Improving the Home Network

pfSense
CentOS (6.5)
Ubuntu Server (14+ LTS)

Introduction

Beginning in 2015, I desired more control over my home network setup to be able to easily host web servers, Docker containers, and game servers for friends. As a developer who loves experimenting with new technology, customization of firewall and NAT (Network Address Translation) configurations have been crucial to me.

Development Timeline

The first step in this process was to purchase a second Network Interface Controller (NIC)1 for my home server. Initially, I decided to use the IPTables2 for CentOS. However, after several weekends of spending time on properly configuring IPTables, I decided this wasn’t the right solution: Managing everything through the Unix Terminal was taking too much time.

A coworker suggested I try out pfSense. For this, I needed dedicated hardware (I could technically run pfSense as a virtual machine, but I do love building computers). And he was right: pfSense was great for my use case: At the very least, it was offering great customization of firewall and NAT rules, which is exactly what I needed. As the months went on, I made use of several other features that pfSense had to offer. Furthermore, since pfSense was based on FreeBSD (a Linux distribution), it had access to most of the packages available to FreeBSD as well.

Network Setup

Network Diagram

Benefits of a Custom Setup

pfSense home page for the router (on the left) and NAT configuration page (on the right). Details are blacked-out for security reasons.
Namecheap.com provides a great interface to use DDNS.

Drawbacks of a Custom Setup

Footnotes

  1. A device used to provide additional ethernet ports on a computer 

  2. IPTables is a Linux command line utility to create kernel-level firewall rules. 


Back to Projects