/rg/ - Router general

pfsense now fuck off with these overly repetitive threads

>threads

This running pfsense. Then get some ubiquit AP for wireless and some switch capable of VLAN tagging.

Why the fuck does a router have audio ports?

cause it a NUC with more Ethernet ports,upgradable ram to be able to run pfsens

this

that's not a nuc, that's a shitty, shitty inefficient non-free mini computer that's not open source and it does not respect your freedoms

It is more of a computer that can be used as a router.
Was thinking of buying one of these for fun / intercepting traffic of people who are at my house. Need to still wire up my house with CAT 6 though so I should probably do that first.

you can install any os on it thus is can respect your freedoms

I fell for the mikro. It is not entry level. You will be swimming in network config shit you didn't know existed. Gave up after about 6 months and bought a fancy Asus. No ragrets.

It is entry into the world of enterprise.

which mikro did you get?

It's an embedded fanless computer platform allowing various hardware configurations like DIN-rail mounting, 4 GB Ethernet ports, LTE and so on. It only draws around 4-10W. I choose to get the version with 3 extra Ethernet ports and installed pfsense on it. Works great to forward IPTV and IP telephony while securing my network.

The alternative is to use my ISP provided router (if I want that IPTV and telephony) that they have remote backdoor access to.

It's actually running a AMD A10 Micro-6700T SoC.

Why do you care? You are browsing Sup Forums on a hardware device that don't fully respect your freedums. Because face it you don't have access to the CPU's microcode.

Anyone here run an OpenVPN server on a hEX? I heard it support hardware accelerated encryption so I was wondering about performance.

what is the best non-NSA botnet router with ac wifi and gigabit ports? does one even exist?

>Find awesome router for $25 clearance at Wal-mart
>complicated hocus pocus needed to flash it

anything LEDE

Just install OpenWRT?

most US manufactured routers still have hardware backdoors though. would openwrt fix that to any degree?

Enough with that "but muh microcode is closed source" shit.
We have yet to see any of those 3 letters agencies (or anyone else for that matter) exploiting shit using a backdoor hidden in the CPU microcode.
This argument can be extended for a lot of more shit like the GSM component of modern smartphones, proprierary drivers, etc.

Post source or fucking kill yourself faggot.

it was part of the snowden leaks. im not going your google search for you faget

Dirty cow affects 99% of routers currently and there are probably more unpublished exploits.

Those people working at NSA got a man on the moon 40 years ago while the average Sup Forums poster (you) wouldn't have any ideas where to start even if you have all the resources in the world. I wouldn't rule out backdoors.

Question Sup Forums :
I'm living with normies that are fucking up the connection with their fucking streams and I have to use the router/box/garbage-device that my ISP is giving us.
Would getting a router connected to this thing help handling packets better and limiting their wifi connection ?

Post source faggot.
Snowden leaks showed that NSA intercepted Cisco shipments and flashed backdoored firmwares on their routers/switch.
That's a very different things than what you are saying.

That's not an hardware backdoor faggot.
I am asking you to provide sauce on backdoors implemented at hardware level, not some bug in the linux kernel or whatnot.

>Those people working at NSA got a man on the moon 40 years ago
10/10

They wouldn't be backdoors if you know there were backdoors. Cut the bullshit questions for a second, it sounds like you're more interested in being "right" than about the actual topic.

You complained about muh freedums. You are a hypocrite because if you were a true believer you wouldn't be able to use any modern computing appliance. I'm quite happy with the device I bought because it allows serial console access to both bios and pfsense.

I am stating facts while you are spewing shit not even the most paranoid thinfoil hat would even consider possible.
I will repeat it for you: there is not a single evidence of hardware backdoors actually being used to exploit shit.
The faggot at the FBI even had trouble cracking the encryption of a stone age old iphone they had in their own hands.
You are saying that those very same faggots that can't crack a phone actually use backdoors implanted in CPU microcode to exploit shit remotely.
Top fucking kek.

The post you just quoted is my first post in this thread.

>complicated hocus pocus needed to flash it

It is usually easy though.

Who else /N66UwithMerlin/ here?

yes

So people can go to the moon but not hide a backdoor inside a cpu and execute it remotely?

People can make cpus but can't put a backdoor on it for remote execution?

>The post you just quoted is my first post in this thread.
Then why did you reply and why did you spout some other irrelevant nonsense? The person I replied to is a typical libreboot troll. You just butt in being the typical unwanted psyop third wheel doing damage control.

