I need a router, should I build it myself or buy just buy one?
It needs to be pfSense
It needs to support at least 100Mbps download/50Mbps upload internet connection, preferably even more for future proof.
I need 4 ethernet cable slots: desktop PC, laptop, Xbone and smart TV.
I imagine using VPN with it requires some more power so I'm throwing this here: I'm gonna use PIA VPN with it.
I really don't know how much power it needs to have but my budget is 300€ max. though I can imagine it doesn't need to cost nearly that much, dunno. Also if it costs just a tiny amount more to have something like ECC memory, I'll take it, I want it to be as stable and reliable as possible.
I hope this is all the info needed, feel free to ask if you need to know something else.
If your going to be going PfSense, do know that PfSense will eventually be requiring a cpu that supports AES-NI with version 2.5. That's a while off, but its good to know so that your not buying hardware that eventually will require a replacement with a PfSense update.
With that in mind, you can do something like this:
Its complete overkill in the cpu department for a 100/50, but it gives you a lot of headroom to support higher future speeds or a ton of packages. The motherboard provides two very nice Intel ethernet ports, as well as an Intel wireless card. That allows you to do a standard network plus wireless all on one box. Nice. You also have a full 16x pcie lane to throw in another ethernet card for whatever you desire. You could grab something like an Intel Pro/1000PT quad port off of ebay, if you want to build out a more complicated and robust network.
Usually, you'd just have one ethernet out of your router which you would feed into an ethernet switch, which will offer more ports and expand-ability. That would be something like this:
When you buy an off-the-shelf "router" from a store, its actually a combination of a couple things. Those units combine a switch, an access point (which provides Wi-Fi), and the "router" functionality of handling the firewall and DHCP server functions.
There aren't too many turn-key pfSense appliances available, except from firms such as Netgate and they're right proud of their hardware. pfSense just doesn't require a lot of CPU horsepower, or RAM, therefore, the best option from both a cost and performance perspective is to use a 5-6 year-old second-hand PC. Performance, you say? Sure, an old Sandybridge i5 CPU will run circles around any of the modern SOCs found in the "official" pfSense appliances. If you already have a suitable PC collecting dust in a closet, at most you'll probably only have to spend some money on a couple of Intel PCIe NICs to complete your hardware package.
The only reason I have any objection to this is that PfSense version 2.5 is going to require AES-NI on the cpu, and older junk desktops that would otherwise be suitable may not support AES-NI. If he has any old computers lying around that don't support AES-Ni, then could use an older desktop until 2.5 comes out, but at that time he would need to get some new. But if he does have something with AES-NI support, then I second your recommendation.
The first response to the OP already mentioned the coming importance of AES-NI. While I don't use it for pfSense, as it happens I have an old Sandybridge i5 that does have AES-NI support, which is why I specifically mentioned it and not its Pentium, or i3 cousins from that era. IIRC, even AMD Bulldozer machines have the necessary support. You can get off-lease business machines from that era for not much more than the price of a couple of NICs, if you don't already happen to have one and they are ridiculously overpowered for the task at hand.
I do agree with you, though. If someone is inclined to build a new machine from scratch (or spend significant money on a used machine), they should definitely verify the capabilities of the CPU. They need only type the CPU p/n into DuckDuckGo and an Intel datasheet will magically pop up with all of the important details.
Hmm.. Do I really need that motherboard? It costs too much in my country and Amazon.de doesn't ship that mobo to my country. I was thinking maybe this mobo: AsRock H270M Pro4, mATX?
If you got that motherboard you'd need to get an add-in pcie intel gigabit networking card as well as an mATX case to accommodate. A pcie networking card would be one like this:
Thanks! I have a ATX case already, also I'm using exactly that same network card on my current PC. Though I'm now considering the first mobo you suggested because it would cost pretty much the same if I got the second mobo and that network card.
