Any idea when we'll start seeing >1GBe ports on high end consumer routers/modems?
Do the SOCs used to build these have available PCIe lanes to attach 3rd party controllers, or are we limited until Broadcom/etc integrate faster networking in their core packages?
Protip: Don't bother with embedded cable modem wireless routers. Firmware updates are only provided by the ISP and we all know how ISPs love to drag their feet on those.
The situation's not much better elsewhere. Most router OEMs don't care about post sale updates. DD-WRT theoretically does produce new versions; but only if someone cares enough about your router to make builds, and the upgrade/install docs either recommend or imply that the standard upgrade process will wipe you down to a clean install instead of keeping all of your settings. In both cases you're looking at manual install processes though; which means that 99.9% of the time they won't be done even if available. OTOH I don't trust the OEMs or ISPs to have a secure upgrade path; and strongly suspect a bungled ISP patch was behind my parents modem/router getting a fubarred firmware a few years ago.
That's why you look elsewhere at newer, better managed communities such as LEDE. I'm running LEDE on a Netgear X4S with a much newer kernel, much newer AP daemon (hostapd) with way more features than DD-WRT cares to enable. I've submitted patches to DD-WRT and they have been dropped on the floor.
LEDE and OpenWRT are apparently in the process of merging back together after the fork that created the former. OpenWRT's always been a firmware for people who want to manage their network via SSH and editing assorted config files. As someone who wants the lowest level of fiddly bits wrapped up behind an HTML interface, until the smoke clears I'd pass on LEDE even if provisioning a new router. (Something I don't plan on doing for at least another year or two, probably more like 3 out.)
You have a bad misconception of OpenWRT and LEDE. Likely stems from being in a Windows-only world.
LEDE/OpenWRT use the "Luci" web UI to control a majority (or all settings, I bet, for your usage) of the settings. It's on par with what you get from DD-WRT if you're curious.
Don't let stale comments from old web forums dictate your decisions about software such as this. They're likely wrong as the state changes constantly. With LEDE it's for the better.
I know in the past router manufacturers have been horrible at providing firmware updates, but that seems to have changed in recent years. At least for some companies. For example, the Netgear R7000 was released in 2013, and they have a firmware update as of this month.
Personally I would never buy a router that depends on the ISP to provide updates. It's bad enough that a cable modem has to work that way.
Netgear is pretty good at pushing critical updates even after years of stale support when, say, a security exploit is discovered. This happened with heartbleed and the recent WPS exploits across their entire router line. Even my R6400, a 3 year old router, received a critical update late last year to patch an exploit.
But overall, other than exploits, why do you need firmware updates? Other than TP-Link who is notorious for leaving bugs unpatched, or introducing new ones and leaving features crippled (looking at you Archer C9 DLNA server) why do you need firmware updates? These days routers work pretty damn well out of the box. If you want features not supported by your router, run DDWRT, Tomato, or some other 3rd party firmware that will likely break other things while adding features. I've never met anybody who claimed increased wifi performance with a 3rd party firmware, that's for sure, but sometimes the sacrifice is worth the feature gains.
Just because "…routers work pretty damn well out of the box", that doesn't mean they're bug free. If anything, routers are far more complicated than ever and I expect a few years worth of periodic bug fix firmware updates.
That's a good reason to not rely on off the shelf routers any more. They don't do security, like, at all. They don't do bug fixes. They certainly don't do performance updates.
It's far better to use pfsense, either through a micro PC or a VM, and use a separate wireless AP without WPS.
Off the shelf router manufacturers don't care about what happens to you or your data, except when certain ones steal it, so don't count on them. Make your own.
Another happy pfsense user here. I don't think an off the shelf router would support downloading torrents the way I do -- with 10,000+ connections -- it's really the only way to get all of my ~240mbit/sec connection. Plus I am a big user of OpenVPN and having a pfsense box with a CPU that supports AES-NI is a big help. I have tested with iperf and can get my full 240mbit over a VPN link to a box in the cloud.
...and it still has WPS, the biggest security hole in the business. What idiots. Why built such a high end router and leave the security wide open like that?
