New Firewall Build

So I have been running my home network on a home built router for well over a decade now.    Many moons ago when I lived in my apartment a client of mine was working on converting Eckerds to CVS stores.   As part of said conversion he had a ton of this little MaxTerm thin client machines.

3759951495_91064ca6e9

Which was not bad at all.  It has a little bit of memory, enough cpu to run as a router and an expansion slot.   Throw an extra network card in there and there you go.  Next to no power router.  I have been running http://m0n0.ch/wall/index.php since the beginning.  M0n0wall is now a dead project.  It will be missed, it sparked some of the great pieces I use today.   pfsense, freenas ect.   I have the last version on my little thin client and it runs well.

geek-is-coolBut like everything, eventually you run into something that makes you move on.  I had this recently.  Remember the great data apocalypse of 2015?  Well, that has sparked many changes in my backup replication plans.  One being that a buddy of mine and I are building secondary NAS systems for our freenas to put in each others server racks.  Yes, my buddy is a geek too.  So as part of this secondary nas setup.  We are going to be doing replication across the WAN.  Even though it uses SSH communication to do the replication.  We both felt doing an encrypted tunnel between locations was better.  Plus would let use gain access to each others resources without having to open unnecessary ports.  So we setup a nice encrypted tunnel.  Time to test some transfers…..

150kbs a second……..What-Meme-13

Now I never said I was a smart man.  But there is something wrong there.   AJ’s wan is 150/150 MEG!!!! (thank you FIOS) and mine is 50/50 also on FIOS!!!

No no no.  No sir, I do not want another.  I want the one I originally asked for!!!!!

Who broke that chair!!?
images

Ok.  I am calm now.  WTH is going on.   Checks the traffic graphs…

That’s not it.

Checks CPU graph on thin client….
hell-fire-1

Stops file transfer and checks again….
i_call_upon_the_power_of_ice_and_snow_by_fromzerotohero-d60aqs9

What the hell!?!  Now who broke THAT chair!!!!??

4565396395_c89b9c22f3_b

So it would seem that doing the encryption is causing a problem.  The cpu is just choking on the encrypt/decrypt over the tunnel.  That kind of sucks.  However we are also running on an old piece of hardware (12 years old?) and running on and EOL firmware.  Ok.  New Router time.

So this weekend I begin working on my new pfsense router.

Using this Intel D2500CCE Atom D2500 Dual LAN motherboard.

51mMt8cv6CL

Amazon

With a 2 gig memory chip this is ready to go.

I will post an update after I have this in and running for awhile and testing the encrypted transfers.  To see if it really is all in the cpu.