8 gigs of RAM? SSD disk? 2.4GHz (incorrectly stated as MHz)? factory image is 4 GB in size? All this for a router? I'm no expert by any metric, but that's one hell of an overkill IMHO. Shit, dude, my home pc is weaker in almost all aspects and I play video games and HD content on that, in addition to network stuff.<p>In my day, a router was a Intel Pentium @90MHz with 4M of RAM. No HDD, only a FDD with Linux. Granted, it probably would have problems today with speeds we're all used to and WLAN, but, man, strip it down, strip it all down to Megs. You don't need X running on that. You don't need all these services. Fonts. Libraries. Default pictures. That's all bloat. Throw out the SDD. A 1G usb thumb drive is enough. I/O speed concerns? You got 8 gigs of ram, dude, you could fit your whole "factory" image in it and have enough space for the second one. Ramdisk the shit out the system. Dude...<p>And, just out of curiosity, how does using iptables make that not a real firewall (even if you're using iptables in an indirect manner)?
I used this for my router: <a href="http://pcengines.ch/apu2.htm" rel="nofollow">http://pcengines.ch/apu2.htm</a><p>No complaints yet, except pfSense is not that great with Wifi. It's probably best to do wifi separately if you want to run a BSD flavour on it. I haven't tried installing Linux on it yet, since WiFi is functioning well enough, albeit sub-optimally.
I guess the primary benefit of using something like Edgerouter Lite[1] is that you get an efficient router for half the price (perhaps even less).<p>[1] Available e.g. here: <a href="http://www.newegg.com/Product/Product.aspx?Item=0XP-000A-00001" rel="nofollow">http://www.newegg.com/Product/Product.aspx?Item=0XP-000A-000...</a>
Confusing "router" with "router + WiFi access point" is a pet peeve a mine. To me a router has absolutely nothing to do with WiFi, yet almost every discussion of routers presumes WiFi.<p>I don't use WiFi much, but when I do, I use a separate box. Separation of function.<p>Having said that, the Qotom is absolutely perfect for 1000Base-T to 1000Base-T routing. It's got plenty of CPU (unlike the commercial crap is hopelessly lacking), and plenty of RAM so it won't overflow its NAT tables.
This is neat. I'm curious if the author has gotten to test it with a Gigabit internet connection yet?<p>I initially intended to build my own router when I got Gigabit internet. After some research, I settled on a SOHO solution that seemed hard to beat in bang-for-buck: Ubiquiti EdgeRouter LITE-3. It does roughly 933Mbps for WAN->LAN, which means I don't lose much speed in that transition. For prebuilt solutions, the only way to one-up that is to move to 10Gbps hardware which is cost prohibitive.<p>All that said, the Ubiquiti router runs a custom version of Debian and I'd prefer to work with something that could work with Ansible or the like and is a little more open.
An alternative: <a href="https://omnia.turris.cz/en/" rel="nofollow">https://omnia.turris.cz/en/</a> (just in other direction: a powerful router as a tiny PC / home server).
For a router, I'd pick some BSD-based OS. pf is much more efficient than iptables, although I only know this anecdotally.<p>I'm a huge fan of pfSense which wraps a nice UI and some great tools (proxy, AV, analysis, etc.) into one big package. Worth a look. I used to run my home router on a little Qotom computer, but virtualized it to get rid of wires and boxes; works great. I'm running three pfSense boxes in various environments and can't say enough good things about 'em.
I do enjoy these sorts of projects but ... My router needs were recently fulfilled by a TP-Link MR3020, an old mobile phone and ROOter/GoldenOrb, an OpenWRT variant.<p>£25 and two minutes to flash it, and away. It amazes me what OpenWRT and ROOter have crammed into 4MB. 4MB!
I am torn between getting that, or waiting for the next generation motherboards (apollo lake).<p>2 vendors have already made preliminary announcements:<p>* <a href="http://www.asrock.com/ipc/overview.asp?Model=IMB-157" rel="nofollow">http://www.asrock.com/ipc/overview.asp?Model=IMB-157</a>
* <a href="https://www.asus.com/Motherboards/J3455M-E/" rel="nofollow">https://www.asus.com/Motherboards/J3455M-E/</a>
I'm using a Qotom based OPNsense router. Its 4 Intel GigE do Multi-WAN admirably. HardenedBSD and LibreSSL let me sleep well at night.<p>It's not more expensive than a high end consumer router and significantly more capable.<p>It's been running for several months now but gets relatively warm due to passive cooling. I wonder how long it will last.
I feel somthing like this is much cheaper for that purpose <a href="http://www.pipo-store.com/pipo-x9-tv-box-8-9-inch-mini-pc.html" rel="nofollow">http://www.pipo-store.com/pipo-x9-tv-box-8-9-inch-mini-pc.ht...</a>
Those tiny PCs are nice for projects like this, I use a Jetway JBC373F38-525-B with Sophos UTM.<p>Why not using anything with a GUI like pfsense or Sophos UTM?