dslreports logo
site
spacer

spacer
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


view:
topics flat nest 
Comments on news posted 2012-03-20 16:14:57: Router lockups have been a problem for me ever since I got my first 802.11G Router in 2004. ..

prev page · 1 · 2 · 3 · 4 · next


brislo

@usa-companies.net

IPv6

All of these solutions will be worthless in the near future if they don't support IPv6.


KrK
Heavy Artillery For The Little Guy
Premium
join:2000-01-17
Tulsa, OK
reply to ConstantineM

Re: RaspberryPI is a bunch of BS and binary blobs from Broadcom

Click for full size
Here's what I have acting as a server.

It's a Gigabyte GA-H55M-SV2 running an Intel I3-550 (integrated video). It's running of all things, Vista Ultimate x64, I started with Windows XP Pro, but there was some sort of incompatibility (Slips my mind) and so Vista was the only other OS I own.

All it does is run a dedicated Minecraft Server, an FTP Server and stores backed up files, so not quite a router. The nice thing is that it only uses between 38 and 43 watts.
--
"Fascism should more properly be called corporatism because it is the merger of state and corporate power." -- Benito Mussolini

kevinds
Premium
join:2003-05-01
Calgary, AB
kudos:3

Vyatta

I'm currently using Vyatta - Marketed as replacement from Cisco IOS

Configuration is a challange, but it runs great.
--
Yes, I am not employed and looking for IT work. Have passport, will travel.

ConstantineM

join:2011-09-02
San Jose, CA
reply to Joe12345678

Re: Pentium 4 3GHz is the worst hardware for a home router

That's a given; USB 2.0 is obviously limited by 480Mbps anyways, whereas GigE requires 2Gbps.

pawpaw

join:2004-05-05
Greenville, SC

1 recommendation

WRT54G Still Rocks

I have a 7-year-old Linksys WRT54G, running Tomato firmware, which cost $50. Besides the usual routing functions, it has:

WOL
VPN server (TAP bridge to other house WRT54G on same subnet)
QoS
Access restriction
Wireless filter
Bandwidth monitoring
Dynamic DNS and OpenDNS updating

I have the following devices on it:

Its predecessor router, used as an unmanaged switch
Wired PC
HTPC
Thermostat
2 VOIP adapters
Xbox
TiVo
Various wireless devices - PC, printer, smartphone, iPod, tablets

All this works great and zero maintenance. Now I only have G wifi and no gigabit, but is perfectly adequate for our household needs. For the price and power consumption I don't see the need for an alternative.


Switcher

@bell.ca
reply to David

Re: Wake-on-lan

pfsense handles wake on lan perfectly. I use it to turn on my different systems when I'm not in front of them. Also handles Static and dynamic dhcp too. You can set a static ip for device in your network from the router if you wish. I do this also, I have a few game consoles, printers and iptv boxes I like to know their ip and not look them up. Saves on setting them static on the devices themselves.

pfsense does not currently handle transfer quota (bandwidth metering), I wish it did and that they implement this down the road. It honestly is the only feature I have personaly found that it does not do.


Switcher

@bell.ca
reply to brislo

Re: IPv6

IP6 I beleive will be fully supported in the next pfsense release 2.1 I think it has some ip6 capablilty now in 2.01, but I do not use ip6 yet, so haven't paid it much attention.


fifty nine

join:2002-09-25
Sussex, NJ
kudos:2
reply to Noah Vail

Re: I run a Pentium 4 3GHz HT for my home router

said by Noah Vail:

All the while my CPU avgs ~4-8%. I'm not sure an Atom would keep up with the demand.

[att=1]

My atom runs fine, no matter how much I do with my box (HAVP, Snort, squid). It's also dual core unlike your Pentium 4.


ialex

@d-infinitum.com.mx

Ipfire

Point for ipfire one of the best distros in this area, wonderfull admin interface and great power if you need tweak it.

by the way great community support.
Automatic stable updates.


antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:5

Which routers lock up?

My WRT54GL never locks up and that was with its stock firmwares! However, my other ones like Netgear RT314 router did.

apexwm

join:2010-08-24

In complete agreement of this article... but

I think that a PC-based firewall is most useful for businesses or advanced applications where you need a firewall as well as content management, and other services on it. For instance I have a PC based firewall for a site that heavily uses FTP so that I can have the ftpproxy software running on it. Many hardware routers run Linux on them anyway, and generally don't lock up. It's the cheaper ones that run non-Linux OS's that lock up.

