[conspire] Quiet, Freedom-compatible NAT/firewall/misc box?
Daniel Gimpelevich
daniel at gimpelevich.san-francisco.ca.us
Thu Apr 23 14:30:08 PDT 2015
On 03/16/2015 03:38 AM, Rick Moen wrote:
> At the most recent CABAL meeting, Dana Goyette ( /me waves from Hilo,
> HI) suggested that the AMD Kabini SoC (socket FM1) on a mini-ITX form
> factor motherboard might meet my needs for a multi-purpose silent, small
> machine on our inside network:
> http://www.newegg.com/Product/Product.aspx?Item=N82E16813157574&cm_re=mini-itx_amd-_-13-157-574-_-Product
Actually, if memory serves, the board he suggested that night was
Geode-based. You seem to have found something else. Here is a WiFi
version of it: http://www.superbiiz.com/detail.php?name=MB-Q1500IW
The most oomph in an AMD SoC appears to be in the CompuLab fit-PC4 Pro,
which has dual Ethernet and is currently orderable. Intel has offerings
where Gigabit Ethernet and hardware crypto are on the SoC instead of
video: http://www.superbiiz.com/detail.php?name=MB-A1RI25
There are also AMD offerings without video:
https://www.deciso.com/netboard-a10/
That last one is from the company behind OPNsense, a new fork of pfSense
and the official successor to the now-defunct m0n0wall distro.
The new version of Beema and Mullins is Carrizo, used in the Acer Aspire
E5-422G and the HP 255 G4.
Here is another A4-5000 offering:
http://www.superbiiz.com/detail.php?name=MB-A68N-5K </hardware ramble>
As I understand it, you want a machine in sleeping quarters to eliminate
location as a single point of failure on the inside network. Since you
talked about deploying virtualization and possibly containerization on
the Intense PC you purchased, the software solution for this use case
that stands out is Swarm, which is to Docker containers what RAID is to
data. You could install CoreOS on the machine in the sleeping quarters
and in a VM on the Intense PC, with Docker containers on each being
managed by Swarm and administrated directly from your MacBook Air. If
any container needs access to storage, there is something called
Flocker, too. </software ramble>
Having redundancy for your Internet presence in sleeping quarters still
does not address the single point of failure that is connectivity. The
Intense PC would live in the same space as the DSL modem and telco
demarc, IIRC. You also have a CableCard TiVo, but I do not know whether
it currently has Comcast service nor where the cable demarc is.
Theoretically, you could get a separate Internet connection for the
machine in the sleeping quarters to complete the redundancy. There is
much more to be said about establishing this, but I won't waste my
breath unless there is actual interest in it. <connectivity ramble>
More information about the conspire
mailing list