This topic is now deleted

this post is now deleted

With sqm and vpn on your wish list for 1.2 GBit/s (or 'just' the ~931 MBit/s wirespeed of 1000BASE-T), the mt7622bv SOC is out of its league. For these requirements you need to stick to x86_64.

Where are you geographically, recommendations will differ based on answer.

Also read Looking for Gbit / multi-Gbit router available in the EU - #2 by slh

1.2gbit requires multigig NICs, unless you can settle for 1gbit, as @slh already noted.

Realtek r8125 based single-port 2.5GBASE-T PCIe cards sell for around 25 EUR/ USD a pop (multi-port cards are much more expensive though), if you have the space to mount them, this is a reasonable expense to reach your WAN speed - obviously you would need a matching switch (or at least a managed switch with bonding) to distribute this to your LAN.

Personally I don't see much sense to 'invest' in a 2.5GBASE-T infrastructure, instead of going straight to 10GBASE-T - but the later is still significantly (unreasonably so) more expensive (and more power hungry). However, if you need to deal with 1.2 GBit/s WAN speed, this (WAN 2.5GBASE-T, two bonded 1GBASE-T ports to a smart-managed switch and a x86_64 based router) would be a sensible approach. Alternatively the first Mini-PCs with four 2.5GBASE-T ports are being sold by the usual suspects and aren't that much more expensive than its 1GBASE-T predecessors.

1 Like

Use the squashfs build. Instead of trying to expand the rootfs, create a data partition on the remaining disk space. The sysupgrade script handles upgrading properly and will not erase your data partition.

I just got one of these:
https://www.amazon.com/MOGINSOK-Ethernet-Firewall-Appliance-Celeron/dp/B09WYQZMYB
My initial reaction is positive. The ports use the igc driver, which is included in release builds. It is a little expensive at $300 but it is not $500. There is a full length mini PCIe slot, SATA interface, 2xUSB2 header, and a serial port header inside.

1 Like

I have no recommendations for that. 2.5GBASE-T is just entering the scene (those are available from the usual suspects), 10GBASE-T is a totally different dimension in terms of size and prices[0] - with very few exceptions (e.g. https://shop.opnsense.com/product/dec740-opnsense-desktop-security-appliance/ [1]). As mentioned, I'm still 1000BASE-T throughout, 2.5GBASE-T doesn't make sense to me (but it might match your immediate requirements) and 10GBASE-T just doesn't meet my budget, yet[2].

--
[0] Now, I would probably go with an Esprimo SFF model, haswell i5 or newer (~under 100 EUR used; Fujitsu seems to have done a better job with low idle power consumption than Lenovo in those generations; Dell and HP appear to prefer special notebook components in their models), and add two 10GBASE-T cards (~2*100 EUR new), if I had to, but I'm waiting for cheaper cards/ switches to appear.
[1] no personal experience with that device, no recommendation from my side - just the observation of its commercial existence and specs that suggest that it should do the job.
[2] I personally have no need for >1 GBit/s speeds on my WAN so far, but I would very much appreciate 10 GBit/s operations in my LAN - but this would require at least an L2 managed 8 port switch with 10 GBit/s and 2-3 10 GBit/s cards to retrofit my existing -most used- systems (which would really benefit from a speedup. at ~100 EUR per 10GBASE-T card and at least 300 EUR for a small switch, this simply isn't home budget compatible, yet.

Something like https://www.ebay.com/itm/134064210854 or https://www.ebay.com/itm/175323006996, https://www.ebay.com/itm/324392553376, can't see the full item descriptions though, it's blocked by my corp firewall.

It's however ~2.5x faster than the Zotacs..

I still use a socket 1150 Xeon as main router, roughly a year newer than what's in this box, but it been working just fine during all the time I've owned it.

https://www.ebay.com/itm/294872277317 terrible price though, Lenovo sold them for $200 1.5y ago.

I often look for pfsense, it gives you routers and pcs with at least two ports.
If it can run pfsense, it usually works for openwrt too.

I love this DIY solution https://smallformfactor.net/forum/threads/lenovo-m720q-tiny-router-firewall-build-with-aftermarket-4-port-nic.14793/, you get 5 ports for ~$265.

eBay prices
Lenovo M720q / M920q / M910x / M920x - $170 and up
i350-T4 - $60 (you can probably find it cheaper elsewhere, and there's also a i350-T2)
01AJ940 riser with bracket - $35

make sure the one you choose actually have room for a PCIe card, not all versions do.

1 Like

Cool!

Keep us posted.

Hi @mk24

So does Intel i225 need user to install 'igc' driver via opkg?

Or it works 'out of the box' without needing to install a package?

Say with 22.03 rc6?

It's included in 22.03.0-rc6. After install the eth0 port works right away as lan, eth1 is wan, and eth2 and eth3 unassigned.

The Moginsok box overall runs quite cool though if you're going to run 2.5 Gb I would suggest adding small stick-on heat sinks to the i225 chips. They get hotter running 2.5 than at 1 Gb. Intel's TDP rating is 1.9 watts per chip, which is a lot for a small chip with no heat sink.

1 Like

Thanks. I am considering the Moginsok box after reading your impressions.

But I noticed a RPi CM4 dual gigabit LAN kit will be half the price.

I'm not sure if the dual gigabit is immediately supported out of the box by 22.03 rc6 but I will try it

This: https://www.dfrobot.com/product-2242.html

Plus this (2GB version): https://www.raspberrypi.com/products/compute-module-4/?variant=raspberry-pi-cm4001000

All versions of the Raspberry Pi have severe supply problems. Have you located any dealer that actually has them in stock?

The chip on the expansion board is a RTL8111, which uses the R8169 driver, which is supported and it may be built in. As long as you have one working port (the built in one) you can easily get the board online and install additional packages.

1 Like

Yes only stock available where I am is 2gb RAM 'Lite' wireless model. But that suits me well

Noted, thanks. I hope both ports work though immediately because I want to get this for my parents where I can remote SSH for firmware updates.

If only 1 port works initially, it becomes a hassle to be able to connect to the internet and SSH

You need to unplug from modem, connect to an existing router for internet access, download the driver, then reconnect to modem.

This is not a problem for me to do at my place - but a problem for my parents nearly 70 year old in a different location.

Dual ports working immediately solves a lot of these practical issues - mainly for updates.

Or if there were a major issue that needed to install from scratch.

The attended-sysupgrade system though it is still rather beta it has been working OK lately. That makes it easy to run an upgrade with your additional packages automatically built in. You can also use the image server or run Image Builder yourself.

For this case you really should have duplicate identical hardware at home to test your upgrades on before running remotely.

Make that port the WAN so that it still works after the upgrade. Their LAN would be down until you get the other port back up.

1 Like

Good idea. I guess it's cheap enough to try.

Problem is how do I SSH to it.

If I use OpenSSH keys and the private key is stored on their computer, I would do remote desktop sharing and then SSH to CM4 on their LAN.

But if LAN is down after an update or re-install, this method would be out.

Is there any way for me to OpenSSH key remotely, that is safe?

That way yes, connection to WAN will be enough temporarily till I do updates to enable LAN. Temporary downtime of LAN is no big deal. But just need to be able to ssh safely.

I use the SSH keys now which is good.

Another option is to get NanoPi R4S and just give them that. And i use the CM4. I think R4S works out the box with dual gigabit ? I have to check

How did it go, @anon22604728?

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.