Phaselockedloopable- PLL's continued exploration of networking, self-hosting and decoupling from big tech

You choosing OPNsense or PFsense?

Also if you chose OPNsense it will likely be installed from the factory

Novasty would be the pf expert
I would be the one to ask about opnsense.

There guide is good on installing OSes. follow it to the tee… and you will have no issue

P.S have a spare screen, keyboard and HDMI cable. It sooooo much easier to configure this way

1 Like

Ok, I’m good with OPNsense I believe. I’ll read up on both while I wait.

I can follow tech docs no problem as long as they are detailed. It takes some time, but I can figure it out and just look up things I have questions on or terms I have problems with.

2 Likes

They are pretty solid. I dont think you will have an issue. I didnt. The only issue I had was ordering hardware separately and coreboot being pickier than I liked

1 Like

Yeah seemed good, I only saw a few reviews that touted the ram and SSD they use are shite… I think its a grumpy person multiple times. People are way more likely to review negatively than positively…

So, time will tell, but I’m fairly good hardware wise so any issues I’m sure I can diagnose and overcome or re-engineer to suit my needs.

Honestly I need to find more to do with my hardware as well… I know I can do more I just need to figure out what…besides plex and pi-hole lol

2 Likes

Its a firewall

If your complaining about your CAS latency and SSD on a home firewall. You got problems m8 :joy:

1 Like

Oh for sure, no they were saying only certain models were compatible and the ones that came with it from factory were “used” and the ram and SSD failed on him… I’m guessing there was something else wrong such as poor power supply or regulation possibly to take out both…or he stuck it in a small box stuffed with papers and exspected it to cool properly…you never know…

2 Likes

Actually I dont doubt that their model SSD and ram is white label to save cost. I didn’t do that

I bought my own msata (Kingston)
My own ram (crucial)

So I was able to kit out to 120 GB and 8 GB ram cheaper at the time. (Half price)

1 Like

Yeah I could have done that… I’ll take a peak at mine…should be here now. Time to check.

1 Like

Excellent. Honestly shouldn’t matter as long as it boots and works.

1 Like

Well Samsung ram… no name ssd… 1 out of 2 lol

1 Like

Cheap China flash. It will do lol

Its just a firewall

1 Like

dumb question…coreboot then OPNsense?

1 Like

Yes. Which version did you buy. it should have come with coreboot

1 Like

There was zip on it besides bios lol

1 Like

@PhaseLockedLoop

Well, I thought I followed the directions to a T… I had this happen…

[email protected]:~/coreboot$ make
Skipping submodule '3rdparty/amd_blobs'
Skipping submodule '3rdparty/blobs'
Skipping submodule '3rdparty/cmocka'
Skipping submodule '3rdparty/fsp'
Skipping submodule '3rdparty/intel-microcode'
Skipping submodule '3rdparty/qc_blobs'
remote: Counting objects: 300, done
remote: Finding sources: 100% (7/7)
remote: Total 7 (delta 3), reused 7 (delta 3)
Unpacking objects: 100% (7/7), done.
From https://review.coreboot.org/9esec-security-tooling
 + 6a9b00a...4b22200 feature/BootGuard -> origin/feature/BootGuard  (forced update)
error: Server does not allow request for unadvertised object 6682883ba2dffb6a08ff4589590320e60ddf1f18
Fetched in submodule path '3rdparty/intel-sec-tools', but it did not contain 6682883ba2dffb6a08ff4589590320e60ddf1f18. Direct fetching of that commit failed.
Cloning into '/home/coreboot/coreboot/3rdparty/cmocka'...
fatal: destination path '/home/coreboot/coreboot/3rdparty/blobs' already exists and is not an empty directory.
fatal: clone of 'https://review.coreboot.org/blobs.git' into submodule path '/home/coreboot/coreboot/3rdparty/blobs' failed
Failed to clone '3rdparty/blobs'. Retry scheduled
fatal: destination path '/home/coreboot/coreboot/3rdparty/blobs' already exists and is not an empty directory.
fatal: clone of 'https://review.coreboot.org/blobs.git' into submodule path '/home/coreboot/coreboot/3rdparty/blobs' failed
Failed to clone '3rdparty/blobs' a second time, aborting
Cloning into '/home/coreboot/coreboot/3rdparty/intel-microcode'...
Cloning into '/home/coreboot/coreboot/3rdparty/fsp'...
#
# configuration written to /home/coreboot/coreboot/.config
#
    HOSTCC     util/sconfig/lex.yy.o
    HOSTCC     util/sconfig/sconfig.tab.o
    HOSTCC     util/sconfig/main.o
    HOSTCC     util/sconfig/sconfig (link)
    SCONFIG    mainboard/protectli/vault_bsw/devicetree.cb
    CC         bootblock/mainboard/protectli/vault_bsw/static.o
In file included from src/include/program_loading.h:6,
                 from src/drivers/intel/fsp1_1/include/fsp/util.h:10,
                 from src/soc/intel/braswell/chip.h:13,
                 from build/mainboard/protectli/vault_bsw/static.c:5:
src/commonlib/bsd/include/commonlib/bsd/cbfs_serialized.h:7:10: fatal error: vb2_sha.h: No such file or directory
 #include <vb2_sha.h>
          ^~~~~~~~~~~
compilation terminated.
make: *** [Makefile:379: build/bootblock/mainboard/protectli/vault_bsw/static.o] Error 1
[email protected]:~/coreboot$ 

Help…lol

It looks like it failed because there was a '/home/coreboot/coreboot/3rdparty/blobs'
… but I had to have that directory to put the VGA drivers in like the manual said so I created those directories…

Oh and I’m following https://protectli.com/wp-content/uploads/2020/11/coreboot-building-guide.pdf

Wait…can I just use the fw4b_v4.12.0.3.rom file at the bottom of the guide source website below and skip having to build the coreboot myself???

2 Likes

Not much luck here with this today… I retraced my steps triple checked everything down the line of directions and still no dice.

Hoping maybe we had the same issue and ya can give me a hand with this one. Otherwise I may just do the firewall sans coreboot.

I got mine off Amazon so didn’t have same options as website to have coreboot installed sadly. What I get for trying to save a buck. Lol

2 Likes

Give me the model name and number. Only certain revisions of hardware bought from them can do coreboot

It was a busy AF day at work. I’m gonna sit down for some pizza. I’m available for a bit this afternoon

Yeah dont build coreboot. they built it for their devices already

1 Like

@Dynamic_Gravity so single points of failure

I have two internet connections. I dont want to round robins but rather fall back… With the T-Mobile (solid 5G signal)

Uhm so should I be worried more about SPOF in house or SPOF external? Because I was thinking multiple linode cheap droplets for load balancing? Also all in different locations. I figure I’ve got a 25 dollar a month budget for VPS lol that’s 5 locations.

I was thinking a couple in north america… 1 in Europe… 1 Asia. 1 Australia given my travels?

1 Like

I would say internally. Any service you buy typically has an SLA for some kind of uptime at will already have some internal redundancy.

Digital Ocean uses droplets, lmao. Linode just calls them nodes. :stuck_out_tongue:

Or you could just buy an LBaaS and point it at your house. That’s more or less what I do.

1 Like

sorry ive used every service… I just literally interchange now

tell me more…

Got ya so invest in UPS and stuff and starlink when it comes around :smiley:

1 Like