Posts tagged ‘soekris’

Home network madness

22nd May 2007, 06:10 am

Yikes, a whole home network redesign! And I only screwed up, er, twice.

You may remember a while back I pontificated about using a 3rd party host for lectroid.net stuff. Well I looked around and finally just gave up on that idea. Face it, after five+ years of running my own stuff, 3rd party hosts suck by comparison.

But I did make some changes:

  • I now have a separate Soekris based firewall/router - I was running the one-machine-does-everything approach, but now I can blow up my web server and still get on the ‘net to google for help.
  • I killed most of my OpenBSD dev boxes - Ok, face it, I’m not porting much anymore, so it was time for the sparc64 and — yes — the vax to go.
  • OpenBSD 4.1 install. No not an upgrade, a whole new install. After 10 or so OpenBSD upgrades on a web/mail server you collect a lot of cruft. Time to decruftify.
  • Web/Email updates - Dovecot 1.0, WordPress 2.2 probably others.
  • Web site cleanup - old stuff like my old javascript pages and such are finally gone. My OpenBSD ports pages too.

As I said, I only blew it twice. Yeah, once on the new firewall I screwed up a rdr rule for DNS. I basically bled my internal DNS to the outside world. That broke lectroid.net for a bit but since I’m such a high-traffic site no one noticed. Then when doing some tweaks on a temp web server I blew up the real one, that kinda gets you rolled over real fast.

Finally though, over the weekend I rolled back onto my real web server (which went flawlessly) and here we are.

Tags: , ,
Category: Administrivia, OpenBSD  |  Comment

Yet Another OpenBSD on a Soekris post

16th April 2007, 08:07 am

So a friend gave me a Soekris 4801 (in exchange for an Alpha DS10l) and I decided to use it as a PF based firewall. The very first hurdle, obviously, was installing and running OpenBSD off the CF card.

Now this isn’t a new idea by any means but it turns out that pretty much all the web info on doing something like this is old, and assumes tiny CF sizes (32 - 128 megs). Since this is 2007 and 512 meg CF cards are butt-cheap, there is no need to strip an OpenBSD install to fit. A simple baseXX.tgz and a kernel fit well within 512 megs and that’s for the most part all that’s needed for a full system (c’mon, you don’t need man pages, do you?).

Now the thing about CF cards and flash memory in general is that they support only a limited number of erase/write cycles, which means that eventually you’re gonna write and/or erase your CF card out of existence. Also, the Soekris box doesn’t have a “power off” mode or switch. Its for these reason I wanted to run this whole operation read-only so I don’t have to worry about killing the CF early or a hard power-cycle of the box.

Continue reading ‘Yet Another OpenBSD on a Soekris post’ »

Tags: ,
Category: OpenBSD  |  Comment