javset

Soekris for firewall routers

Finally, a permanent solution to the hardware for the firewall routers. Soekris Engineering is a US based company (California) who specialize in hardware for network devices. The cost is a little higher than some of the other solutions, but all solid state, nice indicator lights, four (yes four) directly addressable NIC’s (with the ability to add more if you like) and, a pretty box. We can even get a 1U 19″ case for it. The people are friendly and knowledgeable, and the machine appears bullet proof.

Low power and extensible. What is not to like. Had to raise the price for the final product a little, but the result is definitely worth it. And, since this is what the company does, don’t have to worry about losing them as a source in the near future.

As far as the memory is concerned, had to go to the 5501-70 to get the RAM needed. The lower end models would work for simple routing/vpn, but if the user wants content filtering and/or proxying, 128M RAM and the slower processor doesn’t hack it.

Going with a 4G CF for storage. I tried ext2 on it (half the writes), but during testing had boot failure after I unplugged the thing instead of shutting it down nicely, so decided to go with a journaling file system. We may have to go with SSD’s where we’ll get some wear leveling, but so far the CF’s have worked just fine.

Now, if they just made ARM based ones . . . . .

DE-2700 going away???

The DE-2700 we have been using for two port routers is becoming increasingly difficult to locate, and the newer models only have one built in network port. We just made a small bulk order to have on hand, but it looks like we will definitely need to change to another system.

At the same time, we ordered one of the Soekris products and are ready to test it out. The only concern on the low end system is the memory, which falls below what IPFire recommends. Definitely don’t want any swapping on a Compact Flash! However, three built in ports (4+ on some models), a nice, small form factor and no moving parts means this is definitely worth a look.

The search goes on. . . .

New hardware search for Routers

We are currently researching new devices for our routers. We really want some kind of ARM processor, especially since the team at IPFire pulled some serious hours coming up with a port for it. However, the only machines we have found to date are either too limited (too few ports) or too unstable (one ran for a few days before it overheated and locked out, and that was in an air conditioned office).

Currently, we are looking at a product from Soekris (http://soekris.com/products/net4501-1.html) which we hope to order soon and play with for a while. With three built in 10/100 ports, this product appears to be designed for the routers we build, and they have a cool enclosure (definitely a plus).

But, if anyone has an idea for an ARM based system, we’d love to test it.