On Fri, Jan 4, 2013 at 4:36 PM, James Shupe <jsh...@hermetek.com> wrote: > On 1/3/2013 8:26 PM, Aaron Mason wrote: >> On Fri, Jan 4, 2013 at 11:52 AM, James Shupe <jsh...@hermetek.com> wrote: >>> On 1/3/2013 1:08 PM, Gene wrote: >>>> On Tue, Jan 1, 2013 at 1:31 AM, Bruno Flückiger <inform...@gmx.net> > wrote: >>>>> On 12/31/12 14:17, BARDOU Pierre wrote: >>>>>> >>>>>> I would be very interested by an OpenBSD port too. >>>>>> Usage : home router with firewall, DNS and DHCP. >>>>>> >>>>>> I am looking into FreeBSD and NetBSD ports, but I would prefer to have >>>>>> the latest PF and OpenSSH versions... plus I am more used to OpenBSD >>>>>> and I like using it >>>>>> >>>>>> If somebody knows X86 hardware able to do the same (routing/firewlling >>>>>> 20 mbps traffic, VLAN, fits in a tiny box, power consumption below 5W, >>>>>> price around 50$) as the raspberry I am interested BTW. >>>>>> >>>>> >>>>> A lot of different embedded devices which base on x86 cpus, just ask the >>>>> web search engine of your trust. It will be hard to get it for "only" >>>>> $50. But paying some more bucks for a system which fits the needs is >>>>> justified in my opinion. >>>>> >>>>> My personal favorites are the boxes from this small company in >>> Switzerland: >>>>> >>>>> http://www.pcengines.ch >>>>> >>>>> Regards, >>>>> Bruno >>>>> >>>> >>>> The ALIX hardware is incredible. I own two of the ALIX boards (2d3 >>>> and 2d13), the second one I picked up recently on eBay for $150 with >>>> case and power supply, I added a CF card for an additional ~$10. I >>>> already have a serial cable on hand, but that would be at most another >>>> $10-$20 to procure. >>>> >>>> The ALIX.2d13 has three full fast ethernet (10/100) NICs that aren't >>>> USB devices on a headless x86 compatible system that will utilise ~5W >>>> at high to full load for under $200. All in one enclosure and rock >>>> solid. >>>> >>>> Sure, that may sound expensive, but after purchasing a Raspberry Pi >>>> with a powered USB hub, one or two USB fast ethernet adapters, an SD >>>> card, and whatever other accessories you need it isn't that much of a >>>> price difference. >>>> >>>> Or, you can buy a cheap Atom box, throw in some storage and RAM, and >>>> have a much more powerful system at the expense of higher energy >>>> usage. >>>> >>>> http://www.newegg.com/Product/Product.aspx?Item=N82E16856205007 >>>> >>>> That one costs $130 (+taxes and shipping) and has two gig-e NICs. >>>> >>>> I own a couple of the Raspberry Pi units. They're fantastic little >>>> devices, but you'll have to use Linux and have a hodge-podge of >>>> accessories to go with it. >>>> >>>> -Gene >>>> >>>> (if you see this message twice please forgive me, I'm bad at mailing > lists) >>>> >>>> >>>> >>> >>> Alix hardware is great. I just felt the need to share this photo of my >>> office around this time last year... http://i.imgur.com/c528h.jpg >>> >>> -- >>> James Shupe >>> >>> [demime 1.01d removed an attachment of type application/pgp-signature which > had a name of signature.asc] >>> >> >> Bugger me that's a whole lotta ALiX... 2d3 or 2d13? >> > > They're the 2D13 boards, with Kingston CFs. Of all of those, the only > problems we've had were a few DOA CF cards. > > They're running OpenBSD + OpenVPN and serving as VPN "concatenators" > (that's what we're calling them, anyway.) We have employees working at > third party locations where we do not maintain control of their > networks, and need all of our staff's devices -- including network > printers (that can't run VPN software, obviously,) etc, to appear as > though they are on our local network. We chose OpenVPN over IPsec > because of the single port requirement and the fact that most of these > sites have outbound traffic blocked by default. We run a few server > instances on the other end, on various common ports to increase the > chances of success calling home. Each device has between one and six > desktops behind it, along with one or two Xerox machines, and some other > junk that has to be brought back to us. > > -- > James Shupe > > [demime 1.01d removed an attachment of type application/pgp-signature which > had a name of signature.asc] >
Hmm, something to consider. We've been using GRE and IPSec but found that we needed to employ some serious firewall trickery to get it going, and it's just too much, especially if the other side's a bit green on the concept. Might suggest it to my boss. Worst case we send out an old laptop running OpenBSD and OpenVPN. -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse
