A couple of months ago, I switched from a normal PC router to a Linksys WRT54G with OpenWRT. It's a good image but the problem is space. There is barely room for an OpenVPN server and shorewall. Also, I'm somewhat worried about timely updates. One of the big pro's is that the device is quiet and doesn't suffer from harddisk failures.
So what I would like to build is a diskless Debian router that boots from the network. I don't know yet if it's better to build a large initrd image that contains the whole system as a ramdisk or that I should add a NFS share on another system that the firewall can use. In the second scenario I would like to mount the share read only so I can change to image on the server but not on the client. Is this possible? What would you recommend? I guess the first option is more secure but I don't like the idea of creating a new image every time I have to change a firewall rule. The PC has a PXE capable nic and I got pxelinux to work. Etherboot can't find a DHCP server so I'll stick with pxelinux for now. There is quite a lot of documentation available but I haven't found much info about a diskless Debian router/firewall on a ramdisk or a NFS share. If you have usefull pointers, please let me know. -- Frank Hart
signature.asc
Description: Digital signature
