DIY router



  • I'm looking into doing a DIY router. Been seeing many posts advocating having a pfSense router running 24/7. I intend to have my PC turned off (and disconnected from the internet) when not in use, so why keep the router running? Probably a dum question, but I've not been able to find an answer from Google, so….



  • @Demnos:

    I'm looking into doing a DIY router. Been seeing many posts advocating having a pfSense router running 24/7. I intend to have my PC turned off (and disconnected from the internet) when not in use, so why keep the router running? Probably a dum question, but I've not been able to find an answer from Google, so….

    Do you have smartphones or other devices that may use WiFi and go out to the Internet?  That would be one reason to leave a pfSense box on all the time.  What are you using for time sources?  pfSense can act as a NTP server to devices on the LAN side of things; for best performance you want to leave it up and running so it can be accurate when your PC is up.  What would the WAN side of pfSense be connected to?  Something that is running all the time?  If that is serving addresses to the pfSense WAN, why make that keep thrashing?
    Powering on stuff is the most common time for something to fail.  With smart choices in the hardware, the idle power requirements aren't that great.



  • @Demnos:

    I'm looking into doing a DIY router. Been seeing many posts advocating having a pfSense router running 24/7. I intend to have my PC turned off (and disconnected from the internet) when not in use, so why keep the router running? Probably a dum question, but I've not been able to find an answer from Google, so….

    Are you turning off your current router every time you turn off your pc?

    If you don't have any other devices on your network I don't really see the point in building a pfsense router or using a router at all for that matter. Just set up a PPPOE connection directly from your pc to your modem.



  • Why turning on and on even the router or firewall? If this should be concerned to saving electric power
    it could be better to let run their a smaller device likes a SG-2220 unit from the pfSense store or another
    router with installed DD-WRT or OpenWRT on it. Also some ISPs are acepting or working well together
    with several AVM Fritz!Box models and they are using not much power. As todays connectivity is growing
    up with WiFi devices, NAS boxes and other things such as DLNA servers and home automation stuff it
    it more common to let this boxes at the WAN running 24/7.



  • Frequent power cycling of electronics shortens it's life.

    What is the expected duty cycle?  1 hr/day?, 1 hr/wk?,  1 hr/mo?, etc.?

    Depending on the duty cycle and the reason for disconnecting and powering off, it may be better to just disconnect and leave powered on.



  • Saving power is one of many reasons. Any device left running 24/7 will bite the dust sooner than one used only when needed, so longevity is another reason. Common sense would ask why leave a router running when the PC is turned off and 'airgapped"? I may be missing something, but I'm not seeing the reasoning behind leaving a router running when its not actually serving any purpose. As for using a SG-2220 instead, I would still need some good reason to not turn it off when the PC is shut down. As for DD-WRT, this requires a wireless router, which is anathema to tinhatters like me. Basically I'm just looking for a good reason to leave the router running 24/7, as a lot of research has failed to turn up anything.

    @BlueKobold:

    Why turning on and on even the router or firewall? If this should be concerned to saving electric power
    it could be better to let run their a smaller device likes a SG-2220 unit from the pfSense store or another
    router with installed DD-WRT or OpenWRT on it. Also some ISPs are acepting or working well together
    with several AVM Fritz!Box models and they are using not much power. As todays connectivity is growing
    up with WiFi devices, NAS boxes and other things such as DLNA servers and home automation stuff it
    it more common to let this boxes at the WAN running 24/7.



  • Sorry, way too paranoid to have anything wi-fi, bluetooth, ect. The DIY router will be sitting between the Sonic.net thingie (DSL modem?) and my PC. Other devices include UPS, two printers, scanner, keyboard, mouse, and monitor. Don't plan or leaving any of these running constantly…unless I can find a very good reason to do so.

    @mer:

    @Demnos:

    I'm looking into doing a DIY router. Been seeing many posts advocating having a pfSense router running 24/7. I intend to have my PC turned off (and disconnected from the internet) when not in use, so why keep the router running? Probably a dum question, but I've not been able to find an answer from Google, so….

    Do you have smartphones or other devices that may use WiFi and go out to the Internet?  That would be one reason to leave a pfSense box on all the time.  What are you using for time sources?  pfSense can act as a NTP server to devices on the LAN side of things; for best performance you want to leave it up and running so it can be accurate when your PC is up.  What would the WAN side of pfSense be connected to?  Something that is running all the time?  If that is serving addresses to the pfSense WAN, why make that keep thrashing?
    Powering on stuff is the most common time for something to fail.  With smart choices in the hardware, the idle power requirements aren't that great.



  • Don't have a current router. Just finished my custom build PC. It will not touch the internet until I have a router with NAT &SPI in place. Was going to buy a wired-only router til I saw this:
    https://www.wired.com/2013/09/nsa-router-hacking/
    That soured the idea of buying a name brand router, so now I will be going with DIY router using pfSense. The point is redundancy, in this case, use of both software and hardware firewalls for added security.

