Decided to start looking into setting up a pfsense or somesuch box after realizing my old tplink is slower than my internet is.
Was looking at some of the n100 boxes from aliexpress as they are low power and come with 2.5gb but I am new to the whole software router thing so wasn’t sure if those are a good fit.
I would look into the OpenWRT Project and maybe install the X86 image of the OpenWRT project on a Protectli. I find OpenWRT easier to understand and use than Pfsense. I have OpenWRT installed on an old, compatible consumer router for testing purposes only.
Odroid H4 + their 4-port network card, done?
OpenWrt is far from a good option on any type of recent hardware unless you know your way around the build system, patches and compiling. There’s also no optimization at all enabled on x86 for compatibility and size reasons.
That protectli thing looks attractive at first but not rackmount and has an external power brick, both are dealbreakers for me. Plus it’s kind of pricey for what it is.
I’m happy with my Mikrotik:
The only downside is that the two 40x28 fans go absolutely berserk (14,000 RPM) when a 3W+ 10GbE SFP module reaches 60°C. It’s normal operating temperature but there’s no way to tell the Mikrotik that, and the fans are unbearable at that point. However, if you stick with fiber or DAC (or lower-speed Ethernet) then it’s something you could have in your room. It’s really a solid product and affordable.
The allure of pfSense protectli is that it has support for coreboot firmware.
Mikrotik is cool too as it uses a lot of Linux and OpenSource and exposes powerful settings usually reserved for enterprise use cases but it is far too technical for me, at least then I looked into their wireless AP.
Or get some refurbished HP ProDesk/EliteDesk SFF G5 from Ebay (~€170) and put one or two 2.5 GbE cards in it. (Single port i225-V seems to go for ~€25 new and fit into a single-lane PCIe slot of which there are two in those SFF G5’s. And you’d still have the two physical x16 slots unused!)
The G5 in this link reportedly idles at 6-8 W! Not passively cooled though so might need fan change in a few years…
I haven’t used these myself but this is what I would get if I needed a new router today.
Edit:
Compare to the €373 Protectli FW4C:
CPU: i3-9100 single core rating: 2482, vs J3710: 709 (both 4 cores, but G5 can easily be found with i5-9500 for a bit more money if needed).
RAM: Protectli 8 GiB DDR3 SO-DIMM; G5 16 GiB DDR4 DIMMs (2 channels)
Storage: Protectli 120 GB mSATA; G5 512 GB NVMe.
Yeah, I had an engineer working for 2 weeks straight figuring out how to enable network authentication interfacing with Kerberos and NTLM 2 while keeping the certs on the DC.
He got it done, even works over WiFi, my God is it alot of steps though.
Man I am learning a lot going through these options you all have brought up, never knew about a lot of them - the protectcli Is interesting one and done, that microtik is cool as I did just recently add two sfp+ switches to get wired from one end of the house to the other downside is not sure how easy to adapt the modem to it would be as it is eth only.
Didn’t even consider a sbc as an option - that odroid would work and the h4+ would have the minimum two connections i would need for my setup without having to buy the add on card my god getting analysis paralysis here lol
I use a Dell tiny 8500t based mini pc and put a m.2 to Ethernet port in it for the second nic.
It replaced a more power hungry dell optiplex box.
I have run these home-brew repurposed pc for years… I ran pfsense up until the wire guard drama and switched over to opnsense… I have had a carefree experience mostly since (usually issues caused by me breaking or getting to adventurous)