Ask Slashdot: How Can You Avoid Routers With Locked Firmware?

thejynxed writes: Awhile ago the FCC in the USA implemented a rule that required manufacturers to restrict end-users from tampering with the radio outputs on wi-fi routers. It was predicted that manufacturers would take the lazy way out by locking down the firmware/bootloaders of the routers entirely instead of partitioning off access to the radio transmit power and channel ranges. This has apparently proven to be the case, as even now routers that were previously marketed as "Open Source Ready" or "DD-WRT Compatible" are coming with locked firmware.

In my case, having noticed this trend, I purchased three routers from Belkin, Buffalo, and Netgear in Canada, the UK, and Germany respectively, instead of the USA, and the results: All three routers had locked firmware/bootloaders, with no downgrade rights and no way to install Tomato, DD-WRT, OpenWRT, etc. It seems the FCC rule is an example of the wide-reaching effect of US law on the products sold in other nations, etc. So, does anyone know a good source of unlocked routers or other technical information on how to bypass this ridiculous outcome of FCC over-reach and manufacturer laziness?
The FCC later specified that they were not trying to block Open Source firmware modifications -- so leave your best suggestions in the comments. How can you avoid routers with locked firmware?

that was the previous administration

that said that the goal wasn't to prohibit open source routers.. and you are right to blame manufacturers for taking the 'lazy' way out..

but THIS new fcc won't do a fucking thing for **us**. they'll probably go even farther and actually prohibit fiddling with router and ap firmware completely instead of just radio settings.

Re:that was the previous administration

What is being done to persuade this FCC?

Re:that was the previous administration

Many Americans replied to their consultation on network neutrality. They ignored all comments that didn't suit them. The only thing you can do is vote out the republicans. Most likely you will need to vote out the democrats after that too.

Re:that was the previous administration

[Megol]

Speculation without any basis in reality? How insightful...

Re:that was the previous administration

[Austerity+Empowers]

There's no particular reason to play politics on this.

When you get FCC certification, you are certifying to the government that your product meets their requirements for EM emissions and reception (intentional or otherwise). This isn't new, it's been around since before, I would guess, everyone reading this was born. By allowing customers to go monkey with those settings you can no longer give any such certification. It makes some sense for the FCC to stop this, and honestly I wondered how long before they did since most people doing this are dramatically boosting the transmission levels on their routers.

Now it may be that you think that the burden is on the government to find and stop people who are breaking the rules individually, rather than putting the burden on manufacturers, and I agree with the point in principle, but in practice the entire point of the FCC is to ensure the airwaves are shared and we don't end up with broadcast power wars. I do not know of many people who after making changes to their radio settings, also go put their router in a testing chamber and ensure that it is still compliant, not only at 5GHz (for example), but that harmonics are not leaking out at other frequencies that they did not intend (in some cases also due to lazy electronics design). Those labs cost some bucks, so unless you happen to have access to one, and your boss happens to look the other way when you use it for personal use rather than billing a customer, its hard to do. Hunting down each and every person who is breaking the rules is very expensive, and I think we can all agree we don't want to pay more in taxes for this. Therefore putting the burden on mfg's is a cheap solution that solves their problem. I'm not sure why we would want to fight the FCC on this.

The fact that manufacturers are ALSO locking out the non-radio facing firmware is an entirely different issue that the FCC is not responsible for. That part needs to be fought, but hopefully some manufacturer will see some money in doing it right. Shipping WiFi firmware is so universally awful that almost anything else is better.

Re:that was the previous administration

[Riceballsan]

I believe the point is in huge issues that effect the whole country in which we can get public awarness campaigns backed by reddit, google, and several main stream TV personalities like John Oliver backing the public and helping them navigate through the intentionally obtuse comments section of their page, things are still not looking so positive in this direction. Issues like custom router firmware... in which well, maybe .001% of the population is even aware that such is even possible, and only a very small subset of that group has motivation to even consider using it when it is freely available, so then factor in it is likely a subset of that which might even care to fight for it. It's not even bringing a knife to a gunfight, more like bringing a foam finger to a nuclear war.

Re:that was the previous administration

[guruevi]

Just persuade them that this is unnecessary regulation just like Obama's Non-Net-Neutrality is.

Re:that was the previous administration

[kurkosdr]

Oh please. Just because Obama pretended to like Net Neutrality to get the youth vote and the techie vote, it doesn't mean the next Dem will do the same. Both Reps and Dems are bought and sold by the cable cartels, and as long as people keep voting for people who put themselves up for sale (aka get bribed by the same cartels they are paid by the state to regulate), this will keep happening. Vote for neither of the two bastards, Rep of Dem.

Re:that was the previous administration

[skids]

most people doing this are dramatically boosting the transmission levels on their routers.

General rule of thumb: if you can't get a good signal at 15dBm on 2.4 and 18dBm on 5GHZ, do not try to go higher. Install more APs closer to your clients. Otherwise you are just damaging the spectrum. The higher levels are really meant for when you have real antennas on both ends, like a WDS. You can't make cheap client antennas better by shouting at them. Also, you should have a compelling reason to deploy 5GHz outdoors, even using factory firmware... you are a lot less likely to do something destructive fumbling around with the 2.4GHz band outdoors. Partly because it is already ruined, and partly because it doesn't have to worry about radar.

Many settings that are not strictly RF-related are bunched in with the RF settings, and can use some tuning, and are not settable from factory firmware -- which you should never run anyway because it is full of junk plug-and-play services and will stop receiving security updates long before you are done using the AP.

Vendors have no incentive to separate out these settings in hardware, nor support them in software, nor continue to support an AP after it is out of warranty, as then they are just decreasing demand for their latest models.

Most people who install Open Source firmware are after features not related to RF, few people feel any need to install custom firmware on the WiFi card (more on some models than on others) and what special WiFi card settings they are looking to alter are things like beacon formats and timing, noise floor detection, etc.

Refusal to publish solid specs from which open source drivers can be written probably account for the majority of issues where RF parameters are set up wrong.
Especially, vendors shipping product whose EEPROM settings are wrong and then kludging things back together in their binary-only drivers, rather than reprogramming the EEPROM on upgrade, might be the number one cause.

Re:that was the previous administration

Unlikely that people moding their firmware had any ability to get much above the legal limit. These routers are built down to a price, and as such their built in amps aren't really capable of a whole lot more than the stock power output before degrading the signal. Routers like the popular WRT54GS couldn't muster more than about a quarter watt output, and even then the amps were being driven so hard that in most cases you were actually degrading your signal trying to crank it up that high. It's been only recently that common SOHO routers capable of a true 1watt output have become common place and 1watt is the legal limit for these devices.

There is also the whole issue of actually making use of a high power output AP, the client on the other end needs to be just as capable of that kind of transmit power, or the AP wont even be able to hear the client.

It's like someone trying to communicate across the length of a football field where one person has a megaphone and the other side is just talking at their normal speech volume.

Anyone trying to get serious power output from these devices would be doing it with an external amp, which in limited use cases (directional fixed installations) up to 4 watt is legal. If you put that 4watt amp on the common omni directional antenna supplied with routers, then you are breaking the law.

Re:that was the previous administration

[sexconker]

So the article was about how to keep the vendors from locking out all firmware with the radio control or finding one that doesn't do it so he could update the the non-sensitive part and you proceed to tell him at length why the radio control is locked, not addressing the question asked or at all.

Way to go dipstick.

He was replying to someone who was bitching about the FCC in general.

but THIS new fcc won't do a fucking thing for **us**. they'll probably go even farther and actually prohibit fiddling with router and ap firmware completely instead of just radio settings.

Go call that poster a dipshit for veering off course. Austerity Empowers merely replied to them.
The lock on radio control is not an example of the FCC being jerks.

Re:that was the previous administration

[superdave80]

and the Internet, which he helped make public - and never said he 'invented', folks

And he never said 'helped make public' either. I don't know where you got that. The exact quote was, " I took the initiative in creating the Internet." He tried to make it sound like he was more important to the development of the internet than he really was.

Re:that was the previous administration

[Grishnakh]

Overturning that boneheaded decision was prominent in the Democratic platform - a point Bernie Sanders, if not all of his supporters

Bernie wasn't a Democrat. He ran as a Democrat, which the DNC hated him for, and they did everything they could to throw a wrench into his campaign.

And that guy, whatshisname?, Al Gore... He got net neutrality (and the Internet, which he helped make public - and never said he 'invented', folks). But yes, he's a bit of a stick in the mud politically, so we got W instead.

Gore was yet another example of how shitty the DNC is at getting elected. They keep backing candidates with zero charisma (or actually negative charisma, in the case of Hillary), and then wondering why they lose. It happens over and over and over: Hillary, Kerry, Gore, Dukakis, Mondale... and when they picked someone with real charisma (Bill Clinton), they won. You'd think they would have figured out this simple formula (charisma = win) after all these decades, but apparently not, and most obviously in this most-recent election where the Dem candidate lost to the biggest joke of a candidate ever on the GOP side. And worse, they *still* haven't really figured it out and won't admit it, and instead blame "the Russians", Comey, etc.

Re:that was the previous administration

[mattack2]

Money CAN be bribery, but it also CAN be speech.

I think that ALL political contributions should be made public, and be trackable back to the source.

But if Joe Senator wants to take $1 million from Tobacco, Inc, you know where they are likely to vote.

Re:that was the previous administration

[Rob+Y.]

Yep. The DNC likes wonks. The public hates them - if only because they're smarter than them, and think letting you know that will earn your respect. Bill Clinton was the last one who was able to pretend to be a regular guy. Republicans keep electing real regular guys - i.e. dumb fucks with no ideals (or scruples) whatsoever.

And don't go telling me that 'crooked Hillary' has no ideals. Her scruples may be lacking, but she does stand for something - and yes, a lot of that something is good stuff.

Re:that was the previous administration

[Rob+Y.]

He may have been trying to overstate his contribution, but he did take the lead (i.e. initiative) in getting the government to turn the military-developed network over to the private sector to become what we now know of as the Internet. So, maybe he was overselling his contribution - or maybe those who heard his statement as 'I created the Internet' didn't know enough about the Internet to understand what his contribution was...

