a companion discussion area for blog.codinghorror.com

Because Everyone (Still) Needs a Router


Isn’t this concept, QoS and network priority for certain types of traffic, more or less exactly the argument that opponents of net neutrality are trying to make?

I get that we’re talking about optimizing it at a local level and not at a vendor / ISP level. But still - the analogy holds, right?


The magic router formula these days is a combination of commodity hardware and open-source SOFTWARE. Wow… if you’re still getting excited about firmware…

you should check out http://www.untangle.com

you can build a much sicker router than you ever imagined…


heres a slightly more fun link showing an install… with some fun music :wink:


I’ve been running an RT-N16 with DD-WRT for a while. It’s a great piece of hardware. Open source firmware tends to take more effort to setup (like running Linux) but once configured it’s far better.

I do have to say that Asus’ stock firmware QoS is really, really good. It’s the best I’ve seen on the consumer routers I’ve used and super simple to setup. In a house with 4+ computers, a few torrents, and other downloads running simultaneously had no impact on web browsing. Everyone got their fair share.


@Matt: Respectfully, the answer is actually “no” to both your questions.

When we speak of Net Neutrality, we’re talking about not prioritizing different services offering the same kind of content; for example, making sure Comcast doesn’t give XFINITY the full pipe while heavily throttling Hulu, or give EA’s Origin a “pardon” on the bandwidth cap but not to Steam.

Net Neutrality is supposed to protect competition; it doesn’t really mean I should be able to fuck up your VoIP call with my Bittorrent seeding.

Besides, that type of QoS doesn’t usually affect the speed negatively; it mainly just reorders the packets by putting the ones that require low latency on front of the queue.

And of course, none of this applies to personal connections. Protecting your freedom as a consumer to freely prioritize (and even outright exclude) certain services - whether that’s done by your router or by just not subscribing to them - is the goal!


Instead of the regular QOS (screenshot) try TCP Vegas, 1:1:3. Hellova’ improvement.


Does anyone have any experience of the Hawking Broadband Booster ( http://hardware.teamxbox.com/articles/xbox/1302/Hawking-Broadband-Booster-Review/p1/ ) instead of using a custom firmware? I’m currently using an Airport Extreme and have no desire to replace it (although I would like to get the QOS benefits mentioned).


By the time you’re spending upwards of $200 on a router, just get a good wifi card and two good network cards, throw them in an older machine, and put pfSense on it. Done.


Another open-source firmware, Gargoyle-router, also has an excellent QoS implementation and adds quotas and really easy-to-use access restriction features. Very handy if your ISP traffic is not unlimited and various family members keep blowing it.

@Anon anon, Gargoyle’s QoS does work for inbound traffic, so you can stop the kid’s downloads from lagging your games (for example!).


Nowadays, Cisco PnP routers for home or small business have QoS implemented already, giving priority to voice and video applications by default. You can even use the GUI to tweak it to your own liking, allowing specific applications to be given higher priority, such as MMORPG’s (Yes, killing Diablo is more important than downloading sappy Korean dramas).

But at the end of the day, a higher end router is still going to allow you to control the traffic shaping, traffic policing, and unless you have a switch which you can configure, you won’t have much control over the network :confused:


@Dave Reid: That’s what I found as well when looking at Tomato distros a while back, it’s reasonably decent stuff but all of it seems to be abandonware or near-abandonware, lots of updates until a certain point and then nothing apart from plaintive queries from users for solutions for problems they’re having.

There are actually some vendors out there who are pretty good with updating firmware. At one end of the scale is Linksys (a.k.a.Cisco), whose firmware is a legacy product the minute the hardware ships, and at the other end are the likes of Draytek, who actively update their firmware for years and years, and who have a high-quality product (unfortunately you also pay a bit of a premium for it).


Rant: To post the above comment, I had to sign in using TypePad. I don’t have a TypePad account, so I tried to register one. Clicking past the commercial accounts that they desperately want to sell you, I got to the free-account registration page. To sign up for that you need a Facebook account. I don’t have a Facebook account, and never will. Another option is OpenID, but I don’t have an OpenID account and the last time I tried to navigate through that kafkaesque nightmare it took me two hours. OK, so I’ll try Wordpress, where I maintain a throwaway account for sites that make me jump through these third-party sign-on hoops. Oh, that’s been suspended without explanation, and the procedure for getting it reset is opaque to say the least. OK, I’ll sign up for a new Wordpress account. Except that I can’t because my email address is already associated with my previous suspended account. OK, so I’ll add a “+blah” modifier to my email address and try signing up again. Except that the mail system here doesn’t know about that and bounces the confirmation email. So I’ll sign up for a throwaway Gmail account and use that to get the conf.email for Wordpress, because I know Gmail handles the “+whatever” correctly. Using my new Gmail account I can sign up for the Wordpress account that I need to post a comment to Coding Horror. When I try that, I get a terse one-line error message “You do not own that identity”.


