TIPS What's a good router for PIAF?

[jrglass]

It is a cable modem and a router all in one!

Thanks,

Jeff

 

[jmcman]

I'll add IPFire to the list again! ipfire.org

 

[simonmason]

I just read through this thread and had some questions. I am using Verizon FIOS at home - comes with a crippled Actiontech router. I have been experiencing issues with call quality recently - lots of kids in the house using various tablets and streaming lots of movies, etc. I have gone through the documentation on the router, attempted to enable QoS but mostly I have just cut my throughput significantly and not improved the call quality much. So I thought it best to add a simple managed switch or equivalent after the router then feed my whole network off this. Any recommendations for a reasonably priced unit that will allow me to setup QoS so the PIAF server gets the bandwidth it deserves? Thanks.

 

[jmcman]

I just read through this thread and had some questions. I am using Verizon FIOS at home - comes with a crippled Actiontech router. I have been experiencing issues with call quality recently - lots of kids in the house using various tablets and streaming lots of movies, etc. I have gone through the documentation on the router, attempted to enable QoS but mostly I have just cut my throughput significantly and not improved the call quality much. So I thought it best to add a simple managed switch or equivalent after the router then feed my whole network off this. Any recommendations for a reasonably priced unit that will allow me to setup QoS so the PIAF server gets the bandwidth it deserves? Thanks.

IPFire has the best QoS setup right out of the box. It's compiled with CoDel to combat bufferbloat, which helps immensely.

All you need is an older, spare PC with two network cards and a hard drive to get it running. Setup is a 15-minute thing and the QoS classes are preset, all you do is enter your uplink and downlink speed.

 

[briankelly63]

Depends what you want to do. If you are a serious enthusiast I think you will outgrow a consumer grade router. The normal progression is often consumer grade -> consumer grade with custom firmware and then a full fledged firewall router (I run Pfsense) that will give you the most flexibility and will probably teach you a lot about routers and firewalls in the process. You can check out YouTube for videos that show you some of the various packages out there. Some are easier then others but all of them take some time to learn. It really becomes a new area that you can gain expertise on. Some are easier to set up but you don't want to be dealing with a "black box" situation where you don't know what its doing. Check out some of the forums that support the various products see how they strike you. I'm not an expert at comparing them but I'd look at several things:

Are they "lightweight" in terms of code and speed or are they huge, bloated and slow unless your running it on a new PC.
How mature is the product, being updated ?
Free or Buy?
Open or closed?
Add-ons available, open to third parties?
Large user community?

Have fun, its a big step going from a consumer grade appliance to one of these setups but all in all I think its worth it. It takes about a week (or two long days) to really feel like you understand how the software is organized and how capable it is...

They allow you to do and understand things in a way that you never have before.

I had a 655 at home just like you had and it served me well for a good long time. Ultimately it started to look like a puny solution as my PIAF, SIP, Email and Web environment grew and got more complicated

 

[TwigsUSAN]

You can possibly eliminate the FIOS router. Once the connection was activated I have unplugged the Ethernet connection and plugged it right into a firewall. Of course the locations didn't have TV or telephone.

 

[tallship]

I am using Verizon FIOS at home - comes with a crippled Actiontech router. I have been experiencing issues with call quality recently

That's not surprising. Those things are junk. Most CPE items are.

I'm a verizon FiOS customer too. It's prolly the best service around w/o going with a local WISP for a dedicated PtP Internet connection, but 45Mbps will cost you about 5 times what your FiOS connection does, and doesn't come with HBO or Showtime

We have Verizon replace our router every 8 or 9 mos here. Those things just burn up. Between the front house, in which is apartmentalized w/11 or 12 residents, at least as many phones, tablets, and iPads, and ten or so PCs, and my house in the back where I work from, operate 6 PBX systems and a couple of mail/webservers, some tunnels, etc., you get the idea...

Anyway, the first thing I would suggest is doing a remote reboot when things get bad - this shouldn't affect anyone watching TV or recording on their DVRs. Do this only when you start experiencing problems and see if that fixes things. If it begins happening more often, call Verizon and tell them to ship you another one for free because yours is beginning to fail.

- lots of kids in the house using various tablets and streaming lots of movies, etc. I have gone through the documentation on the router, attempted to enable QoS but mostly I have just cut my throughput significantly and not improved the call quality much. So I thought it best to add a simple managed switch or equivalent after the router then feed my whole network off this. Any recommendations for a reasonably priced unit that will allow me to setup QoS so the PIAF server gets the bandwidth it deserves? Thanks.

