A little overwhelmed



  • Ok, so I'll try to keep this preface short but here goes. I have Fios and get speeds of around 150 Download and 50 Upload. My last router (AsusTek RT-N56U) died on me, and I've replaced it now (twice) and the issue persists. I've had the last 4-5 routers die on me within around 3-4 months of them being installed without anything I can think of to cause the issue. We have no power interruptions, I've not been DoS'd, and the routers shouldn't be having issues handling the speed. So I've got a dilemma of needing a more stable and powerful router, but not wanting to go the Cisco route.

    This brings me to the point of this post. I have been looking into building my own router for a while and Pfsense is the most highly recommended. I've been building my own PC's for years, and I can manage the software end(Albeit it may require some Google assistance) but I can't seem to wrap my head around a list of parts that I feel 100% comfortable saying "K, this is 100% compatible with Pfsense ~ Buy" So if anyone with more experience on the matter could direct me to the parts I'll need to purchase to get a 300+MB/s router I'd be eternally in your debt.

    One small note, I routinely get speeds that go up to nearly 180/65 so having a chunk of overkill would be nice to ensure it can be handled even at my connection's maximum load.



  • A good look through these forums should tell you there are a few things that will most affect your choices:

    • 300+Mb(it)/s?

    • Do you think you'll want to run any of the packages (e.g., squid) that are available?  Some have more overhead than others

    • Is integrated wireless LAN part of the plan?

    • Is power consumption an important issue?

    • Are you looking at an embedded (CompactFlash) install or hard disc

    • Got a budget to work to?

    • No pile of working PC parts laying around  :)



  • 300Mbits is correct.
    I'm not likely to need any other packages since my needs are fairly straight-forward. That said, having the headroom to add them later on if I desire would be optimal.
    Wireless is needed yes, I can't believe I forgot that in the OP  :-[
    Power consumption is irrelevant, as is the budget for the most part.
    Hard Disk

    I have no parts lying around unfortunately.

    ~ Thank you for the hasty reply:)



  • I'll have to let other people make recommendations on what would work well for you.  I've only ever run pfSense in a VM.

    From what I've seen it does take a lot of grunt to handle the sort of speed you're talking about.

    It does seem that most people would recommend using Intel NICs though - for performance and reliability.



  • @EricBiggs:

    My last router (AsusTek RT-N56U) died on me, and I've replaced it now (twice) and the issue persists. I've had the last 4-5 routers die on me within around 3-4 months of them being installed without anything I can think of to cause the issue.

    I presume you issue you man is the short life of the routers. To have 4 or more each last no more than 4 months suggests you are either uncommonly unlucky (e.g. all of the routers came from a bad batch) or there might be some environmental factors at play (e.g. you put them in a place with inadequate ventilation so they overheat when busy or the surrounding air temperature gets too high or you get spikes on the mains power.)

    I'm not familiar with that type of router but I think it could be worthwhile doing some analysis to determine what sort of failure you have seen (e.g. external power supply dead, router overheated, etc). Problems like spiky mains power or inadequate ventilation will still cause you trouble if you build a pfSense router.

    @EricBiggs:

    . . . and the routers shouldn't be having issues handling the speed.

    It might be a failure of my imagination but I can't think how attempting to pass "too many" bits through a router would cause it to fail and need replacement. (It might drop packets but should stop dropping packets  either when the bit rate drops or [if the software is not very good] on reboot.)

    @EricBiggs:

    but I can't seem to wrap my head around a list of parts that I feel 100% comfortable saying "K, this is 100% compatible with Pfsense ~ Buy"

    The FreeBSD user community is probably small compared with the Linux and Windows communities hence its difficult to give a statement of "100% compatible with pfSense" - generally hardware probably doesn't get the testing on FreeBSD that it does on Linux or Windows. However some guidelines based on personal experience:

    • Motherboards that have been out for at least six months before the FreeBSD release are likely to give much less trouble than more recently released motherboards.

    • Intel NICs are likely to give least trouble, but only if they have been generally available for some months before the FreeBSD software. (Newer NICs might not even be recognised by a driver.)

    • WiFi can be particularly problematical. In the last few weeks I have seen reports of people having subtle trouble with WiFi NICs even though, as far as can be easily determined, they are the same NICs as work for other people.

    If you really want gear 100% compatible with pfSense you should buy a packaged solution from a vendor that sells a pfSense solution. If you search the forums I expect you wll be able to find a least a few such vendors identified.
    If you are prepared to take some risks to save a few bucks then you should probably at least check you can return the gear if it doesn't work with pfSense. I've bought a few WiFi NICs that were cheap enough for me to put them aside if I couldn't get them to work with pfSense (or attempt to use them in a Linux system). Unfortunately pfSense has support for only a few of the available WiFi chipsets (though it gets better with every release) and its not easy to reliably determine what chipsets are in particular WiFi NICs. The forums are a good resource and you can ask for feedback on particular models. However, especially in WiFi NICs, people can only give you feedback on devices they have used. You might purchase a WiFi NIC that is exactly the same brand and model as one successfully used in a pfSense box elsewhere and then discover it doesn't work for you because the manufacturer has changed the chipset model number or brand without changing their model number.



