I’m trying to replace a Netgear router that apparently died after 3 months (it’s dropping connectivity to the cable modem and my wired connection) and I’ve been looking at Coyote Linux and making a router out of an old HP Pavilion running WinME.
Anyone done anything like this? Any advice, warnings, tips, etc.? Am I just better off scraping up the cash to buy a Linksys, like my initial thought was?
IMHO, yes. But if you’re a techy type and like to fiddle with these kinds of things, it won’t hurt to give it a try. But the power consumption, maintenance, and the possibility of hardware failure is greater (even though your Netgear crashed early) with a PC router, and kinda puts me off. But that’s just me. And in my experience, Linksys makes a pretty good router.
If you’re just routing to DSL or cable modem, an older PC can probably keep up. It may even have some chance at routing 100bT at wire speed. Very little chance of going faster than that.
Much better going with a Linksys or somesuch.
Personally, I think this is a cool project.
BTW, many higher-end routers are really similar to what you’re building. The consumer stuff is all shrinked down to fit on a few chips, but the bigger iron will run a more full-featured O/S. I know of several firewall or router companies built on FreeBSD or Linux, including two companies that I was involved with, one we sold to Avaya and one to Alcatel (both on FreeBSD).
Oh, and not to be disagreeable with friend LordVor, but unless you’re using some pretty archaic hardware, your performance will dust anything you’ll get out of NetGear or Linksys. The bottom line for performance in a router is the CPU and how tight the forwarding loop is in the code. Consumer routers have CPUs that could come from a crackerjack box. Unless you run a bunch of services on your Linux box, even an early Pentium will smoke them.
Now, the flip side will be that you plug in a Linksys, set two or three parameters, and it will just work. The Linux approach will be a bit more painful.
I still haven’t decided what exactly to do just yet. The upside to building one myself is that it won’t cost me anything, since I have all the parts.
The downside is, I loved the Linksys router my roommate refused to sell me when he moved out.
Any further input would be greatly appreciated.
I’m a fan of the build-your-own, but not because it’s easier. It’s harder; but you’ll learn a lot. I’m building my own PVR (“TIVO”) right now and damn near had a stroke last week trying to get the remote receiver working. I took a week off and sucked down a couple of linux-hacks books and got it working last night, and man…it felt good.
Plus, with a homemade router you can install some pretty powerful packet scanning and screening that you won’t get with a standard router.
And finally, one day, when the machines rise up to rule the world, the technophiles will be the first to be eaten.
Sevo hit it on the head. What you’re about to do will be an enormous amount of work. And once it’s up, it will likely die now and then, especially if you start doing adventurous things, like adding firewalling and traffic management, or even additional services like email, web server, etc.
If you’re just looking for a router, and the advantage you’re seeing is that you already own the hardware, this isn’t the project for you.
On the other hand, if you like adventure, this is a lot of fun.
Sorry for the hijack, but Sevo, what kind of PVR are you making? I’ve got mythtv pretty tricked out; have had it for a year plus. It is so super cool.
You could always just install Smoothwall and have done.
If you pay for electricity and wouldn’t otherwise be running that computer all the time, you’ll make up for it quickly.
I’ve built many Linux-based routers. If you can do it, by all means, go for it! You’ll have more control over your packets than you’d ever get with a simple Linksys router, and you can use the machine for other useful tasks, too. I use an old 400 Mhz Pentium II as a Linux router, mail server, file server and other miscellaneous little tasks and it never breaks a sweat.
[HIJACK_RESPONSE]
I’m working towards mythTV m’self. Athlon chip on a Nvidia motherboard, Nvidia GeForce 5500 & a hauppauge 150, using Gentoo. The LIRCD is giving me a heck of a time…probably should have gone with a 250 since they’ve been used more often, but I’m still working on it. It’s been both a headache and a lot of fun, but Myth looks great and the add-ons will be cool little features.
[/HIJACK_RESPONSE]
Eh. I’ve got no numbers, only instincts as somebody who’s worked on both unix device drivers and commercial (not consumer) layer-3 switching products.
