Banana Pi R as router


yacc

Recommended Posts

Just noticed some ugly detail:

 

1.) the switch is active during boot, and it defaults to all ports on one VLAN.

2.) My laptop is quite agressive when it comes to DHCP, it's connected to one of the local ports of the BPI-R, so it detects immediatly that the ethernet connection goes down and up.

3.) So I end up with the cable modems external IP address on my laptop, and a BPI-R that is unreachable, ...

 

Any idea how to turn off the network switch in the boot loader?

 

TiA,

 

Andreas

 

Link to post
Share on other sites
Donate and support the project!

1.) the switch is active during boot, and it defaults to all ports on one VLAN.

 

Nope, unless the switch isn't configured through MDIO it's just a dumb switch connecting all ports on layer 2 (not a single VLAN existent). Simple conclusion: Don't try to use it as a router unless you waste the only available USB port to be used as the WAN port (USB-to-Ethernet adapter).

Link to post
Share on other sites

Nope, unless the switch isn't configured through MDIO it's just a dumb switch connecting all ports on layer 2 (not a single VLAN existent). Simple conclusion: Don't try to use it as a router unless you waste the only available USB port to be used as the WAN port (USB-to-Ethernet adapter).

So, the obvious question, is why does the boot loader does not immediately turn off the switch?

 

Another thing: How come that the BP-R is sold explicitly as a router then? (http://www.bananapi.com/index.php/component/content/article?layout=edit&id=59)

 

Solutions & Remedies, that would solve the issue:

 

1.) As you mentioned using an additional USB2 Ethernet dongle would solve the issue. (I've considered this, but before I go there, I do need to find my USB ethernet dongle, it's somewhere in my home office, sigh) But I've also considered it, because using the switch method to partion WAN/LAN VLANs, both the LAN and WAN share the 1gbit/s link, which is not an issue yet for me (my cable uses up to 275mbit/s, taken twice, that fits comfortably into the 1gbit/s link.)

2.) Put an additional switch between any ethernet devices and the BP-R => the "reproducability" of the issue stems that power cycling the BP-R triggers via media detection an immediate (and faster than the boot of the BP-R) DHCP request from my laptop. Removing the ability of the devices to detect reliably when the vulnerable 30 seconds are would make it much less of an issue.

3.) Activate a MAC filter on the cable modem. Don't think that's possible in my case, but I have to investigate it.

 

But back to situation, if the BP-R is flawed as a router design, what ARM based router-style solution is there that can run full Debian?

Link to post
Share on other sites

Did you have a look at the schematics how the switch is powered? No, since you weren't able to do so. Lesson learned: Never ever buy a device again from a vendor not providing at least schematics. Better buy from vendors following the OSHW approach.

 

You care about a device being marketed as being capable of doing this and that and it's not the case? Lesson learned: Never ever buy a device again from such a vendor using lies as part of their product marketing.

 

It's that simple: Avoid any product from this vendor and you're done. We discussed some alternatives to the R1 in this thread: http://forum.armbian.com/index.php/topic/372-hardware-mod-bpi-r1/

 

The idea the R1 is based on is good. But implementation is simply crap. And on top of that the vendor actively prevented the community to jump in and fix his many software mistakes. Just have a look at the forums at bananapi.com -- we had to reverse engineer the power scheme to get a SATA disk working, they provided not a single working OS image and so on... this vendor's business model relies solely on producing hardware and let the community fix the software without being helpful at all. 

 

Again: Please remember: It's just a dumb layer 2 switch connecting all ports that can be configured through MDIO when Linux is up and running and the driver is loaded and you configured everything correctly and no bugs in the driver exist. In case you brick your device (after a denial of service attack filling your SD card with log messages for example) or when it boots it's always just a dumb layer 2 switch.

 

If you want to use a router then the worst case scenario is defined as: WAN and LAN are disconnected. It always needs a running OS, an user-defined routing table and optionally appropriate firewall rules to allow packets to cross the border. With a switch board (yes, it's not a router board, it's a dumb switch board) like the R1 the worst case always means: WAN and LAN are connected on layer 2. To use this hardware as a router is moronic (applies to a whole bunch of cheap so called 'routers' as well)

Link to post
Share on other sites

Did you have a look at the schematics how the switch is powered? No, since you weren't able to do so. Lesson learned: Never ever buy a device again from a vendor not providing at least schematics. Better buy from vendors following the OSHW approach.

