Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: [1] 2 3

Author Topic: I love my Firebrick 2500 router/firewall  (Read 15755 times)

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
I love my Firebrick 2500 router/firewall
« on: August 02, 2015, 03:31:44 AM »

This is a declaration of love and shameless plug for the Firebrick FB2500 and FB2700 routers. See firebrick.co.uk website. There's a lot around on the Andrews & Arnold support wiki too.

This IPv6 and IPv4 ethernet router has four ethernet ports on it, is a flexible firewall and has all the usual router functions in two software variants, standard basic version and the “fully loaded” version. My FB2500 is the fully loaded version because I needed to get the load sharing/bonding capability which is part of the top price version and performs outbound load sharing across three DSL modems (unequal speeds too, for some reason, which is a pain as it requires psychic powers to guess what the correct load split should be in the config to get it right for the lines’ link speeds, which could change for all I know).

The functions of the ethernet ports are software configurable, I use three ports for WAN pipes to DSL modems over PPPoE. Supports MTU/MRU 1508-8=1500. So I get three lines inbound IP which is merged together and then understood by the firewall function just as simply as if I had only a single line. Andrews and Arnold are load-spreading even single TCP connections across my three lines, in the right speed ratio too, the firebrick knows nothing about this.

It is an excellent DHCP server and a solid IPv6 router, although I don't fully understand it's DHCPv6 abilities if indeed there are any. It can do NAT and DNS relay/proxy caching. Mine uses a suitable-sized IPv4 address block so no NAT (shudders).

One of the things I love most is its XML config files, so clean and logical. They can be uploaded and downloaded using http, either by hand in the router’s web UI or using appropriate curl commands.

It has (optional auto) software updating over the internet, which is simply zero hassle.

I could do with better, longer documentation for very stupid people like me.

There are a couple of features I could wish for: much more sophisticated QoS being one, DHCPv6 being sorted out or documented, fancier IPv6 address association and management generally, rules and associations by mac address and named mac address groups including mappings from IPv6 addresses from mac to make IPv6 wandering addresses as easy to manage as IPv4 under DHCP locked assignments.

The FB2700 is definitely the one to go for, I should possibly have bought this top of the range device. It's faster and users with _bonded_ FTTx lines will certainly need the CPU performance. It also has a 3G (and 4G?) dongle interface which the lower model lacks. It can failover to this 3G interface, I'm not sure what else it can do with it.

There are rumours about faster new models on the way, which will be the way you need to go if you want to start bonding a load of 330Mbps FTTP pipes together, but then you'd soon need something faster than a single ethernet NIC to get it all out onto your LAN plus some scary switch and posh NICs all round on your machines everywhere.
« Last Edit: August 02, 2015, 03:43:08 AM by Weaver »
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: I love my Firebrick 2500 router/firewall
« Reply #1 on: August 02, 2015, 03:37:15 AM »

There are a whole load of other features (some require the fully-loaded variant) which I have left out or will just briefly skim over: BGP, L2TP, VPN, IPSec, traffic shaping, VoIP back-to-back gateway.
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: I love my Firebrick 2500 router/firewall
« Reply #2 on: August 02, 2015, 03:55:40 AM »

I am indeed hooked on this box. If I put more time into understanding its huge range of capabilities then I would get more out of it. I do need more documentation especially more xml examples, and some handholding (as my brain is fried generally).

It’s not cheap compared to home user routers but then you definitely get what you pay for. I can't remember exactly what I paid for my fully-loaded FB2500 from the A&A shop. But compared to routers and firewalls from the likes of Cisco, Juniper et al it's a real bargain, while the evil brutes from the international big boys require you to spend weeks reading the manual learning incomprehensible command lines only to fail and have to pay for extremely expensive handholding to get anything accomplished. The boxen from VastCorp Inc. really require that you sacrifice a chunk of your life on expensive training courses having first plugged your brain into the mind-expanding machine of The Krell.

In addition I use a sixteen port Netgear gigabit switch which is getting a bit long in the tooth.

Wireless? Nope. For wireless I use several different 802.11n WAPs, almost entirely 5GHz with 2.4GHz WLAN too for occasional visitors with older kit. Silly idea, integrated wireless in soho modem/router combined boxes imho, as you don't get the freedom of placement, nor the opportunity of picking the best individual components unless you pay for wireless and then ignore it. I'd also prefer to keep wifi internal rf noise out of the same box which a sensitive dsl modem is living in. (Mindless paranoia.)
« Last Edit: August 02, 2015, 04:05:25 AM by Weaver »
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: I love my Firebrick 2500 router/firewall
« Reply #3 on: August 02, 2015, 04:14:46 AM »

More wish-list things: as mentioned before, truly posh QoS would be very, very nice. As well as the usual traffic classes and speed lanes, I’d like to see things like TCP ACK queue-jumping, DNS request prioritisation, support for SCTP, QoS re-labelling, and QoS application in tunnels.

