On Wed, May 4, 2022 at 4:55 PM Mitch Kelly <[email protected]> wrote: > > Hi have been repurposing Meraki mx60's to OpenWrt, they route at full line > speed (about 2.8Gbit) perhaps this is a route you can take with the old > meraki's
That's wonderful! Especially given all the supply chain problems we have, and all the "junk" hardware that can take a new OS to make it useful... I've been kicking this "upgrade in place" proposal around with various folk now, for 3+ years. But to do a centralized recycle routers campaign does require a lot of common routers. https://docs.google.com/document/d/1T21on7g1MqQZoK91epUdxLYFGdtyLRgBat0VXoC9e3I/edit Still, it's near and dear to my heart, as I'm just naturally frugal in the first place, and hate all the ewaste. We could upgrade the whole edge of the internet to better routers in a matter of months with just what lies in the trash bin. The routers I still have in the field from the cerowrt project do 50Mbit symmetric beautifully with modern software, with outrageous uptimes, based on a now 14 year old design. I fully expect the wndr3800 series to still be operational 10+ years from now. > Happy to document a quick how-to. How common is meraki? All I know about them is that they finally delivered ipv6 late last year, and they shipped SFQ + click codel in 2013. (Yes, I'm rather limited on the other aspects of the edge!). It looked like a pretty good chipset when I last looked them over. I'm trying to get numbers on doing effective shaping via cake. The eero 6 dropped cake in favor of an offload that runs fast but doesn't work well. the users are disappointed. > I've put 256gb SSD's in two of them. I really like that ability to gather captures and stash them on a usb stick, or ssd. storage is so cheap these days, weird stuff on the network so common. > > Pics attached > > Mitch > > On Thu, 5 May 2022, 6:58 am Dave Taht, <[email protected]> wrote: >> >> On Wed, May 4, 2022 at 3:21 PM Ben Johns <[email protected]> wrote: >> > >> > Hey Dave, >> > >> > Using a white/bright box x86/ARM platform on the branch/edge is becoming >> > trendy in the enterprise space too with the uCPE (universal customer >> > premises equipment) and virtualised firewalls, WAN op, SD-WAN, etc. >> >> I'd like to be trendy, but even more I want to push a gbit in both >> directions with sqm. I have other strange requirements, wireguard >> (tailscale) has become my go-to vpn, and I am caring a lot more about >> IDS facilities and route 666 - if you want to see the scope and scale >> I might be caring about in the future, >> feel free to add requirements to >> https://forum.openwrt.org/t/cerowrt-ii-would-anyone-care/110554 >> >> I am not sure, no matter how containerized or vm'd, what extra >> services belong on the edge gateway, I just want a box there that can >> push packets fast, >> that I can trust not to be compromised. Things that give me the >> willies are how lame the "wireless management controllers" seem to be. >> It was only a matter of time before folk attacked those: >> https://arstechnica.com/information-technology/2022/05/how-hackers-used-smarts-and-a-novel-iot-botnet-to-plunder-email-for-months/ >> >> future iot devices are going on their own subnet, and dpi'd. >> >> > For those interested look for the Dell VEP uCPE platform and the ADVA >> > hypervisor as an example. >> >> I briefly looked over ADVA. Doesn't seem to be open source (?) SOME >> abstractions are useful. So long as I can get near-zero queuing delay >> out of 'em and can trust 'em. I'm having severe trust issues this >> month on other SDN stuff I cannot yet talk about. >> >> >It starts making sense when scaling out SD-WAN across many locations. >> >> Thx for the steer. Very nice looking boxes. I didn't see a price ?, >> nor an arm version? My last experience with the denverton cpus was >> that they were too slow to push a gbit both ways without (as per the >> examples) reverting to dpdk, sd-wan and a bunch of other proprietary >> stuff. Sure they ran fanless but I have grown severe trust issues with >> anything that wasn't pure FOSS underneath. All those SD-wan layers and >> abstractions aren't a value add to me, but a increasingly major >> value-subtract. >> >> This home/branch oriented oriented box >> https://evenroute.com/iqrouter-pro has the oomph I like, but not >> enough real ethernets. I liked and trusted the apu2 (also fanless) but >> it's run out of steam. >> >> > On Thu, 5 May 2022, 1:19 am Dave Taht, <[email protected]> wrote: >> >> >> >> Heh. Now that we are getting opinionated, I gave up on all vendors and >> >> their proprietary offloads, and tend to use small x86 nuc-like boxes with >> >> openwrt. I turn on the gui long enough to configure them, then turn it >> >> off. I get perfect uptime til power failures of my last deployment of the >> >> apu2s (which proved a little weak to run cake at a gbit, but were fine to >> >> 500Mbit). i3 or higher boxes push a gbit both ways easily. >> >> >> >> Upgrading is sometimes a PITA. I've been looking over >> >> https://openwisp.org/ >> >> >> >> >> >> _______________________________________________ >> >> AusNOG mailing list >> >> [email protected] >> >> https://lists.ausnog.net/mailman/listinfo/ausnog >> >> >> >> -- >> FQ World Domination pending: https://blog.cerowrt.org/post/state_of_fq_codel/ >> Dave Täht CEO, TekLibre, LLC >> _______________________________________________ >> AusNOG mailing list >> [email protected] >> https://lists.ausnog.net/mailman/listinfo/ausnog -- FQ World Domination pending: https://blog.cerowrt.org/post/state_of_fq_codel/ Dave Täht CEO, TekLibre, LLC _______________________________________________ AusNOG mailing list [email protected] https://lists.ausnog.net/mailman/listinfo/ausnog
