Nerd Boredom Jet Away

3-minute read
networking

Jetway Router

I was bored, so what better to do than build something.

For the last few years, the home network has consisted of all Ubiquiti networking gear. For routing, it was an Edgerouter Lite and then when we got 1Gbps fiber, I switched to an Edgerouter 4. For Wi-Fi, I started with a single UniFi UAP-AC-LR in the front of the house. I eventually added a UAP-AC Lite for extra coverage in the back of the house. I run the Ubiquiti UniFi Controller software to manage both APs – at first on a Raspberry Pi and then eventually on a small passively cooled PC.

There was not a need to replace the Edgerouter 4. It works fine and is easy to configure for home networking. The Edgerouter 4 is fast as hell and achieves speeds of around 930Mbps on my gigabit fiber connection.

The 2.x series of firmware seems to be a bit unstable – the latest release has features like:

[Performance] - Throughput degradation by 5-10% when comparing with v1.10.9 firmware with older kernel.

So, back to my boredom. I had this old passively cooled Jetway box laying around. It has a Intel Celeron N2930, 4GB of RAM, 256GB mSATA, 2x Intel gigabit interfaces and a piece of electrical tape to cover the really bright blue LED. What a perfect little box to build a new router/firewall with!

I tried a couple of the popular Open Source firewalls. I tried OPNsense and pfSense both could not achieve the speeds that the Edgerouter did. The download speeds on OPNsense topped off at 750Mbps and pfSense topped off at 850Mbps. OPNsense does have the best UI of the bunch.

IPFire

IPFire performed admirably and was on par (and sometimes better) than the Edgerouter 4 in the speed department. I have put the Edgerouter 4 away and am running the home network now using IPFire. Some stuff I like about IPFire so far:

  • Fast, very fast.
  • Everything in the UI is laid out logically and things are easy to find.
  • Metrics, so many metrics. There are lots of graphs for network traffic including hourly, daily and monthly. The graphs also incorporate predictions for how much traffic will be used in those time periods based on current bitrate. Neat. There are graphs for system component temperatures and system memory. There are graphs for firewall hits broken down by IP, port and country.
  • Logs, so many logs. Also iptables connection tracking is shown via the UI, very helpful and neat.
  • The update schedule is conservative but regular enough at around once a month or so.
  • The different networks are broken down into color codes: Red for WAN, Green for LAN, Blue for wireless, Orange for DMZ. Neat and easy to understand.
  • GeoIP blocking is very cool.
  • The DNS proxy is DNSSEC enabled.
  • There are a services built-in like OpenVPN server, IPsec server, a NTP server and such. But, if that’s not enough, there are extra add-ons via IPFire’s pakfire package manager to install and use.

The plan is to keep running the home network with IPFire and see how it goes. If anything goes sideways, I can always go back to the Edgeroute 4.