I noticed my gigabit internet speed becoming slower and slower over the past few months. Until it would no longer reach over 500Mbps.
I tried resetting modem, router, all the tricks. I called up Spectrum and complained about slow speeds. They asked me to plug directly into modem to confirm it wasn’t the router. “I’m a networking god!” I complained, “I have a three hundred dollar Linksys AC4000 router, it can’t be that!” I finally plugged in my laptop to the modem to make the support guy happy and hopefully move on to find the real issue…. The real issue turned out to be me, and my overloaded router.
What to do?
Turns out all the WiFi and wired devices I had pumped through the Linksys router was just too much for it to also provide internet. So what to do? Just buy a new top of line router for $400 that may be outdated again in four years? Seemed silly, especially as the router that I have still works fine as an access point. All I need is a DHCP server and firewall.
Also with all the recent zero day exploits targeting dedicated routers and constantly finding backdoors, I wanted something a bit more trustworthy. Enter OPNsense (a fork of pfsense), an open source firewall that also has DHCP as well as features like VPN and packet inspection. So I know what software to use, but what do I attach it too?
OPNsense Hardware
There are plenty of options designed for pfsense or OPNsense out of the box, like Protectli Vault. But as I wanted something that supported 2.5G ports, I would have to shell out close to four hundred dollars for their devices, which still run a seven year old processor. For that much money there are a lot of mini PCs with intel i5s and dual 2.5G NICs. But that still felt like a lot.
I ended up grabbing a Beelink EQ12 Mini PC with two 2.5G RJ45 ports, and rocking 16GB ram and a very modern Intel N100 processor for only $230.
OPNsense Setup
I thought it would be a huge operation to switch out my old router with a custom OS router. I was happily completely wrong a second time!
A lot of other guides already go over this well, but can break down the major steps:
- Download and load OPNsense image to USB drive
- Put USB in mini PC and press F7 on start to select boot drive to USB
- Run the installer
- Plug the LAN and WAN into the right ports
- Reboot, connect to the web interface, run the wizard
- Change old router to Bridge mode to work as WiFi point
In all, it took less than half an hour for me to setup the new router.
Outcome
My internet is supposed to be capped at 940Mbps. I am now getting a solid 1.1Gbps, even on sustained downloads!
I made sure to verify it by downloading a large steam game, and it kept the full 1.1Gbps for the approx twelve minutes it took the download the 108GB game.
Other than verifying speeds, all I have set up is port forwarding to match my old router. I still need to play with all the monitoring tools and intrusion detection capabilities that come for free with OPNsense.
Not for everyone
I’m not suggesting everyone should run out and replace their perfectly good routers with a custom hodgepodge solution. Even if you do need something new, do research and find your solution. I was just excited to share my experience with a fun project that actually worked out extremely well!
