Thursday, May 24, 2007

WRAP and RouterOS


As someone who is frequently involved in Hotspots, VPN's, QoS, Firewalling, Queuing and Shaping; I've chosen to use a WRAP 1-2 loaded up with RouterOS to manage my home connection.

The system had to support many features and preferably all in one package which the WRAP hardware makes easily possible (as opposed to my previous methods of piecing together discarded systems and old cards)

The setup comprises of an IPSEC Tunnel through to my work network, standard routes out through the ADSL Line (soon to be dual lines with load-balancing); Mikrotik Usermanager gives everyone a monthly limit on the ADSL connection.

Having the benefit of a mini PCI slot I can use my preferred wireless card (namely the SR2) and present an open wireless hotspot connection, meaning I don't have to worry about neighbors using my internet.

P2P shaping and simple Queueing means that web pages will always load quickly even if someone else is whipping their Bittorrent client. Even World of warcraft runs better ;-)

Best of all, I don't have to worry about noise, lack of space, excess power usage or hardware failure for years to come. The WRAP system has replaced 3 computers for me for less than the price of 1.

Some stats from the www.yawarra.com.au page:


 WRAP 1-1 WRAP 1-2 WRAP 2 Indoor WRAP 2 Outdoor net4801
Features WRAP 1-1 WRAP 1-2 WRAP 2 Indoor WRAP 2 Outdoor net4801
Processor AMD Geode SC1100 - 233 MHz AMD Geode SC1100 - 233 MHz AMD Geode SC1100 - 233 MHz AMD Geode SC1100 - 233 MHz AMD Geode SC1100 - 266 MHz
Onboard memory 128MB 128MB 64MB or 128MB 64MB or 128MB 128MB or 256MB
Ethernet ports (10/100) 2 3 1 1 3
Throughput (MBits/sec) * 42.8 42.8 N/A N/A 33.6
mini-PCI slots 2 1 2 2 1
PCI slots None None None None 1
(3.3V cards only)
IDE interfaces 1 x CF type I/II 1 x CF type I/II 1 x CF type I/II 1 x CF type I/II 1 x CF type I/II
1 x 2.5" HDD
GPIO interface Yes Yes Yes Yes Yes
Serial ports 1 1 1 1 2
(1 internal, 1 external)
USB ports None
(1 or 2 port USB 1.1 expansion kit available)		 None
(1 or 2 port USB 1.1 expansion kit available)		 None None 1
(USB 1.1)
Power usage typical 3-5W @ 12V typical 3-5W @ 12V typical 3-5W @ 12V typical 3-5W @ 12V up to 15W (with HDD)
PPOE Yes Yes Yes Yes
(Recommended)		 No
Network bootable (PXE) Yes # Yes # Yes # Yes # Yes
Case colours red, orange, green, blue, silver, black, white, yellow ^ red, orange, green, blue, silver, black, white, yellow ^ silver matt silver Soekris green, Yawarra black^
Size (mm) 163W x 161D x 28H 163W x 161D x 28H 110W x 166D x 28H 210W x 180D x 53H 216W x 157D x 35H
Weight (board & case) 420g 425g 378g 1718g 770g
C-Tick compliance Yes Yes Yes Yes Yes
Available products WRAP 1-1 board

WRAP 1-1 		WRAP 1-2 board

WRAP 1-2 		WRAP 2 board

WRAP 2 Indoor 		WRAP 2 board

WRAP 2 Outdoor 		net4801 board

net4801
Posted by at No comments:
Labels: , ,

Wednesday, May 23, 2007

Embeded Systems

'
I've been experimenting recently with a number of embeded router/firewall OS's in the hope of finding something that can easily handle the following tasks:

a) IPSEC Tunnel into my work network, for VoIP, Email and Access to the systems there.
b) Port forwarding, NAT, UPnP (for the families computers connected on the network)
c) Load Balancing over 2 WAN connections
d) Download limiting, something with a built in user-manager.
e) Future allowance for hosting my own wireless hotspot off this. (So long as I upgrade to a SOHO or Business Internet connection)

Of the ones I've tested (M0n0wall, pfSense, RouterOS) RouterOS is the costliest, but also the most open in terms of configuration.

That and they've currently started making a built in usermanager openly available.
I'm currently testing it with a couple of monthly limits for my brother (or bothers ;-) who are using my connection at home. This way they get a limited amount for the month, and can checkup on it at any time.
For the moment, I plan on just getting the user management setup correctly so they can continue using. (Rate limiting applied of course!)

After I'm comfortable that its all working I shall start work on setting up the load balancing to here.

Posted by at No comments:

Tuesday, May 22, 2007

Redundancy

Hmm, I've gotta get me one of these.


Posted by at No comments:

Eber 220, 230 and the new hotspot system.

The company I work for recently won some Business at 2 major locations.

One being the a certain Uni in WA, the other a Student accommodation complex on the Sunshine coast.

This involves me getting together, installing testing and configuring relevant embedded systems, which will be used in conjunction with our newly created Hotspot backend database/system to manage the internet accounts of an estimated 1000+ students in WA and 450ish on the coast.

Currently the WA site has free but very restricted access for students, while the sunshine coast site runs a currently non-working radius based system in which students pay through the nose for data.

As it stands we intend to install 2 x Eber 220 units (made by www.yawarra.com.au) at the WA site, and are looking at possibly using an Eber 230 unit for the sunshine coast property.

I say probably as I'm not entirely sure if our router software's (www.mikrotik.com) current version supports the Realtek Gigabit ethernet chipset that comes on the 230's.

Anyway.. pictures!

The first one here is of the system open, displaying all the guts and glory.

Some stats on the device:
Name: Eber 220
Board: Manufactured by Commell (www.commell.com.tw)
CPU: 533mhz VIA Eden CPU
Ram: 256mb (can be upgraded to 512mb, uses a small form stick as its fitted in a 1U case)
Ports:
  • 3 x 10/100 Mbit Intel
  • 1 x 10/100/1000 Mbit Intel
  • Serial Port
  • 2 x USB ports
  • VGA out
  • 2 x PS2 Inputs (Only accessible when the case is open) - for Keyboard and Mouse
Available inside:
  • Floppy disk controller and connector
  • IDE connector
  • Secondry serial port connector
  • Parallel port
More info on the board is available at: www.yawarra.com.au

Update: Yawarra has since made a small revision to the boards.. namely replacing the front pannel to disallow access to the 5v power connector.

This was an issue as it was exactly the same size as the rear connection, which takes the standard 12v. A client of ours managed to kill 2 boards because of this. (That and they removed the rubber bung from the front port.)

This is the new faceplate they sent us for the remaining working unit (previous has a hole in the left hand side) I also de-soldered the point so there's no point there at all now.

I'm also currently investing the next model up, the Eber 230 which has a 1ghz cpu and runs 4 gigabit realtek LAN points. The investigation step is mainly checking with our yawarra contact if the current version of RouterOS will support the Realtek chipset.

And last but not least my re-designed version of the hotspot page for accessEzy.
Posted by at 2 comments:

3rd time lucky?

Well, this is actually my third attempt at cataloging some daily routines, guides, cool stuff I get to see/do and the other blog stuff .. into a blog.

I'll actually favorite this one so I don't forget where it is.

Enough about me.. time to get back to work.
Posted by at No comments:
Subscribe to: Posts (Atom)