 

You care about a device being marketed as being capable of doing this and that and it's not the case? Lesson learned: Never ever buy a device again from such a vendor using lies as part of their product marketing.

 

It's that simple: Avoid any product from this vendor and you're done. We discussed some alternatives to the R1 in this thread: http://forum.armbian.com/index.php/topic/372-hardware-mod-bpi-r1/

 

The idea the R1 is based on is good. But implementation is simply crap. And on top of that the vendor actively prevented the community to jump in and fix his many software mistakes. Just have a look at the forums at bananapi.com -- we had to reverse engineer the power scheme to get a SATA disk working, they provided not a single working OS image and so on... this vendor's business model relies solely on producing hardware and let the community fix the software without being helpful at all. 

 

Again: Please remember: It's just a dumb layer 2 switch connecting all ports that can be configured through MDIO when Linux is up and running and the driver is loaded and you configured everything correctly and no bugs in the driver exist. In case you brick your device (after a denial of service attack filling your SD card with log messages for example) or when it boots it's always just a dumb layer 2 switch.

 

If you want to use a router then the worst case scenario is defined as: WAN and LAN are disconnected. It always needs a running OS, an user-defined routing table and optionally appropriate firewall rules to allow packets to cross the border. With a switch board (yes, it's not a router board, it's a dumb switch board) like the R1 the worst case always means: WAN and LAN are connected on layer 2. To use this hardware as a router is moronic (applies to a whole bunch of cheap so called 'routers' as well)

 

Well, that still did not answer the question for a buyable product that is better. (The NETFPGA is not really competition, and at USD 1500 clearly out of my price range).

 

And the Turris Omnia thing is not yet buyable, sadly. (April 2016, so we'll see in 4 months if the schedule will be kept, plus it will take probably some time before a regular Debian runs on it)

Link to post
Share on other sites

Well, that still did not answer the question for a buyable product that is better.

 

Sorry, I don't know any alternative to a product that is defined as follows:

 

  • product category: switch board (again: without a 2nd Ethernet interface this thing MUST not be used as a router)
  • faulty power design
  • most crappy onboard Wi-Fi ever
  • no schematics available
  • no support from the manufacturer available
  • worst network performance of any GbE capable A20 device
  • prone to overheating

 

If you find such an alternative I doubt it would be interesting at all.

 

You might be able to implement workarounds for some of the issues. But without a 2nd NIC it's simply not useable as router.

Link to post
Share on other sites

He didn't ask for sarcasm, he already understood.

 

Have a look at this one, but I guess it is not DEBIAN

 

And in Switzerland TK knows a company they make boards with low power X86 processor - I cannot remember the name.

In your profile I cannot read in which country you live, because of stupid german WEEE (Switzerland has a much simpler and better system) rule they do not deliver to Germany.

Link to post
Share on other sites

And in Switzerland TK knows a company they make boards with low power X86 processor

 

If you look for something exactly like the Lamobo R1 then usually you're not willing to accept: "cheap/reliable/performant, choose 2"

 

The routerboards you refer to are well known: http://www.pcengines.ch/apu.htm (and if you do a web search for "alix apu alternative" you'll find http://soekris.com and others).

 

But since people are always looking for dirt-cheap and unreliable stuff simply combining a Banana Pi + USB/Ethernet adapter + cheap TP-Link switch + 3.5" HDD + 12V PSU + 2 step-down converters is worth a look IF you really want to combine router/firewall/NAS on a single device (not the best idea IMO)

Link to post
Share on other sites

And the Turris Omnia thing is not yet buyable, sadly. (April 2016, so we'll see in 4 months if the schedule will be kept, plus it will take probably some time before a regular Debian runs on it)

 

Well, the manufacturer is not a chinese vendor just trying to sell hardware without software/support but it's an open source targeted project from the very beginning. You should start reading from here: https://lists.debian.org/debian-arm/2015/11/threads.html#00071

Link to post
Share on other sites

Hello,

 

The honorable tkaiser had some nightmares with the Lamobo-r1 solving issues. Alas, my lamobo-r1 is not a Mercedes.

