[TriLUG] Best O/S for a Linux Router/Firewall?
Jym Williams Zavada
trilugj at jrwz.net
Sat Sep 10 08:54:47 EDT 2011
If you are willing to do command-line only, I can recommend OpenBSD as an OS
that can provide routing, firewalling, DHCP service, and supports IPv6 and
OpenVPN. I've used it very successfuly for routing/firewalling. Being that
it's a *nix variant, the learning curve isn't very steep.
You may also want to take a look at Routerboard.com's RB750GL Gigabit
Ethernet 5-port SOHO router for $59.95 (or the 10/100 version RB750 for
$39.95). I bought the RB750G for $79.95 a year ago (the RB750GL's
predecessor). I've not yet done any production level testing on it (still
learning the CLI and experimenting with it), so I can't really say how well
it might work for you, but I can say that it does routing and firewalling,
and claims to provide DHCP, IPv6, and OpenVPN support (which I've not tested
Although they run Linux under the hood, they use their own proprietary CLI,
which is neither the easiest nor most intuitive interface that I've used,
and definitely involves a much steeper learning curve than OpenBSD would
(online manual at http://wiki.microtik.com/wiki/Main_Page). However, the
price is phenomenal, and I suppose if you were persistent enough, you could
find a way to re-flash it to get a standard linux command-line. For me, I
figure that the time and effort it takes to do that is better spent learning
the proprietary interface. For that matter, they sell DIY, enclosures,
boards that include serial ports, etc., but the cost starts going up
significantly. If my budget weren't nearly as tight, I probably go that
route and roll my own.
On Fri, 9 Sep 2011 at 17:44, Tarus Balog wrote:
> Since I'll end up routing ethernet, I figured it was time to switch to a
> Linux-based router. In a perfect world, it would support routing between
> the Centurylink ethernet interface and our lan, act as a DHCP server,
> and act as a firewall.
> It must support IPv6. It would also be nice if it could easily handle
> OpenVPN as well.
> Suggestions for a distribution to use? I hear good things about monowall.
More information about the TriLUG