One Hot Tomato (#noapple)

I had started to notice that my home wi-fi performance seemed to be degrading. I use an Apple Airport Extreme and I’m not sure if it is just the new proliferation of Android and Linux devices in my house or if something else is going on, but I was seeing a lot of network drops and slow connections when wireless.

I figured I could continue on my #noapple quest and get rid of yet another Apple product if I decided to replace the router. I knew that whatever I purchased I wanted the option of loading FOSS firmware, so I did a little research and came across the DD-WRT and the Tomato projects (I’m sure there are others, these just seemed to be the most popular).

There was a pretty high profile case a few years back when it was realized that the base operating system of Linksys routers was Linux, and due to the diligence of the Software Freedom Law Center and others, device vendors using Linux had to be more transparent about it. The name of the DD-WRT project came, in part, from the Linksys WRT54G router that was the main focus of these early alternative firmware versions.

My requirements for a new router were that it had to support both 2.4 GHz and 5 GHz, it had to support SNMP (‘natch) and I wanted to be able to host a guest network. I live out on a farm and often I have people visit who want to access the Internet. Rather than give them the password to my network, the Extreme allowed you to create a “guest” network that had no local access but could connect to the Internet over wi-fi.

I settled on the Linksys E4200 and ordered it from Amazon. When it arrived I started playing with the stock firmware and found another feature that I quite liked: a built in UPnP server. This allows you to connect a hard drive to the router and then serve media content such as music and videos to devices that can access UPnP media servers (such as my TV and the PS3).

I didn’t like the way Linksys implemented the guest network, however. Unlike the Extreme, where it was just a separate SSID that you could leave open, this required a password, and you had to connect to a web page and authenticate first. I believe this was a feature brought in from legacy Cisco gear, but I didn’t care for it. Still, I figured that as little as that feature got used I could live with it.

No, the show stopper for me was the lack of SNMP support. For some reason modern consumer-grade routers just don’t support it. But, not to worry, I could load in an alternative firmware.

Or so I thought.

I had decided to use Shibby’s Tomato firmware since I really liked the idea of a UPnP server and I read that the one that ships with DD-WRT wasn’t very good (I’m not stating that as fact, mind you, but the limited amount of research I was able to do seemed to indicate it). I downloaded the version for the E4200 and hit a roadblock: the firmware wouldn’t install.

Turns out that I had the E4200 version 2, which uses the Maxwell chipset instead of the Broadcom chipset. None of the firmware versions I could find support that chipset, so I was stuck. I packed the router up and shipped it back to Amazon.

(sigh)

To replace it, I ordered the Asus RT-N66U. It seemed to be decent hardware and had solid alternative firmware support. I knew from my research that the default software did not support SNMP, so I immediately installed Tomato. The process was incredibly simple:

  • Download the proper firmware version from Shibby’s site
  • Put the router in “rescue mode”: first, turn it off
  • Remove the power cord
  • Press and hold the reset button (the small recessed button between the LAN port and the USB ports)
  • Replace the power cord
  • Turn on the router
  • Release the reset button once the power light slowly flashes (on 4-5 seconds, off 4-5 seconds)

At this point in time you can navigate to 192.168.1.1 and access the firmware reload screen. I set up 192.168.1.2 as a static address on my system since I read that this process can have issues if you are using a DHCP address, and then I simply uploaded the new firmware through the browser and installed it.

That was it – once the router rebooted I was able to access the Tomato webUI and it “just worked”.

The number of features are just staggering. Want to create a guest network? Just create a new SSID and associated it with a new VLAN. Need SNMP? Configures out of the box. The UPnP server was pretty easy to set up, but I had formatted the external drive as ext4 and it wouldn’t mount. I was able to ssh in to the router and look at dmesg to see that it was complaining about “extra features” so I reformatted as ext3 and it mounted just fine.

While I haven’t played with everything (such as QoS), I was really impressed with the IPv6 support. Since my ISP doesn’t support IPv6, I needed to set up an IPv4 to IPv6 tunnel. I signed up for a free account at Hurricane Electric and I was able to get IPv6 working rather quickly. However, since my public address is assigned via DHCP, any changes would cause the tunnel to break. However, Tomato comes with a built in Dynamic DNS client that talks to the Hurricane Electric site and updates the tunnel with any changes. Now that I have IPv6 working, I can configure the Juniper router in the office to allow traffic between the two networks with no need for a VPN.

Cool.

Once again I am impressed that not only is a complex open source application available for free, but that it trumps its commercial counterpart by far.