this post was submitted on 31 Jan 2024
54 points (100.0% liked)

homelab

6635 readers
24 users here now

founded 4 years ago
MODERATORS
 

Does this look like a decent starting point for a first router build?

Cross posted from: https://lemux.minnix.dev/post/204890

top 30 comments
sorted by: hot top controversial new old
[–] SeaJ@lemm.ee 9 points 9 months ago (3 children)

That seems a bit pricey considering you still need a few items. I've had a QOTOM for quite a while that has served me well. Looks like they have Intel four 2.5 Gb ports with an N100 for pretty cheap.

https://www.aliexpress.us/item/3256804116114245.html

Throw a stick of RAM and an m.2 drive in there and it would be cheaper and more capable than the Banana Pi. You could even throw Proxmox on there and virtualize pfsense.

[–] possiblylinux127@lemmy.zip 3 points 9 months ago

For that matter you could pickup a off the shelf router and install openwrt.

[–] picnicolas@slrpnk.net 2 points 9 months ago* (last edited 9 months ago) (1 children)

You just described my setup of about a year. I’m struggling to update opnsense, last time I tried it just stopped working and I had to restore a snapshot from proxmox to get it working again. If anyone reading this has any suggestions I’m all ears!

Just updated proxmox and opnsense with few snags and it just worked. Phew.

[–] ikidd@lemmy.world 3 points 9 months ago (1 children)

I've been running OPNsense on Proxmox for years now, it just seems to plug along. I run ZFS for the datastores and do a snapshot before updates, but I've never had to use one.

Recently got it working with HA and inadvertently tested it by having a drive failure on my primary node. I remoted in for for something else and realized it had failed over to the second node about a week before, and I'd never heard a word from the family about internet being down.

[–] picnicolas@slrpnk.net 1 points 9 months ago* (last edited 9 months ago) (1 children)

That’s great. It’s been chugging along beautifully with no downtime for me too. It’s just that one failed update attempt, losing internet and network while it was down, and needing to go Ethernet directly into the box to do the snapshot rollback late at night made me afraid to try again. Last night it took me two hours to update everything , first proxmox 7 to 8, then OPNsense needed 4 rounds of update and reboot but each one was seamless.

I’m also on ZFS with two primary mirrored drives. Do you have to check zfs status regularly to see if a drive has failed? Or is there some kind of warning system when logging in via SSH?

I’m thinking of turning my rarely used windows gaming PC into a proxmox host with a Linux gaming VM for my next adventure.

Edit: realized it was a whole node that failed, not just a drive. Cool setup! I’m not there yet. I’m curious about your setup, what’s between the modem and the router?

[–] ikidd@lemmy.world 2 points 9 months ago

Proxmox will report SMART errors via email if you set that up. You could also run a system like Nagios to run the checks via another box. I actually run Home Assistant with the Proxmox HACS extension to monitor it. It's on a VM so that isnt' ideal, so I also run Node Red on the little I5 PBS box to send alerts if it can't contact Proxmox itself now. The node going down without me realizing it was a bit of a wakeup call, though it failed my docker host and router over so seamlessly it was astounding.

I have nothing between the router and the modem except a switch so each Proxmox node can have a NIC on the external network and failover/migrating can pick up the modem and use it. I suppose I could VLAN, but the servers have 2 network ports anyway so that works fine.

[–] sabreW4K3@lemmy.tf 1 points 9 months ago

A couple weeks ago, this was my plan.

[–] krigo666@lemmy.world 5 points 9 months ago (1 children)

The competitor is the Orange Pi 5 Plus, also has 2x 2.5GB Ethernet, same SoC, more USBports, no integrated WiFi+BT (optional M.2 module), eMMC connector, M.2 NVMe socket (up to 2280).

[–] sabreW4K3@lemmy.tf 1 points 9 months ago (1 children)

So you'd suggest the Orange Pi Plus?

[–] krigo666@lemmy.world 3 points 9 months ago* (last edited 9 months ago) (1 children)

I have one, and Armbian has an official release for it and works quite well with a Kioxia 512GB NVMe.

But at this moment I'm just saying there are similar boards out there, and the 5 Plus might be slightly cheaper (no wireless though). Radxa also has a similar board based on same SoC but only has one GbE port and price might be similar to the Banana Pi.

[–] sabreW4K3@lemmy.tf 1 points 9 months ago

Fuck, I accidentally clicked this and was saving it in my inbox 😭

[–] lemmyuser100002@lemmy.world 5 points 9 months ago (1 children)

How is the software support? It seems like you could alternatively get a nice quad-core x86 Intel box with a handful of 2.5G ports off of AliExpress for around $120(you'd have to bring your own RAM and SSD in those cases though) and enjoy full Ubuntu/OpenWrt support.

[–] sabreW4K3@lemmy.tf 1 points 9 months ago (1 children)

According to the official website, it will officially have Android 12.0, Debian 11 and Buildroot support and will unofficially support Armbian, Ubuntu 20.04, Ubuntu 22.04 and Kylin OS.

As for x86, I'd really like to try and avoid it for a router.

[–] davidfreina@lemmy.davidfreina.at 3 points 9 months ago (2 children)

As for x86, I’d really like to try and avoid it for a router.

Why? (genuine question)

[–] sabreW4K3@lemmy.tf 1 points 9 months ago

It's a couple levels of power more than what I need for a router in my opinion.

[–] smotherlove@sh.itjust.works -1 points 9 months ago (1 children)

x86_64 is inefficient and insecure

[–] MigratingtoLemmy@lemmy.world 3 points 9 months ago (3 children)

Is this board using FOSS RISC-V with open schematics? If not, there's very good reason to suspect it too.

[–] smotherlove@sh.itjust.works 2 points 9 months ago (1 children)

Also, I trust ARM (almost definitely backdoor'd) over x86_64 (confirmed backdoor'd)

[–] MigratingtoLemmy@lemmy.world 1 points 9 months ago (1 children)

They're both with backdoors how do you trust either?

[–] smotherlove@sh.itjust.works 0 points 9 months ago* (last edited 9 months ago) (1 children)

I don't trust either, I'm just saying I trust ARM more. English is confusing and trust can be both boolean and float at the same time

ARM trust: 0.2 (false)

x86 trust: 0.1 (false)

[–] MigratingtoLemmy@lemmy.world 1 points 9 months ago
[–] smotherlove@sh.itjust.works 1 points 9 months ago

RK3855 = 4x Cortex-A76 + 4x Cortex-A55

[–] sabreW4K3@lemmy.tf 1 points 9 months ago (1 children)

I didn't know RISC-V routers were a thing. There's OPNSense support for RISC-V?

[–] MigratingtoLemmy@lemmy.world 1 points 9 months ago (1 children)

There isn't. I was asking if the Banana Pi used RISC-V

[–] smotherlove@sh.itjust.works 1 points 9 months ago (1 children)

Any idea how fast it can do wireguard? I paid like $600 for a protectli vault that can do almost a gigabit per second through wireguard.

[–] sabreW4K3@lemmy.tf 0 points 9 months ago (1 children)
[–] apt_install_coffee@lemmy.ml 2 points 9 months ago (1 children)

The link you posted has nothing to do with this SoC?

You're not going to get 2.5G over wireguard on the 3588, but you are definitely going to get over 1G.

Wireguard scales well with cores, but due to the way big.LITTLE is implemented on the 3588, it could lose performance if it tries to split the workload between core complexes.

[–] sabreW4K3@lemmy.tf 2 points 9 months ago

Sorry, I'm a blank slate on this topic. I'm greedily trying to lap at the fountain of everyone else's knowledge.