This shows you the differences between two versions of the page.
— |
santo [2014/11/24 01:14] (current) 0.0.0.0 created |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Santo ====== | ||
+ | [[Category: | ||
+ | [[Category: | ||
+ | [[Category: | ||
+ | |||
+ | ===== Overview ===== | ||
+ | * Type: Core Router | ||
+ | * Model: Soekris net5501-70 | ||
+ | * Location: Bedroom 1 | ||
+ | * URL: http:// | ||
+ | * Provides: | ||
+ | * Routing | ||
+ | * Gateway Firewall | ||
+ | * DHCP server | ||
+ | * Name server (master) | ||
+ | * Directory server (LDAP master) | ||
+ | |||
+ | *Specs: | ||
+ | * 500MHz AMD Geode LX | ||
+ | * 512Mb Ram | ||
+ | * 4x 100Mb Ethernet | ||
+ | * 4Gb SanDisk Compact Flash II | ||
+ | * 120Gb Western Digital 5400rpm 8mb (// | ||
+ | |||
+ | ===== Filesystems ===== | ||
+ | Santo' | ||
+ | |||
+ | {| class=" | ||
+ | |+ /dev/sda partitions | ||
+ | |- | ||
+ | ! Partition Number | ||
+ | ! Size | ||
+ | ! Filesystem | ||
+ | ! Mount point | ||
+ | ! UUID | ||
+ | ! Notes | ||
+ | |- | ||
+ | | 1 | ||
+ | | 64Mb | ||
+ | | ext2 | ||
+ | | /boot | ||
+ | | 7d2971df-b96b-49a3-8af9-510f2e058291 | ||
+ | | | ||
+ | |- | ||
+ | | 2 | ||
+ | | 128Mb | ||
+ | | swap | ||
+ | | //none// | ||
+ | | 2a92981a-1f4e-4b55-a306-a824b65509ac | ||
+ | | | ||
+ | |- | ||
+ | | 3 | ||
+ | | 1Gb | ||
+ | | ext3 | ||
+ | | /var | ||
+ | | 2226ba4b-7cc5-497e-8f26-e9b8505e51a2 | ||
+ | | 1kb block size, 200,000 inodes | ||
+ | |- | ||
+ | | 4 | ||
+ | | 2.8Gb | ||
+ | | ext3 | ||
+ | | / | ||
+ | | f8158fc9-f41a-4e66-b5a7-5d3ed20d951f | ||
+ | | 1kb block size, 400,000 inodes | ||
+ | |- | ||
+ | |} | ||
+ | |||
+ | There is also a 120Gb SATA drive present, though it is run through a SATA-> | ||
+ | |||
+ | {| class=" | ||
+ | |+ /dev/sdb partitions | ||
+ | |- | ||
+ | ! Partition Number | ||
+ | ! Size | ||
+ | ! Filesystem | ||
+ | ! Mount point | ||
+ | ! UUID | ||
+ | ! Notes | ||
+ | |- | ||
+ | | 1 | ||
+ | | 100% | ||
+ | | lvm | ||
+ | | //none// | ||
+ | | | ||
+ | | volumegroup: | ||
+ | |} | ||
+ | |||
+ | The logical volumes will be used to house filesystems which are frequently/ | ||
+ | |||
+ | {| class=" | ||
+ | |+ lvm:pool logical volumes | ||
+ | |- | ||
+ | ! Name | ||
+ | ! Size | ||
+ | ! Filesystem | ||
+ | ! Mount point | ||
+ | ! UUID | ||
+ | ! Notes | ||
+ | |- | ||
+ | | var | ||
+ | | 5G | ||
+ | | ext4 | ||
+ | | /var | ||
+ | | 1488edcf-c6c7-4f7c-80a7-790a52b60c41 | ||
+ | | | ||
+ | |- | ||
+ | | backups | ||
+ | | 10G | ||
+ | | ext4 | ||
+ | | /backups | ||
+ | | 32c4b0eb-7733-4b7f-a6ec-7a7292136f68 | ||
+ | | | ||
+ | |- | ||
+ | | porage | ||
+ | | 5G | ||
+ | | ext4 | ||
+ | | / | ||
+ | | 0b572fe0-8cee-465a-bca2-9212d7ff7695 | ||
+ | | 1kb block size, 800,000 inodes | ||
+ | |} | ||
+ | |||
+ | ===== Installation ===== | ||
+ | ==== Kernel config ==== | ||
+ | Full kernel .config files are stored in subversion, at [[https:// | ||
+ | |||
+ | The following options are necessary for the system to boot under both VMware and the Soekris hardware. | ||
+ | |||
+ | {{Warning|In order to enable DMA, it is important not to select any generic IDE/SCSI controllers; | ||
+ | |||
+ | {{Kernel|2.6.28-gentoo-r1|< | ||
+ | |||
+ | ==== Serial Console ==== | ||
+ | The serial port on the Soekris hardware is currently configured to run at 38400 bps, using 8 bit words, no parity bits, and one stop bit (38440 8n1). | ||
+ | |||
+ | Grub will need to output the boot menu to the serial console: | ||
+ | {{File|/ | ||
+ | |||
