this post was submitted on 31 Jan 2024
1 points (100.0% liked)

homelab

6584 readers
1 users here now

founded 4 years ago
MODERATORS
 

Does this look like a decent starting point for a first router build?

Cross posted from: https://lemux.minnix.dev/post/204890

top 25 comments
sorted by: hot top controversial new old
[–] [email protected] 0 points 9 months ago (1 children)

The competitor is the Orange Pi 5 Plus, also has 2x 2.5GB Ethernet, same SoC, more USBports, no integrated WiFi+BT (optional M.2 module), eMMC connector, M.2 NVMe socket (up to 2280).

[–] [email protected] 0 points 9 months ago (1 children)

So you'd suggest the Orange Pi Plus?

[–] [email protected] 0 points 9 months ago* (last edited 9 months ago)

I have one, and Armbian has an official release for it and works quite well with a Kioxia 512GB NVMe.

But at this moment I'm just saying there are similar boards out there, and the 5 Plus might be slightly cheaper (no wireless though). Radxa also has a similar board based on same SoC but only has one GbE port and price might be similar to the Banana Pi.

[–] [email protected] 0 points 9 months ago (1 children)

Any idea how fast it can do wireguard? I paid like $600 for a protectli vault that can do almost a gigabit per second through wireguard.

[–] [email protected] 0 points 9 months ago (1 children)
[–] [email protected] 0 points 9 months ago (1 children)

The link you posted has nothing to do with this SoC?

You're not going to get 2.5G over wireguard on the 3588, but you are definitely going to get over 1G.

Wireguard scales well with cores, but due to the way big.LITTLE is implemented on the 3588, it could lose performance if it tries to split the workload between core complexes.

[–] [email protected] 0 points 9 months ago

Sorry, I'm a blank slate on this topic. I'm greedily trying to lap at the fountain of everyone else's knowledge.

[–] [email protected] 0 points 9 months ago (2 children)

That seems a bit pricey considering you still need a few items. I've had a QOTOM for quite a while that has served me well. Looks like they have Intel four 2.5 Gb ports with an N100 for pretty cheap.

https://www.aliexpress.us/item/3256804116114245.html

Throw a stick of RAM and an m.2 drive in there and it would be cheaper and more capable than the Banana Pi. You could even throw Proxmox on there and virtualize pfsense.

[–] [email protected] 0 points 9 months ago* (last edited 9 months ago) (1 children)

You just described my setup of about a year. I’m struggling to update opnsense, last time I tried it just stopped working and I had to restore a snapshot from proxmox to get it working again. If anyone reading this has any suggestions I’m all ears!

Just updated proxmox and opnsense with few snags and it just worked. Phew.

[–] [email protected] 0 points 9 months ago (1 children)

I've been running OPNsense on Proxmox for years now, it just seems to plug along. I run ZFS for the datastores and do a snapshot before updates, but I've never had to use one.

Recently got it working with HA and inadvertently tested it by having a drive failure on my primary node. I remoted in for for something else and realized it had failed over to the second node about a week before, and I'd never heard a word from the family about internet being down.

[–] [email protected] 0 points 9 months ago* (last edited 9 months ago) (1 children)

That’s great. It’s been chugging along beautifully with no downtime for me too. It’s just that one failed update attempt, losing internet and network while it was down, and needing to go Ethernet directly into the box to do the snapshot rollback late at night made me afraid to try again. Last night it took me two hours to update everything , first proxmox 7 to 8, then OPNsense needed 4 rounds of update and reboot but each one was seamless.

I’m also on ZFS with two primary mirrored drives. Do you have to check zfs status regularly to see if a drive has failed? Or is there some kind of warning system when logging in via SSH?

I’m thinking of turning my rarely used windows gaming PC into a proxmox host with a Linux gaming VM for my next adventure.

Edit: realized it was a whole node that failed, not just a drive. Cool setup! I’m not there yet. I’m curious about your setup, what’s between the modem and the router?

[–] [email protected] 0 points 9 months ago

Proxmox will report SMART errors via email if you set that up. You could also run a system like Nagios to run the checks via another box. I actually run Home Assistant with the Proxmox HACS extension to monitor it. It's on a VM so that isnt' ideal, so I also run Node Red on the little I5 PBS box to send alerts if it can't contact Proxmox itself now. The node going down without me realizing it was a bit of a wakeup call, though it failed my docker host and router over so seamlessly it was astounding.

I have nothing between the router and the modem except a switch so each Proxmox node can have a NIC on the external network and failover/migrating can pick up the modem and use it. I suppose I could VLAN, but the servers have 2 network ports anyway so that works fine.

[–] [email protected] 0 points 9 months ago

For that matter you could pickup a off the shelf router and install openwrt.

[–] [email protected] 0 points 9 months ago (1 children)

How is the software support? It seems like you could alternatively get a nice quad-core x86 Intel box with a handful of 2.5G ports off of AliExpress for around $120(you'd have to bring your own RAM and SSD in those cases though) and enjoy full Ubuntu/OpenWrt support.

[–] [email protected] 0 points 9 months ago (1 children)

According to the official website, it will officially have Android 12.0, Debian 11 and Buildroot support and will unofficially support Armbian, Ubuntu 20.04, Ubuntu 22.04 and Kylin OS.

As for x86, I'd really like to try and avoid it for a router.

[–] [email protected] 0 points 9 months ago (1 children)

As for x86, I’d really like to try and avoid it for a router.

Why? (genuine question)

[–] [email protected] 0 points 9 months ago (1 children)

x86_64 is inefficient and insecure

[–] [email protected] 0 points 9 months ago (3 children)

Is this board using FOSS RISC-V with open schematics? If not, there's very good reason to suspect it too.

[–] [email protected] 0 points 9 months ago (1 children)

I didn't know RISC-V routers were a thing. There's OPNSense support for RISC-V?

[–] [email protected] 0 points 9 months ago (1 children)

There isn't. I was asking if the Banana Pi used RISC-V

[–] [email protected] 0 points 9 months ago
[–] [email protected] 0 points 9 months ago (1 children)

Also, I trust ARM (almost definitely backdoor'd) over x86_64 (confirmed backdoor'd)

[–] [email protected] 0 points 9 months ago (1 children)

They're both with backdoors how do you trust either?

[–] [email protected] 0 points 9 months ago* (last edited 9 months ago)

I don't trust either, I'm just saying I trust ARM more. English is confusing and trust can be both boolean and float at the same time

ARM trust: 0.2 (false)

x86 trust: 0.1 (false)

[–] [email protected] 0 points 9 months ago

RK3855 = 4x Cortex-A76 + 4x Cortex-A55