Sunday, December 02, 2007

The Qube is dead... Long live the Qube!

Except... well, unlike when a new monarch is crowned... I'm not calling the Qube's replacement a Qube. :)

A few months ago, I became fascinated (read: obsessed) with low-power mini ITX systems. I blame this on the fact that my power bill this summer was completely insane. Yes, I realize that EVERYONE'S power bill was insane, but still.

At the time, I was running a Sun Cobalt Qube 3 as my firewall. I got lucky and picked this up from my previous job. We really had no use for it there, and when our chief architect decided he was tired of using it as a dev machine, I took it home. (In retrospect, I should have given him first dibs on it, but oh well... as you'll soon see...)

I noticed a couple of oddities with this device. First off, I couldn't get CentOS to install on it (using the Strongbolt installer). It kept barfing up a "Kernel panic!" error. The serial cable I had wouldn't work, either, so I was unable to determine what was causing the kernel panic. The power button wouldn't turn the unit on half the time, either -- I had to repeatedly push it on and off till finally, the system decided to power on.

I ended up swapping out the RAM on a hunch, and got lucky. The system booted, and I was able to get in and start configuring. But guess what? The stock kernel didn't come with NAT compiled in. I tracked down the source, and after a lot of pain, managed to get it working. It served me well for several months.

However, the pain I'd gone through to get CentOS running on the thing in the first place (and the weird power button issue) made me a bit leery of relying on it long-term. The mini ITX machine used a lot less power (especially when combined with a CF to IDE adapter) and was easier to get a stock CentOS installation running on. (Aside from having to roll a new kernel to support the onboard NIC, anyhow.) I got the new router up and running, and changed the IP on the Qube. And then I did something very, very stupid -- I flushed the iptables rules.

Ever played with a Cisco router? Know what happens when you drop an ACL that's applied to an interface? Yeah... an implied "deny deny" rule. Same thing that happens when your default iptables policy is DROP on input, and you run iptables -F. Ouch.

I figured... hey, I can fix this. I just need a working null modem cable, according to sources online. So I pop over to Newegg and pick one up for... OUCH! $20?? Man, you'd think these things would be cheaper. Still... $20 to make the system work... it'll be handy, I can finally debug any issues I'm having without having to pop the case and yank the hard drive! Sweet!

Only I'm not so lucky. :) The new null modem cable doesn't work AT ALL. On ANY of my machines, in Windows OR Linux. Sigh.

So, I popped the case, and attached the drive to my USB converter. I removed /etc/sysconfig/iptables, and made sure the network interfaces are configured properly. I unmounted the partitions, and put the drive back in the Qube.

And what am I greeted with? The infamous "Kernel panic!" on the LCD screen.

I've tried new RAM, and a new hard drive. I can't get any further. Even after wiping the drive and reinstalling with the Strongbolt ISO.

Poor Qube. We hardly knew thee.

Labels: ,