We are still actively working on the spam issue.

Difference between revisions of "Routers"

From InstallGentoo Wiki
Jump to: navigation, search
(OpenWRT and forks)
(Added OPNSense)
 
(6 intermediate revisions by 4 users not shown)
Line 18: Line 18:
  
 
Many internet service providers in the US provide a modem with their service, but it is usually shit. You may want to ask them for a list of approved modems before buying your own, but bear in mind that this list may just include companies that pay in order to get on that list.
 
Many internet service providers in the US provide a modem with their service, but it is usually shit. You may want to ask them for a list of approved modems before buying your own, but bear in mind that this list may just include companies that pay in order to get on that list.
 +
 +
You should avoid Arris modems at all costs. They are botnet and are reported to have "A backdoor in the backdoor" [https://archive.fo/7d0mn source]. They also have settings which can only be accessed by the ISP via a "password of the day" generated by a salt only the ISP has.
  
 
== Bridge Mode ==
 
== Bridge Mode ==
Line 92: Line 94:
 
If you have a spare computer around, or you need more power than a small ARM/MIPS CPU can deliver, then you can turn your computer into a router.
 
If you have a spare computer around, or you need more power than a small ARM/MIPS CPU can deliver, then you can turn your computer into a router.
  
 +
*[https://opnsense.org/ OPNSense] A fork of pfSense for those who want to avoid the Netgate umbrella.
 
[https://www.pfsense.org/ pfSense] is the most common distribution used and it's based on FreeBSD. A Linux-based alternative is [http://www.smoothwall.org/ Smoothwall]
 
[https://www.pfsense.org/ pfSense] is the most common distribution used and it's based on FreeBSD. A Linux-based alternative is [http://www.smoothwall.org/ Smoothwall]
  
Line 128: Line 131:
 
* Wireless B/G connectivity
 
* Wireless B/G connectivity
 
* DD-WRT is the default firmware
 
* DD-WRT is the default firmware
 +
 +
'''Note:''' avoid the Version 7 (S/N begins with CDFE) at all costs; this revision can NOT be flashed with alternative software.
  
 
===ASUS RT-N66U===
 
===ASUS RT-N66U===
Line 162: Line 167:
 
* Good open firmware support
 
* Good open firmware support
 
* USB 2.0 port (soldering and a few parts needed)
 
* USB 2.0 port (soldering and a few parts needed)
 +
 +
===TP-Link WDR3600 (aka N600)===
 +
 +
Another decent offerring from TP-Link. Can be found on the used market for under $50, and offers more than enough RAM for OpenWRT with addons. External storage, printers, LTE connectivity and other bells and whistles can be added through the two USB ports on the back. The built-in switch is gigabit and supports VLAN and port mirroring. It's also correctly numbered (the software port numbers actually correspond to the numbers on the physical device, unlike the WR741 and WR841). The wireless card is a dual-band, dual-chain 2x2 802.11a/b/g/n AR9340 + AR9580 combo, with detachable antennas and up to 100mW of tx power on 2.4GHz and 80mW on 5GHz (can be cranked up using the (wrong) driver settings). Reaches approximately 150Mbps in real-world conditions on 5GHz, but others' results may vary.
 +
 +
I would not recommend buying one new, but it's an excellent upgrade from a WRx41 family router if you can find a used or surplus one.
 +
 +
'''Hardware Specifications'''
 +
* Atheros AR9344 System-On-Chip @ 560MHz
 +
* 8MB internal storage
 +
* 128MB RAM
 +
* 4 Gigabit LAN Ethernet ports
 +
* 1 Gigabit WAN Ethernet port
 +
* Atheros AR9340, Atheros AR9582 wireless network cards
 +
* 2 USB 2.0 ports
  
 
===TP-Link Archer C7===
 
===TP-Link Archer C7===

Latest revision as of 03:35, 12 February 2023

Cleanup.png
Cleanup.png
CLEANUP CANDIDATE
Relevant discussion may be found on the talk page. Reason: No reason specified.


A router is a device that routes packets between different networks.

Modern residential routers don't only route packets, but also offer several advanced features, like a firewall, QoS, packet filtering, DHCP and more. It's also common for routers to incorporate an access point, to provide wireless connectivity.

Typically, home routers come with DHCP, NAT, UPnP and firewall preconfigured, to enable plug-and-play internet connectivity.

Modem

TP-Link TD-W8960N using bridge mode

A modem is a simple device that converts a digital signal to an analog one, and vice versa. One is usually needed to connect to the Internet.

It's hard to find a modem by itself nowadays, most are sold as a modem/router combo. While those combos are nice, since you only need a single device, they aren't usually supported by third party firmwares (the only exception being some router/modem combos using a Lantiq chipset, which are supported by OpenWRT), and are overpriced compared to standalone routers.

"Bridge mode" is used to "disable" the router part in those, and use them as standalone modems with a separate, standalone router.

For ADSL, modems using a recent Broadcom chipset usually achieve a more stable/faster connection.

Many internet service providers in the US provide a modem with their service, but it is usually shit. You may want to ask them for a list of approved modems before buying your own, but bear in mind that this list may just include companies that pay in order to get on that list.

You should avoid Arris modems at all costs. They are botnet and are reported to have "A backdoor in the backdoor" source. They also have settings which can only be accessed by the ISP via a "password of the day" generated by a salt only the ISP has.

Bridge Mode

If you're stuck with a router provided by your internet service provider and you don't like it, check if it has an option for bridge mode. This will turn off most of its features and force it to send all of its traffic through the first LAN port, where you can connect your own router and have better control over your network.

ISP-supplied routers often leave root access open to the ISP and almost always run non-free firmware.

Notes:

- If you have an ADSL line, then bridge-mode is a good idea to investigate and enable.

- If you have a cable line (and the cable modem does not have shit other than a LAN port), then it is likely already bridged.

Aftermarket antennas

Changing the antennas in your router is a quick way to improve the quality of the wireless connection. However, since the signal quality depends on many factors, results may vary.

Routers usually come with 3db antennas. Aftermarket ones go up to 12db, and even more.

The stock antennas are usually omnidirectional. Those are the most versatile, since they send the signal in every direction, but if you need to reach only some specific point, mono/bidirectional antennas are better for that.

To change your antennas, you need to know what connector your router is using. The most common one is RP-SMA, but double check on the router's specification page too. If that page doesn't say anything, here's a great cheatsheet with the most common adapters.

When replacing the antennas, remember that you need to change all of them. Not changing them all will not provide any benefit, and might lower your signal quality.

When shopping for an aftermarket antenna, don't go too cheap. Cheap ones are "up to Xdb", which mean that it might go up to Xdb, but it probably will not.

Another solution to consider for improving signal strength is to get a better adapter. Sometimes you can't just do anything from your router, but you need a good adapter with a good external antenna.

Third party firmwares

Tomato

Tomato by Shibby running on a Linksys e3200

Tomato is a custom firmware known for its simple and user friendly interface.

There are several forks of Tomato, and it's recommended you use them instead as they're much more up to date, the most famous being:

  • Tomato by Shibby It's the most featureful one. The major features include a Torrent client (Transmission), Tor support, DNSCrypt support and miniDLNA.
  • AdvancedTomato Based on Tomato by Shibby, but uses a new interface.
  • Tomato by Toastman Barebone version, if you think that your router should only route packets, and do that the best it can.
  • Tomato RAF It's the version that supports the most router models. If your router is not supported by any other version, check this one.
  • Tomato USB Supports a few routers that other variants do not. (Tomato USB is no longer developed, there will be no more releases) (The last version of TomatoUSB was Build 54 - dated 11/30/2010)

While there are many forks, their developers constantly share code. Because of this, it's hard to find a feature that is supported by only a specific version of Tomato.

OpenWRT and forks

OpenWRT main article.

The OpenWRT wiki is not always updated, so when checking if your router is supported, always search in the forum too.

  • LEDE Fork of OpenWRT, seems to be a little bit more well maintained and organized. (Note: The LEDE project merged back into OpenWRT as of release 18.06)
  • Gargoyle Based on OpenWRT, has a slightly more advanced interface that can track individual IP traffic. Works mainly on AR71XX line. (Note: Last release was over a year ago as of 2018/12/30, and the shop no longer lists any pre-installed routers for sale.)
  • Bufferbloat-CeroWRT Based on OpenWRT but with tweaks that makes it be so much more responsive and supports IPv6. Basically the testbed for people wanting the cutting edge of network research. Currently only works on a very limited set of hardware of NetGEAR (WNDR 3700v1/2, 3800 and WNDR Mac) (Note: No longer maintained.)
  • OpenWireless Based on CeroWRT, but with emphasis on ease of use for creating open access guest networks. (Note: No longer maintained.)

