[GTALUG] inexpensive mini-PC with four 2.5G ethernet interfaces

Fri Jul 1 13:49:45 EDT 2022

On 2022-07-01 12:01 p.m., William Park via talk wrote:
> BTW, your reply was double posted, James.
>
> Since you actually bought one... how is it different from buying Asus 
> router? 

Sorry, I thought my first post went only to Hugh.

Compared to an Asus?  Well, pfSense is a lot closer to "real" routers 
from Cisco, etc..  For example, on my system, I have 4 Ethernet ports.  
Some people bond them for greater bandwidth.  I have a test LAN and also 
a dedicated connection to a Cisco router (I bought it when I was working 
on my CCNA).  It supports routing protocols such as RIP, OSPF and BGP.  
It has an NTP server which can be fully configured for multiple sources 
and so much more.  So, you'd be better off comparing that Asus to a 
Cisco router.  A lot of people don't know that routers can be much more 
than the typical SOHO router, which has only 1 WAN and 1 LAN 
connection.  For example, I have a VLAN for my guest WiFi through the 
same access point (Unifi AC-LIte) as my main network.  I know many SOHO 
routers support guest WiFi, but how configurable are they?  I can have 
as many WiFi networks as my AP has SSIDs.  PfSense also supports captive 
portals, so you can use a login screen for users.  It also supports 
RADIUS servers for VPN connections.  It supports OpenVPN, IPSec and 
Wireguard VPNs.  On IPv6, I get a /56 prefix from Rogers, which means I 
can have as many as 256 /64 subnets.  I can even pass some of those onto 
my Cisco router, to be split further.  I doubt you can do that with an 
Asus, etc. router.

Bottom line, pfSense on appropriate hardware is much more capable than 
typical SOHO routers.

BTW, prior to this mini PC, I had an old HP compact desktop computer for 
my firewall/router.  On my 500/20 connection, I would generally see 
around 540 or so down and 21 up.  I got the mini PC when the HP died and 
my download bandwidth immediately jumped!  So, the HP was the limiting 
factor.  Now, it's getting to the point where my 1 Gb LAN is the 
limiting factor.  Also, prior to pfSense, I used Linux for my 
firewall/router, but it wouldn't handle DHCPv6-PD, which is how the 
prefixes are distributed.  PfSense does and I can assign individual 
prefixes to any interface, including VLAN or VPN.

PfSense is a free download from pfsense.org, though there is also a 
commercial version that comes installed on Netgate hardware.