Continuing the story of building my own custom-tailored router, I have to say that sometimes, the problems present are nowhere near being Gentoo problems: they are upstream problems.
Among these problems you can find for instance ntp forcing readline (my router would work perfectly fine without readline), and lilo not playing nice with installing on an USB compact flash drive without trying to guess what the BIOS will say about it to begin with.
Indeed, most of the problems I’m likely to encounter are due to brokenish software that is not designed to work in those cases; of course this is no good excuse for ignoring the issues altogether: indeed we should most likely fix those things and patch it out (for instance see automagic dependencies which we have documented properly).
And for those who asked, this is a photo of the current status of the router:
The case is one designed for HTPC; it seemed the best choice to have something that looked at least nice: the bad side is that it has some faux-DVD drives on the front, the good side is that it has the USB ports hidden by default. The mainboard is an ASRock, no clue about the specs themselves, it has a 2.8GHz Celeron CPU, an on-board Via Rhine network card, an Atheros AR5008 wireless card and three Sundance network cards (I bought four to make sure that if one is faulty I don’t have to have three network drivers loaded — I would have preferred having a single model of network cards, but it’s difficult to find the name of the chip on whatever card when you buy the cheapest available in the shop). Since I’m currently considering wiring up my whole house (and possibly the garage so I can actually move my servers out there) with gigabit cables, I might switch one of the cards for the Intel Pro/1000 I have at home so that it would talk the right speed. Inside the case there’s a D-Link ADSL2+ pass-through modem, connected to the Rhine; of the other three cards, one I’ll use as console, and one is going to be connected to the IP phone downstairs.
Also, since this system sounds like the perfect case for it, and the shop opened just today, I wanted to get an entropy key for it (no input from the system, no harddrive, and I’m going to use this with OpenVPN as well). Unfortunately it seems like I was the first European VAT-registered customer, and the procedure isn’t exactly up to speed, yet. Hopefully once this is cleared and I’ll get the keys, I’ll be packaging the software to use them under Gentoo (since I’m going to use it in the router, I’ll be getting two, one connected to Yamato so that I have a test source).
Right now, I’m trying to find how to make syslinux boot my flash drive since lilo fails and I don’t think I want to try with GRUB… SysLinux would be an option, but it looks to me like extlinux (for using with ext2/3/4 partitions) works as intended either. If somebody has another idea, I’ll be happy to know!
Diego,I am really interested in your experiences with the entropy key. Compared to other HRNGs its rather affordable, surprisingly so. Please keep us posted!Also, I was curious if you had considered a solution like the audio-entropy-daemon. Any thoughts there? Are you thinking of increasing the size of the entropy pool?Finally, will you be running hardened gentoo on the router or not? ;)Cheers, Matt
I’ll let you know as soon as I get them, I just wired the money to Simtec (Google Checkout definitely fails), so they might be here, I guess, within the next two weeks.As for audio-entropy-daemon… the router is in a somewhat quiet environment, and it has no microphone on board and I’d rather not enable the soundcard at all, both in the bios and in the kernel.
What’s wrong with grub? Or do you want to use a root filesystem that grub doesn’t yet support?
Actually, with GRUB I had past bad behaviour with USB sticks… but when I reminded myself that the CF is not USB at startup but rather at configuration time…Indeed grub works quite nicely, thanks Zeev for asking the question, helped me reflecting on the issue!
Cool project, hope you sort the boot issues out.If your system has a sound card the http://www.digital-scurf.or… is one way to generate a suitable source of entropy.To use it properly its best if *nothing* is physically plugged into the sound input as its trying to gather electronic noise.The main drawback is the CPU overhead to process the captured audio data to a suitably high standard.We wrote the randomsound daemon and discovered these issues which is kinda why we created the Entropy key in the first place ;-)Hope the sales guys sorted your ordering issue ok? let Rob or me know if you need anything to assist with the ekeyd porting.
I recently converted an old Pentium III machine into a router for dhcp, packet forwarding and NAT to a 16 port 10/100 switch using zeroshell, an Italian linux open source web based router / bridge project (seems to work well and be quite full featured.)http://www.zeroshell.netEven if you are completely set on rolling your own Gentoo based router software, it might help to get some source code and/or insight from that project.
Nice touch with enthropy key, albeight I think I can cook up my own solution in the form of PCI or PCIex1 card…Couple advices on HW:1. It is worth considering undervolting and underclocking CPU and possibly RAM, if you really don’t need all that horsepower.2. It is worth considering better CPU cooler with higher cooling area.3. If not all vents are new, consider oiling thir bearings. Usually you have to peel down their back stick for that.4. It might be benefitial to swap PSU vent to blow the air out at the bottom instead of sucking it in and making kind of vertical maze for air, coming through CD bays that you won’t be using. This way, all the crap box sucks in over the time won’t clog vents, but stay in the maze where you can scoop it relatively easily once in a loong while.5. I find a hot-glue gun a really usefull tool for sticking allo those wires together in nice bundles and for gluing various connectors, so they don’t loose or fall out over time. This also makes air circulation better and reduces the risk of some wire sticking between some vent blades. You have to be careful about silk like glue remnants, which can get into vent blades and cause hum or even stop the vent…
Oh, ande another thing:If you are going to boot from USB key, don’t use “classic” FS (=ext2/3/4,reiser,jfs,xfs etc) but ones that are optimized for FLASH media.I tried with ext2 and system was dog sloooow and key FLASH inside key has desintegrated within month.But NILFS2 has simply blown me away on the same model of USB key. System worked much of the time as if I had a hard disk. Not to mention a bunch of other goodies you get with NILFS2.If you are not a total disaster with soldering iron, you can “peel” housing from USB key, unsolder original connector and solder on simple SIP ( single inline pin ) connector and stick it on the board itself into some of those internal USB connectors on the board.Whole operation shouldn’t take you more than 5 minutes…