 

 

Lamobo-R1 maker really needs a therapy :) not tkaiser. He just needs a Ferrari.

 

 

ok, /etc/network/interface might be used to launch a pre/post script with "sleep 30; service dhcpd start" at least a small workaround for dhcpd

 

(btw, I have read it would be possible to switch off the switch, but it is tricky)

 

--- need to find a link here ----

Link to post
Share on other sites

ok, /etc/network/interface might be used to launch a pre/post script with "sleep 30; service dhcpd start" at least a small workaround for dhcpd

 

How should this help? The problem is if you power on the board all devices connected to the switch ports are in a bridged network segment since the BCM53125 then is just a dumb layer 2 switch. The default state is wrong.

Link to post
Share on other sites

@tkaiser,

 

yes you are right.

 

In my case, my FTTH provider is using PPP over Ethernet with VLAN 835, so yes I am not annoyed with this issue.

 

But the opposite is possible. setting his PC on a separate VLAN so the PC doesn't see the ISP DHCP @boot, then on Armbian start-up starting the VLAN for the local network (if all the machines are VLAN capable). Or at least, one VLAN for 1 PC + VLAN, bridging the eth0.123 with eth0 (after a sleep)

 

is it making sense?

Link to post
Share on other sites

setting his PC on a separate VLAN so the PC doesn't see the ISP DHCP @boot

 

But there are no VLANs defined when the board starts. At this stage the switch is a dumb one. Only after successfully booting the kernel and loading the b53 driver it can be configured through MDIO to be VLAN capable.

 

Did you try it out to simply remove the SD card and start the board? In this mode it's a layer 2 switch, isn't it?

Link to post
Share on other sites

yes of course, already tested with non working Armbian test images

 

my current switch config is

A20 VLAN 835 <===========> VLAN 835 Ethernet / Fiber converter (passive) => PPP => Internet

A20 VLAN 102 <===========> untagged LAN (PCs/Odroid/Rpi2/NASs...)

                           switch53125

 

 

#!/bin/bash
SW=/usr/local/bin/swconfig
$SW dev eth0 set reset 1
$SW dev eth0 set reset_mib 1
$SW dev eth0 set enable_vlan 1
$SW dev eth0 set enable_jumbo 0
$SW dev eth0 set allow_vid_4095 1
$SW dev eth0 vlan 835 set ports '3t 8t'
$SW dev eth0 vlan 102 set ports '0 1 2 4 8t'
$SW dev eth0 set apply 1

 

 

 

we can imagine

 

A20 VLAN 123 <=====> VLAN 123 PCs/etc.

A20 VLAN 321 <=====> untag VLAN Internet connexion

 

so  all the machines on VLAN 123 cannot see the Internet box DHCP => BUT all the machines needs to be VLAN capable and setup for VLAN 123 @boot

 

or with "A20" routing

A20 VLAN 321 <=====> untag VLAN Internet connexion

A20 VLAN 102 <=====> untag LAN (PCs/Odroid/Rpi2/NASs...)

A20 VLAN 123 <=====> VLAN 123 PC (can only see VLAN 123)

but lamobo needs to route/bridge VLAN 123 to untag VLAN :(

Edited by wildcat_paris
my bad
Link to post
Share on other sites

Sorry, I still don't get it. While you might be able to do some really weird VLAN stuff given all your devices are VLAN capable and you know what you're doing, using a 'layer 2 switch' as interconnect between the outside and the inside on an edge router (that is able to learn this VLAN stuff only after successfully booting when setup correctly) seems like a crazy idea.

 

The default state of a router should be "no packets get through", the default state of the R1 is "everything is bridged". That's plain wrong and there's no excuse for that. You simply can not use this device's so called 'WAN port' to be connected to the WAN. It doesn't work.

 

VLANs are a nice feature for internal networks to manage traffic flows and things like that. But that's not something you want to rely on to separate networks from a security point of view. Maybe that's not even the case here but most users of the Lamobo R1 trust in the false 'routerboard' marketing and fool themselves.

Link to post
Share on other sites

The BCM53125 delivers the most comprehensive technologies required by top tier service providers for gateway applications.

Protocols such as IEEE 802.1Q-based VLAN with 4K entries, port-based VLAN, VLAN double tagging (Q-in-Q), and VLAN translation are fully supported.