Another thing I would be interested in is some kind of support for a role as controller of an ISP-end remote firewall. (Does Plusnet have an ISP end remote firewall?) I could do more with a companion firebrick hosted at A&A who do a special hosting deal for these compact, ultra low power devices.

Anything that can help to combat buffer-bloat would be very welcome. Don't know if that makes sense, who's guilty? I get bad figures out of a couple of speed tester websites/apps that report this source of huge latency. (dslreports ?  - I forget)
« Last Edit: August 02, 2015, 04:41:29 AM by Weaver »
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: I love my Firebrick 2500 router/firewall
« Reply #4 on: August 02, 2015, 04:49:33 AM »

VoIP: I haven't got my A&A VoIP working properly, probably because I haven't been brave enough to implement the necessary xml config in the Firebrick to make the back-to-back VoIP feature work. I keep finding reasons to put this off and would probably need some handholding so as not to mess up other aspects of firewalling and routing.
Logged

CrazyTeeka

  • Reg Member
  • ***
  • Posts: 104
  • A&A Customer - Home::1TB
Re: I love my Firebrick 2500 router/firewall
« Reply #5 on: August 02, 2015, 08:41:33 AM »

As a FireBrick user, I agree it's just awesome.  ;D
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: I love my Firebrick 2500 router/firewall
« Reply #6 on: August 02, 2015, 09:24:40 AM »

YouTube video of RevK, one of the directors of Firebrick telling the tale of how things got started after a few sessions in the pub:

     http://www.youtube.com/watch?v=ouejyuDMyt
Logged

loonylion

  • Reg Member
  • ***
  • Posts: 723
Re: I love my Firebrick 2500 router/firewall
« Reply #7 on: August 02, 2015, 01:26:53 PM »

I love my smoothwall express router  :P
Logged

burakkucat

  • Respected
  • Senior Kitizen
  • *
  • Posts: 38300
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: I love my Firebrick 2500 router/firewall
« Reply #8 on: August 02, 2015, 04:14:34 PM »

YouTube video of RevK, one of the directors of Firebrick telling the tale of how things got started after a few sessions in the pub:

     http://www.youtube.com/watch?v=ouejyuDMyt

I quote from YouTube --

Quote from: YouTube
This video does not exist.

Sorry about that.
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

burakkucat

  • Respected
  • Senior Kitizen
  • *
  • Posts: 38300
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: I love my Firebrick 2500 router/firewall
« Reply #9 on: August 02, 2015, 04:42:56 PM »

I think I've now found it!  ;)

[youtube]gqZ0ZBMBKrQ[/youtube]
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: I love my Firebrick 2500 router/firewall
« Reply #10 on: August 02, 2015, 07:05:16 PM »

If memory serves, there were a few refurbished Firebricks available (through A&A poss) a while back. I expect that some second hand units will become available if the rumoured faster models come out.
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: I love my Firebrick 2500 router/firewall
« Reply #11 on: August 02, 2015, 07:08:34 PM »

Naturally there are a lot of threads describing problems and complaints concerning kit, ISPs, bugs and so forth. I decided it might be helpful to write the odd thread that is basically a review, “I discovered x, and I love it” as a top tip for other potential users. I hope this style of thread will be found useful to other Kitizens?
Logged

burakkucat

  • Respected
  • Senior Kitizen
  • *
  • Posts: 38300
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: I love my Firebrick 2500 router/firewall
« Reply #12 on: August 02, 2015, 07:12:45 PM »

Naturally there are a lot of threads describing problems and complaints concerning kit, ISPs, bugs and so forth. I decided it might be helpful to write the odd thread that is basically a review, “I discovered x, and I love it” as a top tip for other potential users. I hope this style of thread will be found useful to other Kitizens?

It's fine, by me.  :)  As for our Leader . . . just be aware that she has painted her "claws" purple, in the past.  ;)
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: I love my Firebrick 2500 router/firewall
« Reply #13 on: August 02, 2015, 07:16:31 PM »

I use a programmer's text editor, "Textastic", on my iPad, to edit the XML config files. You could just do everything with the Firebrick's web UI and never go near any XML, so no need to have fear.

What I could really do with is a top-class diff tool for the iPad. I have however found a web-based tool that can take two uploaded files and difference them, which does a decent job, and will have to do for the time being.
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: I love my Firebrick 2500 router/firewall
« Reply #14 on: August 02, 2015, 07:19:38 PM »

As for our Leader . . . just be aware that she has painted her "claws" purple, in the past.  ;)

Ulp please do explain.  :o
I did not wish to transgress. If I have unwittingly violated etiquette then please feel free to delete this thread.
Logged
Pages: [1] 2 3