DD-WRT

http://desipro.de/ddwrt/K3-AC-Arm/ DD-WRT fork(?) that support the latest ARM routers (Netgear R6250/R6300v2/R7000, Asus AC56U/AC68U, D-Link DIR-868R)

Asuswrt-merlin

Asuswrt-merlin (Download) is a custom firmware based on Asuswrt, the open source firmware used by recent Asus routers.

It supports most Asus routers.

Since it's based on Asuswrt, it uses the official web UI, while adding several useful features, like SSH access, Cron jobs, customizable user scripts and several minor tweaks and enhancements (full list here).

rt-n56u project

This project is a try to build complete working environment for ASUS RT-N56U/N65U/N14U/N11P/AC51U/AC54U/AC1200HP based on the open source asus firmware. It supports VPN (includeing OpenVPN) and media streaming out of the box and allows the installation of many Linux software using the opkg package manager.

RouterTech AR7

Custom firmware, with sources for Texas Instruments AR7 (Class II) based routers, except the Netgear DG834 (which is rather different but has an OpenWRT port, unlike the other AR7 modem/routers)

Updates to latest BusyBox versions and adds SSH, useful shell utils (top and netstat for example) and some RAM optimization routines, better QoS, newer DSL datapump drivers for ADSL, better monitoring, etc.

Use a computer as a router

If you have a spare computer around, or you need more power than a small ARM/MIPS CPU can deliver, then you can turn your computer into a router.

  • OPNSense A fork of pfSense for those who want to avoid the Netgate umbrella.

pfSense is the most common distribution used and it's based on FreeBSD. A Linux-based alternative is Smoothwall

The advantages of running a computer as your router are:

  • More powerful CPU, useful to run various services on it (normal routers choke when running a torrent client at high-speed, or a full webserver).
  • Price. It's free or almost if you already have a spare computer around

The disadvantages are:

  • Noise. Unless you build a passively cooled system, you'll have fans running all the time.
    • Low-power x86 processors (such as Intel Atom or AMD Geode) can be passively cooled.
  • Power consumption. Routers use around 5-10W, while a full computer can use much more. If you have a Pentium 4 around, you can double that as a free heater.
    • Could use the pf service on a Pi, assuming it's only going to be dealing with very few people. HACKY!
    • Low-power x86 processors are not significantly more power hungry than ARM.
  • Price. If you don't have a spare computer, then building one can be more expensive than just getting a router.
    • Mainboards with onboard Intel Atom CPUs can often be found on Ebay or similar sites for a low price.

If you're looking for a real-time internet monitor/filter/traffic shaper, check out OpenEdgeWise. It's GPL, it supports routing through Tor, it does proper traffic shaping/QoS, and can even catch HTTPS traffic/proxies! It was developed once upon a time when the creator's roommate was being an internet hog. This can be run on a computer, or plugged directly into the router.

Adblock script?

Can be used with tomato-based firmwares, don't know if it works on DD-WRT.

Follow this thread.

If you happen to be a poorfag with a router with less than 4MB Flash and had to have a "lite" version of the firmware, the adblock.sh script won't work. In those "lite" versions, awk is not installed. If that's the case, or you don't have a JFFS partition, you can get an all-in-one adblock script that you can copy pasta to the WAN-Up section of Tomato here.

What routers does /g/ recommend?

WRT54GL

The classic "little blue box" small office/home office router. This device was and still is what sits between many people and the internet. It has aged well, and provides speeds most SOHO networks won't ever really need to fully exploit. Also puts out wireless G, which while not as fast as N, is adequate. Linksys programmed the WRT54G's firmware off GPL code, and open sourced that firmware. The result of this open sourcing is the creation of OpenWRT and DD-WRT. This is very old hardware however, and recent versions even downgraded it further. Thus this router is only worth it if you can find an old one for (very) cheap.

Features

  • Four 100Mbps Fast Ethernet switchports
  • One 100Mbps Fast Ethernet WAN port
  • Wireless B/G connectivity
  • DD-WRT is the default firmware

Note: avoid the Version 7 (S/N begins with CDFE) at all costs; this revision can NOT be flashed with alternative software.