The CPU in consumer routers are much cheaper, but part of that is because they usually don’t have (or need) a big floating-point processor hooked up to it. And don’t underestimate a dedicated small processor running a real-time OS who’s only job is to poll for incoming pkts from a dma engine that’s wired directly between the ASIC and their memory subsystem and sending them out the right port. I may be wrong, but I’m also of the opinion the CPU in even the consumer routing switches are only involved in setting up the data stream, and get hardware to pass the bulk of the packets without CPU intervention (I know that’s how it works for higher end routing switches).
On the other hand, you have a PC with two networking cards sharing the same (probably) 33 MHz 16 pit PCI bus. To do line rate routing of 64 byte packets at 100bT, you have to be able to pass about 150,000 packets/second into memory from that PCI bus into memory, at the worst case interrupt for every pkt, then push them all back out the same PCI bus, again possibly taking interrupts when the pkts are sent. I can’t see how you could expect an older PC to handle much more than that, which is what I said.
Is that a real world test? No. Is an older PC capable of routing at DSL-type speeds? Probably, unless it’s a really crappy older PC. Could this thing kick it’s ass in raw throughput? Definitely.
-lv
LordVor, I don’t mean to be harsh, but I’m not talking theory here. I’ve been the CTO of the worlds first dedicated VPN company. We built our box on a 486 running FreeBSD. The company after that, I was the VP of Engineering and we built the world’s first firewall appliance. It was on a Pentium 2 running FreeBSD. Both of those products were the fastest things in their class. The second company, we won best of show at Interop for being the first VPN device to saturate a 100mb link with 3Des encrypted traffic. And that was with no special encryption hardware; it was all done by the CPU on a stock PC with stock 3Com ethernet cards. (granted this is 6 years ago or more, but at the time that was big). These were hard-core routing devices; we sold them to serious carriers, folks like AT&T.
And CPUs have gone up in speed dramatically since those days.
While I can’t quite match your pedagree, I’m also not talking out of my nether regions. The other month I put a fairly tricked out modern system (64 bit 66 MHZ PCI bus, two gigabit eithernet cards (with specialty drivers optimized to reduce interrupts), Athalon 2200+, 1GB memory, FreeBSD with few services running, specially tuned BIOS, etc) through the ringer as a pkt forwarder. It topped out around 380,000 pkts/second, one directional, and that defied expectations. Even at a pkt size of 1512, I couldn’t convince it to go faster than 60% of (gigabit) line rate before dropping. Figure in an older system the bus wouldn’t be more than 1/3 that speed, and using off the shelf stuff instead of custom, and I get my “shouldn’t expect faster than line-rate at 100mBit” comment. Although I am genuinely impressed by what you sqeezed out of a 486.
Now, the $70 toy I linked to claims line-rate gigabit routing. I’m assuming that that means that hardware-based IP forwarding engines have migrated from the “Layer-3 Switches” that started popping up 4-5 years ago to the consumer level routers of today. And there’s nothing that a cpu-bound solution can do to the tight forwarding loop of hardware assist. Basically, the hardware sniffs destination information from the pkt and does a lookup into a table. If it gets a hit, it forwards the pkt without even involving the CPU. If it doesn’t, then it send the CPU the pkt, and the cpu programs the new route into into the hardware’s lookup table. Since the CPU is only handling a very small % of the total pkts, you don’t need as big of a CPU.
The limitations of hardware-based solutions, of course, is the lack of depth in routing protocols and configurability you can get with software, which is why people still use the big Cisco cores.
Um, I may not have been clear. The 100mb saturation was done with the Pentium 2. We only had 10mb interfaces on the 486 machine in the first company. (we saturated those as well.) But there’s no way we could’ve done 100mb encrypted with the 486.
I am amazed that $70 D-Link box claims 10Gbps of backplane bandwidth.
Well, me too, since it only has 5 ports. They must be counting full duplex as twice the bandwidth. Which sounds like marketing talk to me, and why I added all the “this is what they claim” talk.
I think that what some people forget about is the fact that CPUs have been increasing in speed exponentially while I/O busses have, in general, been increasing linearly. So tasks that used to be CPU bound, like routing, are now I/O bus bound. In the 60% of gigabit line rate case I mentioned, I still had 25% of the CPU left, but the PCI bus was out of gas.