pfSense as home router

pfSense as home router

Why

• Netgear R7900P started hanging daily, albeit loved its WiFi coverage
• Popular open router platform
• Used with Protectly appliance

Environment:

• Comcast + own Arris SBG6580
• Unify AP Pro for WiFi (PoE powered), requires Unify Controller to manage

Documentation:

• Netgate pfSense
• Collection of pfSence Solutions
• pfSense on ESXi - just an idea
• OpenVPN + Google authenticator

Challenges/Observations:

• NAT behind NAT solutions
  • switch DOCSYS modem to bridge mode
  • disable blocking private networks and reserved addresses, since pfSense is behind firewall
• Strange DHCP6 behavior resulting in continuous networking restarts, which slows down things. Static IP configuration fixed this.
• upgrade from stable to RC version did not go well, had to run update manually from ssh session. RC receives fresh packages, including kernel, neat.
• quite sensitive to power loss - parts of config wiped after accidental power cut.
• used dns-forwarder, instead of resolver. Resolver traverses DNS from root servers (can work in forward mode). Forwarder (dnsmasq) simply passes requests to configured servers.

Impressions:

• solution for enthusiasts, although pretty solid
• nice way to learn/refresh basic networking in-and-out