A Thought Experiment on Home Networking Appliances

[Jimbo]

I just got my second WRT54G-TM router and I'm having all kinds of fun with it, and was thinking of a few more capabilities that I wished were in the router. I know there are people that will modify a router for you, but I'm not talking about that.

I was just curious what you ultimate dream network appliance or router would include.

I'd want it also to be a small mail server that does a more through job scanning my email and removing junk mail before I ever see it. Outlook is OK, but far from perfect.

I'd like it to have room for some drive bays so it could be used as an off-box backup for everyone in the family. Maybe that would have to be a self powered box that communicates via SATA to the box below.

I'd like it to hold images of all my computers and be able to restore them with just a few keystrokes.

While I'm at it, I'd like to buy another one, crank up the power, and use it as a repeater for maybe someone downstairs.

Oh yeah, a small Linux app that could do a remote virus scans of all computers connected to the network. Maybe if that worked well enough I could run a lot less intensive security stuff at the PC level.

A media extender would be great too.

And if my cable company will let me, maybe even host a small site or blog from my house.
While I'm at that point, maybe even an upgradeable CPU and RAM just to add some more flexibility in the future.

Alright, that's all I can think of for now, but tell me anything I have missed, like maybe a mobile additional wireless repeater I can take to my backyard for parties.

 

[santz]

while u are at it, might as well include Folding At Home while the router is not in use so that it can achieve 100 percent utilization, also it should be called Bat Router (while you are at it)

 

[Jimbo]

Folding at home, OK.


Why the Bat Router?

 

[skyking]

You are talking about a server, which can be your router. Google up smoothwall or linux router.
All you really need the wrt54g for at that point is the radio. I went away from that approach and back to an appliance like the wrt54g many years ago, after running a freebsd box with two nics and IPFW. I learned a great deal about routing and protocols and I learned that having a hardware failure and not being able to remote into your home computer was a PITA. I also learned that the office cooled down quite a bit when I turned off the 'ol firewall box
IF you really want to go off the deep end with this, take a look at linuxMCE.
http://www.linuxmce.com/

It will record TV, Play all your media, run your security cameras, turn off lights, run your security system, Your phone system, hook up with your PDA so you can use that to control everything when you walk in the house. Be your server. Be your router.
Brush your teeth and scrub the toilet.
There are demo videos on youtube that really show all the features and minimize the difficulty of setup. I think you could spend thousands on integration devices to control your lights and things, I installed it once before really knowing about it and ran like hell once I saw what could happen

 

[seepy83]

So you want one SOHO device that does:
Network Gateway Antivirus/Antispam Scanning
Desktop/Laptop File-Level Backup
Desktop/Laptop Whole Disk Imaging/Snapshots
WAP
Network Antivirus
Home Theater PC
Web Server
And (last but not least), it should have Upgradable CPU, RAM, and Hard Disk.


You know that a lot of businesses run those exact same types of hardware/software packages? You can have it all for your house too...but there could be a pretty hefty price tag for some of it.

On another note, I (personally) would never want all of those function integrated into a single device. You would lose too much if that single device failed.

 

[Jimbo]

OK, what if the moduels were seperated out a bit then?

The media server/player can be a separate physical unit that can live near the TV and just have content pushed to it by the router/storage module; the network storage could be a separate stackable base that fits under the main unit.

Maybe the CPU does not even have to be replaceable either? The new Atom Z550 has two cores as well as virtualizing and hyper-threading.
For a basic home server, with the different functions running in their own virtualized space, that might provide all the CPU horsepower you need. That way if your e-mail module goes down, it doesn't take anything else with it.

 

[skyking]

So you want one SOHO device that does:
Network Gateway Antivirus/Antispam Scanning
Desktop/Laptop File-Level Backup
Desktop/Laptop Whole Disk Imaging/Snapshots
WAP
Network Antivirus
Home Theater PC
Web Server
And (last but not least), it should have Upgradable CPU, RAM, and Hard Disk.


You know that a lot of businesses run those exact same types of hardware/software packages? You can have it all for your house too...but there could be a pretty hefty price tag for some of it.

On another note, I (personally) would never want all of those function integrated into a single device. You would lose too much if that single device failed.

Amen to that last note. I was really just looking at different distros with mythtv and had the LinuxMCE monster installed on a test box before I really knew what it wanted to do.
You'd get your whole world wrapped up in that thing and BAM! The wife would call while you were out of town. Nothing works honey. No thank you.

Jimbo, there are several ways to go regarding peripheral appliances. Logitech squeezebox will play all your media into a stereo system, as well as streaming content off the web.
I would leave the routing to a router, and build a linux fileserver with a RAID array. That server can do anything you can dream of.

 

[Red Squirrel]

I rather my router do very minimal work, and offload the rest to servers.

For me a router is

- firewall
- packet switching (at layer 3)
- DHCP

And it should do it very well and have plenty of options for going deep. Sadly none of the home routers are that good at what they do if you want an advanced network. I may possibly get my hands on a 1U server so I will probably use it as my firewall. I would also love to have a managed switch. The Dells look promissing, and affordable. Cisco is nice but way overpriced. You pay for the name.

