VyOS has a built-in conserver (https://docs.vyos.io/en/latest/configuration/service/console-server.html). All one needs is a box to put it on, and it allows for customization with serial ports, power, connectivity, and of course having a firewall for an out-of-band network. Considering the number of ways to deploy VPNs and setup conserver, this setup can allow for centralized "conserver" endpoints for quickly getting into devices.
Job had a presentation (https://nlnog.net/static/nlnog_live_summer_2020/NLNOG_Live_Job_Snijders_NTT_IP_OOB.pdf) similar to what I described, but with a Cisco ISR router, replacing those older 2500 series devices. Adair Thaxton did a presentation on Internet2's out-of-band setup (https://youtu.be/ZuAZCA5lzww). Dan Baxter did a presentation on cellular out-of-band (https://youtu.be/hBX81XrXw18), which could be useful here. Ryan Hamel ________________________________ From: Brandon Martin via NANOG <[email protected]> Sent: Sunday, December 21, 2025 1:12 PM To: [email protected] <[email protected]> Cc: Brandon Martin <[email protected]> Subject: Re: What are folks using for serial consoles these days? Caution: This is an external email and may be malicious. Please take care when clicking links or opening attachments. On 12/19/25 12:54, Chris Adams via NANOG wrote: > Cisco 2500 series used a 68EC030, which is a dumbed-down 68030 with no > MMU. The Linux m68k project always required an MMU, so it would not run > on that CPU. FWIW, MMU-less Linux is a thing and is no longer a separate fork. It's supported by the mainline kernel sources. Just turn off CONFIG_MMU. M68k should be supported for this purpose along with most other popular architectures were MMUs are not an inherent part of the CPU architecture including ARM and PPC. You also still need enough RAM. The bare minimum is 4MB, and 8MB is far more realistic, and that's just for the kernel itself. The result, though, is a system with some serious limitations which was also true of the old uClinux fork. In particular, there's no way to run most standard ELF executables. You either need to use uclinux FLAT ABI images (which does not support dynamic linking at all) or the much newer (and with tenable toolchain support) FDPIC ELF ABI. Either ABI imposes limitations on what userspace can do. For example, fork(2) doesn't work, though vfork does. OpenSSH doesn't even compile against the relevant headers IIRC, but dropbear does though I had trouble getting it to work at last attempt. Support for various other features often considered sundry to Linux varies, too. For example, on ARMv7-M, causing a segmentation fault from userspace will crash the entire system with rather terse kernel panic instead of terminating the offending process. This is not a technical limitation but rather a lacking implementation. Debuggers also don't work properly and instead lock the system up (ditto regarding it not being a technical limitation AFAIK). I'm not sure that really solves the desire to meaningfully run Linux of this platform for the purpose intended. -- Brandon Martin _______________________________________________ NANOG mailing list https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.nanog.org%2Farchives%2Flist%2Fnanog%40lists.nanog.org%2Fmessage%2FOIWTGINAXFVDSQ2WARMMGXVCPXYASJUC%2F&data=05%7C02%7Cryan%40rkhtech.org%7C1a9aa8838f484ed367a508de40d5c2c2%7C81c24bb4f9ec4739ba4d25c42594d996%7C0%7C0%7C639019483999720029%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Ge1v2Dg79zqsJWrc0jlWrD8ghPGKnjjGOuQIcdaYyq0%3D&reserved=0<https://lists.nanog.org/archives/list/[email protected]/message/OIWTGINAXFVDSQ2WARMMGXVCPXYASJUC/> _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/[email protected]/message/ZBF22VNO5KSDGYNJWRBDVHEMKMKMAWKP/