But then again, any politician that doesn't know to steer clear of Maureen Dowd with quotes that can be turned on them to make them seem like a know-it-all prig probably shouldn't be a politician. Gore seems to have finally figured that out...

Get a cheap PC that 10 years old, add PFSense

[Anaerin]

It's a fantastic router platform, supports oodles of hardware, and can run on cheap machines. For instance: Start here use a 5600 series Xeon and the smallest amount of RAM and HDD you can get, and you've got a killer router capable of handling much greater than gigabit traffic. If you need Wireless as well, you can either add a low-profile 802.11 card, or buy a cheap home "router" and run it in Access Point only mode, which will put it behind your firewall (and thus safe from internet-based hack attacks), rather than it being your firewall and vulnerable.

Re:Get a cheap PC that 10 years old, add PFSense

I'd use a Raspberry pi.

Re:Get a cheap PC that 10 years old, add PFSense

[viperidaenz]

and put everything through a single usb port?
Perfect for routing your dialup connection!

Re:Get a cheap PC that 10 years old, add PFSense

[Narcocide]

Capping out at ~10 megabits of throughput is a non-starter for some.

Re:Get a cheap PC that 10 years old, add PFSense

[eastlight_jim]

Whilst your electric might be free, running a 100-200W PC instead of 6W router is a little overkill for most people. The best solution, of course, is to be allowed to put new firmware on your existing router ;-)

Re: Get a cheap PC that 10 years old, add PFSense

[raburton]

Can't argue with the pricing there. But if you want something lower power and smaller size try one of these https://m.aliexpress.com/s/ite... still more power than you need for most applications (especially if you're comparison is some crappy little MIPS router). I considered pfsence but I'm more of a Linux person and didn't need the bells and whistles of the nice GUI, so it's just running stock Debian with ip tables and very little else on it (but with a lot of options if you want to do more with it).

Re:Get a cheap PC that 10 years old, add PFSense

[thegarbz]

It's recommendations like this that are the reason for America's incredible high emissions per capita stats.

Running a full powered PC from an era that didn't concern itself with efficiency, in a field (servers) which didn't concern themselves about efficiency instead of a small appliance that should use less power than an energy saving bulb.

Re:Get a cheap PC that 10 years old, add PFSense

[sheramil]

it isn't any good as a router, but think of the street credibility! the only way to beat that would be to use an Arduino.

Re:Get a cheap PC that 10 years old, add PFSense

[mellon]

I'm currently experimenting with the NanoPi, which I think has better I/O (it has gigabit ethernet and comes with an antenna). I haven't gotten openwrt running on it yet, but am working on it: http://nanopi.org/NanoPi-2_Fea...

The best thing about it is that if it doesn't suck, I can just scatter a bunch of them around the house--they are ridiculously cheap compared to typical WiFi routers.

If you want something a lot beefier, consider getting a Turris Omnia. Not cheap, but it's practically a server, and will draw a lot less power than your 10-year-old PC. They are working on FCC certification, should be available in the U.S. in a few months. I have one from the kickstarter... :)

Re:Get a cheap PC that 10 years old, add PFSense

[dwywit]

So do it with a laptop instead. Find a used but serviceable core2duo or core i3, replace the HDD with a small SSD, and make sure the power management is set to as low a usage as it can be without affecting performance (mostly make sure the screen turns off ASAP - you could even run it headless, how 'bout dat?). One ethernet and one wi-fi interface makes it perfect for home use.

You might even get away without an SSD - run a live distro off a bootable USB. Generous RAM, no swap needed.

Re:Get a cheap PC that 10 years old, add PFSense

[Salgak1]

. . .and if your existing router won't take, or doesn't have a DD-WRT or OpenWRT image available. . . . there's always Ebay. I built out an entire Legacy Systems lab off of Ebay purchases, after we got complaints from the field that the latest plastic fantastic software wouldn't run on their old Win7 or WinXP boxes. . .

Re:Get a cheap PC that 10 years old, add PFSense

[arglebargle_xiv]

If you're going to go that way, get an Alix APU, which is x86 without all the bloat and heat of a standard PC. It's designed for use as routers/firewalls/whatever, and runs pfSense out of the box. Also, unlike a Pi, it's actually properly designed, with real ethernet NICs, proper power conditioning, proper flash storage that doesn't shit itself every time there's a power glitch, and so on. I've got older Alix hardware that's been running for close to ten years without being touched, and that I have no expectation of needing maintenance for many more years to come.

Re:Get a cheap PC that 10 years old, add PFSense

[Hognoxious]

One ethernet and one wi-fi interface makes it perfect for home use.

Yeah, if you live on your own.

Re:Get a cheap PC that 10 years old, add PFSense

Flash storage is cheap. You don't need an SSD, just a USB thumbdrive. Firewall distributions are optimized for read only operation, so size and speed of the flash storage are not a concern.

Throwing out unneeded peripherals that needlessly consume electricity costs nothing.

There are plenty of dirt cheap post-Pentium4 PCs. You don't have to get one of the space heaters.

Even buying a new system doesn't break the bank. It often beats a state of the art off-the-shelf router in price and performance. Each watt of average power consumption ends up as 9kWh/year on the power bill. Saving 30W by buying new saves 270kWh per year. At 15ct/kWh, that's $40 per year.

Re:Get a cheap PC that 10 years old, add PFSense

[arglebargle_xiv]

And yeah, the Turris is on the expensive end of the scale.

It's more than three times the price of an Alix (see my other post below). You do get a little bit more on the Turris but most of it is kinda superfluous, I think for most people an Alix more than meets the requirements.

Re: Get a cheap PC that 10 years old, add PFSense

[ERJ]

87,600 Wh = 87.6 kWh 87.6 kWh * .12 = $10.50 / year

Re:Get a cheap PC that 10 years old, add PFSense

[dwywit]

Yeah, 'home', as in 'family' - not a bunch of enthusiasts who will readily saturate a connection with ISOs or GoT torrents. I've figured out how to throttle my linux torrents and let them run overnight or off-peak, instead of causing problems for the other people sharing my connection.

Anyway, if you're using that kind of bandwidth, shouldn't you be looking at a commercial solution, and not a hacked domestic router/modem?

Re:Get a cheap PC that 10 years old, add PFSense

[squiggleslash]

Wouldn't a Raspberry Pi be capable of the same thing, and cost around the same amount (once outfitted with the necessary hardware) as a router anyway? (Serious question, I've not tried it.)

Re:Get a cheap PC that 10 years old, add PFSense

[johnsmithperson123]

You're probably much better off getting a NUC-style system, perhaps with multiple NICs. The power consumption on the old CPUs is what gets you.

Re:Get a cheap PC that 10 years old, add PFSense

[TheRaven64]

Power here costs about £1/W/year. If you're expecting to keep your router for 2 years, it's worth spending up to £20 to reduce the power consumption by 10W. A typical old desktop will draw around 60W, an embedded router board will draw around 6W. That works out at a saving of £108 over two years, which is about the total cost of the embedded router board (PC-Engines or Soekris). After three years, even if you got the old PC for free, it's still more expensive. I used a PC-Engines WRAP board as my home router for around 5 years before needing to upgrade.

Re:Get a cheap PC that 10 years old, add PFSense

[arth1]

Flash storage is cheap. You don't need an SSD, just a USB thumbdrive. Firewall distributions are optimized for read only operation, so size and speed of the flash storage are not a concern.

Reliability is, though, and data rot rates over time on typical pen drives are rather bad compared to most storage. Re-imaging the entire drive every year helps reduce the risk, but do you really want to do that?

USB drives used to be better, with controllers that would rewrite data when idle. But the average consumer never cared about inner workings as much as getting a cheaper product, so low MTBFs is what you get now.

Re:Get a cheap PC that 10 years old, add PFSense

[houghi]

Why not go for an Raspberry Pie? Most likely cheaper. Put some router distro on it and be done.
Or buy via dx.com from China directly.

That is unless you want to buy a router/modem.

Re:Get a cheap PC that 10 years old, add PFSense

[PhunkySchtuff]

Two orders of magnitude actually.
24 hours × 365 days × 100 Watts = 876,000 Watt-hours = 876 kW/h
876 kW/h at $0.12c per kW/h is $105.12 per year.

Think about your annual power bill - if it cost $1,000 to run a 100W globe for a year, we'd all be sitting around in the dark.
In a house with, say, 10 light globes running them each for 8 hours per day, your power bill for lighting alone would be over $3,000

Re:Get a cheap PC that 10 years old, add PFSense

[danbert8]

If you are going for a 10 year old PC, why not just get an older router that supports flashing firmware?

Re:Get a cheap PC that 10 years old, add PFSense

[TheRaven64]

You can't do arithmetic: 24 * 365 * 100 = 876000. 24 * 365 * 100 / 1000 = 876. Your 87600 is neither of these numbers and I have no idea how you calculated it. The rough rule of thumb is $1/W/year, with your price estimate it's $1.0512, which is close enough. With 18 cents/kWh, it's $1.5768, but for most of the US $1-2 is the right ballpark. For Germany, it's $3. That doesn't actually detract too much from your main point. You're paying $300/year for power for the 100W machine. A 6W machine that costs $200 will save you over $90 in the first year.

Re:Get a cheap PC that 10 years old, add PFSense

[DuckDodgers]

To be pedantic about "that didn't concern itself with efficiency": they were extremely concerned with efficiency. Google, Microsoft, IBM, Oracle, HP, Amazon, Yahoo, and others in 2005 (for example) cared very much about every dollar spent on power and every dollar spent on cooling. They bought the most efficient server hardware they could afford. That hardware was just twelve years behind the levels of efficiency we have today.

This whole problem is very much one of those places where the Free Software Foundation is right - we're being locked out of legitimate uses of the products we buy, and we're being hurt by it. Not only is it annoying and insecure, but it's also environmentally wasteful. We should be able to run secure, audited-in-the-open code on the latest efficient wireless hardware. Just like we should be able to make good use of a laptop that's seven years old and not have an environmentally destructive planned obsolescence cycle for all mainstream smart phones.

