![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
mdlbearAs I mentioned downwhen Stargate, our gateway/router, had become basically unusable by Sunday morning. It's rather mysterious -- the CPU seems to be working fine, and it passed rootkit, memory and filesystem checks just fine. But there you have it: it would slow down rapidly after each reboot.
The next problem was finding a replacement. I tried the machine that had been our router. It wouldn't boot. Even after I noticed that the power connector on the disk had been disconnected, and fixed that. I tried several different ways of replacing it with the fileserver, and succeeded only in disabling its networking altogether with an ill-advised firewall install.
At that point I had two choices: add an extra ethernet card to one of the laptops, or reconfigure our wireless access point as a router instead of a bridge. Fortunately I did the latter. Which was something I'd been toying with for quite a while anyway. Did I mention that I'm somewhat obsessed with saving power?
At this point I have to mention that it wasn't quite that simple. I had to do quite a lot of reconfiguring, and got some of it wrong. For example, forgetting to test incoming ssh. I never did get that to work; it's something of a security hole, so it's not surprising that the router's ssh daemon doesn't listen to the WAN port. When I got back I did what I should have done in the first place, and forwarded the fileserver's ssh port to an alternate on the router.
Also forwarded the fileserver's web server; I still need to set up the appropriate virtual hosting. The other thing that needed attention was that the router was hosting my external git repositories. I moved them to my external host, at savitzky.net. No problem.
DHCP and DNS were a bit of a problem -- the DD-WRT distribution on the router doesn't seem to support multi-homed interfaces or my usual config files. I'll deal. I'll probably have to abandon my hare-brained idea of keeping WiFi and wired interfaces on separate subnets, but that wasn't working too well anyway. And I lose an instance of apcupsd, unless I can get that going on the router.
But the net gain is huge -- I've eliminated a box and about 12W of power-sucking from my rack, improved my security, and gotten a major project out of my "to.do" file. I win.
no subject
Date: 2012-06-16 01:39 pm (UTC)(no subject)
From:(no subject)
From:(no subject)
From: