On Sunday 06 August 2006 03:20, Frank Hart wrote: > A couple of months ago, I switched from a normal PC router to a Linksys > WRT54G with OpenWRT. It's a good image but the problem is space. There > is barely room for an OpenVPN server and shorewall. Also, I'm somewhat > worried about timely updates. One of the big pro's is that the device is > quiet and doesn't suffer from harddisk failures. > > So what I would like to build is a diskless Debian router that boots > from the network. I don't know yet if it's better to build a large > initrd image that contains the whole system as a ramdisk or that I > should add a NFS share on another system that the firewall can use. In > the second scenario I would like to mount the share read only so I can > change to image on the server but not on the client. Is this possible? > > What would you recommend? I guess the first option is more secure but I > don't like the idea of creating a new image every time I have to change > a firewall rule. > > The PC has a PXE capable nic and I got pxelinux to work. Etherboot can't > find a DHCP server so I'll stick with pxelinux for now. > > There is quite a lot of documentation available but I haven't found much > info about a diskless Debian router/firewall on a ramdisk or a NFS > share. If you have usefull pointers, please let me know. The problem with network booting is that you are then not only reliant on the disk on your server, but all of the rest of the server and network infrastructure.
Have you considered something like a mini-ITX board with a Compact Flash card on it. These come with quire reasonable amounts of space these days and you can fit a stripped down Debian install on it with no difficulty. Alternatively you can use some of the small comms boards that are around these days. There are the WRAP boards from pcengines.ch and the Routerboard boards from Microtik. The WRAP boards need CF, but the new RBs (the 500 and 110 series) come with 64MB NAND memory. OpenWRT support for the 532 is being tested at the moment, and for the 112 is being worked on and given that OpenWRT is built to run on machines with between 4 and 8 MB NAND memory the 64MB that these boxes have is more then enough for all the packages you could want. David -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