The so-called QoS on those things is just that, "so-called". There's no traffic queueing, or shaping of anykind (but there is a nice little feature you can use to block devices w/DHCP reservations to enforce bedtimes lol).

I don't know why you don't simply install a pfSense firewall like everyone in this thread lauded. That would be the first thing I would do on any network - install a firewall (Your Actiontech does not suffice). You can install it as a DMZ device and simply use one single port on the Actiontech, running everything in your household through your pfSense firewall, or use it in transparent bridged mode.

Either way, you will plug your switch into the pfSense firewall and plug all of your household devices into that.

There's an excellent video on configuring your traffic queues, and the gotchas you might not immediately know to watch out for. That video is located HERE
Another good video on QoS and traffic shaping with a bit of background on general items you're sure to be interested in is HERE

Of course, you will also completely disable the 802.11x WiFi on your Actiontech, pick up a half way decent wireless NIC for your pfSense firewall, which has fantastic support for WiFi, BTW.

Any old GigE or FastEthernet swtich should suffice in accommodating the devices on your home network after that.

But since you asked about a switch to do all of this instead, I recommend the Cisco SRW2016-K9-NA layer 3 switch. I install a lot of these in SOHO's and they work excellent for home networks, as well as small office applications. They're quite inexpensive too. I actually use these as a switch in front of pfSense firewalls.

This will, indeed, resolve only half of your problem. You still need to disable the WiFi on the action tech and you'll need to invest in a good WiFi router to plug into the switch. I recommend the Buffalo WZR-600DHP. This is also an excellent solution when combined with pfSense instead of having to install a wireless NIC in the firewall.

Because the Buffalo uses the Atheros AR7161, so you're not likely to experience DHCP issues with UNIX machines (Like your PIAF box or Androids). Beware of junk routers that you can find them all day long at BestBuy and Staples.

I hope that helps

Kindest regards,

.

 

[simonmason]

Thanks for the advice. I do have the wifi disabled on the verizon router and I have two wireless access points installed in the house - one for the kids and one for the adults!

I am going to look into pfsense. The only thing I don't like about this is the energy required to keep a PC running constantly vs. a unit like the Cisco. But I think I might take an old PC and play around with this first to see how it works.

 

[TwigsUSAN]

You can find power efficient machines to run Pfsense on.

 

[rjaiswal]

You can possibly eliminate the FIOS router. Once the connection was activated I have unplugged the Ethernet connection and plugged it right into a firewall. Of course the locations didn't have TV or telephone.

You need to call verizon and have them move the Internet service off of the coax port, and turn on the Ethernet port. If you have any fios cable boxes, you need the router. The boxes use MoCA for guide data. You need to put the verizon router into bridge mode, and hook it up to your new router.

I do this all the time for residential customers. The wireless on the verizon routers suck. I usually replace it with an apple airport and use airport expresses to extend when necessary.

 

[rjaiswal]

Thanks for the advice. I do have the wifi disabled on the verizon router and I have two wireless access points installed in the house - one for the kids and one for the adults!

I am going to look into pfsense. The only thing I don't like about this is the energy required to keep a PC running constantly vs. a unit like the Cisco. But I think I might take an old PC and play around with this first to see how it works.

Look on newegg for Habey mini computers. They use like 12w of power. And you can find one with dual wan ports.

 

[dhatz]

I agree with most of what you wrote, except this:

Of course, you will also completely disable the 802.11x WiFi on your Actiontech, pick up a half way decent wireless NIC for your pfSense firewall, which has fantastic support for WiFi, BTW.

Even in its latest pre-release v2.1-RC snapshots, pfSense (based on FreeBSD 8.3) doesn't offer a very good support for WiFi, so one would be advised to use an external AP.

 

[simonmason]

I am using separate wifi AP's - two of them. I am also using Verizon for TV so I cannot bypass the router (I don't think). I took the plunge and downloaded pfsense.

 

[rjaiswal]

I am using separate wifi AP's - two of them. I am also using Verizon for TV so I cannot bypass the router (I don't think). I took the plunge and downloaded pfsense.

You can replace the verizon router. You still need it for guide data and on demand. Log into it, and disable the dhcp and NAT. Then plug it into your new router, using one if the LAN ports, not the wan port.

 

[rjaiswal]

You can replace the verizon router. You still need it for guide data and on demand. Log into it, and disable the dhcp and NAT. Then plug it into your new router, using one if the LAN ports, not the wan port.

