Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?

To: Celejar <celejar@gmail.com>
Cc: debian-user <debian-user@lists.debian.org>
Subject: Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
From: Dan Ritter <dsr@randomstring.org>
Date: Mon, 8 Feb 2021 16:42:40 -0500
Message-id: <[🔎] 20210208214240.GE8995@randomstring.org>
In-reply-to: <[🔎] 20210208153351.09e4f0919fb5b66720998541@gmail.com>
References: <[🔎] 20210206102908.4674.qmail@rahul.net> <[🔎] 20210208022332.GA25789@anthropohedron.net> <[🔎] 20210208114123.GA8995@randomstring.org> <[🔎] 20210208080516.04ff882b67267f88c9ed523c@gmail.com> <[🔎] 20210208133634.GB8995@randomstring.org> <[🔎] 20210208093548.e8004acda15e9b7655e7a8f7@gmail.com> <[🔎] 20210208145713.GC8995@randomstring.org> <[🔎] 20210208102039.73c14dfa4c89b95b98a86ed8@gmail.com> <[🔎] 20210208160335.GD8995@randomstring.org> <[🔎] 20210208153351.09e4f0919fb5b66720998541@gmail.com>

Celejar wrote: 
> > If you are OK buying used equipment, Intel-based gigabit NICs, 4 ports
> > to a PCIe slot, cost about $35 (or $70 new). If you've got a 5 year old
> 
> My understanding - please correct me if I'm wrong - is that with those
> types of cards, the ports are distinct and aren't actually switched in
> hardware, so switching occurrs at the OS / kernel level. I don't know
> how much of a load this puts on the system in practice, but my
> understanding is that it's certainly not an ideal way to design a
> switch.

Modern processors -- even the ones 5 years old -- are really
fast.

Linux bridging (switching) is very efficient.

Is it "ideal"? No. But given that you want one device which acts
as a WAP, router, firewall and switch, it should perform quite 
well. If you hate the idea of doing that, though, an 8-port
gigabit switch is about the same price as a used 4-port gigabit
NIC. Not as flexible, though.

> > desktop sitting around with 2GB or more RAM and 3 available PCIe slots,
> > you can use it as a WAP and have nine switched/routed gigabit ports,
> > counting one on the motherboard.  If you only need 5 ports, you only
> > need 2 PCIe slots -- one for a WiFI NIC and one for the ethernet NIC.
> 
> My understanding, although I could not find solid documentation of this,
> is that consumer wireless chipsets designed for client use don't make
> particularly performant APs. They'll work, but purpose built APs will
> perform much better, especially with their AP optimized antennas. I
> don't really know if this is true, though, and to what extent it's an
> issue, if it really is one.

Oh, no, this is a myth. The $20-150 consumer wifi routers use
the same wifi interface chips as good PCIe cards, for the most
part. OpenWRT is actually a great source of information on
these.

Assuming you're comparing a 3 antenna MIMO on a PCIe card to a 3
antenna MIMO on a consumer router, you should get equivalent
range and performance.

> And the power usage on a five year old desktop (which I don't actually
> have) will be much higher than a purpose-built AIO AP / switch / router.

That can be true. But then, the desktop can also be your server
for a bunch of other things that, perhaps, you were going to
run.

> But again, I don't really disagree. If I had the hardware lying around,
> and I determined that the power consumption wasn't a factor, it would
> certainly be tempting to consider this route.

Everything is a tradeoff.

-dsr-

Reply to:

Follow-Ups:
- Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Celejar <celejar@gmail.com>

References:
- Linux router AP with reserved IPs on wlan0?
  - From: conover@rahul.net (John Conover)
- Re: Linux router AP with reserved IPs on wlan0?
  - From: Gregory Seidman <gsslist+debian@anthropohedron.net>
- Re: Linux router AP with reserved IPs on wlan0?
  - From: Dan Ritter <dsr@randomstring.org>
- Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Celejar <celejar@gmail.com>
- Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Dan Ritter <dsr@randomstring.org>
- Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Celejar <celejar@gmail.com>
- Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Dan Ritter <dsr@randomstring.org>
- Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Celejar <celejar@gmail.com>
- Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Dan Ritter <dsr@randomstring.org>
- Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Celejar <celejar@gmail.com>

Prev by Date: Re: Incorrect password Debian 10.8 after installation
Next by Date: Re: Incorrect password Debian 10.8 after installation
Previous by thread: Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
Next by thread: Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
Index(es):
- Date
- Thread