The power consumption issue brought up in many of the comments is a very good point. Using a small mini PC box that uses very little electricity will pay for itself in electrical savings pretty quick.

wkm001

join:2009-12-14

I recommend

Mikrotik

They aren't as much of a DIY router anymore but it does run on x86 hardware. It has a web GUI, an application GUI, and a command line. They make a really large line of hardware these days.

When I was the network engineer of a small WISP we used Mikrotik for our uplink connections that used BGP. But it works just as well for routing traffic at home and running hotspots.

Jurjen

join:2010-08-18
Montreal, QC

Only for fun

To me it wouldn't make sense to have a huge pc doing router work in a home environment, other then for a hobby. In case you have a SOHO and need to store/transfer a lot of very confidential data, it might make more sense, but still: with a regular DD-WRT Mega Pack powedered router, a lot is possible. I don't recognize the instability issues that have been mentioned before; once the routers are flashed well, they work flawlessly (at least: the ones that I've flashed). Also users talk about 50 devices connected. Which family has 50 computers connected!? Want to run a backup command center for NASA as a hobby??

If, with a bit more hardware capacity, we could add an extensive file sharing, web and print server, it would start to be a lot more interesting and more worth while having a full pc running. But still I don't understand why people need all those extra options so badly, personally I don't feel like I'm missing out on anything.
At best, I might look into VPN bridges later on, when the government really wants to spy on every citizen. At least I know my Linksys router will be able to handle that.

All together: nice article though!


jhansonxi

@localnet.com

I recommend ZeroShell

LiveCD-based. It works for me but I haven't tried IPv6 with it yet.
»www.zeroshell.net/eng/


MooJohn

join:2005-12-18
Milledgeville, GA
kudos:1
Reviews:
·Windstream

Many thanks!

The article got me off my duff and convinced me to replace my 5yo Linksys with a spare 1U server I had -- an old school dual Opteron box with 4 gigs DDR and a 120 gig IDE drive. Most importantly it also has two GbE and one 10/100 NIC so I've got Inside, Outside, and DMZ covered.

I chose Untangle and had it installed and configured in no time. I finally get to use my 48-port GbE switch at full speed and I get 100% of my rated 30/4 speed on the WAN side.

For a small business, especially one that builds & repairs computers, I really should have done this long ago!
--
John M - Cranky network guy


jap
Premium
join:2003-08-10
038xx
reply to ConstantineM

Re: RaspberryPI is a bunch of BS and binary blobs from Broadcom

said by ConstantineM:

RaspberryPI is a bunch of BS with no documentation and, subsequently, no open-source support (if you don't believe it, google what Theo de Raadt had to say about it).

Link please. Maybe my search skills suddenly suck. The ale certainly doesn't.

I want to see what sort of nutjob writes articles lambasting Raspberry Pi for lack of documentation & support. It's a deliberately uber cheap, half-baked learning tool for school kids created by a registered non-profit. It's not supposed to have any support or an abundance of documentation. de Raadt is an ass if he wrote the things you claim.

The fact that non-edu buyers are swarming to the board is actually a bit awkward. It undermines the applied learning challenge when semi-pro implementation solutions are everywhere. In any event the $25 price point, the overwhelming buzz, and the "buy one, give one" purchase incentive will get the board into the hands of many more students. Development of purpose-specific embedded linux devices is an excellent thing to be preparing young minds for. In my humble opinion.

To make amends for your vilifying ways I suggest you donate a dozen to your nearest, most under funded tech club or vocational training program.

- - - -

@Ryan, Sorry for taking the Raspberry Pi comments OT. Had to come to the defense of a good social project. Of course it's a ridiculous board for creating a deployable software router. To settle that the specs are here.

Count me in with the electricity/noise/heat/space issue of using old large formfactor hardware. Many early atom-based netbooks are being tossed and I'm wondering how robust a solution they are a good for. Not major enterprise but perhaps a better-than-consumer option adequate for small/med biz and big home net applications.


Noah Vail
Son made my Avatar
Premium
join:2004-12-10
Lorton, VA
kudos:3
Reviews:
·Bright House
reply to fifty nine

Re: I run a Pentium 4 3GHz HT for my home router

said by fifty nine:

My atom runs fine, no matter how much I do with my box (HAVP, Snort, squid). It's also dual core unlike your Pentium 4.