 

Two additional Gigabit ports for glueless connection to CPU, WLAN, Cable, or DSL chipsets

 

In the key-features there is a block diagram.

 

BCM53124/5: STARFIGHTER2 FEATURES

in the PDF on page: 8, 9 and 20

 

http://community.broadcom.com/community/ethernet-switch- Cannot use free email service email addresses to register

 

 

If this helps in this discussion

Edited by Tido
Link to post
Share on other sites

The idea of the PMU is to manage where power comes from and shut stuff off when it isn't being used to save battery life.

The PMU does NOT merge power sources together, it politely switches to new sources without shutting the system down.

To overcome this unfortunate situation you thought about to start the Switch later.

When I read the comment from Kevin, I thought about if it is possible to prevent or delay power for the BCM53125 ?

Link to post
Share on other sites

To overcome this unfortunate situation you thought about to start the Switch later.

When I read the comment from Kevin, I thought about if it is possible to prevent or delay power for the BCM53125 ?

 

Why don't you look into the (not available) schematics?

 

The BCM53125 can be used as a router but not in the way implemented on the R1. It features 2 RGMII capable ports and must be combined with a SoC that utilises these 2 ports to separate WAN from LAN and the switch must be able to boot into a state where it does NOT interconnect the 5 available GBit PHYs but differentiates between WAN ports and LAN ports. Just have a look into the (not available) documentation from BroadCom to get a clue whether that's possible and how to (possibly not) achieve.

 

Even if it's possible to delay the powering of the switch IC on the Lamobo R1 it always comes up as a dumb layer 2 switch interconnecting all 5 GbE PHYs, therefore WAN and LAN are bridged at least for a short time. This is a no-go and all you might be able to do is to decrease the time where you end up with an open network.

 

Given the many other flaws of this crapboard the conclusion is rather simple...

 

BTW: Every unfortunate customer of this board wastes hours or even days to get the hardware alone working since it's... crap (just have a look at all the posts in this thread here -- there you might also find the necessary steps to reverse engineer whether it's possible to control the power of the switch IC by software or not -- but as already outlined: It's useless to investigate in this direction since on the Lamobo R1 you will always end up with an open network for a short period of time)

Link to post
Share on other sites

I am getting this one in few days. The PRO version is not in the price range of R1 but the normal / LITE could be (there is no price yet). If you consider than you get much more and I predict less troubles, than the price diff perish even compared to PRO. 

 

I don't want to judge anything before booting the beast, but it looks very well designed and right for the job. This device should be able to replace your router and NAS, while R1 doesn't come close to low end / average router and NAS capabilities.

 

Any recommendation for AC mPCI card that works well in Linux 3.18 - 4.4 (AP mode)?

 

 

 

clearfog-pro-components-top-view-1-1024x

Link to post
Share on other sites

Any recommendation for AC mPCI card that works well in Linux 3.18 - 4.4 (AP mode)?

 

I would wait 2 more weeks until the Turris folks reveal which 802.11ac card they use for the upcoming Omnia (at the moment they just say "For various reasons we don't want to reveal concrete names yet. Most probably it will be a combination of AR9287 and QCA9880 chipsets.").

 

I would expect that they choose a card with high performance and low number of issues. And given the current situation (again: https://lists.debian.org/debian-arm/2015/11/threads.html#00071) I would suspect that you'll be able to support the Turris Omnia prior to shipping simply as a byproduct of bringing Armbian to the Clearfog ;)

 

Regarding price difference between the R1 and anything else I couldn't agree more.

Link to post
Share on other sites

Why don't you look into the (not available) schematics?

 

The BCM53125 can be used as a router but not in the way implemented on the R1. It features 2 RGMII capable ports and must be combined with a SoC that utilises these 2 ports to separate WAN from LAN and the switch must be able to boot into a state where it does NOT interconnect the 5 available GBit PHYs but differentiates between WAN ports and LAN ports. Just have a look into the (not available) documentation from BroadCom to get a clue whether that's possible and how to (possibly not) achieve.

 

Even if it's possible to delay the powering of the switch IC on the Lamobo R1 it always comes up as a dumb layer 2 switch interconnecting all 5 GbE PHYs, therefore WAN and LAN are bridged at least for a short time. This is a no-go and all you might be able to do is to decrease the time where you end up with an open network.