Also, you need to assign a static ip to the actiontec. So you can manage it in the future.

 

[simonmason]

I started playing with this. You are right, it will take some time to get it working. I have read that I can have Verizon turn on the Ethernet port from my main unit outside and bypass the Actiontec router (it then needs only to be plugged into the LAN for the TV functions to work). I will work towards that in the future. A weird thing happened while I was playing with it. The pfsense unit will only get an IP from Verizon if it is plugged into a switch that is plugged into the Actiontec router. If I plug the pfsense unit directly into the Actiontec (LAN ports) it will not obtain an IP. I will have to play with this a lot more - plus I need to buy another switch to allow me to move things over to the new unit in phases.

 

[rjaiswal]

Can you manually set the speed and duplex on the pfsense nic? That might be the issue.

 

[magna.vis]

My old FiOS box let me set it up in a bridge mode where it still allowed the boxes to work correctly but I was able to use my router. The Verizon box acted as a glorified modem. Check this link: http://www.verizon.com/support/resi...ed/networking/setup/actiontec704wg/123754.htm

This might be much easier for you. I would use an off-the-shelf router with it if you have one, just to test. Most routers these days work fine if you don't need the fancy toys. If you need a little bit more power, I love hacking the E3000's with TomatoUSB. I've used DD-WRT as well, and prefer Tomato. I run my house and all my devices inside with an E4200 running TomatoUSB and a secondary AP that's an E3000 running the same. All the fancy stuff most people mention, and there are several builds with different implementations of QoS. I'm running Toastman's build, and the QoS is excellent. I have low upload (5 Mbps), and VoIP quality used to suffer when I was surfing or if the wife was youtubing/torrenting. Supports static DHCP (many people here prefer that, including myself), and depending on what you would like to do, there are builds with DLNA Media servers built in, VLAN support, USB Support, etc. For a cheap, sub $100 router (the E3000 referb can be had for a cool $50 if memory serves) I don't think they can be beat. Much smaller learning curve than pfSense (I run several of these for our datacenters and for clients) and other open UTM distros I've tested.

 

[magna.vis]

Cable modem really shouldn't matter unless it's your DHCP server and router too.

I figured while I was doing my drive by, I should add a bit to this. While I traditionally agree with this statement, my experience has taught me not to count out these devices entirely. I had an Ubee modem/router leased to me from TWC (or Road Runner, as the internet component is known as) as a part of my subscription. I have their second fastest subscription, because it's the cheapest that comes with the 5 Mbps upload (I'm East coast, NC), something I need to work from home with. I had nothing but problems after moving in and spent an incredible amount of time troubleshooting with Time Warner to resolve the issue. Eventually I set the Ubee into bridge mode and most of the problems went away. I was planning on running it in bridged mode anyway, so this wasn't a big deal. I was still getting longer round trip times than I thought was acceptable though, and eventually replaced the Ubee with a SB6141. This resolved the remaining issues.

The long of the short of it is to not discount these devices when troubleshooting network issues. They are much more than media converters. They are provisioned by the ISP, and are the devices that limit your bandwidth to your subscribed package (this is not done on the back end, as many people assume. Your modem downloads a profile using t*f*t*p from the ISP that has settings for max bandwidth allowed, etc). They run t*f*t*p clients, and lot of other stuff that can go wrong. I was a very active member at sbhacker.net back in the heyday of DOCSIS 2 hacking, and I can promise you that these devices can and do have issues, and you can't trust your ISP to give it to you straight when they do. I highly recommend the SB6141, and as far as I’m aware, it works (ie, it can be provisioned) on any coax ISP in the states, and many that leverage EuroDOCSIS overseas. Buying one of these for DOCSIS 3 will be like buying the 5101 when DOCSIS 2 was in the final stages of rollout. It will last you several years, and supports the highest theoretical throughput of the DOCSIS 3 standard (8 downstream channels and 4 upstream channels. No ISP currently supports the full feature set of this modem) as well as IPv6. It’s a good long term investment and will ultimately save you money on modem rentals.

 

[nightstryke]

Know this is an old post, but I'm kinda different, I just use a tri-core pc I had lying around with two pci-e gigabit cards in it as my router. It's rather easy to do and setup with Untangle. Unlike the old crap routers I had before from every other company, You can set almost an infinite number of port forwards as you like. Which is primarily the reason I had started using it in the first place.

Though if you're not up to setting up an old pc or one you're not using as a router. I would suggest getting a compatible router and installing DD-WRT on it, did that for a router I got for 10 bucks and set it up as an access point only.