Routers for Home or SOHO

During my work with clients over the past 14 years (14 years!), I’ve installed and configured a lot of different consumer (home) and SOHO (small office/home office) routers. I’ve finally just recently found one that I now happily use and can wholeheartedly recommend.

Before we get to that, let me briefly explain what a router is and what it does for those who don’t know or aren’t sure. (If you know what routers do, just skip to the next paragraph.) Routers are devices that connect you to and protect you from the Internet. A router sits “between” your home network, known as a Local Area Network (LAN), and the Internet (which is a Wide Area Network, or “WAN”). Your router provides IP addresses for your local devices, and manages their connections so that each device gets the correct returning traffic. Many routers include WiFi capabilities. Finally, most consumer and SOHO routers include a small (usually 4-port) “switch”, which allows you to connect a limited number of wired devices, one of which is almost always a larger switch. Most cable modems and DSL modems have router capabilities built in, but I always recommend a separate router because: they provide more functionality; and, if you change providers or need to replace your modem for some other reason, you can use the same router that already has all of your customizations such as DHCP reservations or special firewall rules.

And the winner is: the Netgate SG-1100. (Note that this is not an affiliate link, and I get no considerations – money or otherwise – from Netgate; I am just a delighted customer.) I recently purchased one for our home, from which we run our businesses, and which has 3 separate LANs (each with its own address space). I also purchased a year of tech support, as the SG-1100 has only 3 Ethernet connectors – WAN, LAN, and OPT – and I thought I might need some assistance configuring our 3 networks on two connectors (LAN and OPT; the WAN is used to connect to the cable modem). I did, they were great, and more on that in a minute.

For the past year or so, I’ve been using as our router/firewall an old PC running a freely available, community-supported, open-source router/firewall/VPN solution called pfSense, which is also available to download from Netgate. As far as I can tell, it is almost identical to the software that runs on their hardware, with a few exceptions for managing their hardware or providing additional, esoteric functions. I initially started using pfSense when I was looking for a solution with actual IPv6 support that didn’t cost more than $1000. This worked well, and I’ve been pleased with it.

The reasons I wanted to purchase a purpose-built pfSense device (i.e., the SG-1100) to replace the aging PC running the open-source version are three. First, the PC is aging, and will undoubtedly fail at the worst possible time. Second, I wanted something smaller and that would consume less power than the old PC. Third, I wanted something with hardware that supports Intel’s Advanced Encryption Standard Instructions (AES-NI) (the old PC didn’t, the SG-1100 does).

As I mentioned before, the one thing I was unsure about was how to get three networks to run on two connectors. The answer, of course, is tagged VLANs (note that using tagged VLANs with this router also requires a switch that supports tagged VLANs). The support that I purchased with the new device is “email only with less than 8-hour response.” So, I created a help ticket on their support system asking how to convert my old configuration (many DHCP reservations, a couple of custom firewall rules, and some port mapping) from the PC to the SG-1100 (that’s the short version; the long version is a story to tell over a cup of coffee or a beer). I got a response is way less than 8 hours – more like less than an hour – and they actually offered to convert a backup from my old system that I could restore to my new SG-1100. I sent them the backup, they sent the converted file, and it worked like a charm. And all of this happened within the first 8 hours after I submitted the help ticket.

pfSense is probably overkill for most home networks, and the SG-1100 does not include any WiFi capability (I prefer separate WiFi access points anyway). However, at a price point well below most of the “high-end” home routers, a tiny footprint (4.5″ x 3.5″, and about 1.25″ tall), and less than 4w power consumption at idle, this is well worth looking at. If you’re an enthusiast, manage a small business network, need good VPN support (IPsec, PPTP, and OpenVPN), or want excellent IPv6 support, the Netgate SG-1100 is the cat’s meow.

Email: ISP, Free, or Paid?

If you’re reading this, there is an almost 100% chance that you have an email address, and that you use email at least occasionally. It’s more likely that you use email every day, and you might even have more than one email address. But have you thought about the ramifications of where you got your email address from? Most normal people don’t really think about it, but they should. Some people might not even know that there are different ways to get an email address or account.

The most common way for people to get an email address is from their Internet Service Provider (ISP). When you sign up for Internet service, you get an email address assigned to you. You may or may not have any control over the first part of the address – the part before the “@” sign – but you won’t have any control at all about the domain name – the part after the “@” sign. For example, if you have Comcast, the email name that they provide ends with “,” and the first part is the “name” of your account. Other vendors use a similar approach, where the domain name part (again, the part after the “@” sign) identifies the provider.

These vendor provided email accounts are provided “free” and many people use them. They provide basic email with few extras, and generally they work okay. The real problem arises when you need to change your Internet provider for some reason. Maybe you move to another area of the country that is not served by your provider. Or maybe you get tired of the cost or customer service or performance of your provider and decide to switch. Whatever the reason, if you change providers, you lose access to your old email address. Not only do you then have to go through the pain of distributing your new email address to friends and family, but you also have to change the address with all of the vendors that use it to send you notifications and updates (your bank and credit card companies, among others), or that use it as an identifier ( comes to mind, but they are legion). So I generally advise people to not use an ISP provided email account.

One alternative to ISP provided email accounts is to create a free account with Microsoft ( or Google ( I recommend sticking with one of the “big two” for a couple of reasons. First, they are unlikely to go out of business and leave you in the situation of having to change email accounts (see paragraph above). Second, they handle so much mail that their malicious mail filters (for spam, phishing, and other nefarious types of email) do a pretty good job. These free accounts avoid the problem of changing ISPs, but you’re still stuck with their domain name, which also means you might not be able to use the “name” (the part before the “@”) that you want. For example is almost certainly already taken, and I’ll bet your name is, too. Still, if you can come up with a creative and clever name, you might be fine. These email accounts are fine, and I recommend that everyone create one to use as a backup, at the very least.

Another alternative to ISP provided email, and the one I recommend for people who are willing to spend a little bit of money on their email account, is to register your own domain name (again, the part after the “@” sign), and then create your email account in that domain. Domain names are relatively inexpensive – .com, .org, and .net domains are typically about $13 per year to register. Once you have your own domain, you set up an email hosting account with a provider (Microsoft and Google both offer full-featured email hosted on your own domain, but there are other vendors as well (some of whom re-sell Microsoft or Google services)). Then you can create whatever “name” you want (well, within reason), and, as long as you pay the bills for hosting and to renew your domain name every year, your email address never has to change.

Backups: Why, What, and How

“You should backup your PC” is an old refrain from many years ago. It was good advice. Of course, back then that meant buying a box of floppy disks and using a backup program – MS-DOS had a (later versions had backup.exe) that could be used to make sure that if your PC crashed and wiped out or scrambled your data, you could get it back. Some people (including yours truly) actually did this; some even did it on a regular basis. Most, however, had to experience the loss of a complex spreadsheet that they had developed, or their only copy of the great American novel, or some other similarly precious digital file before they saw the real wisdom in backups.

Of course, the next piece of advice was to store the backups “off-site,” which meant taking them to the home of a trusted family member or friend, or maybe taking them to your office (or home, if it was a work backup), or, in rare cases, perhaps putting them into a safe deposit box at a bank. This was to avoid the situation of a fire, flood, or some other catastrophic event destroying your home (or office) that would also destroy your backup. Almost nobody did this. Not even me.

As hard drives became available and, more importantly, reasonably priced (my very first hard drive was a 10 megabyte (yes – 10 MEGAbyte) Plus Development HardCard, which plugged into an expansion slot in the original IBM PC, and for which I paid about $750 back in, as I recall, 1984), it took many more floppies to back up the PC. Several options were developed to make it easier, but all of them still suffered from the “it-needs-to-be-offsite-to-really-be-a-backup” problem.

Today’s cheap, multi-gigabyte hard drives, in readily available commodity PCs, coupled with digital cameras and cell phones with increasingly good cameras mean that many people – maybe even most people – have lots of photos on their PCs that they’d really hate to lose. The size of these hard drives, the number of files, and the complexity of some of their folder structures makes backing everything up a daunting task.

Still, some people do make backups. Unfortunately, many of them are using external hard drives or USB thumb drives to back up their files on a semi-regular basis (when they think about it). That is better than nothing, but those backups will still be destroyed in a fire, or they could be lost or stolen, or the device could simply fail.

So, the “why” of backups is so that you won’t lose all of your child’s baby photos or their graduation of wedding photos, or your only copy of your digital financial records, or all the work on your novel, or whatever in case your PC crashes or your hard drive fails. And this paragraph provides the “what” to back up – anything that would be difficult or impossible to recreate if it was lost, whatever that happens to be. Now, on to the “how…”

And the “how” is continuous, online (aka cloud) backup. The best-known of these it probably (I am not affiliate with Carbonite and I do not get any kickbacks from them, just so you know), but there are several other good alternatives. This type of backup is basically a set-it-up-and-forget-it approach to safeguarding your files. They are backed up either continuously or every few minutes to a remote server (likely distributed over several geographically dispersed servers), so they are protected from the local catastrophic events described above. You don’t have to remember to make the backup and you don’t spend any time on it (other then the initial setup), which means they’re really convenient. And, starting at around $6 per month, they are pretty affordable.

So, please, you should back up your PC!