>how to let everyone know you're autistic: the post

dd-wrt.com/phpBB2/viewtopic.php?p=1024718

>You are saying that those very same faggots that can't crack a phone actually use backdoors implanted in CPU microcode to exploit shit remotely.
But they did. That encryption they broke on the iPhone through other means when apple didn't comply was just that.

With the difference that we actually have proofs that someone actually went to the moon.

I replied because I had 30 minutes to waste and the bullshit you wrote was hilarious.

Good argument, checkmate faggot.

Or most likely they were able to exploit some software bug in the turd that ios is.

Same here.

My Arris router/modem combo sucks by Sup Forums standards but the wifi covers my whole house and I run my desktop PC wired anyway and get my full speed from ISP. Really cannot justify spending $100+ on some fancy equipment for practically zero improvement. I haven't speed tested wifi, but I can stream porn while on the shitter no problem.

What exactly should I be looking for in a router? Furthermore, how would I go about learning the ins and outs of setting up a router, software wise?

>I replied because I had 30 minutes to waste and the bullshit you wrote was hilarious.
Do enlighten me what was so hilarious and false. The ISP do have a backdoor to the router which is implemented as a root account that I can't disable or change the password for. It's not a secret that they have it. They use it to provide remote support that I don't want. They also promise they don't use it for nerfarious reasons. The very though of a second root account on my router with login details stored in a central database scares me.

And for the freedum part it's true that you and the libreboot troll browses Sup Forums on a device that doesn't respect your freedums. To respect your freedums you need to be able to flash your own microcode to the CPU.

first do you realize router does not equal wifi

what's a good modem? Dad said comcast keeps calling him and telling him ours won't work come 2017 (it's DOCSIS 2.0)

Do not need a modem with built in router or whatever

Completely

i got an 1811 for 5 bucks at my local goodwill.
pic not mine

Is there a Sup Forums-recommended cheap decent ADSL modem/router/AP combo device?

I know all you autists who just got their CCNA and think they're big networking boys now will cry anathema about combo devices, but fuck you. I don't care.

>Or most likely they were able to exploit some software bug in the turd that ios is.
Then why ask applel in the first place? I see the following scenarios to access the encryption keys:

1. They shaved off the plastic on TPM chip or whatever apple uses and used an electron microscope to extract the encryption keys. Why no one never should trust TPM like solutions. Intel's management engine is particularly fishy.

2. They used a hardware backdoor to extract the encryption keys or unlock the phone

3. They used one of the NSA programs to force Apple's hand by having them hand over backup encryption keys and access to iCloud. This allowed Apple to save face by still cooperating with a three letter agency.

I agree with you that having remote shell for the ISP to fiddle with every customer's router is a huge security risk.
The solution to that problem is fairly trivial tho: attach a second router you own and put it in DMZ.
Now even if your ISP/NSA/whoever the fuck implant some shit into the software backdoored router they still can't see anything more than what they alredy had.
Even in that case we are still talking of software backdoor, I repeat it for you: software, not hardware.

well then we can't recommend you a device, because none of them are good. Go do what you will, since you don't care. Actually, if you know what we're going to say, reject that answer, and say you don't care, why did you even ask?

Get 3.0 then comcast modem has hidden said to share you connection with other ransoms

5 bucks ???? god damn where do you live?

hawaii. it's a pain in the ass to ship shit on ebay from here.

it's not that good, it only has fastether ports.

Yeah I was gonna grab him one at Wal-Mart next time I was there, but didn't know if buying more expensive ones was worth it or not, or if there's some great one that's like the WRT54g of modems

Combo sucks you got one shit low power CPU doing multiple tasks.

Get a decent. Ap if you want more WiFi range

U need to see the channel amount

thanks, I'll get the one with the moast channels

>I agree with you that having remote shell for the ISP to fiddle with every customer's router is a huge security risk.
>The solution to that problem is fairly trivial tho: attach a second router you own and put it in DMZ.
Or I just roll my own pfsense box and do the trivial VLAN splitting for IPTV and telephony. It also allows me to route my IPTV to my cabin over VPN when I go there for relaxing (another fiber provider). Which shouldn't be possible according to my ISP since it's locked to them. Well jokes on them it works fine.

I also run other things in jails like sftp server, sabnzb and file server. Tell me an off the shelf router that can do that.

>Now even if your ISP/NSA/whoever the fuck implant some shit into the software backdoored router they still can't see anything more than what they alredy had.
>Even in that case we are still talking of software backdoor, I repeat it for you: software, not hardware.
Are you fucking retarded? I have not talked about any fucking CPU hardware backdoor you fucking cockmongler. My very concern in the first place was that ISP have potential full access to my private network. And in extension anyone that have access through some means to their login database.