    @DutchSamurai:

    @Demnos:

    I'm looking into doing a DIY router. Been seeing many posts advocating having a pfSense router running 24/7. I intend to have my PC turned off (and disconnected from the internet) when not in use, so why keep the router running? Probably a dum question, but I've not been able to find an answer from Google, so….

    Are you turning off your current router every time you turn off your pc?

    If you don't have any other devices on your network I don't really see the point in building a pfsense router or using a router at all for that matter. Just set up a PPPOE connection directly from your pc to your modem.



  • @NOYB:

    Frequent power cycling of electronics shortens it's life.

    What is the expected duty cycle?  1 hr/day?, 1 hr/wk?,  1 hr/mo?, etc.?

    Depending on the duty cycle and the reason for disconnecting and powering off, it may be better to just disconnect and leave powered on.

    I would expect the duty cycle to be something like 6-8 hours on (and the rest of the time off) every day. That would be doable I suppose, so long as the PC is shut down and disconnected from the internet when not in use, I could live with that….so long as I can design a DIY router that is energy efficient and quiet.



  • I'm not sure what to think about this..

    Power consumption is negelectable. Especially off the shelve routers use so little power that you aren't going to notice on your monthly bill. Your toilet light probably uses more power on a monthly basis. Any DIY box will always use "way" more power as you are stuck with x86 chips which even in low end atom models are more power hungry than their ARM counterparts in off the shelves boxes.

    Turning off your router really isn't going to do anything for its life cycle. These boxes are designed to run 24/7 and besides that turning on/off electronics also causes wear and tear because the chips are getting heat cycled all the time rather than running at more or less the same temperature all the time.

    Leaving a router on 24/7 so you can run DDNS or VPN (as a tinhatter you DO want everything VPN'ed right? ;)) would be a good reason.

    I think you are really overly paranoid. There is no saying the NSA can't hack pfsense if they could be bothered or that they don't already have access. Besides, if you got stuff that is so super secret you might want to avoid the device storing those files to be connected to the internet all together.



  • Here in Germany we are paying hard for electric power and a small firewall with using 40 Watt
    is at the cost of ~35 € per year and on top of this a modem is for ~40 € each year to pay for.

    1. Private or personal WLAN (WiFi) can be secured by FreeRadius Server and using certificates!
    2. The guest WLAN (WiFi) can be secured by using the Captive Portal with vouchers
    3. With OpenLDAP all wired or cabled devices will be able to secured inside of the LAN
    4. Snort can protect the DMZ or inspect the LAN Ports for getting an alarm if something occurs
    5. With squid and SquidGuard all devices in the DMZ are not really or directly connected to the Internet!

    So where is now the security issue to switch after 6 - 8 hours the firewall out or take it off?
    If you might be thinking your PC is out or off and not running and the modem alone will be
    taking of electric power this must be surely unable to enter in your network and entering your PC!

    If you are afraid of an intruder you should better turn of the  entire WiFi part in pfSense and on top
    of this the modem and your PC too, so someone must be entering your apartment to get in touch with
    your network or PC.



  • @BlueKobold:

    Here in Germany we are paying hard for electric power and a small firewall with using 40 Watt
    is at the cost of ~35 € per year and on top of this a modem is for ~40 € each year to pay for.

    1. Private or personal WLAN (WiFi) can be secured by FreeRadius Server and using certificates!
    2. The guest WLAN (WiFi) can be secured by using the Captive Portal with vouchers
    3. With OpenLDAP all wired or cabled devices will be able to secured inside of the LAN
    4. Snort can protect the DMZ or inspect the LAN Ports for getting an alarm if something occurs
    5. With squid and SquidGuard all devices in the DMZ are not really or directly connected to the Internet!

    So where is now the security issue to switch after 6 - 8 hours the firewall out or take it off?
    If you might be thinking your PC is out or off and not running and the modem alone will be
    taking of electric power this must be surely unable to enter in your network and entering your PC!

    If you are afraid of an intruder you should better turn of the  entire WiFi part in pfSense and on top
    of this the modem and your PC too, so someone must be entering your apartment to get in touch with
    your network or PC.

    After the first security protocol (WEP?) was cracked, I became wary of wi-fi anything. After the WPA was hacked, any remaining trust was over. Now I hear WPA2 was compromised by 'Wi-Fi Protected Setup', and a quick Google search (using search terms 'wifi wpa hack') insures I will never be using wi-fi, bluetooth, or anything similar. My thought on saving power is anything is better than nothing. Will my turning of lights, TV, or whatever when I leave a room prevent blackouts? Probably not, but I see no good reason not to….and since I been doing this my lightbulbs last about three weeks longer than before. Aside from power saving, there is the security aspect. Turning off the PC and disconnecting it from the router insures no attacks via the internet. Turning off the router, and disconnecting it from the internet guarantees it will not be attacked via the internet. Someone said that if I turn off and disconnect the router I would have to re-configure everything when I turn it on...if true, that would definitely be a good reason to leave it on! Still would want to airgap the PC though.


Log in to reply