Re:Get a cheap PC that 10 years old, add PFSense

[DuckDodgers]

I have four kids and my wife and I are cable-cutters, so we're routinely drawing a lot of bandwidth on our 200 Mbps internet connection. My home router is running DD-WRT, because it's three years old. But if I didn't have that, I think I might be able to get by with an old laptop as long as it had two USB 2.0 ports. I could plug USB gigabit ethernet devices into those. The bandwidth would be capped at what USB 2.0 can handle, but that should be well above 200 Mbps.

Re:Get a cheap PC that 10 years old, add PFSense

[DuckDodgers]

Thanks for the Turris Omnia suggestion. That's awesome.

Though I suspect their 802.11ac wireless drivers are proprietary. I haven't done research recently, but when I checked last year there were no fully open source 802.11ac device drivers.

Re:Get a cheap PC that 10 years old, add PFSense

[DuckDodgers]

This was covered up-thread, but the Raspberry Pi has a 100 Mpbs ethernet port and also shares bandwidth between ethernet and USB 2.0, so that if you're doing something data-intensive over USB 2.0 like reading a big file it will actually slow your network throughput.

So that's an acceptable solution for someone that isn't using much data, but won't work if you and your friends are watching a few different shows on Youtube or Netflix at the same time.

Re:Get a cheap PC that 10 years old, add PFSense

[thegarbz]

No, what I want is for the world to get to a stage where cheap-shots against America don't exist. You could start by taking some responsibility for your energy use.

Re:Get a cheap PC that 10 years old, add PFSense

[AmiMoJo]

You probably could use an Arduino...

http://lallafa.de/blog/amiga-p...

Re:Get a cheap PC that 10 years old, add PFSense

[TheCarp]

What you could do though, is make the wifi router as dumb as possible and use a pi to replace its services.

I use an ancient WRT54G with a tomato firmware. its nice, but I prefer a bit more control over dhcp and dns so I setup a VM for that. Well... that means my network services break whenever the VM host needs some TLC. So I moved all those services to a pi.....because needing to reconfigure my desktop to connect to the web and explain to others why the network isn't working are both annoying when I need to look up grub commands.

The upshot though is, my router is easily replaceable without losing any configuration other than the ESSID and passwords.

Re:Get a cheap PC that 10 years old, add PFSense

[DNS-and-BIND]

LOL, give me a break. Entire nations are built on foundations of hating America. It's not going to stop any time soon and if we ever did like you wanted you'd just change to a new issue.

Remember the gay marriage thing? Supreme Court ruled it legal. What was the reaction? "Hooray for America"? Hell no, it was "well it was about fucking time." Followed by an immediate retargeting of America-hate onto different subjects. It will never stop, it can't stop. People have too much invested in it.

Re:Get a cheap PC that 10 years old, add PFSense

[bluelip]

Orange Pi. Cheaper and faster.

Re:Get a cheap PC that 10 years old, add PFSense

[Gaygirlie]

All the four USB-ports share bandwidth, so no. A single USB 2.0-port has a 480Mbps bandwidth, not counting for the losses of the USB-protocol and whatnot, and since all the ports share bandwidth it'd make no difference whether you used a single gigabit ethernet USB-adapter or 4. Also, don't forget that the 10/100 Ethernet-port on the RPi also shares bandwidth with those USB-ports!

Re:Get a cheap PC that 10 years old, add PFSense

[mrun4982]

pfSense was my answer as well except I used modern, efficient hardware that doesn't consume much more power than a typical router at idle. The main reason for switching was so I had a router capable of 1Gb/S throughput since I was getting 1Gb/S internet.

Re:Get a cheap PC that 10 years old, add PFSense

[mrun4982]

A RasPi is a terrible solution for anyone with at least halfway decent internet speeds, let alone those of us who need 1Gb/S routing. There are much better single-board computer solutions if that's what you're after.

Re:Get a cheap PC that 10 years old, add PFSense

[Wolfrider]

> I might be able to get by with an old laptop as long as it had two USB 2.0 ports. I could plug USB gigabit ethernet devices into those. The bandwidth would be capped at what USB 2.0 can handle

--No. Just NO. If you're going to use an old laptop, at least get one that can handle a USB3 expansion card, like the Startech 2-port Expresscard. (ECUSB3S22, ~$30 on Amazon.)

--Using 2xUSB2 ports for Gig Ethernet will limit your bandwidth to ~15MB/sec maximum if they're both in simultaneous use. (Real world, probably less.) Use GIG Ethernet with *USB3*, you might get 50MB/sec throughput or better. Don't settle for USB2 when doing networking.

Re:Get a cheap PC that 10 years old, add PFSense

[bobbied]

Raspberry Pis have a single 10/100 port on them. In what universe is that good for a router?

No universe I know... That port is USB based (USB 2.0) which is going to be pretty slow. Now don't be fooled by a single port... Coupled with a VLAN enabled switch (which are cheap) you can have multiple ports on your system, no problem.

Re:Get a cheap PC that 10 years old, add PFSense

[jofas]

Tried it, it's pretty bad. As in, not a finished product. Many features are missing or broken.

Re:Get a cheap PC that 10 years old, add PFSense

[jofas]

1. Having an actual load tester and knowing what real world loads on mains are like, 100W is not realistic. With a heavy graphics cards, my mid-level gaming rig draws 38W max continuous. 2. Your calculations end at $1000 per year, which would put the yearly household consumption at ~11 or 12k per year, which in turn suggests that you don't pay your own utility bills. "What could a banana cost? 10 dollars?"

Re:Get a cheap PC that 10 years old, add PFSense

[DuckDodgers]

So I have a much weaker understanding of this kind of thing than I would like. My understanding is that the total bandwidth of any set of USB ports connected to a single USB "card" on the motherboard is actually the max for one port. i.e. if a particular version of USB has bandwidth X, then you can't have port 1 with throughput X as the same time port 2 has throughput X. If they both use the same "card" on the motherboard, then the total throughput between them combined is X. Then on top of that, I took the 480 Mbps of USB 2.0, and assumed that on my hypothetical laptop each of my pair of USB gigabit ethernet devices could then handle 240 Mbps. That exceeds the 200 Mbps I get from my ISP, problem solved.

But you came up with 15 MB/s. How? I see on the Wikipedia page for USB 2: "Due to bus access constraints, the effective throughput of the High Speed signaling rate is limited to 280 Mbit/s or 35 MB/s". Are you just dividing that in half and subtracting about 15% for overhead? Is that how you got your numbers?

I'm not saying you are wrong. I know that on-paper figures and real world numbers can vary wildly. I have a long experience wrestling with wireless throughput as experience. I'm just trying to understand the factors better.

Re: Get a cheap PC that 10 years old, add PFSense

USB 2.0 should work fine for 100Mbps in most cases. If that's not good enough for the LAN, use it in tandem with a gigabit switch.

On the other hand if you have Google Fiber or whatever, yeah you'll need something beefier.

Re:Get a cheap PC that 10 years old, add PFSense

[CastrTroy]

The minimum CPU on those boxes is 80W. You'll pay a lot for your power bill in the long run over going for something like an i3 mini PC from AliExpress. Not only are those servers huge, but they also create a whole lot of noise.

Re:Get a cheap PC that 10 years old, add PFSense

[yithar7153]

I'm using one as a router but I'm also using 100 Mbps Ethernet which is pretty outdated. The problem really is throughput. In terms of throughput you're actually better off using an old computer, or an Odroid.

Re:Get a cheap PC that 10 years old, add PFSense

[vtcodger]

"Raspberry Pis have a single 10/100 port on them. In what universe is that good for a router?"

The many 10s of millions of North Americans who live in rural areas? Contrary to the assumption of those running things, a lot of us are lucky to be be able to get enough bandwidth to stream video while downloading Slashdot, much less saturate a 100 mbps connection. Yeah, I know a Raspberry Pi probably won't transfer anywhere near 100 mbps in practice. I expect it'd manage routing stuff to/from a 5mbps DSL line without a lot of stress.

And folks who actually live out in dirt road and try not to run into the cows country very likely don't even have DSL.

Re:Get a cheap PC that 10 years old, add PFSense

[pnutjam]

Go with an embedded x86 platform for PfSense.
Something like this, I have a netgate APU which is similar.

Re:Get a cheap PC that 10 years old, add PFSense

[jittles]

Whilst your electric might be free, running a 100-200W PC instead of 6W router is a little overkill for most people. The best solution, of course, is to be allowed to put new firmware on your existing router ;-)

I have an LGA 1155 Xeon processor that has a TDP of 35W. I run an SSD in the thing, in a fanless case designed to cool using convection and the device averages about 10W draw. It has way more horsepower than your average router, too. However, you really need a purpose built chip to route traffic efficiently so it's better to use a purpose built router from that standpoint. You'll get better throughput.

Re:Get a cheap PC that 10 years old, add PFSense

[mellon]

The one I have is the Neo PlusS2, which has an Allwinner CPU. I only got it yesterday, and don't have a flash card for it yet, so I haven't had a chance to try it. :)

Re:Get a cheap PC that 10 years old, add PFSense

[pnutjam]

That's a good option if you have a couple hundred bucks.
If your not opposed to closed source and just want something with enterprise features, the cheapest option is a mikrotik routerOS device. You can snag one for around $50 usually, with 802.11 b/g/n.

Re:Get a cheap PC that 10 years old, add PFSense

[Wolfrider]

--Real-world measurements/experience. I have an older laptop that has a single-core, 64-bit CPU, USB2 native ports and 100MBit native Ethernet port.

More info here:
https://freedompenguin.com/art...

( You can search freedompenguin for 'zfs' if you want to see my other articles )

--I switched out the sloow original laptop spinning-platter 160GB SATA drive with an SSD, BTW - boots Antix nice and fast. If I put a USB3 Gig Ethernet adapter on a USB2 port along with an external USB3 1 Terabyte spinning hard drive and FTP-copy files over the (gig) network from my server, I get maybe 15-18MB/sec sustained sequential write speed (using Linux - Antix/MX to ext4 target filesystem) because they're sharing the interface.