No, actually, all off the shelf routers, except those capable of running DDWRT/OpenWRT, cannot turn off WPS. It turns off the advertisement for WPS, but it does not turn off the feature. The feature stays on and it can still be very easily hacked. There are many sites and manufacturers that claim it can be turned off, but testing has shown that the feature is never actually disabled, only the advertisement for it. The only way DDWRT and OpenWRT do is to unload the drivers for it.
SSID broadcast?! If anything that makes your network marginally more interesting to anyone who's actually going to put the effort into trying to break into it. It certainly doesn't do anything to hide it from anything but the most trivial scans.
Having done quite a bit of research on routers recently, I can tell you that the biggest issue is not speed, it is distance and obstruction that is the problem. I have this modem/router's predecessor (sans the modem) and it's great, except it doesn't have the distance I wanted. I wish they would work on that instead of speed that there are few/no client adapters for.
We’ve updated our terms. By continuing to use the site and/or by logging into your account, you agree to the Site’s updated Terms of Use and Privacy Policy.
Facebook
Twitter
RSS
26 Comments
Back to Article
DanNeely - Tuesday, July 11, 2017 - link
Any idea when we'll start seeing >1GBe ports on high end consumer routers/modems?Do the SOCs used to build these have available PCIe lanes to attach 3rd party controllers, or are we limited until Broadcom/etc integrate faster networking in their core packages?
mooninite - Tuesday, July 11, 2017 - link
Protip: Don't bother with embedded cable modem wireless routers. Firmware updates are only provided by the ISP and we all know how ISPs love to drag their feet on those.DanNeely - Tuesday, July 11, 2017 - link
The situation's not much better elsewhere. Most router OEMs don't care about post sale updates. DD-WRT theoretically does produce new versions; but only if someone cares enough about your router to make builds, and the upgrade/install docs either recommend or imply that the standard upgrade process will wipe you down to a clean install instead of keeping all of your settings. In both cases you're looking at manual install processes though; which means that 99.9% of the time they won't be done even if available. OTOH I don't trust the OEMs or ISPs to have a secure upgrade path; and strongly suspect a bungled ISP patch was behind my parents modem/router getting a fubarred firmware a few years ago.mooninite - Tuesday, July 11, 2017 - link
That's why you look elsewhere at newer, better managed communities such as LEDE. I'm running LEDE on a Netgear X4S with a much newer kernel, much newer AP daemon (hostapd) with way more features than DD-WRT cares to enable. I've submitted patches to DD-WRT and they have been dropped on the floor.DanNeely - Tuesday, July 11, 2017 - link
LEDE and OpenWRT are apparently in the process of merging back together after the fork that created the former. OpenWRT's always been a firmware for people who want to manage their network via SSH and editing assorted config files. As someone who wants the lowest level of fiddly bits wrapped up behind an HTML interface, until the smoke clears I'd pass on LEDE even if provisioning a new router. (Something I don't plan on doing for at least another year or two, probably more like 3 out.)mooninite - Tuesday, July 11, 2017 - link
You have a bad misconception of OpenWRT and LEDE. Likely stems from being in a Windows-only world.LEDE/OpenWRT use the "Luci" web UI to control a majority (or all settings, I bet, for your usage) of the settings. It's on par with what you get from DD-WRT if you're curious.
Don't let stale comments from old web forums dictate your decisions about software such as this. They're likely wrong as the state changes constantly. With LEDE it's for the better.
Chugworth - Tuesday, July 11, 2017 - link
I know in the past router manufacturers have been horrible at providing firmware updates, but that seems to have changed in recent years. At least for some companies. For example, the Netgear R7000 was released in 2013, and they have a firmware update as of this month.Personally I would never buy a router that depends on the ISP to provide updates. It's bad enough that a cable modem has to work that way.