While HT isn't Dual Core, it isn't zero either - at least on this platform.
I've compared pfSense on P4s w/ and w/o HT and the performance gain was substantial.

Above P4s, I either run an AMD64 box or Dual Xeon 800MHz FSB w/ RAID 5 SATAs.
Whatever is cheap.

I've already got 8-10 Windows boxes at home + 2 HP 4000 Laserjets and who knows what else.
My customers are in Officeplexs and Industrial warehouses.

The $30 in power savings just isn't a strong selling point for me.
I do the environment thing by keeping old stuff out the landfill.

and
Today I added an IKE VPN to my pfSense config. 2048 bit PSK 3DES wrapped around a Blowfish encrypted ESP layer and the CPU still doesn't budge. Nyah.
--
The Dark Tower's Skynet evolves from 4chan.


aurgathor

join:2002-12-01
Lynnwood, WA
kudos:1
Reviews:
·Frontier Communi..

I'm running Freesco

It may be overkill right now, but I'm running Freesco and I'm very satisfied with. Those claiming to be power users with cheap stock routers should try hosting a server with a couple of thousand users and see how their router can handle the load.
--
Wacky Races 2012!

prairiesky

join:2008-12-08
canada
kudos:2
reply to pnh102

Re: pfSense

I have it on 6+ routers. It's fantastic!
this is my record so far before i did an update

It's now at 274 days. All running on an old p3 800 dell optiplex 110.
stable as a rock!


Noah Vail
Son made my Avatar
Premium
join:2004-12-10
Lorton, VA
kudos:3
Reviews:
·Bright House
reply to Switcher

Re: Wake-on-lan

said by Switcher :

pfsense handles wake on lan perfectly.

I agree. I used the feature last night to wake up a system so I could remotely access it.
--
The Dark Tower's Skynet evolves from 4chan.


Noah Vail
Son made my Avatar
Premium
join:2004-12-10
Lorton, VA
kudos:3
Reviews:
·Bright House

1 recommendation

reply to Switcher

Re: IPv6

said by Switcher :

IP6 I beleive will be fully supported in the next pfsense release 2.1 I think it has some ip6 capablilty now in 2.01, but I do not use ip6 yet, so haven't paid it much attention.

I've used it in 2 beta and 2.1 Dev. I gitsync'd it into the installation and it worked fine.

I had to tunnel through he.net though. Brighthouse wasn't IPv6 ready.
--
The Dark Tower's Skynet evolves from 4chan.


Noah Vail
Son made my Avatar
Premium
join:2004-12-10
Lorton, VA
kudos:3
Reviews:
·Bright House
reply to ialex

Re: Ipfire

said by ialex :

Point for ipfire one of the best distros in this area, wonderfull admin interface and great power if you need tweak it.

I tried every *nix gateway/firewall package I could find.
If I hadn't settled on pfSense, IPFire would have won out.

In the few situations where pfSense isn't the best fit, IPFire is.
--
The Dark Tower's Skynet evolves from 4chan.


Noah Vail
Son made my Avatar
Premium
join:2004-12-10
Lorton, VA
kudos:3
Reviews:
·Bright House

1 edit
reply to aurgathor

Re: I'm running Freesco

said by aurgathor:

Those claiming to be power users with cheap stock routers should try hosting a server with a couple of thousand users and see how their router can handle the load.

That's true, and a consumer class router doesn't always offer certain basic protection.

I once found a customer's Terminal Server had been compromised for months.

I had enough time that day to clean out the crap and strengthen the passwords.
That night, it was penetrated again. Likely from the same exploit that took it out the first time.

Most of the malicious traffic was coming from Russia.
I put pfSense on a PIII 1.2 GHz notebook along w/ Country IP Block and shut out 3389 to all but the US.
It wasn't the final solution, but it did stop the bleeding.

I could have tried loading up most of the world's CIDRs into DD-WRT's IP Tables.
I think you can guess what that would have done to it's 8MB memory.
--
The Dark Tower's Skynet evolves from 4chan.


Noah Vail
Son made my Avatar
Premium
join:2004-12-10
Lorton, VA
kudos:3
Reviews:
·Bright House
reply to apexwm

Re: In complete agreement of this article... but

said by apexwm:

Using a small mini PC box that uses very little electricity will pay for itself in electrical savings pretty quick.

I didn't consider this earlier but my low-needs installations are on old notebooks w/ cracked screens.
They aren't as much fun to config as the loaded boxes that need more horsepower to run.

