I am sorry Roberto, but this really isn’t the hardware that is suitable to run IPFire in a professional environment.
To keep it short, I would like to say that I have commented on this matter before and I have even written a few lengthy blog articles:
To sum them up, it simply isn’t worth it to port IPFire to ARM. At all.
We all had big dreams when ARM as an alternative finally took off. That was a little bit before the first Raspberry Pi made this an absolute mess of a market. There were good designs out there (look for Globalscale’s Dreamplug for example), but of course they come at a certain price point. That was around $200 at that time, which isn’t bad at all for a firewall.
Now, everybody is looking for a cheap ARM board with performance and loads of features. The Raspberry Foundation is a charity that pays probably no tax at all, but somehow is selling lots and lots of boards at an absolutely “amazing” price.
Amazing because nobody else in Europe can compete with them. Paying no taxes helps. The second step is that they have almost completely outsourced their software development. They call it Open Source-ed, but that is not the same.
Over many years, there has never been a release of that piece of hardware that was supported by a mainline kernel. Neither Linux nor any other of the *BSDs. They simply do not care what software runs on it.
That might be fine, but in the end we need a product that works. For that it needs hardware and software to work together.
There is a ton of patches that I do not know where they are coming from; and a number of projects who simply try to make things work. Most famously Raspbian - a version of Debian for the Raspberry Pi. The code quality of those modifications is so bad that there is never ever any chance to upstream these things into the Linux kernel and Debian. You create a side-project for just a single hardware platform.
Then there is there extra-ordinarily short release cycles of the hardware. As soon as we got IPFire stable on a version of the Raspberry Pi, the next one was already out. Of course it was incompatible enough that only little of the work could be taken with us. Because of the cheap price-point, users bought the new models and the end result simply was a lot of frustration: Users end up with a brick and developers have to put in days after days to get those boards to work.
The market is so fragmented that there are special needs for pretty much every board. Literally megabytes of patches for some of them. Code that is bad, badly reviewed and usually not maintained, but rather patched and patched and patched until it finally works.
We have now ended up with an IPFire kernel that runs on some boards. Arne has been fighting many many nights with those and he is doing a really good job. But there is unfortunately virtually no users.
As of today, fireinfo is reporting 1.71% of ARM systems. You can do the maths now how many users there are for each of the boards that we support. You will end up with really low numbers. I am sure that there must be some that are only running in Arne’s test lab, because users have moved on to something else.
I was really excited about ARM when we started. There is a point for it and there are servers that play in a totally different field. They are worth our time, the single board computers are not. They are unfortunately toys.
We are doing the homework of the vendors. A race that is expensive and almost impossible to win. The goal is that we support hardware that simply isn’t suitable for IPFire anyways. There are no network controllers on it. Not in numbers and certainly not in quality. They are connected via USB and add lots and lots of latency. Not even the cheapest plastic ISP router has network interfaces as bad as that.
We have tried to seek conversations with the vendors. For asking them to change their hardware design to suit our needs better. And to do their role by adding required drivers to the Linux kernel. No response.
If you are looking for cheap hardware, then do not forget that someone needs to write the software to run it. That cost has fallen on other projects that do not make the money.
I am absolutely disillusioned about what the ARM market has become. I regret that we spent time on it at all. It was a waste of time. A fun time, but unfortunately wasted because in the end there is not a single piece of hardware that is cheap and runs like a charm.
A couple of times we were close. But when you have one player who is evading tax by being a “charity” against a vast number of players from Asia, how are you going to compete?
Everyone working from the “western world” is going to be too expensive to fly the “ARM is cheap” flag. It isn’t. It just works by not doing half of the job.
To bring my whinging to a conclusion: I have no interest in adding support for more hardware of the category outlined above. I also do not care about the “good” hardware that is outpriced by x86 designs and therefore nobody will buy.
That leaves me with saying that ARM is dead for me. We have support for what we have now and that won’t change. If we have a free moment, we will maybe play with things that we could get our hands on.
Nobody will have a good firewall with any of this. It hurts me to say it, but there is still no alternative to x86 (yet?).