mrvco - Tuesday, July 11, 2017 - link
R7000 owner here and agreed. The last thing I want is for Comcast to have any domain over my router, my (owned) cable modem is enough.fanofanand - Wednesday, July 19, 2017 - link
Now if only my R7000 would stop dropping down to single digit speeds at random......Samus - Tuesday, July 11, 2017 - link
Netgear is pretty good at pushing critical updates even after years of stale support when, say, a security exploit is discovered. This happened with heartbleed and the recent WPS exploits across their entire router line. Even my R6400, a 3 year old router, received a critical update late last year to patch an exploit.But overall, other than exploits, why do you need firmware updates? Other than TP-Link who is notorious for leaving bugs unpatched, or introducing new ones and leaving features crippled (looking at you Archer C9 DLNA server) why do you need firmware updates? These days routers work pretty damn well out of the box. If you want features not supported by your router, run DDWRT, Tomato, or some other 3rd party firmware that will likely break other things while adding features. I've never met anybody who claimed increased wifi performance with a 3rd party firmware, that's for sure, but sometimes the sacrifice is worth the feature gains.
Elstar - Sunday, July 16, 2017 - link
Just because "…routers work pretty damn well out of the box", that doesn't mean they're bug free. If anything, routers are far more complicated than ever and I expect a few years worth of periodic bug fix firmware updates.mrvco - Tuesday, July 11, 2017 - link
I have a Nighthawk R7000 and Netgear still updates it regularly via "Update Assistant" in the web interface.Makaveli - Tuesday, July 11, 2017 - link
If you are using an R7000 you should be using Asus merlin firmware on it. Netgear's is junk!kmmatney - Wednesday, July 12, 2017 - link
I get plenty of updates from Netgear for my old Nighthawk R7000. The NightHawk routers are vbery good in this respect.eek2121 - Monday, July 17, 2017 - link
Netgear has regularly produced new firmware revisions for my router.dgingeri - Tuesday, July 11, 2017 - link
That's a good reason to not rely on off the shelf routers any more. They don't do security, like, at all. They don't do bug fixes. They certainly don't do performance updates.It's far better to use pfsense, either through a micro PC or a VM, and use a separate wireless AP without WPS.
Off the shelf router manufacturers don't care about what happens to you or your data, except when certain ones steal it, so don't count on them. Make your own.
petteyg359 - Tuesday, July 11, 2017 - link
My off-the-shelf WRT1900ACS with OpenWRT/LEDE is working just fine, thanks.extide - Wednesday, July 12, 2017 - link
Another happy pfsense user here. I don't think an off the shelf router would support downloading torrents the way I do -- with 10,000+ connections -- it's really the only way to get all of my ~240mbit/sec connection. Plus I am a big user of OpenVPN and having a pfsense box with a CPU that supports AES-NI is a big help. I have tested with iperf and can get my full 240mbit over a VPN link to a box in the cloud.dgingeri - Tuesday, July 11, 2017 - link
...and it still has WPS, the biggest security hole in the business. What idiots. Why built such a high end router and leave the security wide open like that?Samus - Tuesday, July 11, 2017 - link
You can turn it off, everyone should turn WPS off ;)dgingeri - Tuesday, July 11, 2017 - link
No, actually, all off the shelf routers, except those capable of running DDWRT/OpenWRT, cannot turn off WPS. It turns off the advertisement for WPS, but it does not turn off the feature. The feature stays on and it can still be very easily hacked. There are many sites and manufacturers that claim it can be turned off, but testing has shown that the feature is never actually disabled, only the advertisement for it. The only way DDWRT and OpenWRT do is to unload the drivers for it.bigboxes - Tuesday, July 11, 2017 - link
I rarely log in to my router. Thanks for the reminder. Just updated my Asus router.bigboxes - Tuesday, July 11, 2017 - link
and yes, turn off SSID broadcast (and WPS)chaos215bar2 - Wednesday, July 12, 2017 - link
SSID broadcast?! If anything that makes your network marginally more interesting to anyone who's actually going to put the effort into trying to break into it. It certainly doesn't do anything to hide it from anything but the most trivial scans.Do turn off WPS, though.
bigboxes - Wednesday, July 12, 2017 - link
Please, just stop your outrage...ffsfanofanand - Wednesday, July 19, 2017 - link
Having done quite a bit of research on routers recently, I can tell you that the biggest issue is not speed, it is distance and obstruction that is the problem. I have this modem/router's predecessor (sans the modem) and it's great, except it doesn't have the distance I wanted. I wish they would work on that instead of speed that there are few/no client adapters for.