have, but no more essential than what you use it for. It’s not like your router is going to explode because it detected non-ECC memory, though you may have to reboot it now and then from small memory errors creeping in over time. ECC could help maintain longer uptime, but I think with 32GB it shouldn’t be that big of a deal.
Are you sure that the forbidden router makes sense for you, though? Is there something you’re really using that fast fiber connection for, where gigabit just won’t handle it? Do the features of the forbidden router matter more than the security compromises it might come with?
I think it’s something worth considering very carefully whether or not you need that, over something else, like a spiffy new dextop or telly-vision.
IMO it is easier to have your router and pihole stuff on separate devices if you want to keep the wife/family factor high. It makes it worse if someone needs to work from home so their uptime during work hours is paramount.
I would suggest having a lower power dedicated pc/device for your router and another beefier one for your docker/s/VM stuff (pihole docker can live there as well).
Of course power draw might be a tad higher depending on your router device you choose but in reality you can get this down to something reasonable. (I am running a ryzen 2200G on my gigabit connection, but could go even lower (its just what I had laying around for a rebuild from a power hungry optiplex box).
There are others that have all in one style boxes and have a great time… It’s just in my experience it was more pain than it was worth when issues would arise such that ensuring my router was rock solid no matter the local tinkering I was doing.
If it is just you, just play with it, no problem. If other non-highly technical people are involved in your household, better to make things simpler for them to troubleshoot if things go wrong.
Okay, I did not consider that memory errors might necessitate occasional reboots. If I were to build this, I want it to be a stable appliance. Pretty much set and forget. From the other replies in this thread it seems like using a standalone router might be the better path to take them.
Well then, follow up question, you guys have a recommended routers with at least 3 2.5GbE ports? Preferably from a vendor who will provide firmware updates for a while. I’ve seen Serve the Home’s videos on some cheap 4x2.5GbE routers off aliexpress, but I don’t trust those long term. I’d rather spend more money up front for a product from a reputable vendor.
If you’re willing to spend more up front, why not get something like a low-end xeon from a generation or two ago, and a few 2.5gbe nics and some ECC memory?
I would think even a DDR3 platform should handle 2.5gbe routing, and if you get a 2.5gbe dumb-switch, that should give you enough connectivity, performance, and shouldn’t cost too much.
I could be wrong, mind, but I feel like this would be fine, as long as you aren’t asking too much of your router.