Autore: Martin Steigerwald Data: To: Devuan ML Oggetto: Re: [DNG] What are you using for a firewall/router
Hi!
Excellent discussion here, thanks. Here are my bits about it:
o1bigtenor via Dng - 30.04.24, 00:45:58 CEST: > What do you use for your internet access?
>
> Router (if so what are you running)?
> Or are you running a firewall/router?
>
> (I'm not worried about a switch at the moment that's for later!)
I am using an Omnia Turris router with TurrisOS (based on OpenWrt).
I am very happy with it although since I opted out of using either
provider provided or self-bought Fritzbox setting up things like telephony
is challenging with my provider.
In Germany AVM with their Fritzbox'es basically have almost a monopoly
with providers. But their FritzOS is only partly free software. Its
convenient, cause they designed it so that everything is running out of
the box. But of course I wanted to have it my way which is a lot of
additional work. You have router freedom in Germany, but you have to be
willing to do additional work.
It was expensive, too, cause I needed a cable modem from Technicolor that
cost me 230 additional Euros. It has proprietary firmware. It has a Linux
based OS, but I never managed to get command line access. Not sure whether
it is possible. But at least it is just a cable modem, not being able to
do much more – I hope. In theory it should be possible to add some Cable
modem hardware to the Turris router directly, but this all sounded so vary
and experimental back then that I did choose a route where at least I have
seen some success reports before. And indeed this cable modem is extremely
reliable and very fast. With some tweaks to window scaling I can have
download speeds that exceed 100 MiB/s. Not that I need those. I did not
have cable internet access in the beginning. I migrated from DSL to cable
as they closed ISDN telephony in Germany.
Currently I have a Fanvil IP phone directly connected to the VoIP server
of the provider, however it is not really working well. For example I
cannot really call others from the phone although it can be called. Also
while in a phone call often enough suddenly the connection is aborted and
the other one has to call again. No error message for this one, so I have
no idea what is going on. I am not sure whether that is due to the
provider, due to the phone or due to how I setup up the phone. As it has
been working better initially – at least I did not have those connection
drops –, I think some changes by the provider may be at play. But it may
very well be a mixture of different aspects. I am basically on my own
except for a forum at the provider where kind users provide additional
insights. But it is much more inconvenient to use than a mailing list.
I intend to set up a PBX in a Alpine Linux based container on the Omnia
Turris. Especially for Alpine Linux containers it has plenty of resources,
but also a Devuan would run. And see whether that improves things. This
would also allow for an answering machine.
I'd like to have a free software IP phone with a hardware as good as the
Fanvil. It has excellent audio quality with Harman Kardon speakers. But I
see nothing of that available. Not even a clear step to step how to for
some Rasperry Pi. I really like to have kind of a working traditional
phone, but it appears to be too much to ask for as long as you also like
to exercise router freedom. For many IP phones manufacturers advertise
answering machine functionality, but for the Fanvil phone and likely many
others it requires a cloud service or a PBX. If you know one that can do
it locally, please share. While it can record phone calls onto an USB
stick, answer phone calls automatically, even automatically record all
phone calls and while it can play some audio on being called, the firmware
of the phone is not able to glue this all together for a simple answering
machine. In addition the manufacturer is unwilling to implement this. I
asked them. That is why I feel I need to setup my own PBX while still
shaking my head about this. Proprietary firmware is a serious issue
nowadays. You have limitations that you otherwise would not have. I
believe proprietary firmware should be forbidden. The world does not need
more black boxes than it already has.
Actually I think VoIP is a huge big complex mess. My ISDN phone with
answering machine just worked out of the box. And I wonder why it appears
to be a good idea to anyone to provide phone services through the same
network as the Internet. Before I at least had a chance to have working
phone on internet breakages. However it may be that my provider keeps the
connection to their PBX on internal networks so there may be some
independence from the Internet. But still, why all that complication? And
its still not as reliable as the ISDN phone was. It appears no one appears
to be pondering about resiliency and simplicity of technology anymore. Not
that I am a huge fan of ISDN either. Maybe I am just old school there, but
I am reluctant of loading the complexity of setting up a VoIP PBX on my
own onto my shoulders. If anyone knows an excellent how to which works on
an ARM based system, please let me know.
Those Omnia Turris routers are a bit over sized for their actual work. In
addition to the dual core ARM processor all models have my model is one
with 2 GiB of RAM. It has 8 GB of eMMC flash and since some time an 1 TB
mSATA SSD which should be more than enough for a PBX I'd say. :)
The router is also enough for me as a switch. I do not (yet) use the SFP
optical connection as my provider does not support it. The other 5 ports
are 1 GBit Ethernet. They do have a new model with I think 10 GBit ports,
however for me that is totally over sized. The current one actually
already is.
But I really appreciate their long time "we provide updates" commitment.
From the beginning the router uses BTRFS. It does in place updates even
for "dist upgrades" between major releases. It can rollback to an older
version, however I never needed to do one. I am just in-place upgrading
the router since I bought it beginning of 2016 and there is no sign from
those people of the Czech internet registry who designed this router and
develop the OS for it that they would stop providing updates. They even
still support their previous generation routers. If the hardware permits
this router could easily run in 10 or 20 years from now. But it may be
that the standards used by then may be incompatible with the hardware.
Let's see. Currently the router works as reliable as it did when I bought
it. I love hardware and software I can depend on.