Best router?

Gorion · March 16, 2016, 03:11:13 PM

Quote from: Penfold;411552Nice suggestions but a little complicated for me.

I'm trying to find a simple modem router but with large wi-fi coverage. Someone suggested it needed to be AC so I looked at this. http://www.amazon.co.uk/R8000-100UKS-Nighthawk-X6-AC3200-Processors-Beamforming/dp/B00TDV2IS4/ref=sr_1_1?ie=UTF8&qid=1458135887&sr=8-1&keywords=netgear+nighthawk

But am I right in thinking this isn't a modem so how does one connect to it from the phone socket. I know this makes me sound totally techi-echallenged

Not sure how versed you are, so I'm going very simple.

To oversimplify it, the modem is used to modulate/demodulate signals. To take an example, say you have an ADSL connection with the ISP's wiring being plain old telephone wires. Your NIC uses digital signals (1/0 / Square Waves), and the ISP cabling uses Sine Waves (Analogue). The modem simply forms/alters digital to analogue and vice-versa. A Chinese to English to Chinese translator.

The router is the one doing all the networking tasks.

The nighthawk is a router and AP, so networking tasks + wireless, and thus you need a modem in between the phone socket and the router. You might also have a centralised filter which is a match box sized piece of plastic splitting your phone output to a phone and RJ11 output; which goes into your modem.

Usually ISPs supply you with their own modem, which is generally a modem, router, and AP all packed into a single box. IF that's your case, you need to set that all-in-one box into bridge mode, so all the networking and AP stuff are handled by the router, and the all-in-one only does the modem tasks.

Another solution if you already have an all-in-one box, is to buy some access points and connect them. This way you'll have all the wireless coverage you need without having to go through any hassle. Some minor configurations are required, but it's straightforward.

If something is confusing/not clear/ or need more help in a particular area; ask away. Knowing how you are connected helps a lot. Take a couple of pictures of your current setup, and the ports your devices have.

Penfold · March 17, 2016, 02:32:34 PM

Thanks.

An all-in-one would be easier and cheaper but I'm hopeful splitting it out between a modem and a router would give me best wifi coverage.

Gorion · March 20, 2016, 08:53:03 PM

Quote from: Penfold;411583Thanks.

splitting it out between a modem and a router would give me best wifi coverage.

Not really. Keep in mind that the modem does not provide WiFi. Get an all-in-one, add a good access point, and you're set.

Number of APs needed depend on the size of your house/garden plus wall materials. Considering average UK house sizes, a good all-in-one, or a budget all-in-one plus a single Ubiquiti AP is probably all you need. Might need to check with some brits on how much the WiFi signal is absorbed by UK walls.

BrotherTobious · April 12, 2017, 02:56:23 PM

Spell Casting THREAD RESURRECTION

Ok some my Billion has also gone the way of Blunts any one got any views on new kit out there?

TeaLeaf · April 12, 2017, 03:05:54 PM

I got a spare Billion I could pass on for a few beers if you want?

Billion BiPAC 7800N (vintage 2011 model)

Let me know if you want it.

Penfold · April 12, 2017, 04:01:22 PM

If he doesn't, I will.

Mine sucks.

BrotherTobious · April 13, 2017, 10:41:47 AM

Thanks TL I have managed to move my wireless to my AP and it sorts my house out. So thanks for the offer but I think I am fine for the moment.

TeaLeaf · April 15, 2017, 10:19:48 AM

Glad you got it sorted.

Pen, we can add this router to the agenda for our next chat!

Sent from my Nexus 5 using Tapatalk

Gorion · May 21, 2017, 01:19:38 PM

Finally purchased a RouterBoard 3011UiAS-RM for myself. Quite a bunch of features, however not exactly user friendly.

Unfortunately, UPnP does not work. Have to constantly enable/disable the feature and then perhaps it works for a while.

