Bear in mind that the Pi 2 uses the USB stack for internal ethernet, so packets will travel across the bus twice (once inbound, once outbound). This means that performance may be heavily constrained by USB. This Pi network speed test article shows the difference across models. If your Internet bandwidth is below half of the results on the linked page you’re probably fine. If not, this might explain performance caps you might hit.
I use a Kaby Lake Partaker box which was fairly cheap with FreeBSD as a Firewall. I did use OpenBSD for a while but I kept getting PPP LCP timeouts and really low performance, debugging which was way above my pay grade.
I’ve been using OpenBSD on an apu4e2 (an upgrade from the Alix platform the author mentions) as a router / firewall for probably close to two years, and I’ve been totally happy with it. I hadn’t considered a pi since I assumed it was primarily Linux-only, and I’m not thrilled about Linux for my particular use case. FreeBSD on a pi sounds like a fun little project though.
I do this when I travel. I use a Pi3 and either FreeBSD or OpenBSD. The pi makes a nice travel router and I can configure it with a VPN that gets me back to my home network seamlessly. I find that it works best if your hotel still has an ethernet drop somewhere. I found that most hotels in the U.S. will give you 5 ~ 15 Mb/s Up and down. That’s well under the 80Mb/s max that I found I could do with a Pi. With one of these routers, I can provide a private broadcast domain for a set top box. So, if the hotel doesn’t have some service that I pay for like Disney+, I can still use it. When I last tested, getting FreeBSD or OpenBSD on a Pi4 wasn’t for the faint of heart. It’s probably better supported now.
If the author if the article reads this, the URL in your link to OPNsense website is missing the first “s” in “sense” :) There’s also an incomplete sentence “Please note the internal network interface on the” .. just happened to notice these while reading through. Interesting post though, thanks for sharing!
rpi4 could have the native pcie ethernet and usb3 to extend it to a decent firewall. But really, a pcengines apu would probably be better.
It better be better, given the difference in price!
The APU? Yes. I’m sure there are some SBCs that are more suitable than rpi2. And basic rpi4 and rpi2 have the same list price for the models.
Yes, I meant a pcengines APU. They are all >100€, compared to 40€ for a raspberry pi4 2GB.