  • @wallabybob:

    @EricBiggs:

    My last router (AsusTek RT-N56U) died on me, and I've replaced it now (twice) and the issue persists. I've had the last 4-5 routers die on me within around 3-4 months of them being installed without anything I can think of to cause the issue.

    I presume you issue you man is the short life of the routers. To have 4 or more each last no more than 4 months suggests you are either uncommonly unlucky (e.g. all of the routers came from a bad batch) or there might be some environmental factors at play (e.g. you put them in a place with inadequate ventilation so they overheat when busy or the surrounding air temperature gets too high or you get spikes on the mains power.)

    I'm not familiar with that type of router but I think it could be worthwhile doing some analysis to determine what sort of failure you have seen (e.g. external power supply dead, router overheated, etc). Problems like spiky mains power or inadequate ventilation will still cause you trouble if you build a pfSense router.

    @EricBiggs:

    . . . and the routers shouldn't be having issues handling the speed.

    It might be a failure of my imagination but I can't think how attempting to pass "too many" bits through a router would cause it to fail and need replacement. (It might drop packets but should stop dropping packets  either when the bit rate drops or [if the software is not very good] on reboot.)

    @EricBiggs:

    but I can't seem to wrap my head around a list of parts that I feel 100% comfortable saying "K, this is 100% compatible with Pfsense ~ Buy"

    The FreeBSD user community is probably small compared with the Linux and Windows communities hence its difficult to give a statement of "100% compatible with pfSense" - generally hardware probably doesn't get the testing on FreeBSD that it does on Linux or Windows. However some guidelines based on personal experience:

    • Motherboards that have been out for at least six months before the FreeBSD release are likely to give much less trouble than more recently released motherboards.

    • Intel NICs are likely to give least trouble, but only if they have been generally available for some months before the FreeBSD software. (Newer NICs might not even be recognised by a driver.)

    • WiFi can be particularly problematical. In the last few weeks I have seen reports of people having subtle trouble with WiFi NICs even though, as far as can be easily determined, they are the same NICs as work for other people.

    If you really want gear 100% compatible with pfSense you should buy a packaged solution from a vendor that sells a pfSense solution. If you search the forums I expect you wll be able to find a least a few such vendors identified.
    If you are prepared to take some risks to save a few bucks then you should probably at least check you can return the gear if it doesn't work with pfSense. I've bought a few WiFi NICs that were cheap enough for me to put them aside if I couldn't get them to work with pfSense (or attempt to use them in a Linux system). Unfortunately pfSense has support for only a few of the available WiFi chipsets (though it gets better with every release) and its not easy to reliably determine what chipsets are in particular WiFi NICs. The forums are a good resource and you can ask for feedback on particular models. However, especially in WiFi NICs, people can only give you feedback on devices they have used. You might purchase a WiFi NIC that is exactly the same brand and model as one successfully used in a pfSense box elsewhere and then discover it doesn't work for you because the manufacturer has changed the chipset model number or brand without changing their model number.

    I looked into that pretty heavily. I have the router out on a desk in a below normal room temperature area, and nothing else in the house is being affected. I talked to an Asus rep, and they said that the issue could be that under long periods of being at full or near full load the router might be sustaining damage somehow.

    I was kind of afraid that that was the sort of answer I would get on the topic. I'm really tired of dropping 200$ on routers that last weeks or months and then just run into issue after issue. I've poked around a bit and it seems all the offerings on the web (that I saw in a fast google search) are remarkably overpriced for the hardware. Would you happen to have any specific recommendations of places to look into buying a pre-built system?


  • Netgate Administrator

    Depending on where you are the answer will differ but you should check here:
    http://www.pfsense.org/index.php?option=com_content&task=view&id=44&Itemid=50

    Steve



  • @EricBiggs:

    300Mbits is correct.
    I'm not likely to need any other packages since my needs are fairly straight-forward. That said, having the headroom to add them later on if I desire would be optimal.
    Wireless is needed yes, I can't believe I forgot that in the OP  :-[
    Power consumption is irrelevant, as is the budget for the most part.
    Hard Disk

    I have no parts lying around unfortunately.

    ~ Thank you for the hasty reply:)
    [/quote]

    Do you need VPN capabilities?
    I doubt the Asus would be heavily loaded unless you're using the VPN capabilities on it since the hardware NAT ASIC is capable of close to 900Mbit/s throughput easily.

    Also, is there any need for inter-LAN routing?  i.e.  WLAN to LAN or VLAN to VLAN routing.  Again, the router probably isn't the slightest bit stressed by your internet connection speed.


Log in to reply