--If I put both the Gig USB3 ethernet and the USB3 external terabyte drive on the USB3 card (or even just the Gig Ether adapter alone) and copy files over the network to the internal SSD, I get *wildly better* speed because it's not bottlenecked by sharing the USB2 bus. Remember, every device you add to USB2 will drop your sustained bandwidth if they're in use at the same time.

--If I put (1) Gig Ethernet adapter on USB2 and nothing else, I usually get ~30MB/sec sustained write speed to the SSD.

--Right now the laptop is using a dual-port eSATA card instead of the USB3 because it's being used for occasional ZFS zRAID10 (8x1TB drive mirrors, and with only 2GB RAM, at that) - but you should absolutely do your own speed experiments and find out what works best for you between budget ($$) and convenience (speed.) Last time I checked, the USB3 Gig Ethernet adapter was under $16.

Re: Get a cheap PC that 10 years old, add PFSense

[thejynxed]

Yeah, I am fortunate enough to need a beefier solution. I have GigE for my desktop machines, media server, and 4k UHD tv, and right now I am using dual-band wifi for the various iThingies, blu-ray players, Rokus, Chromecasts, 1080p tvs, etc in the house (looking into tri-band wifi routers if my wife and son keep buying more wireless toys).

Re:Get a cheap PC that 10 years old, add PFSense

[parkinglot777]

Power here costs about £1/W/year. If you're expecting to keep your router for 2 years, it's worth spending up to £20 to reduce the power consumption by 10W. A typical old desktop will draw around 60W, an embedded router board will draw around 6W. That works out at a saving of £108 over two years, which is about the total cost of the embedded router board (PC-Engines or Soekris). After three years, even if you got the old PC for free, it's still more expensive. I used a PC-Engines WRAP board as my home router for around 5 years before needing to upgrade.

I'm not sure if your unit is correct... I am quite sure that you meant £1 per kWh (Kilo Watt Hour) per year.

A 6 wH router would require 52.56 kW to operate in a year (24/7 and 365 days a year)... So, I don't get the part where you are talking about saving. :-?

Re:Get a cheap PC that 10 years old, add PFSense

[AbRASiON]

I'm considering this but I want one with that new AES-NI support that the PFsense devs have said will needed going forward.

It sounds like version 3.0 will be a big change.

I think the Denverton (C3xxx / C3000) upcoming chips might be perfect. Powerful and low powered, probably just the dual core version.

Re:Get a cheap PC that 10 years old, add PFSense

[Grishnakh]

And compared to even a high-speed cable modem, how is that insufficient?

The only way I see that being insufficient is if you're trying to get max throughput between different machines on your internal network, over the newer WiFi standards (like 802.11ac). If all or most of your WiFi traffic is going over the internet (rather than between your own machines), then this isn't an issue I think.

Re:Get a cheap PC that 10 years old, add PFSense

[Anaerin]

The AES-NI support is why I recommended the 5600 series Xeon (which has it) over the 5500 (which doesn't). Alternatively, you could grab one of these which is new, and would also do the job.

Re:Get a cheap PC that 10 years old, add PFSense

[DuckDodgers]

Thanks for taking the time to reply. Nice article - good writing, useful information.

I have an old laptop with 2 GB of RAM and a Core Duo (or Core 2 Duo, I don't remember) and a whopping 1280x800 resolution. I've got Xubuntu 16.04 on it, and it runs nicely. But it mostly collects dust because I've already got a file server and the eight or so year old battery holds a charge for between 90 and 150 seconds. :)

Re: Get a cheap PC that 10 years old, add PFSense

[mSparks43]

i use one of my pis as a repeater.

connects to the neigbours wifi via a wifi dongle on the bluetooth and shares the connection into a second wan port on the pfsense router.

wont break any speed records, but will happily keep torrenting at 1MBs without touching my main network.

Re: Get a cheap PC that 10 years old, add PFSense

[mSparks43]

hehe, obviously bluetooth was a 3am time for bed moment. meant usb, obviously.

Re:Get a cheap PC that 10 years old, add PFSense

[AK+Marc]

convert kWh to W-year Both are Watt * time. He converted to Wy to simplify the long-term cost estimate. I have no idea whether his conversion and pricing is correct, but his unit is no less valid than kWh, just less common.

Re:Get a cheap PC that 10 years old, add PFSense

[AK+Marc]

And the thing I see ignored is latency. You'll lose 1-10 ms with a GP computer running a network. The dedicated boxes don't have to use CPU processes to move a packet and are effectively shunted on the NIC. Faster and more efficient.

Re:Get a cheap PC that 10 years old, add PFSense

[TheRaven64]

Raven, read the post by PhunkySchtuff again. There is no mention of 87600 anywhere.

You might want to try again. He says:

At an optimistic 100W, that's 87600 kWh/year

Looks like it contains the number 87600 to me...

Re:Get a cheap PC that 10 years old, add PFSense

[TheRaven64]

I'm not sure if your unit is correct... I am quite sure that you meant £1 per kWh (Kilo Watt Hour) per year.

£1 per Watt for one year. Rough estimate, but it's in the right ballpark. I pay 12p/kWh. That's £0.00012 for 1W for one hour. For one day, it costs £0.00288. For 365 days, it costs £1.0512, so an estimate of £1/Wyear is only 5% off. The unit of kWh per year wouldn't make sense: Watts are a unit of power (energy per unit time). 1kWh is one kW (1000W) for one hour. i.e. my price of £0.12/kWh means that it costs £0.12 to have something that draws 1kW on for one hour (or to have something that draws 100W on for ten hours, and so on). I probably should have written £1/Wyear for consistency with kWh or £1/(W/year), but I assumed that readers could figure it out and was lazy.

A 6 wH router would require 52.56 kW to operate in a year (24/7 and 365 days a year)... So, I don't get the part where you are talking about saving. :-?

What is a 6wH router? Even if you mean 6Wh, that doesn't make sense: how long does it take to consume 1Wh (a unit of energy, not of power)? If you mean a 6W router, then will consume 52.56Wh in one year (not 52.56kW, because that's a unit of power and when you divide by time [i.e. over a year] then you get energy, not power). In contrast, a 60W old PC will consume 525.6kWh. At £0.12/kWh, that works out at £6.3072 to operate the small router or £63.072 to operate the old PC for one year. These numbers are very close to my back-of-an-envelope estimate of £6 vs £60, but more accurately the saving is £56.7648/year, or £113.5296 over two years. If you spend £100 on a low-power embedded router board to replace a 60W old PC that you got for free then you will be £13.5296 better off after two years (assuming electricity prices don't go up and you're on the same-priced tariff as me). After four years, you'll be over £100 better off. The one that I bought lasted 5 years before it was too slow for the network, so that's a saving of £283.824 of electricity. The new version of the same board (three gigE ethernet adaptors and enough CPU power to happily handle line rate on all of them) costs £125, probably around £160 by the time that you've added a case and some flash storage. So over the lifetime of the device (assuming it only lasts five years - I'd actually be quite surprised if GigE is not fast enough in 5 years for most home users), the saving is around £120, more if electricity prices go up. The break-even point is just over two years. As an added bonus, you get a small form-factor device that's silent, so can be hidden in a corner in a room that you actually use, or stored in an under-stairs cupboard without overheating.

Using an old PC for this is likely to be a waste of money and be inconvenient. If you can get £20 for the old PC from someone who actually needs a machine capable of running a GUI, then you're even better off!

Re:Get a cheap PC that 10 years old, add PFSense

[Wolfrider]

> old laptop with 2 GB of RAM and a Core Duo or Core 2 Duo

--As long as it has a 64-bit CPU, you could use it for ZFS experiments or maybe throw Squid on there and use it for a proxy cache... One of my articles deals with moving Linux /home to ZFS.

--Feel free to email me privately (use gmail for destination address) and I can provide you with more info/config advice. I'd recommend either using an inexpensive SSD in the laptop or buying a decent USB3 thumbdrive though.

Re:Get a cheap PC that 10 years old, add PFSense

[Narcocide]

I'm highly skeptical, after hearing the same thing assumed about the original and finding out that the "USB 2.0" connectivity was effectively constrained to USB 1.0 speeds due to the bus it was attached to.

Re: Get a cheap PC that 10 years old, add PFSense

[Bengie]

USB 2.0 can supply 100Mb/s the same way a mechanical HD can supply 50MiB/s. Rarely in real world situations. The post you responded to said "single" USB port. Cut your bandwidth in half. The slowest internet I can find is 100Mb/6Mb from Charter for "$30/m" in a triple bundle or my current ISP is 150Mb/150Mb for $50/m.

Re:Get a cheap PC that 10 years old, add PFSense

[DuckDodgers]

The laptop is a toy machine I only move around the house to play music when I'm working in odd places or play movies when the kids managed - again - to drain the batteries of every other portable electronic simultaneously.

I am grateful for the offer of assistance, though. I actually have been using btrfs everywhere with /home and /opt each on separate subvolumes. I know btrfs is not as stable and mature as ZFS, but so far it hasn't burned me and I have two in-house backups of everything and one offsite backup. I'm really hoping it matures into a full ZFS competitor, not because I have anything against ZFS but because I think something GPLv2 right in the kernel makes life easier for the Linux community at large than the legal shenanigans and bickering around CDDL or whatever the ZFS license is.

That said... right now I'm managing partitions across disks manually and not using the redundancy features available in btrfs (or ZFS) volumes. I'm synchronizing everything with rsync in cron as a kind of manual equivalent to RAID 1. But that gives me two advantages. The first is that I can move a physical drive between computers and only lose the time it takes to do the physical move, there is no data loss or volume rebuild required on either side. Well, that's not totally true because I have to modify some /etc/fstab entries and rsync settings in cron on both ends. But the data is available immediately. The second advantage is that I can use ntfs-formatted drives for backups when booted into Linux. I rarely boot into Windows, but every once in a while my kids want to play a Steam game that isn't available on Linux. I lose access to my backup file server when they do, but only for a few days until they get bored and then it's back in business.

