Creating a router from IPFire using a Soekris appliance


Taken from (and modified) http://wiki.ipfire.org/en/installation/start#installation_on_a_alix-board

This is the way we build routers at Smart Appliances/Daily Data. Your install may not be the same.

 

  1. Get a serial number, and print labels using 1/4" tape for serial number, and ports as follows (uses spaces instead of *'s)
            5       5            4      5
    Serial*****dmz*****wireless****lan*****internet*
  2. Cut out serial number and place it under extension access port on back. Trim rest and center them under the ports (DMZ should be port 4)
  3. Get a copy of the scon (Alix) image from IPFire. Generally, it is labeld "Alix" and is under the i586 tab
  4. Prepare the drive (CF Card) and install IPFire on it. NOTE: Do not worry if you are using a larger CF; part of the automatic install includes resizing the partitions to use the entire drive
    1. As root
      1. tail -f /var/log/messages
      2. Plug a USB to CF card reader into your computer
      3. Watch syslog output to see what the device name is.
      4. Unmount the partition if it is auto-mounted
      5. # NOTE: The following step gives NO visual feedback until done. Then, it will simply return the cursor to your console. It can take 15-20 minutes if you have a slower machine. Go get some coffee or something
      6. zcat ipfire-2.11.2gb-ext2-scon.i586-full-coreXX.img.gz > /dev/sdx # where sdx is the drive
      7. sync # to ensure the data is written to the device
      8. Remove the CF
  5. On Soekris, remove four screws from bottom and pull enclosure apart
  6. Lower left, remove retaining screw (screw with plastic thing around it)
  7. Insert CF in slot, manufacturers label up
  8. Replace retaining screw
  9. Re-assemble unit. This is a pain as the two slots in the back and the front have to line up correctly. It takes a few times doing this before you are any good at it. Do not power up yet.
  10. Set up Linux computer with serial cable. If USB, watch messages to find serial port name
  11. Plug serial cord into serial console on router
  12. Start Serial console. I use minicom in the following.
    1. run minicom as 'minicom -o -D /dev/ttyUSB0' (changing ttyUSB0 to whatever the serial port is). The -o means "don't send initialization string to modem'"
    2. Configure minicom to 8 bit, no parity, 1 stop bit, 115200 baud, HW off, SW on, and VTG102 terminal
  13. Initial run
    1. power up router
    2. You should see some weird characters as it is starting, then a boot screen. In reality, you can go do something else for about 5 minutes, as this is all automated.
    3. Router will reboot during this process. That is ok. It is resizing the file system to the size of the CF
  14. Configure router (after reboot). Note: from here on, it is necessary you are familiar with the IPFire command line interface. Using a serial console has severe limitations in the display of the configuration menus you will be going through. You will, in many cases, only be able to tell where your cursor is because you "know" where it is at that point in the install. Tab/Enter/whatever all work just fine, you just don't get feedback from the screen on where you are.
    1. Enter all configuration as normal.
    2. When you get to the network config, set it up as you want. Normally, I set up Red+Green+Blue+Orange (hey, four ports, four port configuration)
    3. On the first test, the MAC addresses were in reverse order, ie, the leftmost port (viewing from the back, furthest from the serial console connector) is the largest MAC address. The port closest to the serial console is the smallest.
      1. Allocate Red to the first mac address
      2. Allocate Green to the second mac address
      3. Allocate Blue to the third mac address
      4. Allocate Orange to the fourth mac address
    4. Generate three random private IP addresses (use random_private_ip.pl if desired) and assign them to Green, Blue and Orange
    5. Complete rest of router config, including setting DHCP on green.
  15. Plug computer into green network (second from power supply) and log in to web interface at https://green.private.ip:444
    1. Log into router and set ssh on. Username is admin, password is whatever you chose when you started configured.
  16. Install extra software. You can do it via the web interface (pakfire tab) or from the ssh command line as
    pakfire install joe htop mtr nmap
  17. Following are optional, but it is good to do them on all routers:
    1. Install sysinfo v2. Be sure to set the serial number.
    2. Install dyndd, configure, and make sure it works.

 

Tags: ipfire
Last update:
2014-03-01 04:10
Author:
Rod
Revision:
1.1
Average rating:0 (0 Votes)

You cannot comment on this entry

Chuck Norris has counted to infinity. Twice.