[wplug] PFSense, load-balance router setup on old hardware.
Drew from Zhrodague
drewzhrodague at zhrodague.net
Tue Mar 31 16:05:50 EDT 2015
On 3/31/15 2:20 PM, Doug Green wrote:
> My home network has two DSL lines coming into a TP-Link load
> balancing router in order to "duplex" the bandwidth (we have really
> slow internet where I live). Long story short, I need more RJ-45
> ports than my load balancing router can provide.
>
> I'd like to recycle one of my old computers as a router. Does anyone
> have experience using pfsense or zeroshell in this capacity? The docs
> seem to indicate that it's more geared toward replacing firmware in
> an existing router. Instead of buying a dedicated router, can I add a
> bunch of network cards to an old tower?
I use a PC as a router, and have done so for many many many many years.
I prefer a standard Linux PC to any of the available router options.
My trick is to enable ipv4 forwarding, toss in some iptables for ip
masquerading, a little DHCP and DNS - good to go. Bonus that you don't
need to forward ports to get a service running to the outside.
You can add a bunch of NICs to any junk PC, and turn it into a router.
Here's the magic required:
# Turn on ip-forwarding
echo 1 > /proc/sys/net/ipv4/ip_forwarding
Add some iptables and shake (eth1 is local for me):
-A PREROUTING -i eth1 -j MARK --set-mark 0x9
-A POSTROUTING -m mark --mark 0x9 -j MASQUERADE
I have used many many many kinds of routers over the years. Nothing is
as robust and full-featured as a junk PC with my favorite Linux distro
on it. It's also helpful to do packet captures, collect actual logs, and
run debugging tools - many routers just don't have that ability. Happy
Networking!
--
Drew from Zhrodague
post-apocalyptic ad-hoc industrialist
drew at zhrodague.net
More information about the wplug
mailing list