Lee H. Marzke on 21 Mar 2017 08:14:50 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Low Power Consumption Firewall/Router


+1 EdgeRouter

I also had a P3 with 3 nics,  running pfsense a few years ago.    To save 100% power ;-) , I
just virtulized it to my esxi cluster.   Just in case I have a cluster issue I'm now experimenting
with Ubiquity Edge router as my backup router/firewall.

https://www.ubnt.com/edgemax/edgerouter-lite/

So this is extremely low power/cost and high performance.  Ubiquity targets these units to wISP's mainly.
The edge OS is EdgeOS,  which is a fork of  vyatta router.   When Brocade  bought
vyatta,  the source was also forked to vyOS  ( vyos.io )

EdgeOS adds a GUI and more features to vyatta - and runs on ARM only. The EdgeOS has the advantage of being certified
on low power on ARM.   VyOS is free and has debian packages,  but doesn't run on low power ARM's.  But
you could likely move the config over to vyOS in the future if you wanted to.

https://networkjutsu.com/my-home-router-edgerouter-lite/

The config is similar to other hardware ( or Juniper ) firewalls, so there is a learning
curve coming from Linux shorewall.  It's nice there is a single config file, so it's easy to diff changes.

I can't comment yet on the edgeos firewall  - I'm mostly using it for emergency internet access and don't
have all the dmz rules and destination NAT/PAT setup yet.

Lee



----- Original Message -----
> From: "Michel van der List" <plug@vanderlist.com>
> To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
> Sent: Tuesday, March 21, 2017 10:15:33 AM
> Subject: Re: [PLUG] Low Power Consumption Firewall/Router

> I use an EdgeRouter X:
> https://www.amazon.com/Ubiquiti-EdgeRouter-Advanced-Gigabit-Ethernet/dp/B00YFJT29C/
> 
> Not exactly open source but it's based on vyatta
> (https://en.wikipedia.org/wiki/Vyatta) and it's very capable.
> 
> 
> On 03/21/2017 09:50 AM, Victor wrote:
>> I've used a Soekris 5501 as my firewall for like 8 or 9 years now. I
>> started with Slackware, but Debian runs pretty well on there too. Runs
>> like a champ, but they are a bit expensive. The 5501 is EOL so you
>> could pick one up for less than $200 IIRC. There's a newer model
>> available, the 6501, with better flexibility in regards to storage.
>> I've been happy with the hardware but holding off on upgrading to the
>> 6501 & exploring other options as myself. I'm interested to hear
>> other's suggestions.
>> ___________________________________________________________________________
>> Philadelphia Linux Users Group         --        http://www.phillylinux.org
>> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
>> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
> 
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

-- 
"Between subtle shading and the absence of light lies the nuance of iqlusion..." - Kryptos 

Lee Marzke, lee@marzke.net http://marzke.net/lee/ 
IT Consultant, VMware, VCenter, SAN storage, infrastructure, SW CM 
+1 800-393-5217 office +1 484-348-2230 fax 
+1 252 627-9531 sms ( 252 MARZKE1 )
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug