I got the hardware, now to add the software..

MrGuvernment

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
21,810
So like many I have a simple router at home, Asus N56U with padavan flashed firmware.

© 2011-2015 Padavan & N56U project community

However I was able to score a Dell Optiplex 390 that originally had an i3 in it but also got an i5 2400 @ 3.1Ghz cpu to put in it and i have wanted more control over my network (i am in IT, Sr. Systems Analyst) so as we know, we always want more control....

I am going to use this system as a firewall to replace my Asus (use the Asus as an AP) but wanted to know what to use these days.. (yes i know total overkill, I had thought about virtualizing it if i had a larger HD for it but dont right now)

I had pfsense on it, 2.6 and it seems every 2 hours or so it would randomly reboot, however i tested the memory and all and it is all fine..(currently doing intel burn test on the cpu)

Total system specs:

  • Dell Optiplex 390 SFF
  • i5 2400
  • 4G DDR3
  • 250G SATA HD
  • Intel Pro/1000 PT quad port nic
I have often used CentOS for web-server and proxies and thought perhaps use it and firewalld and such to make a router, but wanted to see what other options there may be or that people have used, i know FreeBSD may be a good option as it is the base of many routers anyways..

Options? Thoughts?
 
FreeBSD is a solid choice in general however I do think that it's quite a waste to replace your MIPS box as it'll do just fine. If you want more control just flash OpenWRT on it even though Broadcom isn't the ideal platform (no WiFi most likely).

Anyhow, you can give FreeBSD a go. I'd personally go for -CURRENT but you'll also be fine with the latest release. Make sure you have the latest BIOS installed and that you're AHCI and not compatible mode. The handbook gives you a good start on how to setup a firewall using ipfw or pf (I'd personally recommend pf).
 
MrGuvernment said:
So like many I have a simple router at home, Asus N56U with padavan flashed firmware.

© 2011-2015 Padavan & N56U project community

However I was able to score a Dell Optiplex 390 that originally had an i3 in it but also got an i5 2400 @ 3.1Ghz cpu to put in it and i have wanted more control over my network (i am in IT, Sr. Systems Analyst) so as we know, we always want more control....

I am going to use this system as a firewall to replace my Asus (use the Asus as an AP) but wanted to know what to use these days.. (yes i know total overkill, I had thought about virtualizing it if i had a larger HD for it but dont right now)

I had pfsense on it, 2.6 and it seems every 2 hours or so it would randomly reboot, however i tested the memory and all and it is all fine..(currently doing intel burn test on the cpu)

Total system specs:

  • Dell Optiplex 390 SFF
  • i5 2400
  • 4G DDR3
  • 250G SATA HD
  • Intel Pro/1000 PT quad port nic
I have often used CentOS for web-server and proxies and thought perhaps use it and firewalld and such to make a router, but wanted to see what other options there may be or that people have used, i know FreeBSD may be a good option as it is the base of many routers anyways..

Options? Thoughts?
Click to expand...

Regarding the pfSense random reboots - I've encountered these a few times before. Most of my issues were usually due to some hardware fault or the other (since it was mostly older devices being reused for firewall duties). As it is a pretty good platform (and if you want to give pf a second chance), try posting the system log over their forums and attempt testing your hardware again. The burn-in test you mentioned is a great start as you swapped out the CPU, and you can always revert to the i3 if you still have it available; check your BIOS (and any vendor updates for it); swap cables/drives if you have spares, et cetera. It can be... finicky sometimes.

I haven't kept up with the latest and greatest in routing/firewall platforms but given the hardware you have available - have you given any consideration to a UTM package like Sophos or Untangle? Great features, and pretty decent control. Not as intense or customizable as other stacks but they perform pretty well.
 
FreeBSD (pfsense/opnsense etc) isn't picky, it expects hardware to work correctly...
 
The idea with going with something else for me vs OpenWRT or one of those variants is i want to strengthen my network skills for work, eventually getting a layer 3 switch as well and some used gear.

I put windows 7 upgrade to 10 onto the box to test it that way also, ran Intel burn test for almost 6 hours with no issues and the system has not rebooted since i installed it yesterday except for some windows updates...

I am going to be trying out:

Download Zentyal Server | Exchange email on Linux
Get Started
ClearOS 7 Community Products | ClearOS 7 Community Pricing

along with Vanilla FreeBSD and CentOS 7.

And will certainly see if any of those have any issues with reboots.
 
MrGuvernment
I think you have the wrong idea of what OpenWRT really is compared to pfsense/opnsense/any other firewall distro. While it uses the Linux kernel and iptables compared to he FreeBSD kernel and pf they're much alike fundamentally. Main difference is that it's aimed to be used on embedded devices which mean that you can't ship a fully fledged OS, that doesn't mean that it cannot have the same functionality. You can do logging using graphs etc but usually on an external server etc but it's possible to use the device itself with some restrictions.

Anyway, capture the crash screen when it occur´s otherwise there's no way of figuring out why it's rebooting/crashing.
 
There were some threads over on Phoronix recently regarding lockups of Intel based Ethernet adaptors, with recent kernels. Granted their machines weren't rebooting, but it's something to ponder since they weren't using it as a router.
 
diizzy said:
MrGuvernment
I think you have the wrong idea of what OpenWRT really is compared to pfsense/opnsense/any other firewall distro. While it uses the Linux kernel and iptables compared to he FreeBSD kernel and pf they're much alike fundamentally. Main difference is that it's aimed to be used on embedded devices which mean that you can't ship a fully fledged OS, that doesn't mean that it cannot have the same functionality. You can do logging using graphs etc but usually on an external server etc but it's possible to use the device itself with some restrictions.

Anyway, capture the crash screen when it occur´s otherwise there's no way of figuring out why it's rebooting/crashing.
Click to expand...

i certainly do think of OpenWRT as something you use on a router, and not a full blown firewall system, I know it is very capable as i have used it before on several devices, but i guess i just want something more powerful, on more powerful hardware with a lot more options (built in and not relying on external systems), which brings to mind pfsense and variants like those that can be run on this hardware.m I will certainly have to reinstall pfsense, i have been running Windows 10 on this system now to test since i made this post and the system has not gone down once so I think all hardware is fine.

Ruoh said:
There were some threads over on Phoronix recently regarding lockups of Intel based Ethernet adaptors, with recent kernels. Granted their machines weren't rebooting, but it's something to ponder since they weren't using it as a router.
Click to expand...
Certainly good to know, I guess as dizzy noted i need to get some logs to see if i can see why the system was rebooting with pfsense every few hours.

diizzy said:
pfsense uses FreeBSD not Linux kernels.
Click to expand...

That is certainly is!

Tonight i am going to try some of the other variants i downloaded, see if any reboot..
 
I installed Opnsense thinking maybe a different result but i got this error on screen, lost internet, could not ping the firewall,

4i0gJ8s.jpg


not sure if useful.
 
Your storage is wonky, I'm not able to tell by that if it's the HDD, cable or mobo.

What does smartmontools say about your drive?
 
Definitely interesting as Untangle ran all night with out a restart and windows 10 ran for a few days with no issues. Smart reports the drive as fine.

I have some spare SATA cable and a 2.5 harddrive i can test, will certainly try out those to try and eliminate one at a time.
 
if you really want power and flexibility to expand knowledge for work, install vyatta
 
You must log in or register to reply here.
Back
Top