From 86675df9c236c0d0c0e9d825e8777dfbb9acf6e9 Mon Sep 17 00:00:00 2001 From: admin Date: Fri, 30 Dec 2022 11:16:38 +0000 Subject: [PATCH] --- Replacing_PC_Engine_Alix_by_Turris_MOX.mdwn | 130 ++++++++++++++++++++ 1 file changed, 130 insertions(+) create mode 100644 Replacing_PC_Engine_Alix_by_Turris_MOX.mdwn diff --git a/Replacing_PC_Engine_Alix_by_Turris_MOX.mdwn b/Replacing_PC_Engine_Alix_by_Turris_MOX.mdwn new file mode 100644 index 0000000..9b0d5c5 --- /dev/null +++ b/Replacing_PC_Engine_Alix_by_Turris_MOX.mdwn @@ -0,0 +1,130 @@ +# Replacing PC Engine Alix by Turris MOX + +## History and motivation + +Since 2010, I used an [Alix](https://pcengines.ch/alix2d3.htm) device +as my home router/firewall, plus some basic services: DNS, ntpd, dhcpd... I +installed Debian on it, and it provided so far a robust 'fire and +forget' solution. + +Though some problems started to pile up over the years: + +1. The Geode LX processor in the Alix series isn't a full i686 +CPU. Debian dropped support fo these, see + + +So I am basically stuck with Debian Jessie, which is EOL since mid-2020[^1]. + +[^1]: the Alix with its Geode LX CPU may still be able to get more recent + Debian releases, see: + + (not tried) + +2. I got finally FTTH at home, and the 100Mbit/s of the Alix ethernet + ports aren't enough to catch up all the speed of my connection. + +3. The Alix board is really short on RAM: 256Mb only; so I can't even run Emacs on it. + +4. The boot time of the Alix is long: full 3 minutes + +So after 12 years, let's look at something more powerful, and still cheap on +price and electricity consumption. + +## Choosing a new router + +More specifically, I wanted: + +1. Fanless + +2. A 64 bits CPU + +3. At least 3 LAN ports + +4. SFP port or WIFI not really needed + +Here the short list I came through, all around 200$: + +1. A mini PC with Intel Celeron Quad Core and 4 LAN ports (Intel + i225); it's called "J4125 industrial PC" on AliExpress and the + brand is unknown; there are a lot of similar offerings on their web + site + +2. [Banana BPI R64](https://wiki.banana-pi.org/Banana_Pi_BPI-R64); if + you don't do POE, you need a power supply with non standard plug + dimensions. + +3. [Turris MOX](https://www.turris.com/en/mox/overview/); shipped with + a customized OpenWRT called TurrisOS + +4. Expressobin Ultra: similar SoC as the Turris MOX; OS shipped seems + to be Armbian + +Choices which may have been valid also: + +1. ClearFog CN9130 Pro; sold by SolidRun. This is a high end router, a + bit too overkill in features and pricy. But probably excellent for + the SOHO market. + +2. The last generation of Alix called APU2; this would have been the + easy replacement choice. Has open source BIOS. A bit costly, but + the nail in the coffin was lack of availability by the vendors at + the time I wanted to buy. + +I settled about the Turris MOX (modules A and C), bought through +Discomp. The decisive arguments for my choice were: + +1. a flexible, upgradable and open architecture +2. an active community exists around Turris hardware + +## Beginning with the Turris MOX + +Mounting/unmounting the parts of this Lego like device is easy: + + +First connexion is straightforward: + + +The MOX admin web interface (called Foris) is at http://192.168.1.1, +which is often also the address of your ISP modem; in that case you +have to change that last one to avoid conflict. + +Foris is a wrapper around the standard Luci configuration tool of +OpenWRT. It allows for a simple connectivity test, and manages +additional packages or upgrades of TurrisOS (more on that below). But +for more advanced configuration, Luci is unavoidable, be it the web +interface or the command line. Notice that changes made through Luci +can introduce inconsistencies with Foris, and so unexpected behaviour. + +I never tried to get ipv6 from my ISP with my old Alix (I had a tunnel +for that). The MOX was able out of the box to offer additional ipv6 +addresses from my ISP /56 prefix to all my devices at home, good! + +At first connection, Foris offers to upgrade its factory setup. This +won't work because the factory release is too old wrt the proposed +upgrade. You will have to use the [reflash procedure from a USB +drive](https://docs.turris.cz/hw/mox/rescue-modes/#re-flash-router) to +get the most recent version and allow upgrades from there. Entering +the reflash mode is a bit tricky, you have to monitor a led on the +other side than where the button to push (actually a paper clip hole) +is located. + +## Hacking the Turris MOX + +There is no serial DB9 port on the MOX like the Alix had, you have to +use the [GPIO connectors](https://docs.turris.cz/hw/serial/#turris-mox). + +The serial/USB convertor must be at 1.8V, this is non standard. For +20$, I purchased a DSD TECH SH-U09C2 adapter. With this adapter you +don't need to connect the VCC 1.8V GPIO pin. + +## Debian as a LXC container + +The procedure to do that is explained here: + + +I connected a USB disk for Debian on the MOX and choose to share +network with my container like that: + + lxc-start -n turris-debian --share-net 1 + +So I was able to install Debian specific stuff I had on the Alix. -- 2.39.2