Messages

Hello everyone.

a "genius idea" went through my head while thinking about my soon to be next setup.

both the hardware i'm going with is laptop based cpu with AES-ni support, but unfortunately, the desktop motherboard version has a bad bios which does not allow the use of AES-ni  so it hoght abot this:

me not having a managed switch, i can let my  modem (td-w8901g, old adsl2+ modem, it does the job for what we have ) to initiate the PPPOE connection but disable DHCP  and NAT too maybe (and let it on same subnet or put it in different one if possible) and somehow tell Opnsense to route traffic to its IP as its WAN interface in DHCP mode.

and if this idea works I can connect the 4G modem the same way and have failover/load balance.
I don't know if it's even possible but he's a graph

the questinos are :
1- is it feasable ?
2- is it secure ? the adsl and 4g modems are the connection initiators, Opnsense connect to them as a "simple client via DHCP).

this wold solve the chocie of hardware i have on my hands for me (and hopefully avoid me spending money i don't have for now lol, but worst case scenario i can just forget abot aes-ni in the future.

thank you guys for yor future answers hopefully ^^ .

Thank you for your reply franco and i see your point about VPN.

and To be honest  i still don't know how much would the VPN solution would impact my bandwidth but if it as "back to the 512kbps" it may not be worth it yes, even for a small network and for the small amount of devices at home (ten-ish devices without guests, still didn't think about what to do with those when they come).

My problem is with services and websites that don't like recieving demands from different IP adresses ( which is my case in my setup), and even tho Opnsense has the " sticky connections" to deal with that problem, it goes well with literal load balancing between the two WANs true, but would defeat the purpose of "load combining" in my understand of how it works, so in my mind, take 1.1.1.1 and 2.2.2.2 get them to go throught the same 3.3.3.3 IP so that websites and services sees it as from single computer requests .

But load combining still needs benchmarking in my case to see if it impacts negatively the gaming experience especially, in which case, it will be time to dive deep into the multiwan setting for more indepth settings.

I'm saying this because in my old experience with Connectify's Load cmbining, it worked well with downloads, but was horrible for gaming, but of cours ethat's a different software in a different setup .

We'll see how it goes in the next few week/months.

Hello everyone.

First of All i want to thank this community and all the feedback/support it provides, it feels good to find a helping community that actually focus on helping and constant feedback for improvement instead of looking down on those who are still initiate on networking and what not (which is the case for me ).

This is just the story of the experience i had in the last few days setting up the network for our future house.

I got tired of the standard modem/router box sitting there looking at me with a snarky stare telling me i have no control over my network at all,  since every time i want to do anything with my network it's either a "NOPE, CAN'T DO" or a hit-and-miss process where sometimes it works and sometimes not, i became so  ftrustrated but felt that i can't do anything about it unless i pay hundred of euros for a modem/router capable of this type of control.

Time passed and while i was searching about a way to combine multiple internet connection to get a higher speed, an experience i had for a moment with a software named "Connectify" which was good to a certain extent, but i was the only one experiencing it on my Desktop pc, but not my family on the wireless network for exemple (plus the other problems i had with it being set up on my desktop PC instead of a standalone machine), i discovered a post talking about open source routers that you cna build yourself and the Name Pfsense popped, since then a new world has opened to me, i saw the opportunities that i could give me , and after a first failed try with a laptop that could have been a good router, i started to have a weird feeling about the Pfsense community.

Some people were really really nice and helpful, taking me (a total noob) by the hand in a step-by-step process to show me (and other) what was good about my setup, and what was bad (security issues, possible holes that could be exploited, level 2 and level 3 network something that i still don't understand lol ) ...... and then there were those that didn't bother even to explain what was wrong, but instead looked at me (and other) from their high horses, and just shutting us down with the usual short answers that discourages you from even trying to find other options or stops you completely form trying to retrace your steps to find what went wrong ... etc.

Fast forward some weeks later, after i've abandonned the Pfsense router on a laptop idea, and actually got fed up by the " not going to support non aes-ni CPU based routers anymore" i wanted to explore the second option that was out there and that i read about which was advertised by many as a "less corporate, more friendly, and more in the open source mind, as it should have always been with Pfsense before it got acquired and so i decided to retry the experience, and boy was i surprised  after a long read about the difference in human interactions between the two worlds.

Anyway, I took my E5300, an 80gb HDD and 2 gigs of rams and bought two other nics (a pci, and a pci 1 one) and installed Opnsense on it and restarted my new adventure........ ok the first feel i had about the interface was ... oh its different somehow, can't explain what's different tho, but i definitely needed some time to get used to it, and after the first try with that, i decided to go a little more recent (but still old and allow a better path of upgradability) and went with a g2030 based system instead for the lower power consumption basically for basically the same performances.

I took an old D-link 2640u that i retired because its wifi would decide from time to time to not be visible anymore and not being able to connect to it, and i thought i would use it as a bridge to the Opnsense router, and then i would put my actual D-link 2750u after Opnsense, to use as Access point ........ yeah that didn't quite work in the end for the last part.

