• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Building my own router?

I like my atom boards, but why not use something like Raspberry Pi? :toast: you could use 1 usb network adapters and onboard for both connections. :toast:
 
Honestly, I kinda like this project. :D
 
Mindweaver said:
I like my atom boards, but why not use something like Raspberry Pi? :toast: you could use 1 usb network adapters and onboard for both connections. :toast:
Click to expand...

That is actually what I wanted to do with my RaspberryPi once Newark gets their ducks in a row and ships it. :mad:

A clean Ubuntu server install along with netfilter/iptables, dhcp, and bind you should be able to setup a router fairly quickly if you have some experience configuring dhcp and bind on linux, and even bind isn't necessary unless you want to run DNS locally but I would start with DHCP and netfilter.
 
I would check out pfsense, its a freebsd off chute that is incredbly customizable. The qos feature set is pretty incredible..
 
+1 for pfSense its a rock solid OS I prefer it over my old DDWrt router

I am using a P4 @ 1.5 Ghz with 384mb of ram. I have no problems routing with those specs.

I also have two 10/100 nics for WAN and LAN
 
Sorry guys, this project is officially put on hold unless limiting the upload speed doesn't solve the lag issues, or the almost-5-years-old WRT160N I'm currently using dies. I've limited the upload speed of the 2 computers already, so I'm giving it 3-5 days to see how things are.

Thanks for all the help & advice.
 
Here's that MSI Geode board...

I think this is pretty cool because it has a CompactFlash interface and 2x gbit NICs, and of course mini-ITX is a standard size so you can use readily available cases and PSU's. This seems ideal for use with pfSense or Zeroshell. I know that Zeroshell can also be used as a wireless AP with an Atheros based wireless card.
 
Zen_ said:
Here's that MSI Geode board...

I think this is pretty cool because it has a CompactFlash interface and 2x gbit NICs, and of course mini-ITX is a standard size so you can use readily available cases and PSU's. This seems ideal for use with pfSense or Zeroshell. I know that Zeroshell can also be used as a wireless AP with an Atheros based wireless card.
Click to expand...

The same for Pfsense. I am running a 801.11g network using a 20 dollar Atheros card from amazon.com. My build's a little more industrial though. I use a 8gb SSD with 2 Gbs of ram, in this kit...

SUPERMICRO SYS-5015A-H 1U Intel Atom 330 Dual-Core...
 
i used to run PFsense actually, then i got my router with its bandwidth controls and gave up. PFsense is nice, but for the scale of most home users its not worth it.
 
It's a nice toy for people interested in networking, and I think as home networks grow there is a need for more sophisticated resource management and security than a $50 wi-fi AP offers.
 
i was going to actually going to advise maybe a SOC setup like VIA but the geode line as mentioned is a good idea. I honestly forgot it existed. if you feel like wating you could even blow the $30 and try raspberry pi and a switch.
 
Solaris17 said:
i was going to actually going to advise maybe a SOC setup like VIA but the geode line as mentioned is a good idea. I honestly forgot it existed. if you feel like wating you could even blow the $30 and try raspberry pi and a switch.
Click to expand...

My Pi is on the way, and I was thinking of trying to use it as a router. It's certainly powerful enough to do it (it is more powerful than most routers.)
 
I use Untangled on my P4 box but I'm migrating my config to Smoothwall :) Works excellently and I refuse to touch another home router at my place unless I have a very good reason to do so.
 
digibucc said:
exactly
Click to expand...

One? If it is acting as a gateway and you want all internet traffic to go through it wouldn't you need two network adapters? One for the external connection to the interwebs and another to your switch and maybe a wireless adapter if you want to broadcast Wi-Fi off of your gateway. If you're only connected to your network with one interface, then the device isn't a gateway, you still need the internet to come in from somewhere.
 
Aquinus said:
One? If it is acting as a gateway and you want all internet traffic to go through it wouldn't you need two network adapters? One for the external connection to the interwebs and another to your switch and maybe a wireless adapter if you want to broadcast Wi-Fi off of your gateway. If you're only connected to your network with one interface, then the device isn't a gateway, you still need the internet to come in from somewhere.
Click to expand...

Not if you are utilizing NAT(Which may not even be necessary..). All traffic goes through the gateway and is translated out. OS's can handle multiple networks on the same interface. (So very handy when you connect directly to a device and everything is static.)
i.e.
IN -> 192.x.x.x:XXYY
router magic
OUT-> 24.x.x.x:XXZZ

(This actually just modifies the IP and MAC headers, using a port table to determine what to replace the MAC with on the LAN.)

so when a packet comes in it does this: INTERNET-> 24.24.24.24:25505 GW MAC -> Switch -> GW -> GW looks up what port 25505 forwards to -> Changes destination headers -> Switch-> Destination

Bonus points for guessing the port!
 