Port forwarding / NAT doesn't seem to work as it supposed to. The rules I added barely show any traffic on them, with the amounts of packets going through them being strangely low when hosting a server.
For example, a TS3 9987 udp port (voice-server) had a total of 124 bytes after an hour and a half of usage by two persons, which sounds strange to me. Before creating such rule, no one could connect, after creating the rule they managed to connect, and when disabling the rule and asking others to re-connect (for testing purposes), they managed to connect anyhow, which does not make any sense at all. If a rule allowing someone to punch through a firewall is disabled, I expect that someone to be blocked by the firewall, and not manage to connect.

These are they sorts of NAT rules I'm using, which have been recommended as working by users on their forums:

add chain=dstnat action=dst-nat in-interface=pppoe-out1 dst-port=9987 to-addresses=192.168.88.254 to-ports=9987 protocol=udp

There is also an src-nat masquerading the (out interface) pppoe-out1 . This rule is sitting at the top of the NAT list.

192.168.88.254 is the first IP that was handed out automatically by the router to my workstation, which I then reserved via the routers DHCP server. (N/A 192.168.88.0/24 GTW 192.168.88.1)
pppoe-out1 is a virtual interface created by the router itself via quickset, which is probably virtualised on ether1 which is the port which is being fed via the modem. The router is being used to dial a pppoe connection to the ISP which hands out dynamic external IPs; not static.

I tried to use ether1 as the out-interface, however that results in no net access, thus apparently one can't do that when using a pppoe ISP connection.

Perhaps someone with more routing experience can shed some light?

kregoron · May 30, 2017, 11:49:00 AM

Quote from: Gorion;423439Finally purchased a RouterBoard 3011UiAS-RM for myself. Quite a bunch of features, however not exactly user friendly.

Unfortunately, UPnP does not work. Have to constantly enable/disable the feature and then perhaps it works for a while.

Port forwarding / NAT doesn't seem to work as it supposed to. The rules I added barely show any traffic on them, with the amounts of packets going through them being strangely low when hosting a server.
For example, a TS3 9987 udp port (voice-server) had a total of 124 bytes after an hour and a half of usage by two persons, which sounds strange to me. Before creating such rule, no one could connect, after creating the rule they managed to connect, and when disabling the rule and asking others to re-connect (for testing purposes), they managed to connect anyhow, which does not make any sense at all. If a rule allowing someone to punch through a firewall is disabled, I expect that someone to be blocked by the firewall, and not manage to connect.

These are they sorts of NAT rules I'm using, which have been recommended as working by users on their forums:

add chain=dstnat action=dst-nat in-interface=pppoe-out1 dst-port=9987 to-addresses=192.168.88.254 to-ports=9987 protocol=udp

There is also an src-nat masquerading the (out interface) pppoe-out1 . This rule is sitting at the top of the NAT list.

192.168.88.254 is the first IP that was handed out automatically by the router to my workstation, which I then reserved via the routers DHCP server. (N/A 192.168.88.0/24 GTW 192.168.88.1)
pppoe-out1 is a virtual interface created by the router itself via quickset, which is probably virtualised on ether1 which is the port which is being fed via the modem. The router is being used to dial a pppoe connection to the ISP which hands out dynamic external IPs; not static.

I tried to use ether1 as the out-interface, however that results in no net access, thus apparently one can't do that when using a pppoe ISP connection.

Perhaps someone with more routing experience can shed some light?