I’m now about half an hour into trying to post a message to Coding Horror, and the “Horror” part of the name is really starting to sink in. What else can I try here? How about Livejournal? Finally, after more dicking around with email confirmation and captchas and whatnot, I can post a comment.

Jeff, ever considered doing a post about the utter, total braindamage and suckage of proxied authentication systems? There’s no way that any non-geek user could (or would have the OCD) to get past something like this.


The Problem with Tomato is it is no longer being updated. It is two years old and Software not keeping up with Hardware would soon be a problem.

Router is such an important piece of the Internet and yet not a single company has invested enough to produce half a decent routers.

My Buffalo Router would not work with Synlogy DNS or some other function. uPnP doesn’t seems to work. 9/10 router i used would crash once every 3 months for no reason. UI would crash while the router still working, requiring you to restart the router. No option to auto restart the router at specific time to clean up states. QoS never worked much and requires too much user input. USB File Sharing is an half baked option. WAN Speed are never concern of those Company because 99.9% of them are from US and they do not realize there is a World outside which you get cheap internet faster then your WAN Port. Heck even the current economic crisis in Spain they could get 200Mbps Internet for affordable price.

Hopefully with the latest Broadcom SoC based on ARM Cortex A9 software would be much easier to deal with compare to current MIPS solutions. And therefore better Router OS.



“I don’t have an OpenID account and the last time I tried to navigate through that kafkaesque nightmare it took me two hours.”

It seems you have a slight missconception what openid is. There is no one definitve provider you have to navigate through.

You may create a throwaway account on the fly without any registration through services like this http://openid.anonymity.com/ (although some site maintainer may find that rude), completely without the need to click for two hours.

Also, you mention you have a gmail account. Afaik, your google accout allows for OpenID authentification. Just use https://www.google.com/accounts/o8/id as your OpenID-url


@Dave Reid: http://tomatousb.org/forum/t-501331 is all you need to know. I have yet to get it working on my RT-N16, largely because Comcast has yet to provide IPv6 support in my area and seems to be unwilling to allow business class customers in on the trial rollout, but there’s nothing wrong with Toastman-Tomato.



It seems you have a slight missconception what openid is.
There is no one definitve provider you have to navigate through.

And this is a major part of the problem. Unless you know in advance that openid.anonymity.com exists (which I didn’t until about 30 seconds ago, thanks for the info!), you end up having to Google for a provider and trying a whole string of them to find one that actually lets you do what you want.

Another part of the problem is that unless you know exactly how OpenID works and what to expect, you’re in for a truly hellish experience as you try and guess, from a bunch of incomplete, erroneous, and often simply absent, documentation, what it is you’re supposed to be doing. I treated it as a learning exercise and was really trying to make it work, but the closest analogy I have to the resulting experience was that of bringing up an X.25 link in the 1990s. In other words it was one of the most painful IT experiences I’ve ever had, and if I hadn’t been consciously treating it as a learning exercise I’d have given up long before I managed to post about it here.

I wonder how many other users have simply given up when faced with the effort required to post a message here, and to other sites that use proxied sign-on mechanisms?


I have a RT-N16 with Tomato that has been running at home for 2 years now. I just purchased a 2nd RT-N16 about a month ago and I found out the new ASUS firmware (v3) which is WAY MORE better than the v1.0 that shipped with the box. It even has QOS and I would say all of what Tomato supports. It is simpler and sexyier to use than Tomato (for instance in Tomato finding out which eth1,eth0 or whatever is which lan can be difficult).

In fact, I did keep the ASUS v3 firmware on that 2nd device and so far I like it.



Another part of the problem is that unless you know exactly
how OpenID works and what to expect, you’re in for a truly
hellish experience

By sheer luck, i guess, I never had this experience.
I use openid for my own web services, because until now, it seemed easy and elegant to me.

As someone who had to suffer, do you have any suggestions on how to improve the exeprience?


@Dummyacctforsso @Keppla
I never had that problem either, mainly because there’s a dropdown in the login page that tells you you can log in using your facebook, twitter, google etc. accounts


I’ve been using pfSense as a gateway (on a spare x86/x64 machine)… as an open source solution, it’s capabilities (both with or without package support) often exceed commercial implementations.