+1 pfSense, I have used it and it's predecessor m0n0wall for over a decade!
JP
748-2200 talk/text
On 2014-06-26 3:12 AM, "Scott A. Johnson" <scott.a.johnson@gmail.com> wrote:
> Funny.... I left Vyatta for pfSense and I love it. Vyatta was great and
> powerful, but there were a few things I was trying to do with source based
> routing that I found pfSense more refined.
>
> Christopher - I bought some hardware from these guys, which came loaded
> with pfSense.
> http://www.logicsupply.com/computers/solutions/firewall-networking/
>
> Scott
>
>
> On Tue, Jun 24, 2014 at 9:22 PM, Royce Williams <royce@tycho.org> wrote:
>
>> On Tue, Jun 24, 2014 at 8:55 PM, Christopher Howard
>> <christopher.howard@frigidcode.com> wrote:
>> > On Tue, 24 Jun 2014 18:49:04 -0800
>> > William McKinney <wdmckinney@me.com> wrote:
>> >
>> >> Mikrotik has been around for a long time, and is quite proprietary.
>> >>
>> >> a.
>> >>
>> http://askubuntu.com/questions/376717/how-to-set-up-a-linux-server-as-a-router
>> >> b. http://www.lartc.org/ c.http://www.zeroshell.org/
>> >> d. https://openwrt.org
>> >> e. http://www.freesco.org/
>> >
>> > Forgive me a touch of frustration... it is all nice and wonderful to
>> > be able to throw out a list of several of the dozen or two Linux
>> > router distros out there... but it would be more helpful if we could
>> > point to one or two of them that actually sold ready to go hardware,
>> > with software pre-installed, and transceiver modules ready to be
>> > plugged in, to meet your middle-sized business or enterprise needs.
>> >
>> > Say, I find out I am going to need 12 VLANs, with fiber trunks, and
>> > router-on-stick, and OSPF, and radius authentication, and ACLs, and
>> > port security, and config sharing, and neighbor discovery, etc.,
>> > etc... Personally, I'd like to be able to look at Web page that lists
>> > all the specs of the hardware, the prices, along with reassurances
>> > that the software is preinstalled, with all necessary drivers
>> > functioning, and the system has a straightforward and reasonably easy
>> > to master interface.
>>
>> As much as I hate to say it ... if you need this level of
>> functionality, performance, ease-of-use, and hardware support ... then
>> I think that you're either better off going commercial, or you're
>> going to have to tinker at least a little bit.
>>
>> Commercial doesn't have to be super-expensive. You might want to
>> check out the Ubiquiti stuff:
>>
>> http://www.ubnt.com/edgemax
>>
>> They run a fork of Vyatta, and there appears to be some
>> cross-pollination among the projects:
>>
>> http://dotbalm.org/leaving-pfsense-for-vyos/
>>
>> On the tinkering side, some of the stuff I know of (like pfSense) does
>> a lot of what you list above, but not all of it out of the box -
>> especially when you start looking for port security and neighbor
>> discovery. Concerns from the dotbalm.org guy about pfSense hardware
>> performance (because PF wasn't multi-threaded) will be addressed in
>> the next major release of pfSense.
>>
>> > For a guy who is in the process of getting into the Net Tech field, it
>> > seems like we are really falling short in this area. If I'm wrong, I'd
>> > be glad to learn more about what's out there...
>> >
>> > (Somebody else mentioned VyOS... Again, if you can point me to the
>> > vendor site with hardware specs and prices, I'd be grateful.)
>>
>>
>> http://www.ubnt.com/edgemax#EdgeMAXhardware
>>
>> VyOS is intended for people who want to build their own routers. They
>> could really use a 'supported hardware' wiki page or FAQ entry, but
>> these appear to be lacking. But the Ubiquiti stuff above looks good.
>>
>> NB: I have no direct experience with any of the above other than
>> pfSense. I just did a few minutes of GTFY. ;-)
>>
>> Royce
>> ---------
>> To unsubscribe, send email to <aklug-request@aklug.org>
>> with 'unsubscribe' in the message body.
>>
>>
>
>
> --
> Scott A. Johnson
> scott.a.johnson@gmail.com
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Thu Jun 26 15:18:11 2014
This archive was generated by hypermail 2.1.8 : Thu Jun 26 2014 - 15:18:11 AKDT