Hardware

In my previous post, In search of the perfect OpenWrt router, I discussed my potential future router. When I started researching it more thoroughly, I paused purchasing the Brume 2 and tried to think of what would be better.

I looked into the Brume 2 when I began researching a potential change of broadband provider from Virgin Media to a full (synchronous) fibre connection (CityFibre).

With the provider (reseller) that I am currently considering (Toob), a 900/900Mbps connection offered the best value for money (£25 per month with no price increases over the whole contract period). However, to achieve that speed, they need to provide me with the right hardware.

I’ve noticed that most resellers of CityFibre services utilise Linksys devices, particularly the MX4200 in its second version (v2). This model is sometimes branded as the Linksys Velop MX4200 (AX4200) or ISP-branded as the Linksys SPNMX42, which is simply a v2 in disguise. However, Linksys has already discontinued this device.

Recently, I faced an issue with mwan3, a package on OpenWrt routers that is designed to manage multiple internet connections, either for load balancing or a failover.

At work, we have two fibre connections, where the main one is used primarily and the second is online, but only activated when the first goes down – typical failover approach.

First connection (lets call it fibre) is with metric 10 wheras second connection (fibre2) is with metric 20.

For tech guys, first fibre is uncontended with static IP, whereas our backup fibre is contended over PPPoE.

My main policy in mwan3 is fibre_fibre2.

fibre_fibre2 policy contain fibre_m1_w3 (Metric 1, Weight 3) and fibre2_m2_w2 (Metric 2, Weight 2) member.

When fibre is down, the fibre2 takes over and all traffic flows through nicely, almost.

A router with custom firmware (OpenWrt) is a basic device on my home network, but I am also using it in the business environment as a main device, and all works great.

In the past I used DD-WRT on my routers. Despite that their project is still ongoing, I found it lacking behind current needs.

OpenWrt use strictly depends on the device – router, that I am using. I always choose a device that will work for me and it will not bend under spikes of load.

Recently, I have been required to find a method of manually rebooting user phones on the company network. From time to time, once they are up and running, we discover that some features are causing problems. Sometimes we cannot transfer calls, or we do not hear the person we are talking with. The causes may be numerous, but most of the time, a simple reboot of the phone solves the issues.

The problem with rebooting user phones is that the computers they are using are connected to the internet using LAN cables (for stability). The network cable is connected directly to the phone socket and then goes from the phone to the user’s computer. This saves the need for using two LAN cables; however, once the phone is restarted, the built-in switch is also restarted, hence the network connection is interrupted.

We have some apps that, when they lose network connections, will lock users and require additional action to unlock them. Hence, it is not ideal to restart the phones throughout the day.

As I checked the phones and settings, I struggled to find a simple scheduler to perform the task of restarting phones overnight, so I needed to find a different way.

Cloudflare, let’s be honest, is an incredibly generous organization, offering a range of services that we rarely have to pay for. Individuals, families, small or medium-sized businesses can use their technology without having to spend money unless they need to.

Among the range of services, DNS servers (1.1.1.1) and DNS encryption service deserve recognition. In combination with their software available on a range of platforms, not only can we speed up our internet surfing, but we can also increase our security.

OpenWrt on the other hand is an incredible software designed to increase the security of our network device, which is the router, and also adds the ability to expand the capabilities of our hardware.

By combining Cloudflare with OpenWrt software and an additional software package, we can introduce Secure DNS to our network, which I wrote about some time ago.

Moreover, when we need to access our local network resources from anywhere in the world, we can use the Cloudflare Zero Trust service by creating a secure tunnel.

Zero Trust, offered as part of our Cloudflare account (and in the free version), is not just a “VPN” tunnel. Zero Trust also offers a number of other options. One of them is the ability to create “your own” secure DNS server.

If you follow my website and posts related to OpenWrt you have probably come across my post about installing a VPN server on an OpenWrt router using WireGuard.

WireGuard is one of the fastest protocols available for creating a VPN connection. Thanks to it, from the Internet, we can easily connect to our network and use it, either for local purposes (access to a printer or network drive) or to limit regional restrictions. Being outside the country, I can connect to my router at any time and my device will appear on the Internet as if it were where the router is, i.e. in the UK.

Do you encounter a problem that your router slows down from time to time? Websites that usually open very quickly suddenly slow down. It’s not always your internet connection’s fault. Sometimes the fault lies with the router.

Have you ever struggled to measure the true speed of your internet?

Each router is different, and additionally, WiFi wireless networks come in different standards, on different frequencies and offering different speeds depending on external factors.

If our computer has a card that only supports 2.4GHz at a speed of 54Mbps, we can have 100, 200 or more Mbps, and we will not go faster than 54Mbps.

Some 2.4GHz networks can even offer 300Mbps. In the case of 5GHz and speeds go up significantly. This does not mean that we are always able to achieve the offered speed.

If we have 3 devices that actively use the WiFi network, the network capacity, i.e. the maximum speeds we can achieve, is also divided by three.

Therefore, to properly measure the internet speed, you would need to connect directly, preferably by cable, to the router and be the only user for whom the entire bandwidth would be available.

If you have a router with OpenWrt software, you can measure the connection speed directly from the router, bypassing all users.

My OpenWrt adventures began with the ASUS RT-AC56U router. It was a fairly good, cheap router with a dual-core Broadcom BCM4708A0 processor clocked at 800MHz. It also had 128MB of flash memory and 256MB of RAM.

Appetite grows with eating, as the saying goes.

While I didn’t complain about the processor, I quickly ran out of space for more of these applications. So I decided to replace it with a Linksys WRT3200ACM, which I later changed to a Linksys WRT32x.

WRT3200ACM (WRT32x) is a very solid machine, we still use this type of router at work. While I was pleased with its performance, the WiFi network did not work out very well.

The signal strength left much to be desired, and cooperation with other routers or access points was not without problems. All because of the wireless chip from Marvell used in it.

Additionally, the lack of support for DFS channels in WiFi in the 5GHz frequency further limited its use. Also, forget about WPA3 encryption introduced by default in the OpenWrt 21.02 series (WPA3 can be turned on, but WiFi and the entire router quickly stop working).

In my search for a better router, I came across the Linksys MR8300. It had 3 Qualcomm Atheros radios. One was for the 2.4GHz frequency and the other two for 5GHz, the first for channels up to 60 and the second for above 100 (with DFS support).

While the router performed well, it was clear to see that it was much slower, especially when installing software.

Recently I decided to connect an UPS (uninterruptible power supply) at work to one of the devices that runs 24 hours a day. The UPS that we currently have is the APC Back-UPS 1400 (Back-UPS XS 1400U), in addition to the ability to connect up to 6 devices, allows you to monitor the status of the device using the PowerChute software via USB port.

The problem is that this software is not compatible with the server we use, since it is available in a version for personal use (Personal Edition).

So I decided to use one free port (we use another one for additional internet connection using a 4G router) to connect a UPS to it to monitor its status (this device does not have a display apart from two diodes). If we can do something more, it would be even better, but it all depends on what can be achieved using OpenWrt.