how-to block ads
|
|
Uniqs:
1848 |
Share Topic
 |
 |
|
|
|
RJLaddPremium
join:2009-04-17
Redmond, WA | Good experience with Syswan technical support This is partly in reply to the "Any opinions on Syswan SW24???" thread, at »Any opinions on Syswan SW24???.
I recently installed a Syswan Duolinks SW24 Dual WAN Loadbalancer router, with two ADSL modems connected to two different ISPs, both over the same telco.
I've been having intermittent connection problems that I haven't been able to pin down. Neither the ISPs nor the telco have been helpful (surprise), although to be fair, dual WAN configurations are very uncommon for residential customers.
I called Syswan's tech support, not really expecting much. The call was answered immediately, and by an actual human. The person who answered had a strong non-U.S. accent; I figured I was talking to the usual overseas script reader. Sure enough, it wasn't long before I asked a question that this person could not answer, and was put on hold. Listening to some more-cheesy-than-usual music, I expected the call to be cut off.
Someone else, also with a strong non-U.S. accent, picked up after a short wait (maybe a minute). To my surprise, this person seemed to really be an expert. He pointed me to a router configuration screen I hadn't noticed, and suggested some changes. These didn't and wouldn't fix the problem, but they would collect far better (debug level) information that would be helpful.
During the entire conversation, he was always polite, *very* knowledgeable, and very helpful. He understood everything I said, gave relevant and intelligent replies, and asked good questions.
The problem isn't fixed yet, and I still don't know if it is the ISP(s), the telco, the modem(s), or the router. I still need to collect and examine the debug info over 24 hours or so. But I am now much more confident that it will be fixed, and if the router or its configuration is the problem, it seem likely that Syswan will be helpful.
Considering how bad nearly all tech support is, I was very surprised and impressed by Syswan. They don't seem to be a well known company, but they should be.
Disclaimer: I have no relationship with Syswan other than as a customer. I first heard about them from a colleague who has used their routers in the past. Although I don't know much about telco transport protocols, I work with routing protocols and layer 3 (IP) and higher protocols professionally as a software developer, making me a more knowledgeable than average customer.
The one complaint I have about the SW24 is that the User's Guide is not as clear or complete as it should be. The router's online help is better, despite being stored in the firmware. Good tech support goes quite a ways to mitigate the mediocre documentation. | |
| So you joined this site just to start a new thread and post one single message with positive opinions about a particular company, but provided no details about the product you claimed to own, nor the problems you supposedly had with it. Then you never return, and you want us to believe you are not a shill? 
| | |
|
RJLaddPremium
join:2009-04-17
Redmond, WA | reply to RJLadd
The product is a Syswan Duolinks SW24 Dual WAN router. What details do you want, the serial number? The paint color? The name of the person who assembled it?
I joined and posted last Friday. I started occasionally reading this site years ago, but this was the first time I had anything I to say. Today is Monday. How often do you expect anyone to visit this site? Once or twice a week isn't good enough?
Er...who is the shill? Or troll, perhaps? You want more details, ask for them instead of making negative assumptions.
The problem was that computers on the LAN would lose DNS access periodically. Sometimes addresses could be resolved for tens of minutes, sometimes for only a few minutes. The inability to resolve addresses would last anywhere from less than a minute to several (3 to 5) minutes, and then the cycle would repeat. It made no difference whether I configured the machines in the LAN to use DHCP or fixed IP and DNS server addresses. It made no difference whether I configured the modems or the router to use fixed IP and DNS server addresses or DHCP.
During those outages, I could usually use the router's diagnostic tools to ping out through the modems by IP address, but the router couldn't resolve names, either.
The modem manufacturer was completely uninterested; they insisted that it was up to my ISP(s) to provide support. One of the ISPs was not interested in supporting anything other than a "normal" configuration, i.e., a modem with nothing between it and the rest of the LAN, or at least nothing smarter than a switch. The other ISP was willing to help, but couldn't figure it out, either.
Over the weekend I found a workaround. The modems were in bridge mode, but they were still providing NAT and IP filtering. The IP filter rules were simple enough, and looked ok: allow all outgoing, deny all incoming but with stateful inspection, and I added exceptions allowing DNS and some ICMP. For some reason the modem company had a lot of redundant rules, but they looked unnecessary, not wrong.
For some reason, turning off all of the modem's IP filtering of incoming packets from it's WAN port eliminated the problem. No obvious reason why that would work, but it does, and I haven't yet had time to investigate it more completely.
I discovered a couple of very odd behaviors in the modem's configuration manager, like requiring one setting to be saved before changing an unrelated setting. These weren't mentioned in the modem's documentation, but they were mentioned on the modem manufacturer's website if you looked for them just right.
Syslog and a net sniffer both suggest that the modems act oddly in some cases, such as responding to an ICMP Echo Request by sending back an Echo Request instead of an Echo Reply, which was causing the router's heartbeat to take that port down for a while (the router thinks its an attack). Turning off the router's hearbeat increased the average between DNS outages, but didn't entirely solve the problem.
My current guess is that the modem's firmware cuts a lot of corners, and is not standards compliant. The modems are behaving in ways that the router is not expecting, and the router is more picky about those behaviors than the average desktop computer is.
Although the Syswan router appears to be working correctly, anyone who is not familiar with network protocols and doesn't have a standalone net sniffer may not be able to get this setup to work, at least not using the modem's default settings.
