New router, DIY or buy and Tomato?

[Scurvy42]

Every 7ish years (HRM!) I come upon a decision in my home network. I started it with a pentium acting as stand-alone router in 1997ish. In the early 2000s I upgraded to a WRT54G that I quickly discovered could be flashed. I eventually landed on Tomato and used it for ages, up until earlier this year, in fact, when that venerable 54G started to act up and drop wifi. :(

So now I'm on the fence again. I'd like the router to be able to do 'fancier' stuff than previously. Usual things like tunnelling (although I haven't used it yet I can forsee it in the future), NAT or something similar, wireless G/N (although with a very powerful AP and removable/upgradable antennas), as well as currently-non-standard things like running a TOR gateway. I don't need it to do file / print serving, as I already do that on other machines on the network. If it can take over DHCP/Dnsmasq/internal network DNS/network boot duties more-the-better, just to centralize that part of the network admin.

I know I can build a 1U machine to toss into my rack and make it work. I'm not sure the wifi hardware I'd throw in there yet, but the rest is pretty standard stuff I've done before (I may try a *BSD this time if I were to do it that way). But I'm also still very impressed with tomato/tomato-usb, I'm just not sure that those tomato-capable routers have the guts to run things like TOR or anything else I'd like to throw at the router.

I've mostly just searched around, made my best guess and gone for it. But I thought this time I'd source opinions from those who have probably done it better than I have, and maybe even done it as an actual job and not just a seemingly-full-time-hobby (I would only consider myself a Jr. level sys/network admin if I were going to charge for it, as I have no 'formal' training and have just puttered along mostly by myself since 1995ish).

Thanks for any help/pointers!

[Shadowmeph]

TOR as in the union router? I am not sure why any newer name brand router would not be able to handle that\
or do you mean Tor the encryption tool?

[Perineum]

Asus RT-N16 would be a good choice for you if you're going to use a consumer level router. It'll handle an internet connection that will do around 150mbit throughput, so good enough for most of Canada for a while.

[NiteOwl]

take a look at pfSense Open Source Firewall Distribution - Home
its FreeBSD based, i have used it in the past and will be using it again soon, i am dropping bell fibetv so that i can get teksavvy dsl. i am not sure but i had a lot of problems with my wrt54g that had dd-wrt on it when there was a ton of torrent traffic going on, but the pfsense machine took it all in stride.

I am sure there are many routers that can do it these days, but i find it more fun to build a pc out of spare parts and get it going that way:)

[enaberif]

Quote:

Originally Posted by NiteOwl

take a look at pfSense Open Source Firewall Distribution - Home
its FreeBSD based, i have used it in the past and will be using it again soon, i am dropping bell fibetv so that i can get teksavvy dsl. i am not sure but i had a lot of problems with my wrt54g that had dd-wrt on it when there was a ton of torrent traffic going on, but the pfsense machine took it all in stride.

I am sure there are many routers that can do it these days, but i find it more fun to build a pc out of spare parts and get it going that way:)

Router based PC uses more energy and dumps twice as much heat. Small consumer based routers like the RT-N16 can do what pfSense can easily enough without being overly complicated.

[NiteOwl]

Quote:

Originally Posted by enaberif

Router based PC uses more energy and dumps twice as much heat. Small consumer based routers like the RT-N16 can do what pfSense can easily enough without being overly complicated.

can it keep track of individual computer bandwidth usage? or have a built in peer guardian or snort, or transparant proxy? captive portal wifi access point like administration?

looking at my dhcp connections right now i see 20+ computers using my network, i like to know who is pounding down the bandwidth at any given time so i know who to bring my over usage bill to:)

but i agree that a pc is a lot more wasteful, just pointing out that small consumer router does not meet all home users needs.

OP is also talking about building a 1u machine to toss into a rack he already has, sounds like he might have above average needs also.

also, please let me know if it can in fact do most of that, i will head to canadacomputers tomorrow and grab one. the biggest deal for me is the bandwidth monitor and usage.

[Perineum]

What is DD-WRT? - DD-WRT Wiki

I run "mega" on my Asus RT-N16

It won't break down bandwidth to individual computers though, I don't believe.

Quote:

Originally Posted by NiteOwl

i am not sure but i had a lot of problems with my wrt54g that had dd-wrt on it when there was a ton of torrent traffic going on, but the pfsense machine took it all in stride.

You needed to change your TCP timeout so you didn't run out of available ports to use. A bittorrent swarm opens ports faster than they close via timeout and then you just run out... everything comes to a halt pretty quick after that.

[kingnubian]

I have an Asus RT-N16 running Shibby's Tomato firmware and can recommend it without reservation. I also went through the same decision process, wanting to build an Intel Atom based router myself but after checking out the firmware I'm presently using, decided to go that route. It was a great decision and I have no regrets at all.

[Shadowmeph]

that is the one thing I liked about when I used to use smoothwall, and that was all the extra things that I could add onto it like snort and what not but the problem with that for me was space, I only have 2 laptops and up to 3 PCs running at the same time and with wifi it seemed for me at least not to bother weith smoothwall anymore, I would go back if I could build a much smaller one and just use my asus router for the wifi part

[Perineum]

Smoothwall served me well for years, but definitely can't keep up with the newer projects and the newer routers.