On Wed, Nov 23, 2016 at 03:54:17PM +0100, Daniel Pocock wrote: > > I've seen a lot of discussions about making DIY routers running a free > OS like Debian, FreeBSD or OpenBSD and I was tempted to go with > something like that running Shorewall, strongSwan, DHCP and DNS. Maybe > it will also do wifi or maybe the existing router will be a bridge to wifi. > > Can anybody share any comments or links about this topic?
I wrote about my hardware selection in https://randomstring.org/blog/blog/2014/11/09/a-new-firewall/ It's been working very well for me for the last two years, running iptables, DHCP in failover with another server, Unbound, OpenVPN, all on top of Debian Jessie. If I did it over again I would note that 2GB of RAM and a slower CPU could probably serve just as long, and that I only need three gig-e ports, not five. Having a small SSD to keep a full reboot cycle under 30 seconds is an awesome win, though. TCP sessions don't drop. Highly recommended. -dsr-