Upnp should work on the mikrotik boards. (Tho Upnp is notoriously insecure)
https://wiki.mikrotik.com/wiki/Manual:IP/UPnP

If your isp requires PPPoE, it would explain why you can only use the PPPoE out interface. AS the ISP requires the PPPoE connection to be used for datastreams. (PPPoE gives the ISP a lot more control over the costumer)

Could you drop your config here, would make it a tad easier to tshoot

Gorion · May 30, 2017, 12:36:24 PM

[spoiler=conf]# may/30/2017 13:26:32 by RouterOS 6.39.1
# software id = IW3I-6FZ5
#
/interface bridge
add admin-mac=mac auto-mac=no comment=defconf fast-forward=no name=bridge
/interface ethernet
set [ find default-name=ether2 ] name=ether2-master
set [ find default-name=ether3 ] master-port=ether2-master
set [ find default-name=ether4 ] master-port=ether2-master
set [ find default-name=ether5 ] master-port=ether2-master
set [ find default-name=ether6 ] name=ether6-master
set [ find default-name=ether7 ] master-port=ether6-master
set [ find default-name=ether8 ] master-port=ether6-master
set [ find default-name=ether9 ] master-port=ether6-master
set [ find default-name=ether10 ] master-port=ether6-master
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 password="mypassword" use-peer-dns=yes user=user@isp
/ip neighbor discovery
set ether1 discover=no
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp authoritative=after-2sec-delay disabled=no interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2-master
add bridge=bridge comment=defconf interface=ether6-master
add bridge=bridge comment=defconf interface=sfp1
/interface bridge settings
set use-ip-firewall=yes
/interface l2tp-server server
set caller-id-type=ip-address
/ip address
add address=192.168.88.1/24 comment=defconf interface=ether2-master network=192.168.88.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server lease
add address=192.168.88.253 client-id=id mac-address=mac server=defconf
add address=192.168.88.250 client-id=id mac-address=mac server=defconf
add address=192.168.88.251 client-id=id mac-address=mac server=defconf
add address=192.168.88.254 client-id=id mac-address=mac server=defconf
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface=\
ether1
add action=accept chain=input protocol=icmp
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
add action=drop chain=input in-interface=pppoe-out1
/ip firewall nat
add action=dst-nat chain=dstnat comment="" dst-port=443 in-interface=pppoe-out1 protocol=tcp to-addresses=\
192.168.88.254 to-ports=443
add action=dst-nat chain=dstnat comment="" dst-port=10000-19999 in-interface=pppoe-out1 protocol=tcp to-addresses=\
192.168.88.254 to-ports=10000-19999
add action=dst-nat chain=dstnat comment="" dst-port=42210 in-interface=pppoe-out1 protocol=tcp to-addresses=\
192.168.88.254 to-ports=42210
add action=dst-nat chain=dstnat comment="" dst-port=42130 in-interface=pppoe-out1 protocol=tcp to-addresses=\
192.168.88.254 to-ports=42130
add action=dst-nat chain=dstnat comment="" dst-port=42230 in-interface=pppoe-out1 protocol=tcp to-addresses=\
192.168.88.254 to-ports=42230
add action=dst-nat chain=dstnat comment="" dst-port=3659 in-interface=pppoe-out1 protocol=udp to-addresses=\
192.168.88.254 to-ports=3659
add action=dst-nat chain=dstnat comment="" dst-port=10000-19999 in-interface=pppoe-out1 protocol=udp to-addresses=\
192.168.88.254 to-ports=10000-19999
add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=pppoe-out1
add action=dst-nat chain=dstnat comment="TS3" dst-port=9987 in-interface=pppoe-out1 protocol=udp to-addresses=192.168.88.254 to-ports=9987
add action=dst-nat chain=dstnat comment="TS3" dst-port=10011 in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.88.254 to-ports=10011
add action=dst-nat chain=dstnat comment="TS3" dst-port=30033 in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.88.254 to-ports=30033
/ip upnp interfaces
add interface=pppoe-out1 type=external
add interface=bridge type=internal
/lcd
set backlight-timeout=never
/system clock
set time-zone-name=Europe/Malta
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=bridge
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=bridge
/tool traffic-monitor
add interface=ether1 name=tmon1 threshold=0
add interface=ether1 name=tmon2 threshold=0 traffic=received
[/spoiler]

Config attached. Edited out macs and credentials.

Most of the config is the quickset setup. Have been messing around with NAT mostly, since the router is to be used at home.