 

BTW: Every unfortunate customer of this board wastes hours or even days to get the hardware alone working since it's... crap (just have a look at all the posts in this thread here -- there you might also find the necessary steps to reverse engineer whether it's possible to control the power of the switch IC by software or not -- but as already outlined: It's useless to investigate in this direction since on the Lamobo R1 you will always end up with an open network for a short period of time)

 

I sent again an Email to SinoVoip /Foxconn asking for schematics.

So the BCM53125 ist capable, but I guess the A20 does not come with 2 ports for GBit :-(

I read on the link above, that documentation is available once you have registered for the Broadcom community.

 

If we can decrease the time, where in case of reboot the device is unsecure - it would be better than now.

 

The power issue got solved in March '15 - I will not talk about, you and I know more than enough about it.

 

 

I am getting this one in few days. The PRO version is not in the price range of R1 but the normal / LITE could be (there is no price yet). If you consider than you get much more and I predict less troubles, than the price diff perish even compared to PRO. 

 

I don't want to judge anything before booting the beast, but it looks very well designed and right for the job. 

 

 

I disagree, simply for the fact that it has not this all-in-one approach of the R1.

The idea is great and had I people around me who can design PCB and know how to choose the right hardware - it would be easy to build an R2.

 

Solid-run nor Turris do solve that issue of the all-in-one. Router, NAS, Cloud, Mediaplyer and with your software not from QNAP, Netgear, Zyxel, Synology.

You can get a HP ProLiant MicroServer Gen8  G1610T  but it is power hungry, big and kind of noisy beside the far higher price.

 

So all we tinkerer want, is to get the best out of the R1 and have fun that it works, right?

Link to post
Share on other sites

So all we tinkerer want, is to get the best out of the R1 and have fun that it works, right?

 

Right. We already done a lot on the software side but there are HW limitation which are hard to overcome. It would be glad to see a V2.0 of this product.

 

It's hard to say where is the barrier you are talking about. This solid-run board is on the edge I guess.

Link to post
Share on other sites

So the BCM53125 ist capable, but I guess the A20 does not come with 2 ports for GBit :-(

[...]

If we can decrease the time, where in case of reboot the device is unsecure - it would be better than now.

[...]

The power issue got solved in March '15 - I will not talk about, you and I know more than enough about it.

 

Whether the BCM53125 is capable or not has to be confirmed. If it can not be configured to separate 1 GbE PHY from the other 4 at startup the switch is not useable for routing purposes. Since BroadCom usually doesn't send out the informations you need unless you sign an NDA and order high numbers of components I doubt we will ever know. Anyway it's not useable together with the A20 as far as I understand (since you can only combine the internal EMAC/GMAC with either one externel Fast or GbE PHY).

 

Therefore the whole idea to use this switch for routing purposes is still just a moronic idea that can't work. It's that simple, just try to accept it. A device that interconnects the networks it has to separate by default can not be called a router. After powering on or when the configuration is not appropriate it's just a dumb layer 2 switch that might be configured to use VLANs (and it has to be confirmed if the VLAN implementation is sufficient from a security point of view). 

 

Regarding the power issues nothing has been 'solved'. Only workarounds exist and both the manufacturer of the device and resellers leave it up to you to find the description of possible workarounds somewhere else. I already linked exactly to this thread for a reason: http://www.bananapi.com/index.php/forum/general/391-why-the-sata-disk-doesnt-work-on-bpi-r1?start=36#3624

 

If we only had to deal with software issues maybe this device could be recommended. But the many hardware design flaws (power, Wi-Fi, heat) can't be fixed and as we've seen recently the manufacturer simply doesn't give a shit about these issues. Foxconn/SinoVoip replaced the DC-IN barrel jack on Banana Pi M3 pre-production samples with the crappy micro USB connector and results are as expected. Sudden power-offs already with slight load: http://forum.banana-pi.org/t/banana-pi-bpi-m3-android-5-1-1-image-update/754/5

 

The manufacturer only cares whether you buy his products and not whether you can use them too. Only possible conclusion: Avoid these products or fool yourself.

