Building a custom 10Gb capable OPNsense firewall.

Building a 10Gb capable OPNsense firewall.

Recently we had decided to upgrade to a symmetrical gigabit fibre connection which is several times quicker than our old FTTC 80Mb/s connection.

I had previously used a custom DrayTek router for more control over advanced internet settings such as conditional port forwarding as well as a built in VPN server. I therefore wanted to continue using it but realised that this specific model (2860) was capped at 300Mb/s. I therefore set about researching different routers that can not only handle these speeds, but more should I want to upgrade to a multigigabit plan in the future.

10Gb was the way to go!

After purchasing a 10Gb Broadcom 57810S NIC on eBay for £17 and a pair of gigabit SFP -> RJ45 transceivers for £10, the build was starting to come together. Installing these in an unused PC with an 6th generation i5 meant that this router was at least somewhat efficient. Virtualising the router in Proxmox by passing through the NIC completely made it so easy to have a KVM view of the OPNsense VM, extremely useful for troubleshooting! Of which there was a LOT.

SFP -> RJ45 in NIC

This experience building the router also led me to discover that Router Advertisements are essential in configuring IPv6 addresses for all devices on my LAN. Previously I'd just set this to DHCPv6 or SLAAC and it'd "just work".

Overall it was a great experience and just so much better than the ISP provided junk. Their WiFi 6 router serves a much better purpose as an access point that supports 802.11ax compared to my 802.11ac UniFi access point.

Final position of router and connections

The customisability of this router now allows me to run containers alongside such as Tailscale for Zero-Trust access (also to get around CGNAT) as well as Pihole for adblocking.

Final words?

BUILD. YOUR. OWN. ROUTER.

Best choice you'll ever make.

Speed Test

© 2026 Nathaniel