Comcast ISP/Plan 1200mpbs, router to replace x86_mini PC?

I accidently read your previous post incorrectly and did not read this part, im sorry.

The managed switch in use only supports 1GBASE-T ports and im not looking to upgrade the switch.

I'm located in the US and it seems the Esprimo SFF that you find on ebay are shipped from the UK.

I would be greateful if you please have any US 1GBASE mini pc replacements, unless you think I should go SFF?

Something like https://www.ebay.com/itm/134064210854 or https://www.ebay.com/itm/175323006996, https://www.ebay.com/itm/324392553376, can't see the full item descriptions though, it's blocked by my corp firewall.

thank you ill check these out. The first one seems not bad, a little old. Originally was wanting mini pc's but im staring to think for the future a sff maybe a better solution.

It's however ~2.5x faster than the Zotacs..

I still use a socket 1150 Xeon as main router, roughly a year newer than what's in this box, but it been working just fine during all the time I've owned it.

Morning, I looked up some info on the first link.

The ethernet connector on the motherboard is a Intel i217-LM.

There is users reporting stable connecton issues with this ethernet connector.

The rear of the case has no slots for pcie cards.

Really like having the serial option so that is a bumber.

Thank you though for taking the time to help find a solution.

I would like a firewall/router with the features to simliar to the one on the link.

Slim and low power except with the option to install dual 1gb pcie ethernet cards.

What search terms would you use?

https://www.ebay.com/itm/294872277317 terrible price though, Lenovo sold them for $200 1.5y ago.

I often look for pfsense, it gives you routers and pcs with at least two ports.
If it can run pfsense, it usually works for openwrt too.

I love this DIY solution https://smallformfactor.net/forum/threads/lenovo-m720q-tiny-router-firewall-build-with-aftermarket-4-port-nic.14793/, you get 5 ports for ~$265.

eBay prices
Lenovo M720q / M920q / M910x / M920x - $170 and up
i350-T4 - $60 (you can probably find it cheaper elsewhere, and there's also a i350-T2)
01AJ940 riser with bracket - $35

make sure the one you choose actually have room for a PCIe card, not all versions do.

1 Like

I went down the rabbit hole with this.

Huge thanks to @frollic for providing information and making me aware this is option exist's.

Please Note I have not attempted this

Warnings:

  • Non-Lenovo NIC cards may or may not work

  • The NIC card will take up the space for the 2.5" hard drive.
    You will need an M.2 (NVME or SATA) drive.

Purchasing the model:

Parallax on servethehome made a list of supported models that have pcie slots.

Ethernet cards:

Bios supported ethernet cards used in some builds

(Please DYOR as there is probably more, suggest finding posts on reddit /r/homelabs)

  • Intel i350-T4 NIC 1GB Quad Port Card

  • Lenovo 03T8760 1GB Quad Port Card

Pcie Riser Cards:

Back Plate:

1 Like

Cool!

Keep us posted.

Hi @mk24

So does Intel i225 need user to install 'igc' driver via opkg?

Or it works 'out of the box' without needing to install a package?

Say with 22.03 rc6?

It's included in 22.03.0-rc6. After install the eth0 port works right away as lan, eth1 is wan, and eth2 and eth3 unassigned.

The Moginsok box overall runs quite cool though if you're going to run 2.5 Gb I would suggest adding small stick-on heat sinks to the i225 chips. They get hotter running 2.5 than at 1 Gb. Intel's TDP rating is 1.9 watts per chip, which is a lot for a small chip with no heat sink.

1 Like

Thanks. I am considering the Moginsok box after reading your impressions.

But I noticed a RPi CM4 dual gigabit LAN kit will be half the price.

I'm not sure if the dual gigabit is immediately supported out of the box by 22.03 rc6 but I will try it

This: https://www.dfrobot.com/product-2242.html

Plus this (2GB version): https://www.raspberrypi.com/products/compute-module-4/?variant=raspberry-pi-cm4001000

All versions of the Raspberry Pi have severe supply problems. Have you located any dealer that actually has them in stock?

The chip on the expansion board is a RTL8111, which uses the R8169 driver, which is supported and it may be built in. As long as you have one working port (the built in one) you can easily get the board online and install additional packages.

1 Like

Yes only stock available where I am is 2gb RAM 'Lite' wireless model. But that suits me well

Noted, thanks. I hope both ports work though immediately because I want to get this for my parents where I can remote SSH for firmware updates.

If only 1 port works initially, it becomes a hassle to be able to connect to the internet and SSH

You need to unplug from modem, connect to an existing router for internet access, download the driver, then reconnect to modem.

This is not a problem for me to do at my place - but a problem for my parents nearly 70 year old in a different location.

Dual ports working immediately solves a lot of these practical issues - mainly for updates.

Or if there were a major issue that needed to install from scratch.

The attended-sysupgrade system though it is still rather beta it has been working OK lately. That makes it easy to run an upgrade with your additional packages automatically built in. You can also use the image server or run Image Builder yourself.

For this case you really should have duplicate identical hardware at home to test your upgrades on before running remotely.

Make that port the WAN so that it still works after the upgrade. Their LAN would be down until you get the other port back up.

1 Like

Good idea. I guess it's cheap enough to try.

Problem is how do I SSH to it.

If I use OpenSSH keys and the private key is stored on their computer, I would do remote desktop sharing and then SSH to CM4 on their LAN.

But if LAN is down after an update or re-install, this method would be out.

Is there any way for me to OpenSSH key remotely, that is safe?

That way yes, connection to WAN will be enough temporarily till I do updates to enable LAN. Temporary downtime of LAN is no big deal. But just need to be able to ssh safely.

I use the SSH keys now which is good.

Another option is to get NanoPi R4S and just give them that. And i use the CM4. I think R4S works out the box with dual gigabit ? I have to check

Currently emailing ebay sellers to find one with the pcie port. Will document the whole process/build, post it and tag you in it. :wink:

SSH Tunnelling:
Documentation

SSH Tunneling Explained:
Resource 1
Resource 2

SSH Wireguard with Proxy/vpn:
Reddit
Will require some googling as I don't have links now. Hopefully can include later.

Prevent attacks:
Port Security Knockd

1 Like

How did it go, @randoctr?

Hey, sorry for the late response.

I will update with pictures and details tomorrow.

OpenWrt is running nice,

There is a few goals on the software to be setup.

I am waiting for the official bracket to arrive, so far have been using the 3d printed one.

The company that is helping to ship the correct bracket has been having some internal issues but they have been great on fixing it.

It seemed it leaved via airline a few days ago so should be here soon.

Working on properly documenting.

I am learning so much from this project and a big thanks to the community for all the help.

Plan to post to the community builds category once its done.

Will reply with link when its posted.