Linux on x86 hardware has long been a reliable, capable, inexpensive way to make routers, wireless access points, and firewalls at a fraction of the cost of commercial devices. You get a lot more flexibility, more security, and often better performance. You can use recycled old gear, or specialized routerboards like Soekris, PC Engines, and Microtik. (Mikrotik also uses non-x86 CPUs, like PowerPC and MIPs.) Some folks think they’re a bit expensive, but you can’t beat them for flexibility and sturdiness. These little boards tolerate tough conditions and are highly customizable.
Both Soekris and PC Engines have introduced a new line of more powerful boards. Soekris, as usual, gives theirs a dull name, the net5501. This comes with a 433 or 500 MHz AMD Geode LX800 CPU, IDE and SATA connectors, Ethernet, serial, PCI, and more. PC Engines has a similar board they call Alix.
AMD is discontinuing the older, less powerful Geode SC1100 CPUs, so the boards that are based on these are phasing out of production. These are models like the PC Engines WRAP board and the Soekris net4826. These little boards are plenty powerful enough for a lot of network jobs, so keep your eyes open for good deals, especially in the second-hand market.
The hard part with these little boards is choosing an operating system to put on them. Here is a small sampling of what is available:
- m0n0wall. Based on FreeBSD, includes router, firewall, captive wireless portal, VPN, name services
- Bering uClibc. Customized Linux based on stripped-down libraries; firewall, router, wireless access point, name services
- Pyramid Linux. Based on Ubuntu, firewall, router, wireless access point, name services
- iMedia Embedded Linux. Several versions from 8 megabytes (yes, it boots and does networking!) to larger versions for routers and firewalls, and media servers.
Because the newer, more powerful boards support larger storage devices, such as microdrives, big Compact Flash cards, and hard drives, whittling the operating system down as much as possible isn’t as urgent a problem as it used to be. But it’s still a good idea to use as lean an operating system as possible, for fewer potential security holes. Especially on devices that face untrusted networks.
Voyage Linux is a fairly new contender in the embedded space. Based on Debian Etch, it weighs in at about 64 megabytes. A nice feature it retains is apt-get for package management, so you’ll need to allow extra room for package management. 128 megabytes should be plenty. This is unusual for tiny Linux distributions, which usually jettison any package managers to save space. But somehow the Voyage Linux developers figured out a way to keep it. So you don’t have to learn a new specialized command set, or weird hacks for updating, adding, and removing software- the ordinary old Debian way works fine.
Voyage comes in two flavors: a tarball and a LiveCD ISO image. The tarball can be installed on a number of different devices: a hard drive, Compact Flash, or a USB drive.
Installing Voyage Linux on Compact Flash
The easy way is with a USB reader/writer. Get a Compact Flash card that is at least 128 megabytes, and then partition and format it with an Ext2 filesystem. You’ll need the correct device name, so plug in your card and then run dmesg:
[57353.455055] SCSI device sdd: 1000944 512-byte hdwr sectors (512 MB)
fdisk should also tell the tale:
# fdisk -l
Device Boot Start End Blocks Id System
/dev/sdd1 1 505 250449 83 Linux
Be very sure you have the correct device name, because it would be sad if you overwrote your hard drive. Now use fdisk or GParted to create a new partition on the Compact Flash card. With GParted you may also format the new partition with an Ext2 filesystem.
Command-line commandos should use these commands to create the filesystem, using your own device and partition names:
# mkfs.ext2 /dev/sdd1
# tune2fs -c 0 /dev/sdc1
The tunefs command disables those annoying forced fscks.
Now download the tarball to a Linux PC. The current stable release is 0.4.1, even though it doesn’t say so yet on the download page. Unpack it with this command:
$ tar --numeric-owner -jxf voyage-0.4.1.tar.bz2
Ignore the “tar: voyage-0.4.1/dev/console: Cannot mknod: Operation not permitted” errors. Your system should already have /dev/console and /dev/null, so tar doesn’t need to create them.
Now you’re ready to copy the files to your Compact Flash card. This bit is easy, the because Voyage Linux developers supply an excellent installation script. Change to your voyage-0.4.1 directory and run the installation script as root:
First select “1 – Create new Voyage Linux disk”, then there are seven steps that you must follow in order:
What would you like to do?
1 - Specify Distribution Directory
2 - Select Target Profile
3 - Select Target Disk
4 - Select Target Bootstrap Loader
5 - Configure Target Console
6 - Copy Distribution to Target
7 - Exit
The Distribution Directory is voyage-0.4.1. Target Profile is whatever type of hardware you’re going to run Voyage Linux on. Target Disk is your Compact Flash card, which in the example above is /dev/sdd. Then it asks for the partition number.
Then you need a local mountpoint, like /mnt/voyage, and this directory must already exist. Then choose your favorite bootloader (GRUB rules!), select Serial Terminal for the Target Console, and then choose the appropriate baud speed for the serial link. On Soekris boards this defaults to 19200 and WRAP boards are 38400. If you don’t choose the correct speed your serial console will be full of gibberish. The installer should choose the correct default for you anyway, based on the profile you selected.
You’ll get a chance to review all of your settings and make changes before the files transfer. Step 6 is copy the files, and 7 is exit. It will take 3-4 minutes to copy all the files.
You can verify that the files copied correctly by mounting the Compact Flash on your Linux PC. I this example I use the downloads/tmp directory in my home directory :
[email protected]:~# mount /dev/sdc1 downloads/tmp
Configuring Networking and Other Services
It’s easy at this stage to enter your configurations while the Compact Flash card is still mounted on your Linux PC. Next week we’ll configure networking, learn how to maintain and update Voyage Linux, and set up an Internet-connection sharing firewall.