It turns out that the 2750u didn't allow wireless devices to connect to it when the DHCP service was disabled at first ...... then after a moment or a restart it would allow them to connect normal (talking about hit and miss),  and even when the devices connected, EVEN IF the DHCP service was disabled, it was still the 2750u that gave them an IP adress and they would not be forwarded directly to Opnsense (while wired devices had the IP adress from Opnsense).

From the Opnsense side, not gonna lie, i struggled a little because, like everything new, it needed a small learning curve, and some things were not explained in the documentation (because they were obvious maybe ?)

The PPPOE setup was different from the standard adsl router, it only needed username and password, and nowhere to input VPI/VCP info like i'm used to ........ whaaat ? i've spent some time looking around, until i said "to hell with it, let's try without them" ........ and it just worked ? i was surprised because it was mendatory in my old adsl modems.

One step done, second one was passing through the 3G/4G internet to Opnsense and this is where i got stuck, while looking i didn't find a way to bridge this one and do it the same way as the PPPOE one, so right now i'm stuck with the external modem doing that job, then sending it to the Opnsense router.

The problem with that ? high latency when there is high demand on that network, when nothig is asked of it, Opnsense reports 50ms of ping, and as it start sending and recieving data it jumps to 200ms and for now i don't know if the problem is in the 4G modem itself or the Mobile network and the fact that it will never be as stable as an ADSL internet, which is a fact i knew already going into it .

i'm sure some people will ask themselves  " why are you bothering with this and making it this complicated", let me give you the context.

I live in Algeria, a country where the "Hish speed internet" is not that high speed, and the price is nonsensical , right now i am paying 15€ for a 4Mbps internet speed (with a locked 0.5 Mbps up), and since i have extra a sim card that allows "data sharing " with my mobile phone", i can dumb 30Go of my data in my home network for all the devices that are connected which depends on the days, can go up to 15 Mbps, plus, it would allow me to have a high upload speed for my gaming server hosting with friends for exemple when i need it.

right now, i bought a Gigabyte switch to put after Opnsense, and i'm looking locally for a router / access point with Gigabyte ethernet too and wireless at the same time, since the 2750u can't be used for that purpose  (access point) and my setup will be done for the network.

Also (and maybe this is stupid) but i decided to power all the devices (modem, switch and future access point) from the computer PSU through molex, and the computer would be hooked up to a DIY long run UPS, i wanted to reduce the 220v to 12v power wall adapters .

All i am looking to do now, is figure out if it would be possible to actually make it so that by using some kind of servce or options like OpenVPN, to make it so that the Data sent from the two internet connections which has Different IPs of course, to me combined into a single IP in some way so that , games and websites sees it as a single internet connection, and that way (hopefully) i would benefit the most out of this setup.

I know this is a long read but i wanted to share my thought about it, and happy about how Opnsense and the Open source router idea is gonna hopefully allow me to control the network of our house in how i always wanted to do (equal bandwidth sharing and caching  for exemple when i'll figure that one one out)

Any feedback would be appreciated too ^_^

Thank you for your reply.

I guess in the futur i can go even lower performances but modern if possible which would make it better AND smaller than a pc in a wooden box for router lol.

i will experiment with this as long as i can and see how it goes .

Hello everyone.

So after a first try that i call "failed) with a laptop and pfsense that i was trying to convert into a pfsense router (i shorted something in the mobo and RIP its ethernet port), i decided to use what i had on hand knowing that normally, it should be enough but hey, i'm not expert and that's why i come to you people ^^.

Just so you know, the internet speed is not big, like at all, we're talking about 4mbps to begin with, and then upgrade to 8mbps down the line or just add a 4g data plan which in my case can be better , i don't know for sure.

as for the number of devices, it's gonna be around ten (let's say 15 just because).

i happen to have old LGA775 hardware  to which i've added two nice (pcie and pci) for a total of 3 RJ-45 port,  and yes it has no aes-ni support that's why after my first try with pfsense (people were helpful in their own way, some rude some good), i decided to go to opnsense because as far as i know, they basically have the same hardware support, but old hardware is not gonna be supported anymore (at least for now), and so this is the situation i'm in right now :
CPU : E5200 @3.6ghz
Motherboard: gigabyte g41mt-s2pt with Atheros gigabyte ethernet.
RAM: 2gb of 1333 DDR3
HDD: 80gb.

the two other nics are Realtek based chipset , but they got detected easily by Pfsense, so i am imagining that they are going to work just fine with Opnsense too.

As for the overclocking, the motherboard did it by itself for some reason, as normally the cpu is a 2.5ghz one.

after this lengthy description (i wanted to give as much detail and context as possible), after some research i guessed that my configuration should be enough for my home and the devices in it, but is the overclocking good to keep or should i just go the otherway and underclock it  for power consumption reduction if it's already overkill for our usage  at home.

what i wanna use it for ? bandwidth control, caching and with time maybe other things, i am really new to this personnal router option so i don't know what it's capable to do and can't ^^.

Thank you so much for your futur answers :)