1. 38

  2. 2

    Neat article, covering a great deal of the work of setting up an openbsd router.

    I wish there was a little more to the hardware recommendations. Particularly, as the suggested board is a x86-64 Intel board with known security issues. I’d rather something RISC.

    I do however like the picopsu advice. I’m using one of these (with an atx-to-amiga adapter) to power Amiga computers.

    1. 2

      this article looks fantastic. Wish I had seen it a few months ago when I setup some alpine linux routers on some (rather expensive) “Protectli Vault 4 Port, Firewall Micro Appliance/Mini PC” micro-pcs I found on amazon.

      1. 2

        I’m using OpenBSD on one of those Protectli Vault boxes and it works great. I bought it to replace my old APU2-based OpenBSD router, which served me well for years but once I upgraded to gigabit service it couldn’t keep up.

        1. 1

          Alpine Linux is what I use for my router/firewall at home as well. It’s fantastic and I also use unbound for DNS. Alpine linux feels like a BSD at times, it’s quite nice.

        2. 1

          What I found interesting in particular was the part about DoH and implied problems we will have in the future.

          People who truly need privacy, like journalists in countries with a privacy compromising policy, cannot trust DoH! The IP address of the destination server cannot be hidden with DoH, even if everything about the traffic itself is encrypted. If someone truly needs to encrypt communication the person needs a completely different strategy than DoH.

          This makes me wonder who in the world thought that DoH was a good idea to begin with!? Did they not understand the basics behind communication with HTTPS, or has this agenda perhaps been pushed forward by a few private DNS service companies, such as Cloudflare, who gain profit by further collecting user data?

          Hopefully not!

          this will be a great project to build, thanks for sharing