And no, I'm not going to name the modem manufacturer, since the point of my original email is to comment on Syswan's technical support, not to provide a dual-WAN HOWTO. But if anyone runs into similar sounding problems, they can post them here and I might be able to make some suggestions. | |
| No, I am not trolling. What do you see in the thread you referred to in your first post? An enthusiastic vendor rep plus a few anonymous users that have nothing but praises for the company or its products. Since then this board has seen a few similar posts (that are no longer viewable) about the same company. Given all that, it's just too easy to jump to conclusions.
As far as I can tell, this company, along with many others (such as this and this), sell the same generic hardware with branded/customized firmware. It's all about the firmware.
The problems you are experiencing are serious and are not what I would expect in a $200 router. Unfortunately the firmware releases posted on the company's website are all version 1 and almost a year old. I known I would be at least mildly upset if the only positive experience with a vendor is the tech support department.
During your DNS outages, you might want to check to see if it's really just DNS problems as opposed to a total routing failure. Can you still reach external sites by IP addresses when that happens? Also I have seen cases where multi-WAN routers could send DNS requests to the wrong ISP's nameserver/wrong WAN port, and the workaround is to use third-party DNS servers that are not ISP specific.
I wish you good luck in your troubleshooting, and keep us posted on your findings. | |
| reply to RJLadd
Hi,
Where did you get the SW24 units? They are out of stock everywhere I looked for the last few weeks. I wonder if the company is planning to make more. | |
RJLaddPremium
join:2009-04-17
Redmond, WA | reply to RJLadd
The hardware specs for the Syswan are similar to the Hot Brick LB2 and the Xincom XC-DPG502, although not quite identical. Its possible that they are variants on the same basic hardware design. I skimmed the Hotbrick's manual. The overall firmware capabilities are similar, and there are even one or two of the management interface screens that look similar, although most of them at least visually look fairly different. They could be using variants of the same basic firmware, with different front end HTML.
It turns out that I had an odd (apparently unreleased Alpha) version of the firmware. Syswan provided a new rev, which is significantly better, but I am still seeing occasional, usually brief (less than a minute) DNS failures. On two occasions I've started using a computer in my LAN after several hours away, and discovered that both of the DSL modems seemed to be down. Power cycling the modems made them available again.
At this point, I know for certain that the modems are buggy, and not entirely standards-compliant. I'm still not entirely sure whether all of the problems I'm seeing are with the modems, or at least partly with the router, or in the relationship between the modems and the router. I am more suspicious of the modems than of the router, but the router could still be at fault.
I've packet sniffed the connection between the router and one of the modems, and it looks like the modem sometimes behaves oddly. Since the problem is intermittent, and since my sniffer has a finite buffer (and I have finite time to look at sniffer traces), I still haven't captured clear evidence of what's happening.
I'm not prepared to comment on the overall quality of the Syswan router. This is the first small router I've used, and I can't compare it to other products that I haven't used. If I eventually decide to replace the router, I'll probably look for a small, possibly used, Cisco. I had considered, and might still consider, a pfSense based router, but the hardware platforms I found that support it look to be built in small enough quantities to be relatively expensive.
I'd like to replace the modems, but as far as I can tell, all or nearly all of the available ADSL modems use the same hardware and firmware. Only the color of the plastic and the names are different.
We all know just how bad tech support generally is. The company that makes the modems I'm using, for example, has been completely unhelpful. The only thing I can comment on for certain is that Syswan's tech support has been among the best I have ever seen for any company in a consumer or SOHO market, and better than some companies in the higher end pro market. I've called them several times, and always spoken to the same two people, apparently somewhere in Europe. I don't know if there are any other people in Syswan's tech support department. The person who answers the phone is not very technical, but I quickly get transferred to the second person, who seems quite competent, and has been very helpful.
Tech support of the quality I've been getting from Syswan is such a rare thing that it seemed worth mentioning, which is why I posted my original message in this thread.
AndyMV: I'm afraid that you would not be able to get Syswan products from my source; I got it under somewhat unusual one-of-a-kind circumstances. I don't know if or where their products are available. The company is apparently based in Portland, OR - have you tried calling them? They may be small enough to actually answer their sales phone number, too. Whether or not they are still manufacturing new units is another question I don't know the answer to. | |
RJLaddPremium
join:2009-04-17
Redmond, WA | reply to RJLadd
I have now replaced the ADSL modems with old Cisco 678's, configured in pure bridge mode. There's no question that the other modems were causing problems. They were buggy; they didn't follow their own documentation; and they were not standards compliant. The brand doesn't matter, since nearly all consumer-grade ADSL modems use the same chipset and firmware. The Ciscos, by comparison, seem to be very predictable. Setting them up is considerably more complicated, any software engineer with networking experience should be able to figure it out. 
Now that the previous modems are no longer confusing the issue, I can see that the Syswan router seems to have some significant firmware bugs, too. Its possible that I don't have it configured correctly, but the router's documentation doesn't provide enough information to be certain.
The worst problem seems to be with the router's built-in firewall, which is not configurable at all. If I establish any kind of connection to a remote address, and if that leads to additional connections (e.g., a web browser opens an initial link, and I then open additional links to other subpages at the same site), the router thinks the extra connections are a port scan attack and starts dropping packets.
Hopefully Syswan's tech support can/will resolve this. If not, I'll probably look for a used Cisco router. | |
|