I could be a little retard like you and buy a second router to fix the issue. Or I could just be smarter than you and eliminate something I don't need.

my isp guy told me if i want to get 300mbps i need a modem with 16x4 channel bonding, i can get 100mbps fine with 8x4 tho

power on the fucking front???

>10/100
fucking trash m8 please don't tell me your internet is actually slower than 100Mbit because that's just even more pathetic

My merlin router is connected to a public WiFi and I have a VPN set up to encrypt the connection. The problem is that sometimes the VPN fails to resolve the address and fails to connect.

What I've observed is:
-udp vpn connections gets dropped after a while. Loading Google (with the VPN connected) has a delay.

-tcp vpn connections definitely stays up longer. There's a delay as well.

-connecting to a proxy causes the connection to be ultra fast and flawless

-the vpn doesn't drop if I connect to a proxy beforehand, udp or tcp

The ideal scenario would be to set my router to connect to a https proxy THEN connect to the vpn. But I don't know how.

Anyone know what technology might be causing this? Some sort of deep packet inspection or intelligent packet dropping or something?

been thinking of getting a ubiquiti router and long range AC AP. Wondering how many of the AP's I need to cover a 3000sqft two story house with basement.

...

>been thinking of getting a ubiquiti router and long range AC AP.
Not a bad choice but I've seen some complaints that the throughput is quite bad. If you only have 100Mbit connection that won't be a problem though.

>Wondering how many of the AP's I need to cover a 3000sqft two story house with basement.
Depends on how many walls there are. I'd say the minimum is one per floor. Also remember that you need the ubiquiti software to run at all time for the APs because I don't think the router runs it. You can solve it cheaply with a rpi3 though.

>$5

You electricity bill will be $5/hr m8.

>"""Router"""
>is actually a modem, router, ethernet switch, wireless access point, firewall, voip server and NAS

Got a TP-Link with Gargoyle

Works fine

crisco fags will defend this

my ubiquity AP has been randomly disconnecting recently (green LED flashes off momentarily)

wonder what it could be (cable, poe injector, the port, something else?)

Can't you just throw pfsense on any shitbox with a good NIC card? What the point of getting all these specialized boxes?

even if it was that's no excuse to use 10/100 for local activity

Try turning of activity monitor or try turning off band-steering. Upgrade firmware if possible.

Thank you. Will try all this. Hopefully it's not hardware

I'd plug in my ethernet and packet storm her internet box, if you know what I mean

I like the design of this,
but after reading about it, it supposedly runs VERY hot.

Also, AMD. Ugh.

Not cheap either. $330ish + RAM and storage. At least it ships with a power supply.

One question I have which I couldn't verify is if it has AES-NI instruction set?

Are there any advantages to VLANs in SOHO environments? Like what would be a typical practical example of VLAN use

> Required upgrade for ISP
> Doesn't let you forward ports at all.

?
last time I used cuntcast you could use your own router with their shitty modem running in bridged mode? Have they even started restricting that?

>Are there any advantages to VLANs in SOHO environments?
guest network

that makes sense. I didn't think about this because my AP handles it from the frontend.

Their modem acts as a gateway, a modem and router. And even though you are given the option to open ports, they aren't actually open.

you can also use it for printers, or internet of things.

Don't want appliance shit getting comprimised and then fucking with the production network.

I have comcast and I don't have any of their shit at all. Sure they tried to get me to pay eight bucks a month to rent some piece of trash from them, but I told them no and said I already had one of the supported cable modems and my own router. They post a list of said modems on their website.

Put it in bridge mode and connect it to a proper router then. It should still let you do that.

what is the point of routers with 300mb/s wifi and only 100mb ethernet ports?

What brand is this? I thought about making a pfsense box with an AMD 5350+ intel nic. $45 for cpu, $50 for mitx board, $40 for psu, $40 ish for used intel nic. I have ram and a case already.

Marketing with big numbers duh.

It also won't reach 300 mbit even under lab conditions, but don't tell that anyone.

>Their modem acts as a gateway, a modem and router
Yes I know. that's the default function =

you used to be able to bridge the all-in-one and disable all routing function (I had this done) that way it only acts as a modem

Then you control the routing and ports

Not sure if they disabled this feature. Knowing cuntcast they probably did. I dropped them like a cancer when they started threatening caps. Switched to a smaller ISP with a cheaper price and better speed

should i use dd-wrt, tomato, gargoyle, or something else for my router os

Another good point. I'm going to do this with all the less trusted garbage on my network like the network printer
Thanks

Why not get a hardware that can do all three functions together?

FreeBSD