Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

PCEngines APUs are great router devices to put whatever you want on, including OpenWRT. Proper Intel NICs (Realtek is not great for routers) for cheap.

https://pcengines.ch/apu2.htm

I'd also strongly suggest to have router and access points as separate physical devices.

A great step up for someone with an AIO consumer router/WiFi AP would be to get something like that as a router, flash OpenWRT on the old router and transform it into a "dumb" access point.



I bought an x86 box from China with 6x Intel i210 GbE NICs onboard a few weeks back and reviewed it here: https://johannes.truschnigg.info/reviews/2021-01_fwbox/

It's my favorite OpenWrt router so far, and I've owned quite a few since I started using it on a WRT54G :)


Thanks for the great writeup. I got to know about a lot of ls** commands that would be useful in future. I built similar with OPNSense using QOTOM Q515G6[1] which looks eerily similar to what you got from AliExpress. So in a way reading your article was more like knowing my own router better. Thanks. [1] https://www.amazon.com/gp/product/B07DLYGZG4/


Thanks for writing about it - I was actually close to pulling the trigger on another of their boxes a few moons back, great to hear it's good in practice as well :)

(...Personally I avoid Intel CPUs best I can, though. AMD's ME equivalent on the APU can actually be disabled, which happens to be something I care about for something like router)


Has there actually been any research into the disabling of AMD PSP like there has been surrounding me_cleaner?

All I remember regarding AMD PSP was that one motherboard manufacturer showed the option after an update and the other you had to flash a modified BIOS to expose it.

But besides this discovery by a user, there hadn't been any research or verification that this software option does what it claims.


I am also an owner of these devices. I am not knowledgeable if this is as trivial for AMD CPUs in general, but I know that specifically for the SoC in the APU, since i build my own image anyway, it's a simple configuration flag there:

https://github.com/pcengines/coreboot/issues/439


That seems to be only for TPM, which isn't usually what people refer to when talking about Intel ME.


Thanks for sharing that. It looks quite a bit more powerful than PCEngines APU boards, and cheaper than the Qotom boxes it's imitating. And it's nice to have a detailed review showing it works as expected.


Can confirm that. I run an apu1c4 with pfsense on it behind the isp modem(in single user mode) for multiple years now. No issues so far :)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: