Brandon,
On 24 Dec 2025, at 00:11, Brandon Butterworth <brandon@bogons.net> wrote:
It will just sit alongside the control plane management ethernet port so probably no advantage to them for the few occasions that port locks up. When it does lock up they just send a tech or use the PDU relay to switch it off and on again.
Just like Philip wrote, additional, dedicated ports seem to only confuse people these days. Maybe we traded too much of hardware for software.
I'm even fine with it remaining serial. As an original Sun LOM adopter I value the LOM being really simple and not another OS with added attack surface to maintain. A built in BMC sharing ports with other stuff sounds less reliable to me.
I never said "shared". Dedicated and connected to this CPU/SoC, with it's own flash. Doing anything shared outside of power/fans in this case just defeats the purpose.
And even *I* have LTE access to my own rack(s), including console ports. We just use ISR 4451: serial, ethernet, 4G, sfp for OOB waves, dual psu, big spare SM slot to hide the rPI DMZ host, all in one box. Only external part is the managed PDU.
Yup, 2901, same thing. Despite the comments, it can be very much hardened. If its current SSH implementation is not up to your liking, you can always simply terminate IPsec tunnel using certs and use that to access the device and devices behind it. Yeah, it's not wireguard. For 115200 you don't have need anything super powerful, and 2800/2900 class router can do a lot of IPsec to be enough for terminal access. I like the "SM slot to hide the RPi DMZ host" :) Never thought about it. -- ./