Up until my mid-twenties there was never enough bandwidth. Dial-up obviously didn't cut it. ADSL was an improvement but the asymmetric bandwidth, along with sharing with other household members (in some cases, other tech minded students), left me still starving for bandwidth. Eventually Fibre To The Cabinet (FTTC) arrived and I stopped caring about bandwidth - it was good enough. Probably this went hand in hand with no longer using BitTorrent, not living with other people, etc. I settled in to paying BT £39/month for ~67 Mbps (still asymmetric).

One day a leaflet came through the door for BeFibre offering Fibre To The Premise (FTTP). I didn't need the bandwidth but I felt my teenage self would be livid at the thought of me passing up a fibre connection - plus it only costs £25/month for 500 Mbps (finally symmetric!).

BeFibre provide a Linksys MX4000 series router. This is a seriously flawed device. Firstly Linksys try to encourage you to manage the router through a mobile app for which you have to create a Linksys account. Secondly, the router's bridge mode does not work. It works fine up until a reboot at which point it just won't pass packets across the WAN/LAN interface.

We can do better.

My colleague Steve gave me a tip about Protectli devices. I bought the FW2B which provides two gigabit ethernet interfaces, 8GB ram, 120GB SSD. I have installed OpenBSD on it and use it as a router, firewall, DNS server, DHCP server, mail server, web server, and VPN server. I will detail the configuration in another post.



The ONT presents an ethernet interface through which BeFibre offers a CGNAT IPv4 address via DHCP (with a 5 minute lease). In my experience you do not need to clone the Linksys MAC address if you choose to use your own hardware.

BeFibre also offer a static IPv4 address for an additional £4/month. In this case you do need to clone the Linksys MAC address in order for the DHCP server to assign you the static address.