Richard P. Koett wrote:
I'm setting up a Soekris net4801-50 (128 Mb RAM) for use as a firewall. For
storage it has a 40Gb IDE drive rather than compact flash. For my first attempt
I used a generic install of OpenBSD 3.9. The user complained that Internet
access seemed slow, however. I'm planning to try again using a custom kernel
based on the config file included with Chris Cappuccio's Flashdist installer.
(A copy is provided below for reference). Is this a good idea?
If I go this route I expect I should comment out the MFS option in the
Flashdist config since I'm not using compact flash, and uncomment
FFS_SOFTUPDATES. Would anyone care to suggest other changes I should make this
config file for my scenario?
Any other advice would be appreciated. I have no previous experience with
Soekris products and very little experience with custom kernels. I realize that
this list is not for supporting people using custom kernels but I hope it's
okay to ask a few general questions like this.
Thanks,
RPK.
[snip]
My comments fall into the "Any other advice would be appreciated."...
One thing that I would really recommend is looking into using the
compact flash with the memory file system. For a first install or if
you have phyiscal access to the box, a laptop HD is just fine, but when
it is sent to a far away place, where power- or heat can effect it,
always use a CF or solid state type device. My wife has swaped about 6
Net4801's with laptop HDs for compact flash because the drives fail so
quickly. Soekris did create a new case design for the Net4801 with
bigger vent holes that may allow for better heat disapation, but without
a fan, the box becomes an oven.
Something else to keep in mind is that if the power fails, the sytem
will have to fsck partitions that were mounted read/write, whereas
readonly partitions will not need to be fscked. We had several stupid
user tricks where the power failed, and the user would keep cycling the
soekris box before it finished fscking, very annoying! Then just create
a cron job to sync the logs to disk (CF or HD) every night.
The other reason for not mounting the CF in a read/write mode is that CF
has a limited number of write cycles (~10,000 gate transisitions).
Aside from these restrictions, the soekris boxes just work, and I really
like them.