Re:Get a cheap PC that 10 years old, add PFSense

[Bengie]

What does have rural have to do with anything? Farms have the fastest internet around here. Charter doesn't want to compete in rural, which allows smaller ISPs to flourish letting people purchase naked 250Mb/250Mb Internet for $80 vs 100Mb/6Mb in the city for no cheaper than a $100 total bill. Just north of us vacation houses in the middle of freaking no-where are getting 1Gb/1Gb for $50.

If anything, rural has faster cheaper internet, even more reliable. No incumbents to hold back ISPs.

Re:Get a cheap PC that 10 years old, add PFSense

[toddestan]

Well, another option is just use a hard drive and something like Smallwall (basically a m0n0wall fork) that can spin down the HDD when it's not needed (which is >99% of the time). Of course, you run the risk of the drive crapping out, but it's easy to have a spare drive or two ready.

The other advantage is you don't need a lot of CPU either. I run mine through a P3, which are pretty efficient (some of the processors are under 10W). Of course, the age the hardware is a concern, but I've not had any problems with reliability on the box I've been using since a P3 wasn't really considered that old.

Roll your own

[Zarhan]

http://elinux.org/RPI-Wireless...

Pretty much only way to be sure.

Beyond that, you go with the same approach as when getting a PC to use with Linux - try to verify each individual component and whether it works or not.

Re:Roll your own

[arglebargle_xiv]

The RaspberryPis are terrible choices for a router.

The Raspberry Pi is a terrible choice for anything that's put into a production environment, not just routers. They're educational toys, not something that's meant to be run 24/7/365 in a serious situation. By all means prototype it on a Pi, but for fscks sake don't ship a commercial product based on it.

Re:Roll your own

[jofas]

And how did you solve the bandwidth on the Pi?

Re:Roll your own

[jon3k]

not something that's meant to be run 24/7/365 in a serious situation

First, I don't know what qualifies as a "serious situation", we are talking about someone's home router. But what exactly makes a RPi incapable of running 24x7? There thousands of these running 24x7 without issue.

Re:Roll your own

Note the comment about the wifi dong. He's using it as an access point, not a wired router, so throughput is going to be limited by the wireless interface. I think most of the people recommending Raspberry Pis just don't have good internet connections, so they get by with the performance of that toy.

Re:Roll your own

[omnichad]

So you prototype on a Pi and then...what? Manufacture your own Pi?

Maybe you don't have to ship physical hardware if it runs on a Pi. Commercial or hobby, just ship the software and let the end user buy their own PC. That's how computers work nowadays anyway.

Solution: Don't buy those brands anymore...

[Zurkeyon3733]

PLENTY of "make your own" options out there these days... Easy options even. Newegg has an ITX mainboard with a built in AES-NI CPU for Hardware accelerated encryption, for 56$... Add a dell Broadcom SFF 4 Port Gig NIC and some RAM, and whola! Whatever router config you need is just a download away!

Re:Solution: Don't buy those brands anymore...

[PolygamousRanchKid+]

Well, as soon as the NSA spooks get wind of this, the US government will ban vendors from supplying any useful encryption, as well.

Because banning encryption from the hands of ordinary citizens will "fix" the problem of terrorism, right?

If good old King George of England had the NSA back then, the American Revolution never could have happened.

"One, if by land! Two, if by sea!"

Oh, wait, the American Colonists are not allowed to have lanterns!

Re: Solution: Don't buy those brands anymore...

[Entrope]

Here is the world smallest viola, playing a requiem for people who don't know how to spell "voila".

Re:Solution: Don't buy those brands anymore...

[PolygamousRanchKid+]

Aren't you aware that the NSA works towards making encryption and secure systems available to the US public and corporations?!?

Yes, the NSA has a long history of "helping" the US public and corporations with encryption . . . like the DES standard . . . invented by IBM, intentionally crippled by the NSA.

An ancient rule of war . . . don't provide your allies with any weapons that you are not able to defeat yourself . . . just in case your allies today become your enemies tomorrow.

Re:Solution: Don't buy those brands anymore...

[tstrunk]

PLENTY of "make your own" options out there these days... Easy options even. Newegg has an ITX mainboard with a built in AES-NI CPU for Hardware accelerated encryption, for 56$... Add a dell Broadcom SFF 4 Port Gig NIC and some RAM, and whola! Whatever router config you need is just a download away!

I disagree with your statement, because you are missing one thing: "The Modem" (however I'm limiting this statement to Europe, because I don't know the situation in the US)
In Europe you cannot buy isolated cable modems for Eurodocsis 3.1. The most you can get is a complete router with an integrated Eurodocsis modem, which, if you are lucky, you can configure into a bridged modem mode.

For your project to succeed and be the "be all, end all" solution, you would require a cable modem add-in card. This is something all the big router producers will never market, because they would cut into their own profits.

For DSL markets, isolated modems exist, but also here, you won't find open source solutions.

Re:Solution: Don't buy those brands anymore...

[omnichad]

That's an ISP problem - it's technically possible and the hardware does exist. See: Technicolor TC4400.

In the US, standalone modems are supported by nearly every cable ISP - and you're allowed to buy your own. Some (like Comcast/Xfinity) will provide one with their own WiFi so that they can also use your modem as part of their istributed WiFi system. Still others will use an integrated wireless gateway as an excuse to keep charging a monthly rental fee on the modem when they'll provide a basic modem for free (see Spectrum).

Re:Solution: Don't buy those brands anymore...

[omnichad]

Where do you live that you can air condition your home for that low? During the summer, I use about 20kWh per day for air conditioning on the hotter days. A 10 Watt device running for a full year only uses about 87KWh. In the US, that's maybe $10-12/year. That doesn't leave much budget for more expensive hardware just to save electricity.

Attacking a 10W device when your money is better spent on a more efficient refrigerator is ridiculous.

Re: Solution: Don't buy those brands anymore...

[ChrisMaple]

And here's the pronunciation: https://www.youtube.com/watch?v=GuRQl4rAajs

Turris Omnia

[JoSch1337]

https://omnia.turris.cz/

Specs: 1.6 GHz dual-core ARM, 2 GB DDR3, 8 GB flash, 5 Gbit LAN, 1 Gbit WAN, 2 USB 3.0, 2 Mini PCI Express, 1 mSATA / mini PCI Express, 3x3 MIMO 802.11ac, 2x2 MIMO 802.11b/g/n

I use it together with two hard drives attached via SATA.

It ships with a custom version of OpenWRT but you can also install other stuff on it like Debian:

https://wiki.debian.org/Instal...

Or openSUSE:

https://en.opensuse.org/HCL:Tu...

Re:Turris Omnia

[alantus]

It looks good, but overpriced.

Re:Turris Omnia

[klapaucjusz]

The Turris Omnia is some very nice hardware, and built by people who are very much devoted to free software (nic.cz, the same guys who brought us the Bird routing suite and KnotDNS). It's a little bit overkill for a home router (it's got massive amounts of memory and a fiber interface), but if you're fine with spending over 200 euros, it's an excellent choice.

Re:Turris Omnia

[Cramit]

I didn't see a way to purchase in the US; did I miss it?

Re:Turris Omnia

[AmiMoJo]

Seems very expensive for what it is... If you go on AliExpress and search for "x86 router" or "arm router" you will find hundreds of options costing less than 1/3rd as much. For example: https://www.aliexpress.com/ite...

Celeron J1900 (quad core, 2.4GHz)
1x DDR RAM RAM socket
Intel chipset
mSATA SSD slot
4 Intel I211AT gigabit LAN ports
3x USB 2.0
1x USB 3.0
2x MiniPCIe ports
10W max power consumption

The case has holes for wifi antennas, which you can order with it. It's pretty much a standard PC so will run whatever Linux or even Windows OS you want. It's got VGA as well which can be handy for an emergency shell.

You could add a really simple UPS with a 12V lead acid battery and a few diodes too.

Re:Turris Omnia

[Mal-2]

Eww. Bay Fail, the doughiest of half-baked Intel releases. Sure it's x86-64, but it's still crap. (You may not notice too much running Mint or something like it though.) The only solution that finally solved my Bay Trail problems was to sell it and get a Haswell replacement. I wouldn't in good conscience advise anyone to do anything requiring reliability with a Bay Trail machine.

Re:Turris Omnia

[edtice1559]

https://www.amazon.de/dp/B01MG... You can purchase from amazon.de in the US. You may have to pay freight though.

Re:Turris Omnia

[mattventura]

I hope that's just meant to serve as a rough example, because it really doesn't tick many of the boxes. I count two antenna holes, so you can't even 3x3. You'll also need to source signal combiners so you can run 5 and 2.4 on the same pair of antennae. You also need the wifi cards themselves, and good ones aren't cheap. Selecting the wifi option on that one increases the price by $4 which is certainly not going to get a wifi card worth using AP-side. In fact, reading the specs it looks like the first mPCIe slot is USB-only, and the second is SATA-only which is yet another deal breaker.

Disclaimer: I own an Omnia, and it's pretty good at being a solid pre-packaged solution without losing any customizability. I'm sure you COULD find something that beats it in terms of value, but some random aliexpress box probably isn't the way to do it. That also says nothing of current and future expandability, where if need be you could upgrade the omnia to 4x4 wifi or jury rig all sorts of stuff into it.

Re:Turris Omnia

[AmiMoJo]

I'd suggest getting a separate wifi AP. There are a few advantages. It's easy to upgrade when a new standard becomes available, you can position it ideally rather than where you want the router to be, it's easier to isolate and compromising it doesn't compromise your main router...

Considering how much you save with one of these, you could get a really nice Ubiquity AP or something like that.

One word

Mikrotik. US version has a stupid NSA backdoor package, but you can flash firmware with EU version without it :)

Re:One word

[omnichad]

A UAC-AP-LITE and an EdgeRouter-LITE is plenty for my home network - and cheap too. The ER-Lite is a bit buggy (QoS is basically broken) and missing a few features of the pro. If I were going to spend more money it would be on the ER-X.

