Wednesday, March 19 2014

New home firewall router

On a whim, I went looking for a new small-form-factor PC to use as a home firewall. I found the Shuttle DS61, which has several things to recommend it: dual gigabit NICs, mSATA port, dual serial ports, 4x USB2 and 2x USB3, HDMI and DVI, and the ability to take up to a Core i7 and 16GB of RAM.

Everything but the USB3 ports are supported by OpenBSD, so it will make a spiffy little firewall. It would be nice to have a third NIC to run a DMZ, but the only thing I’m using a second static IP for right now is my wireless, which I can leave untouched. The CPU and RAM are serious overkill, but it means I have plenty of spare power for Openvpn and IPSec tunnels.

So, for $427.61 on Amazon, I got:

It took about ten minutes to put it together and boot it up. I did a quick OpenBSD test first to make sure everything worked, then threw a graphical install of Scientific Linux 6.4 on it to see how it worked as a potential developer box. (modulo the lightweight CPU and small amount of RAM I put in it, that is)

So far I like it. I might even hold off on turning it into a firewall for a while, and use it to replace dotclue.org and move it out of the current co-lo. I’ve been running on an old beta NetEngine for, um, too many years, with a 500MHz Pentium 3, 256MB of RAM, and an 80GB hard drive.