ASUS RT-N66U

The new powerhouse router. If you need gigabit speeds throughout your network in both wired and wireless connections this is the one to get. It comes with its own firmware but is easily flashed to DD-WRT or TomatoUSB. You may not be able to find the RT-N66U and can find the RT-N66R. The difference between the U and R is the R is designed for retailers. The hardware is exactly the same.

Features

  • 2.4 GHz and 5 GHz Concurrent Dual-Band Transmissions
  • ASUS AiCloud service ( Access your shit inside the network from outside the network. Disabled by default. See also: Botnet )
  • 4 Gigabit LAN ports
  • 1 Gigabit WAN port
  • Wireless B/G/N Connectivity ( ASUS RT-AC66U provides B/G/N/AC )

ASUS RT-AC68U/AC68P

Powerful AC1900 router. Supported by most 3rd party firmware, except OpenWRT. AC68U v2 is the same as AC68P. ASUS has limited channels and Tx power in recent firmwares, to comply with regulations (This can be bypassed with a special firmware).

Features

  • Dual band, MIMO, beamforming
  • Various ASUS and TrendMicro services (aka Botnet)
  • 4 GbE LAN ports + 1 GbE WAN port
  • 1x USB 2.0 + 1x USB 3.0, with support for WWAN modems and dual WAN
  • Looks nice, the LEDs can be turned off

TP-Link WR741, WR841, WR941, WR1043

TP-Link provides a broad variety of budget routers with the TL-WR741N/ND being the cheapest. For as little as 20$ this router is your best bet if you're low on money. Since it is well supported by open firmwares like DD-WRT and OpenWRT the lack of features of the original firmware can be easily compensated. Furthermore, the TL-WR741ND has an unpopulated USB 2.0 port that can be made use of. You might also want to have a look at the TL-WR841N/ND which is slightly more expensive, but comes with two antennas and 300 Mbps WiFi instead of 150 Mbps. And there's the TL-WR941N/ND which has a 3x3 config and stronger hardware. TL-WR1043N/ND adds GbE and even stronger hardware.

Features

  • Four 100Mbps Fast Ethernet switchports
  • One 100Mbps Fast Ethernet WAN port
  • Wireless B/G/N connectivity
  • Detachable antenna (ND models only)
  • Good open firmware support
  • USB 2.0 port (soldering and a few parts needed)

TP-Link WDR3600 (aka N600)

Another decent offerring from TP-Link. Can be found on the used market for under $50, and offers more than enough RAM for OpenWRT with addons. External storage, printers, LTE connectivity and other bells and whistles can be added through the two USB ports on the back. The built-in switch is gigabit and supports VLAN and port mirroring. It's also correctly numbered (the software port numbers actually correspond to the numbers on the physical device, unlike the WR741 and WR841). The wireless card is a dual-band, dual-chain 2x2 802.11a/b/g/n AR9340 + AR9580 combo, with detachable antennas and up to 100mW of tx power on 2.4GHz and 80mW on 5GHz (can be cranked up using the (wrong) driver settings). Reaches approximately 150Mbps in real-world conditions on 5GHz, but others' results may vary.

I would not recommend buying one new, but it's an excellent upgrade from a WRx41 family router if you can find a used or surplus one.

Hardware Specifications

  • Atheros AR9344 System-On-Chip @ 560MHz
  • 8MB internal storage
  • 128MB RAM
  • 4 Gigabit LAN Ethernet ports
  • 1 Gigabit WAN Ethernet port
  • Atheros AR9340, Atheros AR9582 wireless network cards
  • 2 USB 2.0 ports

TP-Link Archer C7

AC1750 router, with OpenWRT support and low price.


NetGEAR WNDR 3800

This is the all-around good router that is officially supported by CeroWRT as well as OpenWireless.

Features:

  • Good support for all OpenWRT-derived firmwares as well as others
  • 4 Gigabit Ethernet switchports
  • 1 Gigabit Ethernet WAN port
  • Wireless B/G/N connectivity (N on 2.4 and 5Ghz)
  • Upgradable antenna with mods easily acquirable on Ebay
  • Plenty of RAM and flash memory
  • USB 2.0 port

Cisco ASA5505

This is a hardware firewall that can act as an edge router. This one does not have any wireless features as its just a firewall. [1] It's not a turnkey solution and requires a bit of knowledge to get things working correctly. There is a GUI available that can be used to get all of the information as there is a lot of information that requires correlation between config parts.