How to Build an Enterprise-Class Router/Firewall for under $200 (part I)

First of all, most of us -geeks- can make a Linux Router/Firewall for free, using old computers sitting around. But this article focuses on how to build one (complete with parts list) using new parts - keeping quality and expandability in mind. It also discusses (in part II) how to extend the capabilities of this device, to make it a web server, mysql server, file server, email server, spam server, wireless access point, VPN…etc. I am not going into the details of exactly how to build a PC, there are plenty of tutorials out there (here, here and here).

As usual, all the parts I'm going to use have links to Mwave, my favorite supplier (on a separate note, Mwave is my fav because they are local for me; I can go pick up parts directly, but you can probably find better prices thru NewEgg or your own favorite supplier). I'm going to use a CF card (with an IDE converter) for main storage instead of a regular hard drive. It will take a bit longer to boot up, but you'll have no moving parts (except for the PSU fans). Less wear and tear and less noise.

Parts List

Motherboard : Gigabyte GA-8VM800PMD-77. $45.50. Reliable board. Can take fron Celeron Ds up to a Core 2 Duo for expandability. SATA if you want to turn this into a file server. Built in VGA. 

Processor: Intel Celeron D 331. 2.66 Ghz.  $37.95. Sufficient power for a simple router/firewall. 3 year manufacturer warranty just in case. 

RAM. 256 Mb Kingston DDR2 533 mhz.  $19.00. Sufficient RAM for a simple router/firewall. On my last build, the firewall was using 42 mb of RAM.

HDD: 1 GB Transcend 80x high-speed CF ($13.50) with a CF to IDE Converter ($9.50 that plugs directly in the motherboard). Ubuntu server plus upgrades and Webmin uses about 600 MB of space. So thats about 400 MB for logs and expandability. A  2 GB card goes for $22.68

Case: Dynapower Titan with a 430 watt power supply $29. Small and conpact case but still fits full size PCI cards. Low noise. (Does anyone have other suggestions? Leave a comment).

Additional NIC. Trendnet Gigabyte NIC $12.26. For the LAN side of this.  

Optical Drive: LG DVD-ROM $16.50. I'm adding this because the whole idea is that you have no spare parts sitting around. But if you do have an optical drive, you can obviously skip this. Also, you are only going to use this drive for about 1/2 hour, for the main OS install. You can remove it later. Although, tutorials on how to install over a network, here and here.

So…there you have it. Nice hardware for an Enterprise-Class router/firewall for $165.87 (just add shipping and tax). Compare to a Dlink DFL-200 $201.90, Sonicwall TZ 150 $253.48 . Netgear SSL312 $348.18  (and these are low-end routers) that don't have half the capabilities and expandability that the mine does. Also, remember that all the software that is used to run mine is open-source. 

Now, on part II; Ubuntu Installation, Configuration and deployment. Also, some great ideas on how to expand and make it more powerful or feature-full. Hint, start downloading the Ubuntu 6.06 Server ISO. Part II will come out at the end of this week. Stay tuned.

Related Posts




This entry was written by J2, posted on March 19, 2007 at 8:39 pm, filed under PC. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

3 Comments

  1. Thorin
    Posted March 21, 2007 at 7:53 pm | Permalink

    Looking forward to part II. I’m in the middle of a similar project using cheaper used hardware (prices in Korea):

    Motherboard: Used generic Via694 or Intel 815 socket 370f($10)

    CPU: Used Pentium III 1 GHz ($10)

    RAM: 1GB PC133 (from my collected parts)

    HDD: I was going to buy a Seagate PATA 40G 7200.7/2M ($35) since my project is also a personal web/mail server but after reading your post, I’m thinking about going with compact flash. I probably don’t need more than 2GB (Transcend 2GB 120x $24) anyway. Less moving parts = happy admin. Especially since I’m trying to make this thing “silent”.

    Power supply: I’d buy a fanless one if I could find one here but I’ll probably settle for one with a quiet 120mm fan ($15-20)

    NIC: Used generic Realtek 8139 ($1)

  2. Why, when you can do this all for less?
    Posted April 1, 2007 at 9:20 am | Permalink

    For the price of some linksys or asus router (as detailed at the packetprotector site) you can install a linux OS (OpenWRT), and it has options for not only firewall, but IDS/IPS, VPN, AV and more!

  3. David Edwards
    Posted August 6, 2008 at 4:12 pm | Permalink

    This looks fantastic. Love the use of the CF card for drive. However, any suggestions on smaller form factors. Given its use I would prefer something that occupies very little space. What do you think of this http://www.mwave.com/mwave/viewspec_v2.asp?scriteria=BA24741 . Or better yet something even smaller? Will this still work, is the energy efficiency bad in a router? Untangle also looks like a pretty sweet gui for working with a lot of the apps you would want to use here. http://www.untangle.com/index.php?option=com_content&task=view&id=242&Itemid=967 .

One Trackback

  1. By J2s site - it is nice! » Blog Archive » How to Build an Enterprise-Class Router/Firewall for under $200 (part II) on March 22, 2007 at 5:09 pm

    [...] Part I of this article here  [...]

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*