Edited by wildcat_paris
no edit. just "it's just a dumb layer 2 switch" will soon be my motto :)
Link to post
Share on other sites

Sorry if i jog between the big guys, but i don't understand whats the problem with VLANs on BRI-R1 or any other dumb/singe switch device? I've done this many times in Openwrt and cheap switches with burned out WAN port. I've done this with BPI-R1 also. It's a bit tricky and not so easy and user friendly, but i've done it in Linux too, at least with static or dhcp on internal interface/WAN/port3, not try it with pppoe yet. But even if there is a need to use external USB lan, there is OTG port, there are USB hubs. (About OTG port, i thought for very long time, my device is partly broken because even with 100% working OTG cable i couldn't get it to work in no Linux images, nor Openwrt. Then i notice it's disabled on very low level, don't know with what porpose, so i activate it as host and finally have my second USB port). Maybe i miss something in the treat here?

Of course this board is cheap crap with a lot of issues, but have no alternatives for now, including the price and most of things are correctable if one have some skills. Flaws in power and heat are correctable, only the crappy wifi is not and i, as many others i guess, give up and decide to use external module. Other thing that come to my mind is trasfer between internal storages and outside the switch. I read it's slow because some bad A20 driver. Right now i have around 6/7Mb and 100% CPU use. I thought there are some patches about this making speed a little better, because i have some memories (but not exactly sure need to check again) i had at least triple more speed in Openwrt when i tested. This seems to be the other non solved big problem too.

Anyway, i and i think - people like me, just looking for some hobby and something to replace my old router with Openwrt, with something a little more powerful and with more possibilities to play with. This boards you show in this topic are for the price of NAS. They don't even have SATA port, which is one of the major purposes i bought this board. What should i do with m-sata ports? SSD for NAS, seriously? Or HDD on USB and a forest of cables again. I have this on my current router and the same functionalities, so - no thanks. Why is this ARM CPU there if i cant use it as mini PC, as BPI?I can buy routerboard or some hi-end router for the price. This ClearFog could be some alternative despite missing full sized SATA port, if the price was devided on 3 to be correctly positioned on market, otherwise - why not just buy a NAS or even a mini-ITX PC. The other board, sorry if i hurt some feelings but - are you kidding me?

Link to post
Share on other sites

i don't understand whats the problem with VLANs on BRI-R1 or any other dumb/singe switch device?

Main problem is - while switch is unconfigured - and it is configured ONLY when and if OS (i.e. Armbian) booted up to a point when init script disconnects so-called WAN port from rest so-called LAN ports.

Unconfigured switch means it simply connects your LAN devices to whatever is on the WAN side, and depending on your ISP infrastructure it is either not good or really-really bad from security point of view.

Possible bad things that could happen:

  • Fake DHCP server/ARP poisoning attack - supplies wrong configuration to any device on LAN that is configured to use DHCP.
  • Any device from WAN that can normally reach your WAN port (is on the same subnet/broadcast domain as you) can access any device in your LAN if this device is configured with an IP address (including link-local IPv6 addesses, adresses from ISP's DHCP server or from fake DHCP server from previous paragraph) or if it used some kind of autoconfiguration protocol (avahi/zeroconf/...). This means, that, for example, someone can access not password-protected SMB shares.

Normally you don't expect such things from a device that is positioned as a router.

 

Other thing that come to my mind is trasfer between internal storages and outside the switch. I read it's slow because some bad A20 driver. Right now i have around 6/7Mb and 100% CPU use.

Edit: if you are using SMB, default samba config is not optimized, you can try to improve things a little bit by adding

socket options = TCP_NODELAY SO_KEEPALIVE IPTOS_LOWDELAY
smb encrypt = disabled
tls enabled = no

to your smb.conf

 

Edit 2: changed some options 

Link to post
Share on other sites

Sorry if i jog between the big guys, but i don't understand whats the problem with VLANs on BRI-R1 or any other dumb/singe switch device?

 

The problem is that you are able to bring up a VLAN config only after the switch already interconnected WAN and LAN ports. If you don't care about security or just want to fool yourself: Then this is a perfect choice. If you're concerned about security then this is a no-go. Unfortunately the vast majority of Lamobo R1 users is a bit concerned about security and knows exactly nothing about this problem. That's why at leat I insinst to point that out.