On the notebooks, I set the video to output through the VGA port only, so the screen stays off. Maybe that'll satisfy the powertarians in the thread.
--
The Dark Tower's Skynet evolves from 4chan.


Davesworld

join:2007-10-30
Everett, WA
reply to Emiya

Re: What is this guy talking about?

Snort? Why would you run Snort on anything? Most of the rules end up being bogus plus you waste 100MB of memory per monitored interface.


Davesworld

join:2007-10-30
Everett, WA
Reviews:
·Future Nine Corp..
·Callcentric
reply to cowboyro

Re: In the end it's cheaper to just buy a good router

You worry about 50 watts yet ignore how much power your refrigerator uses in KW not to mention the several hundred watts your TV uses? Electricity was a great discovery and it would be hell to live with a killjoy worrying about a damn 50 watts. This is akin to someone in a Hum Vee lecturing a person in a Geo Metro about ways to save fuel.

This supposedly cheaper to operate router with a wallwart power supply likely can only pass 20mbs or so through the firewall yet it probably still consumes more than you would think.

I'm sure your definition of good router is much different than mine. None that fit my definition are contained in a small plastic case.

My project is an adaptation of IPCop (IPCop is a fork from Smoothwall with many of the original Smoothwall devs) specifically for Cobalt x86 hardware. This is dubbed Raqcop. The Raq3 and Raq4 draw about 12 watts typically. The Raq4 with it's 450mhz processor can throughput as much as the 100mbs nic will allow and was the same going through the firewall as bypassing the Raq4 entirely. You'll never get a full 100mbs out of any 100mbs nic due to overhead. 92mbs usable is what we've seen.

The Raq550 with it's PIII 1.26mhz processor draws about 32 watts running Raqcop. The cobalts have always used mobile versions of the processors which only differ by using the thinner cores of the time thus requiring less core voltage for the same amount of work.

I had a few Raq3's that came with 300mhz processors. They draw as much as the Raq4's 450mhz due to the newer processor having a thinner core. I put K6-III's in them and resoldered the voltage and multiplier settings. The newer processor had a very thin core for the time and I had to drop the core voltage to 1.8. I set the multiplier at 5.5. I could get 600mhz by setting the multiplier to 2 as this is actually 6 on the later K6-II and III. I prefer firewall/routers to be headless yet have at least one pci slot and a character display such as you see on my avatar.


Davesworld

join:2007-10-30
Everett, WA
Reviews:
·Future Nine Corp..
·Callcentric
reply to Noah Vail

Re: One more Distro: IPFire - Lightest weight - Works w/Hyper-V

Server functions do not belong on an edge appliance! I refer to those types of firewall distros as swiss army knife distros that try to be everything.

Also running a firewall on a virtual appliance makes as much sense as wearing virtual underwear except for development.

When IPFire first started, the developer was referring to a few other distros as potty yet the same developer was using quite a bit of code copied directly from the very distros he was badmouthing. I have no confidence in this individual.


Davesworld

join:2007-10-30
Everett, WA
Reviews:
·Future Nine Corp..
·Callcentric
reply to Angrychair

Re: The problem

said by Angrychair:

Not to even mention your linux machine being used as a router is a target, unlike an appliance router.

Excuse me? How is Linux running in your cheap appliance (almost all of them) less of a target? Your assertion makes absolutely no sense!


intok

join:2012-03-15
reply to odog

Re: Not worth it

Are there not ARM builds for any of these? The newer models are getting quite quick, the Cortex-A15 is designed to be a 2.5Ghz quad core with a GPU that supports OpenCL, would make for a fairly high performance per watt box.

If not I'd look for board built around an AMD Z-03 or Z-01 for as low power an x64 system as you can really get.


Noah Vail
Son made my Avatar
Premium
join:2004-12-10
Lorton, VA
kudos:3
Reviews:
·Bright House
reply to Davesworld

Re: One more Distro: IPFire - Lightest weight - Works w/Hyper-V

said by Davesworld:

Server functions do not belong on an edge appliance!

It'd be a bit difficult to remotely configure without a web server.

said by Davesworld:

Also running a firewall on a virtual appliance makes as much sense as wearing virtual underwear except for development.

I'm not sure that statement makes any sense.

IPFire has been terrific. I wasn't looking for any reason to be unhappy with it. Thanks for offering though.
--
The Dark Tower's Skynet evolves from 4chan.