Re:One word

[pnutjam]

Citation please.

Re:One word

[greenfruitsalad]

for the price of one EdgeRouter Lite, you can buy two EdgeRouter X. I also wholeheartedly recommend Ubiquiti AP AC Lite. I had an Asus rt-ac68u which never even reached half of its advertised wifi speeds. With UAP AC Lite, speeds above 50 MBytes/s on wifi are now normal in my household.

Separate Access Point from Router

[aaarrrgggh]

Personally, I find that going with a dedicated router and dedicated access point(s) makes for a more flexible solution anyway. Better placement options, easier to upgrade the wireless, etc. I use Ubiquiti gear, which gives me Vyatta on the routing/firewall and a solid (locked down) access point.

Curious to try out the little pfsense appliances, but they are a bit more pricey.

Re:Separate Access Point from Router

[unixisc]

Since the FCC's issue is the prevention of the tampering of radio outputs, is it possible to manage that from something other than the router's management, which is where the question of the proprietary router OS vs the WRTs come in? Like maybe have a baseband BIOS that's not alterable from the router management interface, except in cases of an over the air upgrade of the firmware?

Looks like such a solution should resolve the issue of keeping the routers compliant w/ the licensed frequencies & bands, while letting the router owner customize the router however he chooses, like w/ pFsense, OpenWRT, Tomato or whatever

Re:Separate Access Point from Router

[RavenLrD20k]

For the place I'm moving into, my plan is going to be similar to yours: Since I'm going to have roommates I was looking at having two Cable Modems on the line, one for their account and one for ours (two families of power users that run dangerously close to each of their caps). Run those into a 5 port ubiquity router with a few managed switches connected to that running virtual networks. Run that to a patch panel that runs physical wires to each bedroom and the home office, enough lines that each device could have a physical run back to the network closet. And then for wireless devices, run three different AP zones, two on my network one on the roommates' on non conflicting channels.

Re:Separate Access Point from Router

[aaarrrgggh]

It can be easier than that; you can just keep one vlan and SSID for each group, and share APs. Drop AP power, especially on 2.5GHz, and locate the APs to simply provide coverage. You can use QoS to manage each group's usage.

For all but the most basic setups, a separate router that is fully configurable and access points that extend that functionality to wireless clients is a better strategy. While there are things you can tweak in the radio realm, the benefits are minimal (beyond power and channels) to the point that the FCC issues seem logical.

Re:Separate Access Point from Router

[rjzak]

I second the Ubiquiti suggestion. The hardware is inexpensive, the UI is feature-rich and easy to use, and the devices are rather reliable. I particularly like the use of Power over Ethernet, which made setting up the Access Points easy. Also the iOS app for remotely configuring the network is very convenient. It can be set up to allow administration remotely, or just allow administration while on your network.

AP: https://www.ubnt.com/products/#unifi
iOS admin app: https://itunes.apple.com/us/app/unifi/id1057750338?mt=8

"save wifi" campaign

[lkcl]

The FCC later specified that they were not trying to block Open Source firmware modifications

they were told IN NO UNCERTAIN TERMS that this is exactly what would happen - that manufacturers would take the "lazy" way out. unfortunately, a number of prominent "open source" activists completely and utterly failed to comprehend that this would happen, and ENDORSED the FCC's proposal.

there are some very specific companies that sell RYF-Endorsed products (answering the OP's question: google "RYF Certified router" or other such keyword combinations), and these companies are near-completely screwed. if they are not careful they have to sell ILLEGAL products in order to satisfy the RYF-Endorsement Criteria! however it turns out that there's a small workaround: what they can do is put an UNPUBLISHED hidden link into the web interface in order for users to carry out quotes unauthorised quotes firmware updates.

basically as a world-wide community we f******d up. the opportunity to stop the FCC from being a Corporate lap-dog was when the "Save WIFI" campaign was underway. it was a complex situation understood by very few people: we should have listened to the people who properly understood it, and supported them. we didn't do that... and now we suffer the consequences, as indicated by the OP.

Re:"save wifi" campaign

[nuckfuts]

... quotes unauthorised quotes firmware updates...

Does your keyboard not have a " key?

well, how could they predict..

[gl4ss]

that apparently USA selling companies would put in misleading advertising(ddwrt compatible) on devices where you cannot put ddwrt on.

look, the simple choice: ORDER FROM ASIA. like come on, you're ordering shitty cheap shit all the time from dx etc anyways..

I mean come on, it is more of a consumer issue anyways.

x64

[darkain]

Intel/AMD x64 pfSense. #DONE!

"wide-reaching effect of US law on the products"

[Nutria]

What is your evidence that this is true?

Depends on how it is locked

[Nocturrne]

It might be as simple as removing a resistor to disable write protection. If not, get yourself a hot air gun and replace the FLASH memory with your own unlocked IC.

Re:Depends on how it is locked

[bobbied]

Seriously? Before you start soldering new flash chips in, you might want to consider a couple of other things first. There will usually be a J-TAG header someplace that I'd try first in your attempts to alter the boot loader.

Re:Depends on how it is locked

[Mal-2]

An SOIC clip and an RPi is the usual way to force-flash firmware on machines that don't want you to.

Don't blame the FCC

[Solandri]

Blame the idiots hacking their firmware and using their routers irresponsibly (illegally).

First you have to understand why the FCC made the request to router manufacturers. Shortly after the FCC opened up the 5 GHz band for unlicensed use, terminal doppler weather radar was invented in response to several airliner crashes due to adverse weather conditions. Unfortunately, it relies on frequencies smack dab in the middle of the open 5 GHz band, so the FCC took the unusual step of revising their rules which opened up those frequencies

That's why most 5 GHz devices only support channels 36-48 and 149-165. The intermediate channels were reclassified as DFS - dynamic frequency selection. Open devices could use them, but if they detected weather radar in use they had to switch to a different channel. A few devices actually do this and check to see if weather radar is in use. Most manufacturers just took the easy way out and blocked out channels 50-144 entirely in the firmware.

DD-WRT supports DFS - it will change frequencies if it detects weather radar in use (at least it does on my hacked TP-Link). If you install third party firmware and use the 5 GHz band, do the responsible thing and enable this functionality if you're going to enable channels 50-144. Unfortunately, some idiots didn't do this, which caused the FCC to grow concerned about the impact of third party firmware on the effectiveness of TDWR. That's why the FCC made the request to router manufacturers. Not because they hated third party firmware, but out of concern for the safety of the flying public.

This is why we can't have nice things - a few idiots ruin it for everyone else. I had lots of fun with lawn darts as a kid, but we always treated the target area as if it were a shooting range. Here's an example of what happens to TDWR when an idiot blasts their router in the TDWR frequencies. The unauthorized broadcast shows up as a wedge-shaped area spanning a few degrees and extending to the edge of the radar image, completely obscuring any weather in the wedge.

And buying the router in Canada or Europe won't make any difference because those countries have the exact same restrictions on those TDWR frequencies. The only reason they're not being as aggressive as the FCC is because TDWR so far is mostly used at U.S. airports. Eventually most airports in the developed world are going to upgrade to it (or at least airports which frequently encounter bad weather). So the regulatory agencies in Canada, the EU, and most of the rest of the developed world are all going to be on the same page as the FCC once TDWR is rolled out in those countries.

Re:Don't blame the FCC

[GrumpySteen]

Do you want to foot the bill for massive army of personnel and equipment required to hunt for signals in the tens of thousands square miles covered by TWDR systems?

And before you say it... no, waiting for hundreds of people to die in a plane crash because interference prevented a TWDR system from detecting wind shear conditions is NOT an acceptable solution.

Re: Don't blame the FCC

[Entrope]

I have a modest proposal: stop designing safety critical radar systems that operate smack in the middle of an unlicensed band.

Re: Don't blame the FCC

[thegarbz]

I know. What is with these people obeying the laws of physics when choosing spectrum. How dare they!

Re: Don't blame the FCC

[Entrope]

I assure you that will not be a problem in Australia.

Re:Don't blame the FCC

[bobbied]

Yea, brown shirts and jack boots for ALL at the FCC...

Seriously. We don't have the budget for that kind of enforcement activity. Besides, it takes the FCC YEARS even DECADES to actually get around to enforcing interference. In one case (see K1MAN) it took nearly 20 years to yank a ham radio license, even then it didn't end his on air activities until the guy actually died.... They where a bit quicker with the guy who kept interfering with emergency services, but it still took decades to get him finally off the air.

It may be a "cheap shot" by the FCC, but I see their logic here. I also see manufacturers using the situation to their advantage (some of them at least) but what other choice does the FCC have?

Re:Don't blame the FCC

[guruevi]

Why don't they just change the weather radar frequencies then. Once you let the cat out of the bag by giving a bunch of spectrum to the Chinese corporations, they won't care what band it's going to be bleeding on, even if it's not in the right channel, you can be sure there will be some unfiltered harmonic coming out of the device in the middle of the channels you don't want to be in.

The problem is not some idiot that sets up his WiFi channels wrong, that's easy to detect and punish, it's crappy antenna design. I'm also not so sure the few mW a router puts out is going to affect much of a radar (which has several kW) anyway, the worst thing it'll do is blow out the signal from the router.

Re:Don't blame the FCC

[guruevi]

Interference of that magnitude would be immediately detectable on a weather radar. I highly doubt your little 200mW antenna will have much effect on the 0.1s a plane is within the range of a broken WiFi router.

Re:Don't blame the FCC

[SuiteSisterMary]

Most likely because the weather radar needs to run on that specific frequency range in order to actually detect what it needs to detect.

Re: Don't blame the FCC

[KGIII]

Did Turnbull figure out how the defy math yet?

Re:Don't blame the FCC

[ChrisMaple]

The weather radar path is
radar transmitter -> propagation to cloud -> bounce off cloud -> propagation to radar receiver -> radar receiver.