 

Regarding SATA and either the Clearfog Base/Pro or the Turris Omnia. If it's really too hard for you to image that you can use a simple mechanical adapter to get 1 or even 2 SATA ports then I'm not able to help you, sorry:

 

Bildschirmfoto-2016-01-02-um-16.14.jpg

 

Marvell ARM SoCs are unlike Allwinner's dedicated for NAS and router things, they've several PCIe lanes and also 2/3 GbE interfaces that do not suffer from performance problems like the R1 does. According to Turris they also try hard to get CESA working so VPN and other sorts of encryption stuff won't burn the CPU but run on a dedicated crypto engine. They will try to send their patches upstream. SinoVoip/Foxconn neither develop own stuff nor are the crappy results worth a look.

 

And while Tido is still begging to get schematics for the crapboard I prefer vendors that provide a complete set of documentation on their own: http://wiki.solid-run.com/doku.php?id=products:a38x:documents or https://www.turris.cz/en/hardware-documentation(at the moment only older products available, the Omnia will follow soon)

 

BTW: You might be surprised that the A20's OTG port is not a full replacement for an USB host port. But maybe you don't care that much like you don't care about the security implications the R1 switchboard shows.

 

I'll stop here since the discussion gets a bit futile -- at least for me (being happy that such a superiour device like the Omnia is available for that low price -- no, I'm not the type of guy that wants to play only with the cheapest crap available, therefore never ever an R1 again :) )

Link to post
Share on other sites

Unconfigured switch means it simply connects your LAN devices to whatever is on the WAN side, and depending on your ISP infrastructure it is either not good or really-really bad from security point of view.

I didn't thought about this. Thank you both for clarifications. I guess, usb lan adapter is not so meaningless after all. I even found some, combined with hub and card reader...

 

If it's really too hard for you to image that you can use a simple mechanical adapter to get 1 or even 2 SATA ports

Honestly, i didn't know such adapters exists. I own and use the opposite - m-sata to sata adapter for one ssd of mine, never thought this will be much simple and cheap to produce. Ok, you rebut me, i can accept this.

To be not so judgemental i have to say this boards have something that is needed and put them in other segment immediately. This is the SFP port.

Link to post
Share on other sites

Such little heated discussion are usually most productive  :P

  

I would wait 2 more weeks until the Turris folks reveal which 802.11ac card they use for the upcoming Omnia (at the moment they just say "For various reasons we don't want to reveal concrete names yet. Most probably it will be a combination of AR9287 and QCA9880 chipsets.").

 

QCA9880 can be found in many routers so I guess it should be o.k. but it's expensive - around 60 EUR shipped  :angry: and I need to triple check if it's really worthy and if I need an extra card for 2.4G. I think I do.

 

 To be not so judgemental i have to say this boards have something that is needed and put them in other segment immediately. This is the SFP port.

 

That's also what brought my attention. Typical home / small office setup has fiber nowadays, I use fiber converter ... Could be one box and two cables less because of that.

Link to post
Share on other sites

QCA9880 can be found in many routers so I guess it should be o.k. but it's expensive - around 60 EUR shipped  :angry: and I need to triple check if it's really worthy and if I need an extra card for 2.4G. I think I do.

 

In the area here 2.4GHz is already dead. No need for that. The Turris people charge $209 ($139 while campaign is running) without Wi-Fi vs. $285 ($189 now on Indiegogo). So the difference for "antennas, pigtails and 2 Wi-Fi cards" is $76 and $50 while the campaign is running.

 

Since the Omnia's case and PSU aren't of any use for me (will build as usual an own enclosure for board + disk) I'll wait a bit and will order then a card from here with some other network/PoE/solar stuff: http://www.i4wifi.eu/miniPCI-cards-1/

 

Honestly, i didn't know such adapters exists.

 

 

Well, SATA and mSATA differ here only mechanically so you can always use simple adapters to convert between (if you also want to supply power to disk/SSD then it gets tricky since voltage levels are different -- but fortunately that doesn't apply to my case, I just want the Omnia as a powerful edge router, print server and also for encrypted TimeMachine backups serving a couple of Macs here using a large 3.5" HDD)

Link to post
Share on other sites
Guest
This topic is now closed to further replies.