[nycbug-talk] soho router options (soekris?)

Isaac Levy ike
Tue Jan 18 11:54:48 EST 2005

Hi All,

So I've got a hardware question some folks here may find fun.

I'm looking to replace my home-office soho type router.  For a long 
time I've used an ADSL 'router' provided by my ISP, which basically 
does NAT and DHCP, and does it quite simply and reliably.  With that, 
this thing is aging, and perhaps dying after a few years of solid 
service- and I'm looking at options...

Biggest requirement: the router must simply run, with as little 
ike-interaction as possible, as not to disrupt my other regular work.

Option Ideas:

1) Soekris/OpenBSD/pf-NAT:
I'd love to rock out with a soekris box, and OpenBSD is 
luscious/fun/obvious for a router/firewall, BUT, since I work from 
home, I can't have any downtime managing the thing by myself- and don't 
really sanely seeing myself making time to mess around- (I have other 
code and sw to work with for work and pleasure...)  Also, to ensure it 
stays up, (as I'm not sure I trust myself yet to run the little 
buggers, they're quite different than the servers I'm used to), I'd be 
inclined to buy two of them- so the price goes up for this simple task 
for me...  I'd really love to do some Soekris for the sake of it, but I 
really just don't have time to go there right now...

2) Prefab/SOHO-stuff:
The off-the-shelf options from NetGear and D-Link and etc. crudola- all 
look a bit daunting, insomuch as soho stuff can vary in quality pretty 
extremely, and I'm not real fond of all the whiz-bang features- (I've 
seen some web interfaces for client stuff that makes me sick to my 
stomach from a security and use perspective...)
The only thing that brings me to this option is simplicity of setup and 
use- so I can continue to focus on administering systems that really 
mean something to me, and hacking software that I *want* to hack...

3) Soekris-with-m0n0wall:
I'm downloading m0n0wall to give it a shot on another box here, but 
does anyone here have experience using this thing?  My fear is that I'd 
not only be hacking the system on a regular basis, but that I'd have to 
learn about hacking things 'the m0n0wall way', which I'm not 
necessarily interested in...  Though it looks like a contender due to 
simplicity of setup factor, *and* it's BSD :)

While I'm hemming and hawing here, does anyone have any good words/urls 
on this topic?


More information about the talk mailing list