Last edited:
Dippyskoodlez said:
Not if you are utilizing NAT(Which may not even be necessary..). All traffic goes through the gateway and is translated out. OS's can handle multiple networks on the same interface. (So very handy when you connect directly to a device and everything is static.)
i.e.
IN -> 192.x.x.x:XXYY
router magic
OUT-> 24.x.x.x:XXZZ

(This actually just modifies the IP and MAC headers, using a port table to determine what to replace the MAC with on the LAN.)

so when a packet comes in it does this: INTERNET-> 24.24.24.24:25505 GW MAC -> Switch -> GW -> GW looks up what port 25505 forwards to -> Changes destination headers -> Switch-> Destination

Bonus points for guessing the port!
Click to expand...

That doesn't work though because now you have your modem and gateway on the same network. The point of having a gateway is to be able to restrict and redirect traffic to different machines, that defeats the purpose if they can just connect directly to the modem. Also as a system admin, that is a security hole the size of the moon because any traffic that enters you network will already be in your network because your gateway doesn't segregate the two networks.

So all in all, yeah, you can make it work but if you actually did this in production...
866.jpg


You should never setup a real network like that, it is one thing if you have multiple subnets on the same interface, it is another when you're connecting to a completely different network on the same interface which I'm not convinced will work well if you do get it working to begin with. You really need that 2nd interface dedicated to the internet.
 
Aquinus said:
That doesn't work though because now you have your modem and gateway on the same network. The point of having a gateway is to be able to restrict and redirect traffic to different machines, that defeats the purpose if they can just connect directly to the modem. Also as a system admin, that is a security hole the size of the moon because any traffic that enters you network will already be in your network because your gateway doesn't segregate the two networks.
You should never setup a real network like that, it is one thing if you have multiple subnets on the same interface, it is another when you're connecting to a completely different network on the same interface which I'm not convinced will work well if you do get it working to begin with. You really need that 2nd interface dedicated to the internet.
Click to expand...

Really? Have you ever actually configured a switch? I'm talking a real switch, not a hub. The switch sees all traffic from the modem (which will often times only give 1 IP, not multiple) and sends it to the gateway (usually a router for folks), and the gateway sends it out. There won't be any "packet confusion" because you're using a layer 2 switch, not a hub.

Otherwise, my single switch thats sitting next to me running a whole collection of networks must clearly not be working.

(You DO have to use an internal network IP, such as 10.10.x.x or 192.168.x.x, because they are not routable over the internet, hence why its not really a security issue. you cannot ping 192.168.34.1 over the internet.)

The big catch with this configuration would be your router needs to not give out DHCP to anyone but the server, and all your clients have to be directly pointed to the gateway manually. The bigger security threat would actually lie from within your network, not from the internet. For home use, its not really an issue. For a business LAN, you would obviously want to configure it differently, but it would certainly work. Worst case at home would be a laptop connecting and be set to DHCP, and just conflict with your gateway causing your internet to stop working until you fix it.

Its not ideal, but it would certainly work. Worst case, the ISP's first in line router will start filtering your broadcasts. You would want a switch you can tell not to FWD broadcasts through that specific port.
Capture012927.jpg


A second NIC to flow traffic through would only change your available bandwidth (if everything is gigabit, you still have plenty with a single), and you would have the computer filtering broadcasts instead of the switch. The cable modem/DSL modem will never even know a computer is on the same physical network.

If you were to custom format your IP headers, you could potentially attack the computer from the outside network, by changing the MAC address in the header to that of the client; but discovering it wouldn't be easy, and the computer would just be like "oh this packet isn't for me /trash because it has the wrong IP address." (The internal network IP would negate your ability to traverse the internet for this type of attack.)

it is one thing if you have multiple subnets on the same interface, it is another when you're connecting to a completely different network
Click to expand...
This statement contradicts itself. A different subnet is a completely different network.
 
Last edited:
Dippyskoodlez said:
Really? Have you ever actually configured a switch? I'm talking a real switch, not a hub. The switch sees all traffic from the modem (which will often times only give 1 IP, not multiple) and sends it to the gateway (usually a router for folks), and the gateway sends it out. There won't be any "packet confusion" because you're using a layer 2 switch, not a hub.

Otherwise, my single switch thats sitting next to me running a whole collection of networks must clearly not be working.

(You DO have to use an internal network IP, such as 10.10.x.x or 192.168.x.x, because they are not routable over the internet, hence why its not really a security issue. you cannot ping 192.168.34.1 over the internet.)

The big catch with this configuration would be your router needs to not give out DHCP to anyone but the server, and all your clients have to be directly pointed to the gateway manually. The bigger security threat would actually lie from within your network, not from the internet. For home use, its not really an issue. For a business LAN, you would obviously want to configure it differently, but it would certainly work. Worst case at home would be a laptop connecting and be set to DHCP, and just conflict with your gateway causing your internet to stop working until you fix it.

Its not ideal, but it would certainly work. Worst case, the ISP's first in line router will start filtering your broadcasts. You would want a switch you can tell not to FWD broadcasts through that specific port.
http://img.techpowerup.org/120610/Capture012927.jpg

A second NIC to flow traffic through would only change your available bandwidth (if everything is gigabit, you still have plenty with a single), and you would have the computer filtering broadcasts instead of the switch. The cable modem/DSL modem will never even know a computer is on the same physical network.

If you were to custom format your IP headers, you could potentially attack the computer from the outside network, by changing the MAC address in the header to that of the client; but discovering it wouldn't be easy, and the computer would just be like "oh this packet isn't for me /trash because it has the wrong IP address." (The internal network IP would negate your ability to traverse the internet for this type of attack.)


This statement contradicts itself. A different subnet is a completely different network.
Click to expand...

...and all of this could be avoided by adding a second network device. It just over complicates it. A subnet is just division of IP ranges to determine what hosts can talk to what, where the router handles communication between subnets, I know all of this and I applogize for not explaining myself better, I'm a programmer not an journalist damn it! :p

The point I'm trying to make is that for the average user, having two interfaces is ideal because unless you really need to forwards ports to a particular machine or do some special routing, sticking with DHCP and having a network that is plug and play is much more preferable to having one where you have to manually configure each host.

I'm just saying it's not practical unless you're aware of every computer that is going to exist on the network.

Personally, I prefer to let DHCP manage my static IPs. That way if I have a machine that dual boots, I still get the same IP regardless of the OS or configuration. I like having one place that impacts everything, at least for network management.
 
Aquinus said:
The point I'm trying to make is that for the average user, having two interfaces is ideal because unless you really need to forwards ports to a particular machine or do some special routing, sticking with DHCP and having a network that is plug and play is much more preferable to having one where you have to manually configure each host.

I'm just saying it's not practical unless you're aware of every computer that is going to exist on the network.

Personally, I prefer to let DHCP manage my static IPs. That way if I have a machine that dual boots, I still get the same IP regardless of the OS or configuration. I like having one place that impacts everything, at least for network management.
Click to expand...

You can* still run DHCP on this network. This is actually how I have my network here set up (for my personal use). My router acts as a wireless extension of my wired network. (I also have some Cisco routers sitting around with a single ethernet port. How do you explain this? :P )

Every computer on my network is still DHCP. I jsut manually assigned my MAC's in the router to be given X ip address. My minecraft server is still the same IP address even if I boot over into Debian.

The only real gotchya is making sure you don't get broadcast storms. If you're to the point of having a software router running, it really isn't any more complex. If you can barely handle plugging in a linksys router and getting the defaults running, a software solution is NOT for you regardless of # of NIC's used.

*with a consumer modem, you just have to restrict it broadcasting its own DHCP.
 
Last edited:
Dippyskoodlez said:
*with a consumer modem, you just have to restrict it broadcasting its own DHCP.
Click to expand...

I don't know about your internet, but mine is dynamic and requires DHCP, using static won't work once the DHCP lease times out, because the ISP will try to assign it to someone else. I also don't have a Cisco switch laying around to use and neither do most people. :p
 
Aquinus said:
I don't know about your internet, but mine is dynamic and requires DHCP, using static won't work once the DHCP lease times out, because the ISP will try to assign it to someone else. I also don't have a Cisco switch laying around to use and neither do most people. :p
Click to expand...

mid-range switches are configurable. I have a little 26 port NetGear 10/100 with 2 gigabit ports that I can webcfg into. You don't have to have a $1000 catalyst for basic networking configurability. Most people don't have switches laying around at all unless they do networking, though(So you wont be using a soft router anyways..). Old routers can provide this functionality (especially if you can put DD-WRT on it )

Technically you could also use a hub(with a dual NIC config), but... just no...


v12dock said:
oh god not packet tracer...
Click to expand...


The latest version of Packet Tracer (5.3) is actually really good for learning and planning.
 
Last edited:
Dippyskoodlez said:
mid-range switches are configurable. I have a little 26 port NetGear 10/100 with 2 gigabit ports that I can webcfg into. You don't have to have a $1000 catalyst for basic networking configurability. Most people don't have switches laying around at all unless they do networking, though(So you wont be using a soft router anyways..). Old routers can provide this functionality (especially if you can put DD-WRT on it )

Technically you could also use a hub(with a dual NIC config), but... just no...





The latest version of Packet Tracer (5.3) is actually really good for learning and planning.
Click to expand...

i do i have a fiber and ethernet switch lying around...............
 
Layer 3 switches
 
You must log in or register to reply here.
Back
Top