The wifi router path is
wifi transmitter -> propagation to radar receiver -> radar receiver

The losses to the cloud and reflecting off the cloud can both be substantial. That 200 mW is not negligible.

Some routers aren't "locked" particularly well...

[AC-x]

Some routers aren't "locked" particularly well, for example I have a WR841N v11 here which had supposedly FCC locked firmware, but it was relatively simple to install open firmware on it using the TFTP firmware recovery procedure

Sod locked firmware

[Chrisq]

I'd be happy if we could just stop Americans from pronouncing it "rawter". They need to learn the difference between "rout" and "route".

Re:Sod locked firmware

[Zontar+The+Mindless]

Or maybe you need to learn the difference between "route" and "root"?

Re:Sod locked firmware

[fnj]

It's pronounced "ow" as in "ouch", dipstick. Not "aw". Sheesh.

Re:Sod locked firmware

Route pronounced as "ow" was originally a regionalism in the US. Some areas pronounced it root and others rout. Unfortunately, unless you invent some completely new pronunciation, "route" is a homophone for either "rout" or "root" and depending on the circumstances you may want to distinguish route from one or the other. "Rout" is rarely used in technical conversations, where "root" comes up from time to time. so pronouncing route consistently as "rout" helps prevent confusion in those conversations where "rooting" is a topic.

Re:Sod locked firmware

[thegreatbob]

Perhaps we should rename it something like "Quazi-intelligent Internet packet translocator" to avoid this issue.

Re:Sod locked firmware

[Bill+Hayden]

As an American who's worked in the computer industry for 20+ years, I've never once heard anyone pronounce it "rawter".

Re:Sod locked firmware

[thegreatbob]

That being said, folks that pretend that the pronunciation of a word causes it to make no sense, even when the context is unambiguous, are mildly annoying.

Re:Sod locked firmware

[Carrot007]

Or maybe you need to learn the difference between "route" and "root"?

There are heterograph's

What do I win?

Re:Sod locked firmware

[Marillion]

Out
About
Tout
Gout
Flout
Route

The word that doesn't rhyme with the others is the word that ends with an E.

Re:Sod locked firmware

[Zontar+The+Mindless]

Route can be pronounced as /ræwt/ or /ru:t/. Both are equally correct, as a few seconds with any dictionary will tell you.

FCC: The inept Paper Tiger....

[beheaderaswp]

First off, the FCC is underfunded and cannot enforce it's own rules. This is one of those cases where lack of funding leads to inept regulation. The FCC cannot set a rule and simply enforce the rule. They have to set a rule that is enforced in a defacto manner without them spending any money.

So by regulating what manufacturers can and cannot do- they get the "appearance" of responsible regulation. With the added side effect of stifling innovation, modification, or customization (within the law) of the equipment.

You can try to explain this to people.. but since the principles involved are nuanced and technical most eyes glaze over. But the short form is this: if you lock down the hardware you stifle innovation.

Another primary example of the FCC failing for lack of funding is the regulation of radio bandwidth which citizens have access to. That would be the CB, GMRS, FRS, MURS, or Amateur Radio services. The FCC either farms out the enforcement (Amateur Radio is farmed out to the ARRL) or simply makes no enforcement action at all. The result being that the radio spectrum has become a cesspool of "pirate radio", free-banders (Illegal unlicensed operators), or licensed operators who break all the rules.

There are illegal operators across all the bands in the spectrum that are known by the FCC, the general public who use the spectrum, local law enforcement, and the defense community. But they are rarely enforced against.

They are not enforced against because the FCC has no budget for enforcement. They rarely enforce interference with government services first, commercial services second, and do nothing at all anywhere else. Very occasionally there is Amateur enforcement.

This means as a citizen FCC enforcement will come through any tangential avenue that has no cost to the FCC.

Re:FCC: The inept Paper Tiger....

[StatureOfLiberty]

The FCC either farms out the enforcement (Amateur Radio is farmed out to the ARRL) or simply makes no enforcement action at all.

ARRL has no enforcement power. It does have an Official Observer program. These operators do look for improper operation and can document this behavior. They do send out notices of improper operation to ham operators (amateur radio is usually called ham radio). There are no teeth behind this notice. An important part of their role is sending out notices when hams operate particularly well.

Documentation of improper operating can end up being forwarded to the FCC in hopes that they will act on it. It is only the FCC that has actual enforcement power. Many submissions never get acted upon. The ones that seem to get immediate action are if you interfere with another licensed service (interfering with police, emergency medical, aviation, commercial broadcast).

Lack of enforcement by the FCC is a problem. Many field offices have been closed down. Lack of funding is definitely making the problem worse.

ARRL is a great organization. They do provide great training materials for proper operation. They do a lot of lobbying for the Amateur Radio Service. They work to protect the service from band encroachment. They watch for well intentioned but poorly worded legislation that impacts the service. For example: North Carolina has been considering legislation (SB 393) that would ban use of almost any electronic communication device in a vehicle. ARRL is organizing operators in the state to ask their representatives to amend the verbiage to exclude amateur radio. Mobile operation is an important part of the amateur radio service. Banning it would make much of the value that the amateur radio service provides impossible. In addition, amateur radio mobile operation has a stellar safety record.

ARRL cannot enforce, but it can educate and work to influence.

Re:FCC: The inept Paper Tiger....

[beheaderaswp]

The FCC either farms out the enforcement (Amateur Radio is farmed out to the ARRL) or simply makes no enforcement action at all.

ARRL has no enforcement power. It does have an Official Observer program. These operators do look for improper operation and can document this behavior. They do send out notices of improper operation to ham operators (amateur radio is usually called ham radio). There are no teeth behind this notice. An important part of their role is sending out notices when hams operate particularly well.

Documentation of improper operating can end up being forwarded to the FCC in hopes that they will act on it. It is only the FCC that has actual enforcement power. Many submissions never get acted upon. The ones that seem to get immediate action are if you interfere with another licensed service (interfering with police, emergency medical, aviation, commercial broadcast).

Lack of enforcement by the FCC is a problem. Many field offices have been closed down. Lack of funding is definitely making the problem worse.

ARRL is a great organization. They do provide great training materials for proper operation. They do a lot of lobbying for the Amateur Radio Service. They work to protect the service from band encroachment. They watch for well intentioned but poorly worded legislation that impacts the service. For example: North Carolina has been considering legislation (SB 393) that would ban use of almost any electronic communication device in a vehicle. ARRL is organizing operators in the state to ask their representatives to amend the verbiage to exclude amateur radio. Mobile operation is an important part of the amateur radio service. Banning it would make much of the value that the amateur radio service provides impossible. In addition, amateur radio mobile operation has a stellar safety record.

ARRL cannot enforce, but it can educate and work to influence.

What you see in the above post is a mindless defense of an organization which I wasn't criticizing in the first place.

I'm a life member of the ARRL BTW. And still- the FCC has no budget to enforce. And the "Official Observers" send notices to stations who break the rules. That seems pretty "farmed out" to me.

What's next? If the FCC won't do enforcement maybe the ARRL should begin levying fines. It would be better than nothing at all being done.

APU2 is GigE capable, Alix APU is not.

APU2 https://pcengines.ch/apu2c4.ht... is GigE capable with Intel NICs, Alix APU is not. Just be certain to enable HW accel on the NICs, which is off by default.

Get an APU2 for about US$144 (PSU + case + SOC) and be happy the next 10 yrs. It has a low-powered AMD x64 CPU that runs pfsense, *BSD, Linux-whatever nicely. No GPU, serial only text output, so forget the mouse point-n-click stuff.

I never understood all the complaints about power costs. If you avoid the 95+W CPUs and monster GPUs, which is easy these days, power cost really isn't a consideration.

Wait for a crowdfunding campaign

[cloud.pt]

Since companies like to consolidate different markets with the same products with minor flavor changes, I don't see them allowing unlocking when the most important market of all (US) requires it indirectly (by the aforementioned complexity of making specific channel/power output locks instead of flat out firmware lock).

So I believe our best hopes reside in non-US-centric crowdsourced solutions for open routers, compatible with existing solutions or even packaging their own open software solution in the product. Other than that, you can only rely on aftermarket old routers, or hacked/jailbroken stuff that is sure to pop in the wild, and is gonna bring along their own set of problems, namely accidental like software bugs, or intentionally evil like trojans, SMS/MMS auto-senders (in the case of 3g/4g routers), backdoors and spyware of all sorts.

Much like the "right to repair" or DRM to, router lockdown is gonna be a major problem for the average tinkerer that likes his leverage to do what he wants with his property. It's a disadvantage of a capitalist society that puts corporate interest ahead of individual rights, even when these interests are brought forth by the FCC (much like net neutrality is now a good thing for the federal government... who do they think they are fooling with that one).

APU2C4

[nuckfuts]

You can run pfSense on a small platform such as the APU2C4 from PC Engines. It draws 6W to 12W.

I bought a complete kit from here. Quite happy with it.

SSD for APU2C4

[nuckfuts]

I should have mentioned, you'll probably want to add a storage option such as this for the APU2C4.

Archer C7 for OpenWRT

[sidetrack]

I can recommend the Archer C7 - as do some of the LEDE developers https://lwn.net/Articles/714019/

Re:Archer C7 for OpenWRT

[omnichad]

That has to be about the only thing it's good for. The reviews on that device are so bad, I had wondered if it wasn't a hardware problem with the wireless chips.

Re:Archer C7 for OpenWRT

[thejynxed]

Yes, and they all complain about two things: It runs hot, and the wireless portion stops working within 6 months to 1 year of use. It was one of the ones I looked at, and the features it offers at that price range is very nice, but there are just too many people saying it becomes a paperweight too quickly for my liking.

Re: lazy?

[petermgreen]

AIUI

Locking down nothing takes no effort.

Locking out modified firmware takes a little bit of effort. Basically add a signature check to the firmware update mechanisms.

Locking down just the radio settings in question without locking out third party firmware is very difficult. The hardware simply wasn't designed to put a barrier between the router firmware and the radio chips.

