Ok fuck this I've worked around enough misfeatures on this thing. I need a router that:
* Has no wifi. No, I don't want to just turn it off. No wifi.
* Runs off PoE.
* Gigabit copper, no SFP, I do not need 2.5GBps.
* Handles ipsec and GRE tunneling. I need no other VPN support.
* Ideally at least 4 ethernet ports, otherwise I'm going to need to buy another switch.
* Can sustain bidirectional gigabit either without relying on hardware offload or with offload that works in all the above cases
* Small. If it's rack-mountable it's way too big.
* No fan.
* An actual product, I do not want to have to build it myself.
* I'm sure I'll find arbitrary ways to decide that whatever you suggest doesn't fit my arbitrary criteria but please suggest anyway
@mjg59@nondeterministic.computer Depending on your definition of a product, some variation of a Banana Pi BPI-R4 kit with the optional PoE module might fit your needs and they do have good upstream OpenWRT support.
Oh wait hang on Ubiquiti released their first firmware update for this in two years last week let me try that first
@mjg59@nondeterministic.computer https://mikrotik.com/product/RB750r2 ?
Nope echo 1 >/proc/mt7621/hw_nat and immediately anything going via the IPv6 tunnel ends up with missing fragments. Hmm. Maybe I can try something awful.
@mjg59@nondeterministic.computer Mikrotik hEX routers are pretty close, except their PoE-in is only passive, not 802.3af.
@mjg59@nondeterministic.computer ER-X? Have you tried OpenWRT?
Sigh nope clamping the ethernet interfaces to 1480 doesn't help
@mjg59@nondeterministic.computer ER-X? Have you tried OpenWRT?
Sigh nope clamping the ethernet interfaces to 1480 doesn't help
β¦oh wait there's no actual reason my IPv6 gateway has to be the same as my IPv4 one, is there? Something else on my network can terminate the tunnel and RA
β¦oh wait there's no actual reason my IPv6 gateway has to be the same as my IPv4 one, is there? Something else on my network can terminate the tunnel and RA
@mjg59@nondeterministic.computer Yup, when I started with IPv6 I had a separate router handling it for a while.
@mjg59@nondeterministic.computer No good reason at all, you can terminate the endpoints wherever. Might mean some duplication of firewall rules but that's about it
@warthog9@social.afront.org
@kevin@mastodon.km6g.us
I wish I could recommend a vendor that meets @mjg59@nondeterministic.computer's requirements and does not violate #GPL but I don't know one.
As a sneak peak, #OpenWrt Two, which is in the works, will likely meet almost all of the specs except that it does have Wifi.
Cc: @becomethewaifu@tech.lgbt
@mjg59@nondeterministic.computer Yup, when I started with IPv6 I had a separate router handling it for a while.
@mjg59@nondeterministic.computer No good reason at all, you can terminate the endpoints wherever. Might mean some duplication of firewall rules but that's about it
@warthog9@social.afront.org
@kevin@mastodon.km6g.us
I wish I could recommend a vendor that meets @mjg59@nondeterministic.computer's requirements and does not violate #GPL but I don't know one.
As a sneak peak, #OpenWrt Two, which is in the works, will likely meet almost all of the specs except that it does have Wifi.
Cc: @becomethewaifu@tech.lgbt
@bkuhn@fedi.copyleft.org @warthog9@social.afront.org @mjg59@nondeterministic.computer @becomethewaifu@tech.lgbt Luckily OpenWrt can be used on the Mikrotik hEX POE Lite, and some of the other hEX models, and could probably support the hEX S as well. That would at least allow the user to replace the software with a GPL-respecting system.
@bkuhn@fedi.copyleft.org @warthog9@social.afront.org @mjg59@nondeterministic.computer @becomethewaifu@tech.lgbt Luckily OpenWrt can be used on the Mikrotik hEX POE Lite, and some of the other hEX models, and could probably support the hEX S as well. That would at least allow the user to replace the software with a GPL-respecting system.
Matthew Garrett