 

[her209]

Content filtering + Web Caching

 

[Jimbo]

Content filtering + Web Caching

Those two would easily work, and maybe a high powered and intelligent add blocking that let's you view you tube just fine but intelligently kills most of the flash and Java browser hijacks too before they even get to your computer.
Also I was thinking of a "hardened" browser that lives on the router than then passes the safe content along to your regular browser.

That combined with Web caching would give you a pretty fast Internet experience most of the time.

 

[n0cmonkey]

Those two would easily work, and maybe a high powered and intelligent add blocking that let's you view you tube just fine but intelligently kills most of the flash and Java browser hijacks too before they even get to your computer.
Also I was thinking of a "hardened" browser that lives on the router than then passes the safe content along to your regular browser.

That combined with Web caching would give you a pretty fast Internet experience most of the time.

And unicorns and rainbows!

 

[Jimbo]

And unicorns and rainbows!

Maybe, but like the title says we are all just thinking out loud. PCs can do lots of things but some of those things are better done by appliances that run 24/7 and don't rob clock cycles for whatever the main focus of your work happens to be.

If I can offload that stuff to a high-powered router, then why not?

 

[n0cmonkey]

Maybe, but like the title says we are all just thinking out loud. PCs can do lots of things but some of those things are better done by appliances that run 24/7 and don't rob clock cycles for whatever the main focus of your work happens to be.

If I can offload that stuff to a high-powered router, then why not?

The key word in your title is "Home." It isn't inexpensive enough for most homes, either monetarily or in the time it takes to build what you're talking about. And some of the ideas are just plain impossible.

 

[Jimbo]

The key word in your title is "Home." It isn't inexpensive enough for most homes, either monetarily or in the time it takes to build what you're talking about. And some of the ideas are just plain impossible.

Not being a network guru, exactly what part is impossible?
Yeah, I don't think it would be cheap, but it souldn't be any more expensive than what you would spend buying a home file server and a media extender and a router seperately. I'd think.

 

[n0cmonkey]

Not being a network guru, exactly what part is impossible?
Yeah, I don't think it would be cheap, but it souldn't be any more expensive than what you would spend buying a home file server and a media extender and a router seperately. I'd think.

You're asking for a lot of intensive features (web caching alone can be quite a hog, not to mention mailserver/scanner and backups).

You might be able to do the virus scanner stuff with iSCSI + ClamAV, but I haven't looked into it.

What's currently impossible:

Also I was thinking of a "hardened" browser that lives on the router than then passes the safe content along to your regular browser.

You'll have false negatives and false positives. The attack vectors for the web are too numerous for any scanner to be perfect. Then you'll have to worry about updates to the scanning engines (make sure you pay that bill on time!), bugs/vulnerabilities in the proxy, incompatibilities in the proxy, added support for everyone trying to use the proxy with crappy applications, etc. I don't think it can be done for the consumer level. Prove me wrong. Seriously, I'd buy something that was good and at a consumer price.
You'd probably be better off starting with configuring and using your system properly. Its free, just takes time.

 

[Jimbo]

Yeah, I wasn't aware of all the technical limitation at play here.
Thanks, I learned something from you!

 

[n0cmonkey]

Yeah, I wasn't aware of all the technical limitation at play here.
Thanks, I learned something from you!

A lot of it is do-able, it'll just take an investment of time (and maybe money depending on what you have available).

System imaging: e-fog
Backups: there are a number of free backup solutions out there (bacula, amanda, etc)
Web proxy: squid
Anti-spam: depends on how you want to set it up, but spam assassin and various gray listing possibilities
Web server: apache, nginx, lighttpd, etc.

You'd be better off separating some of that functionality too. If your web server gets popped you don't want it to affect your backups, so put those things on different systems.

 

[Jimbo]

What do you mean by 'popped'?

Do you think a 330 Atom could run all of that for less than six typical home users?
Could I virtualized and then run all of this stuff in it's own box/container/space?

For obvious reasons.

 

[Nothinman]

What do you mean by 'popped'?

Do you think a 330 Atom could run all of that for less than six typical home users?
Could I virtualized and then run all of this stuff in it's own box/container/space?

For obvious reasons.

He probably means broken into, but I'm not 100% sure. A web server is a pretty common target for attacks and if yours gets broken into and you've got everything on that system then you just potentially lost everything. In the best case scenario the attacker has a copy of everything you've backed up. One of the main reasons for having separate boxes do separate jobs is to lessen the impact of a problem, be it a break-in or just a broken box.

Untangle does a lot of what you're talking about, but for the things like the media extender, client backups, etc you'll need something else and would be much better off putting them on a separate box.

 

[n0cmonkey]

What do you mean by 'popped'?

Do you think a 330 Atom could run all of that for less than six typical home users?
Could I virtualized and then run all of this stuff in it's own box/container/space?

For obvious reasons.

popped = "hacked into"

The Atom might be able to handle it with enough ram. Not positive though. Depends on what you do.

If virtualization is the answer, the question probably sucked. Some of the tasks might be okay to virtualize, but I definitely wouldn't trust all of them to it.