Stop audio ads on Slashdot

[MobyDisk]

Slashdot needs to stop the ads with self-playing audio.

Re:Stop audio ads on Slashdot

[thegreatbob]

Would mod up if I knew what ads were.

Buy TP-Link

[user32.ExitWindowsEx]

The FCC *forced* TP-Link to support open firmware as part of a settlement agreement made AFTER these new rules.
https://www.fcc.gov/document/f...

Re:Buy TP-Link

[Bill+Hayden]

Ironically, this could lead to a massive increase in TP-LINK sales.

We used to make fun of TP-LINK as brand a few years ago, but I now own some TP-LINK hardware and have been very happy with it.

Ridiculous

[l0n3s0m3phr34k]

I can easily purchase a 4 watt 2.4ghz or 5ghz amp for under $100, and a "decent" one for under $200. The FCC has to know about these, so it almost seems that locking out open-source WAS one of the goals.

Open Source Router

[Murdoch5]

It's fairly simple, you just make your own open source router and you're off to the races. If you need WiFi, you buy a proper access point, and then you're set.

Re:Open Source Router

[thegreatbob]

pfSense has WiFi-related capabilities (e.g. using a NIC that supports AP mode), but then you're at the mercy of FreeBSD kernel support for device drivers. I'm not really sure how their driver ecosystem stacks up to Linux, so I might actually be arsed to look into that.

Re:Open Source Router

[Murdoch5]

I would buy a proper AP, I really love the stuff from https://www.ubnt.com/unifi/uni...

auto-updating computers with linux, hostap

[Kludge]

I no longer buy wireless routers. I use old laptops or raspberry pis running hostap. I set them to auto-update so I do not have to worry about security vulnerabilities. For additional network ports I use usb devices.
These systems are rock solid.

bullshit

[shentino]

Contrary to what other people say, requiring OEMs to lock down their outputs DOES make the FCC responsible for open source hostile routers.

Almost ever piece of consumer equipment I've seen has had some sort of "part b/15 computing device" thingy sticker on it saying

* This device may not cause harmful interference
* This device must accept any interference recieved

It's not supposed to be the OEM's responsibility what their users do with the devices they pay for. As far as I'm concerned, tampering with the firmware voids the warranty and causes you, not the OEM, to become responsible for any violation of FCC regulations.

This is nothing more than the FCC making them do something they wanted to do anyway, but they didn't want the public backlash from being caught doing it by themselves so they just asked the "big bad feds" to make them do it so they could save face.

Re:bullshit

[guruevi]

Not entirely how the rules are written. If you certify your device for FCC, you basically certify that your system is designed such that your device cannot cause harmful interference and can accept any interference.

Typically this is done by proper antenna design for radiating devices, not in a crappy software hack, because when circumvented it by definition doesn't accept the interference received. Short of actually modifying the antenna and amplifier you should not be able to make the device misbehave.

Answe

[fubarrr]

Mikrotik

Unintended consequences

[John+Allsup]

Sure the difference between murder and manslaughter is one of intent to kill. But in both cases the outcome at hand is death of the victim.

The FTC's requirement may not have intended this effect, but it was forseeable, and avoidable.

FCC self-check

[DanRanger]

Openwrt and dd-wrt have output adjustibility controls. Just download a cellphone app to scan the neighborhood routers with yours and change output level and station to avoid visits from FCC men in black.

Re:try pcengines or routerboard R1

[thegreatbob]

Second for routerboards, they're very nice, and won't usually REQUIRE a 3rd party firmware to be highly functional, though the possibility appears to exist.

Re:Asus WRT

[hierofalcon]

Merlin runs well on them - although it is pretty much a "fedora" version of the corporate software. It frequently has security patches before the mainline version.

Re:try pcengines or routerboard R1

[alantus]

What do you mean exactly with "the possibility appears to exist"?

A dedicated router and access points

[SIGBUS]

IMO, it's far better to get a dedicated box that only does routing (like Ubiquiti or Mikrotik), and use access points for the Wi-Fi. With multiple access points, you can give your house blanket coverage and eliminate dead spots, and if/when a new, faster Wi-Fi standard comes along and you want it, you can just replace the APs instead of an entire all-in-one device.

Not to mention that APs typically look far better than the today's all-in-one monstrosities that look like robotic spiders.

With AT&T equipment?

[thadtheman]

Some I knew recently converted to the service formerly known as UVerse.

There were some interesrting revelations. For a while you could not buy a gateway from them, you had to rent it. Recently they changed it back to you own the gateway, but they now require only AT&T sold gateways. It is almost impossible to get a gateway that does not come with a router. The problem is that anything gained from adding your own custom router to the system is obviated by the fact that there is an AT&T router in between.

Re:With AT&T equipment?

[omnichad]

And the NVG-510 has huge problems. Sometimes causing your Internet to go down and replacing web pages with a router-based error page. At one point you could fix this by getting root, disabling the error and disabling firmware updates - you could even put it in bridge mode. Now, I think it requires a firmware downgrade before the other steps. They blocked the fixes, but haven't done anything about the problem itself.

Buying a supported device

[malachid69]

Your best bet is to start with the site supporting the firmware flavor (DD-WRT, OpenWRT, etc) that you want to run. Their site will be able to tell you which models currently work with their current firmware. When I went to buy my router, they had screenshots of the packaging to help identify between v1 and v2 - which the casual buyer might not have noticed. Support levels on them were different. If the shiny new router mentioned at CES isn't supported yet, you may need to rethink your plan or do a lot more work. The sites usually also include information like how you might have to flash to version 1.1.9 before you can downgrade to 1.1.8 again, etc.

Re:Fools who mess with firmware

[thegreatbob]

I go far, far out of my way to avoid WiFi, especially in congested areas, for this and many other reasons. If transmit powers should be tuned to near-zilch from the factory, and required a modicum of effort to increase, we might actually not be having these problems. There's also this pervasive mentality that wires are ugly and inconvenient; while true in some context, the higher speeds (try touching 500+ gbit/s on consumer wireless devices at 20m+ with an omni antenna) and stability make sticking with ethernet (when remotely possible) a good decision.

Re:Open source solution: infared light

[green1]

Yeah, but the first wall blocks the signal.
Completely impractical in an actual house.

Re:Fools who mess with firmware

[green1]

No one manufacturer dares ship a product with the wireless at anything other than the legal maximum strength. Doing so would put them at a severe competitive disadvantage as clueless users return their product and exchange it for the competitor's one that has longer range.

So while a great idea, it simply won't happen.

What we really need is a combination of a few things.
1) more available wireless channels
2) device manufacturers who actually support all the existing channels.
3) router manufacturers making it harder to use channels that overlap with other channels

Right now there are many brand new devices which don't support the 5GHz band, making people resort to only using the 2.4 GHz band. 2.4 GHz only has 3 channels which don't overlap each other (1, 6, 11) (talking north america here) but people frequently place their routers on other channels. When someone puts a router on channel 3, it interferes with both channel 1, and channel 6, and worse than if they had chosen either of those channels specifically (as routers are designed to work with co-channel interference)
Then you get in to the 5GHz band and find out that many manufacturers don't support the DFS channels (anything below 144) which further limits the options.

Then you put your router in an apartment complex with 500 other routers and wonder why you can't get 1 Gbps through it...

Well, you can always make your own.

[hey!]

Before routers were appliances, they were computers with multiple network cards. If you google "router distro" you'll find plenty of feature-ful choices. You'll have to learn a bunch of stuff like iptables; that doesn't make sense for most people. But if you're the kind of person who's worried about having complete control of your router's operation, it makes sense for you.

Re:Fools who mess with firmware

[omnichad]

The only reason to increase the spread from 20 to 40MHz is if you're reducing the output power and covering the space with more APs.

OpenWRT recommended routers

[tiagosousa]

Grab them while you can. I picked up a TP-Link Archer C7 AC1750 v2.0 (european version) just days ago from ebay. Works with OpenWRT like a charm, does ~150mbits across two walls in 5GHz (faster if closer). This is one example where the latest firmware is locked but there's still hardware with older versions out there. They admit as much themselves:

The EU firmware was specialized for CE certification and can't be downgraded to other version, please click here for choosing your region and selecting the most suitable firmware version to upgrade.

Re:You mean Access Point?

[omnichad]

Not if the AP is built into the router. It's called a router. Just like a smart TV isn't called a set-top box - it's called a TV.

So this means non-5GHz routers should be open?

[emil]

So:

1. 1. Are non-5GHz routers still manufactured?
2. 2. Are they still unlocked?

My cable modem is capped at a speed that easily fits within 802.11g - I don't have/need a 5GHz-capable WiFi router.

I need to keep running Tomato.

Re:So this means non-5GHz routers should be open?

[demonlapin]

IIRC you can downgrade the firmware, so long as the device is old enough that it has a firmware from before the rule change. I have tomato running on two RT-AC66U's configured as AP's.

Re:Cannot be trusted

[Waffle+Iron]

You mean the guy who wants to cut back on regulations because he, unlike you, understands that regulations often have serious unintended consequences?

And what that guy doesn't understand is that likewise, failing to regulate often has serious unintended consequences.

Re:Cannot be trusted

[doctorvo]

And what that guy doesn't understand is that likewise, failing to regulate often has serious unintended consequences.

Like what? Try coming up with some concrete examples where regulation was demonstrably better than all other reasonable alternatives.

gl-inet

[smugfunt]

gl-inet have a nice range of routers that come with openWRT out of the box. Some of them are well supported by Rooter which is a version of openWRT with support for cellular modems.

An easy alternative

[JohnFen]

You can always buy a little brick computer and use it as a router.

But a Pi and make your own

[TheOuterLinux]

http://raspberrypihq.com/how-t...

buy a batch of vocores ?

[KingBenny]

im sure vonger is open to debate if you buy them by the dozen or more :p pricewise i mean ... doesnt get more unlocked than that with about a billion options to lock yourself out :p comes with openwrt installed, can be sown into a jacket on a duracell battery scanning for open networks as you walk the city ... or simply as an mp3 player and i suppose a router too if you really have to