+ | Finally, add a login prompt to the serial console. -L forces the output to work, even if the cable isn't connected. | ||
+ | {{File|/ | ||
+ | |||
+ | ==== Network Configuration ==== | ||
+ | Network configuration is stored in subversion, under [[https:// | ||
+ | |||
+ | ==== Installed software ==== | ||
+ | Also see [[Linux# | ||
+ | |||
+ | * {{Package|direct=yes|net-dns/ | ||
+ | * {{Package|direct=yes|net-dns/ | ||
+ | * {{Package|direct=yes|net-misc/ | ||
+ | * {{Package|direct=yes|net-misc/ | ||
+ | * {{Package|direct=yes|net-firewall/ | ||
+ | * {{Package|direct=yes|net-analyzer/ | ||
+ | * {{Package|direct=yes|net-nds/ | ||
+ | * {{Package|direct=yes|sys-auth/ | ||
+ | * {{Package|direct=yes|sys-auth/ | ||
+ | * {{Package|direct=yes|net-fs/ | ||
+ | * {{Package|direct=yes|net-wireless/ | ||
+ | * {{Package|direct=yes|net-wireless/ | ||
+ | * {{Package|direct=yes|net-wireless/ | ||
+ | * {{Package|direct=yes|net-misc/ | ||
+ | * {{Package|direct=yes|net-misc/ | ||
+ | * {{Package|direct=yes|www-servers/ | ||
+ | * {{Package|direct=yes|dev-lang/ | ||
+ | * {{Package|direct=yes|dev-db/ | ||
+ | * {{Package|direct=yes|dev-util/ | ||
+ | * {{Package|direct=yes|mail-mta/ | ||
+ | * {{Package|direct=yes|net-misc/ | ||
+ | * {{Package|direct=yes|app-crypt/ | ||
+ | * {{Package|direct=yes|net-analyzer/ | ||
+ | |||
+ | ===== Configuration ===== | ||
+ | ==== Logging ==== | ||
+ | See [[Syslog]]. Santo' | ||
+ | |||
+ | Add the following mounts: | ||
+ | {{File|/ | ||
+ | |||
+ | ==== Watchdog ==== | ||
+ | If the kernel was compiled with support for the Geode LX and hardware watchdog, install {{Package|direct=yes|sys-apps/ | ||
+ | |||
+ | {{File|/ | ||
+ | |||
+ | Then start the watchdog, and add it to the boot runlevel: | ||
+ | {{Root|< | ||
+ | |||
+ | ==== LDAP ==== | ||
+ | See [[LDAP/ | ||
+ | |||
+ | ==== DNS/DHCP ==== | ||
+ | See [[DNS & DHCP]]. Configuration files are stored in subversion, under [[https:// | ||
+ | |||
+ | ==== Firewall ==== | ||
+ | See [[Iptables]]. | ||
+ | |||
+ | ==== Mail ==== | ||
+ | Edit < | ||
+ | |||
+ | {{Root|< | ||
+ | |||
+ | ==== Samba ==== | ||
+ | Configuration is stored in subversion, under [[https:// | ||
+ | |||
+ | {{Root|< | ||
+ | |||
+ | ==== UPNP ==== | ||
+ | Configuration is stored in subversion, under [[https:// | ||
+ | |||
+ | {{Root|< | ||
+ | |||
+ | ==== Apache ==== | ||
+ | //TODO// | ||
+ | |||
+ | Set up remote logging, as per [[Apache# | ||
+ | |||
+ | ==== Wireless ==== | ||
+ | See [[Wireless]]. Configuration is stored in subversion, under [[https:// | ||
+ | |||
+ | ===== Backups ===== | ||
+ | The options are: | ||
+ | * rsync, backing up directly to an NFS mount on [[Hosts# | ||
+ | * perlbak, using the SATA hard drive as scratch space before copying the final tar across to Athens. | ||
+ | |||
+ | ===== Useful information ===== | ||
+ | ==== Hardware ==== | ||
+ | < | ||
+ | |||
+ | ==== Disk performance ==== | ||
+ | / | ||
+ | |||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | PIO modes: | ||
+ | DMA modes: | ||
+ | UDMA modes: udma0 udma1 *udma2 udma3 udma4 | ||
+ | | ||
+ | Drive conforms to: Unspecified: | ||
+ | |||
+ | | ||
+ | | ||
+ | |||
+ | ===== Troubleshooting ===== | ||
+ | Santo on the Soekris hardware has had some stability issues in the past. It looks like these might be fixed with the current 2.6.28-gentoo-r1 kernel config, but just in case, here is a magic incantation to spam syslog every 5 minutes, just to show the kernel is still alive. | ||
+ | |||
+ | {{Root|< |