TechImpact / it happens there first

After my harrowing adventure trying to buy a router, I decided to look at my free options.

We currently run CentOS as the core of our VoIP system, so I have a linux system that gets exposed to the internet -- I rationalized. So how bad would it be to pop another Ethernet card in the back and use that as a router as well. It would mean that I would never have problems with SIP over NAT again. So I went forth to purchase the card at CDW. Added the first one I found to my cart, then went to click the check out button. But the forces of the universe were against me. Just before I clicked that fated button, my laptop ran out of battery. It was destiny, fate, and didn't really happen. No, it was my own conscience that prevented me from putting a production server as a first tier internet client, even if it was Linux. No, there had to be a better solution -- and buying a complete pc to use as a firewall wasn't it.

That's when fate really did step in, and lead me to pfSense. pfSense is a FreeBSD based firewall with features comparable and exceeding many of the $5-600 routers I was buying. All configured from an elegant web page that walks you through everything from setting the system ip address, to establishing an IPSEC or OpenVPN connection. For those wanting to know more about their internet connection, the web interface provides access to system logs, and RRD graphs to study every aspect of your link to the outside world.

But pfSense doesn't work without a machine. Options: buy a noisy heat generating Pc from your local computer store and stick it in the closet, OR order one of the fine products from PC Engines. PC Engines builds small network motherboards that can be powered with a 12v power supply. These 600mhz devices have around 256mb of memory and run off of compact flash storage to make the perfect low-heat no noise solution. Not to mention that at 600mhz, this motherboard is twice as fast as the most expensive small business routers out there.

Unless you order yours with pfSense pre-installed, you will need a NULL modem cable to setup and configure. These cables are not off-the shelf, but can be put together easily enough at your local hardware store. The parts shown above are: a usb to serial cable, a null modem cable, a db25 to db9 connector(Fry's didn't have a db9 to db9 null modem connector), and a db9 to db9 female to female adapter. The USB to serial was required as my computer, and most newer computers, do not have serial parts. This cost $40 at Radio Shack, and $20 at Fry's. The rest of the parts ran about $10 each at Radio Shack, and $2 a piece at Fry's.

End result? I have a nailed up IPSEC connection between my offices, the phones work, SVN works, Samba works, and as a surprise result, we are now able to take advantage of twice as much of our internet connection. With double the processor, our average through put went from 8Mbs to 14Mbs. Cons to this solution: I am now aching to find a way to put more of these boards in production. I've considered everything from streaming music server to a Warcraft PC for my car. Whatever happens next, I blame it on the fine folks at PC Engines, whose website is not NEARLY as attractive as their product.

Netgate is a US retailer of the Alix systems. They have a great selection, and contribute back to the pfSense community.

by Chris Gamble