Best of Both Worlds

You know, the nice thing about technological quandries is simply that there’s usually a solution around that fits both sides of the quandry.

From my post the other day you can tell that I was in two minds of what to do regarding my router, Vonage and so forth. My decision was between building a new Linux-based firewall, or buying a firewall that had some more advanced functions (QoS). So I did both.

What? Well, I did a bit of research on what might be my best option, and found that the Linksys WRT54GS might be my best bet. It’s a Wireless G access point with a basic firewall and four-port switch. OK, so that’s pretty common… but what’s not so common about this hardware is the fact that you can actually install Linux on it.

The box itself actually uses Linux out of the box, but there’s actually a significant third-party community out there that actually creates Linux distributions to install on these units that extends the functionality way beyond what Linksys intended originally. There are some catches, like the fact that the newest hardware revisions of this unit have smaller memory and therefore aren’t quite as “open” as the earlier models… but this still is a great option for those that want the flexibility of a Linux box that’s well supported, and a nice piece of hardware in and of itself.

So I started by taking it home… and before even powering it up I started to work on installing OpenWRT, which seemed to be a good option since it’s a “from scratch” Linux distribution for the WRT hardware. My thinking was that a modular system would be ideal from a flexibility standpoint. If you’re a true Linux geek then this is the way to go. The base install results in a router that works “out of the box” with basic NAT, firewall and wireless access point functionality… even a basic web interface if you don’t fancy the command prompt to configure.

I worked with this for a while, until I realized that getting it up to the level of functionality I was hoping for would take a while, a lot of packages, a lot of experimentation and a whole lot of configuration. Not ideal. For me, functionality in this case trumped flexibility since I needed this up relatively quickly.

So I switched to DD-WRT instead. While it’s based on the same code, and in fact is very similar it includes a lot more functionality “out of the box” and a web interface that’s a lot more comprehensive. In that regard, it resembles the default Linksys OS more than it does OpenWRT, but does allow you to get a working configuration quicker that can then be extended.

Setup was quick and simple, and though there are some things I preferred about OpenWRT and its method of doing things, this DD-WRT works pretty well all things considered. Even setting up the basic QoS rules was a lot quicker, and I was able to tune the rules rapidly and efficiently. No problems.

So how well does it work? Fantastically well in fact. Although the documentation for DD-WRT is not quite as mature as OpenWRT’s, I think it was a lot easier to set up for someone with a bit of knowledge of networking and so forth. I configured it out, set up my wireless (support WPA2!!! Yeah!!) and began defining my choice of rules.

I started with the high-load stuff; FTP transfers, BitTorrent client and so forth; hell, even SMTP rates in there at times. What I did was set all these at “Bulk” rate. This is the lowest priority setting, which means that when I’m downloading stuff it’ll use all the available bandwidth, but pretty much everything interactive (web pages, general surfing) will take precedence. This is fantastic… even with a BT client pulling Fedora Core 4 and saturating my bandwidth, I can still fire up Firefox in another window and browse the Internet as though nothing out of the ordinary was going on. In fact, since I set my maximum QoS-capped rate at about 90% of my actual bandwidth (per my ISP), their buffers don’t get maxed as often and my latency is lower. This means that generally web surfing is “snappier”.

Then I took my web server and gave it an “Express” rate. This means that web traffic will hopefully take precedence over pretty much everything else on the network, thus people hitting my web server should now get much better and more consistent performance since I’m now not causing a slowdown when I’m using the pipe.

Beyond that, I then set Vonage traffic to be prioritized at “Premium” rate, thus it takes precedence over everything else and pushes everything else on the connection into the background when it’s being used. The upshot is it doesn’t break up as bad, even on heavy loads when the Internet connection is being nailed. There’s still some breakup, but I think a little more QoS tuning should put paid to that (in combination with my line upgrade that’s happening on Monday 9th January). The quality now is as good as a landline… and it’s more reliable than it was before.

Now, it’s still having some problems. Again though, like I said just some tuning ought to put paid to the problems.

So just some more information on the life of a geek.

The Pain of the Bleeding Edge

So I have recently pulled the trigger on another emerging technology. Hey, this is the blog of a geek, what do you expect?

So what have I done this time? Xbox 360? Nah, I’ve changed my phone service to Vonage.

For those that don’t know, Vonage is a Voice over IP service that basically promises you better phone rates, both local and long distance. They do this by utilizing the Internet to make phone calls, essentially using “points of presence” where they have phone lines and bridging the intermediate gap using the Internet.

The advantages are obvious. I won’t make claims that it cuts out the big monolithic voice carriers; it doesn’t. Instead they are relegated to a “carrier” role where they provide the lines that feed these points of presence, and in many cases carry Internet traffic in general. So no, Vonage won’t “break you from the tyrrany that is the Baby Bells”.

Anyway, simply put the voice is encoded into IP packets and transferred across publicly available routers and systems to the remote end, where it breaks into a point of presence and can then travel across the “legacy phone lines” to the recipient. Similarly, someone dialing your phone number is connected to the appropriate point of presence (depending on their source), and they then talk to you via Vonage’s own encoding hardware and software, across the Internet and to your home.

It works by putting a small box at your home. This box takes the VoiP signals and converts it to traditional analog signals. Basically the box I have (a Linksys PAP2) breaks a single RJ-45 Ethernet cable into two standard phone jacks… so you don’t need a new phone to make this work. Also, with rebates and stuff the Vonage hardware itself can actually be free. It uses a broadband Internet connection to connect to Vonage’s servers, then Vonage can route the data to your box. This is all pretty much irrelevant to the home user, because if you have a home network with even a basic router you can literally just plug it in, sign up on Vonage’s web site and be running in less than 15 minutes. It’s really that simple.

Or is it? Well, after much experimentation (during which time I was transferring my phone number from SBC to Vonage so I keep the same phone #), I found a few flaws in the system.

First is bandwidth. Not usually a problem with most broadband connections to be honest, but my DSL is 5 years old now, and technology has moved along since I signed up. As a result, I really only had a pretty slow broadband pipe with which to play with… and this very website you’re reading this on is hosted on that pipe along with traffic going out. So, although my line theoretically support VoIP quite well, in practice this turns out not to be the case.

The reason is twofold. Firstly as I mentioned I already use this line to host email, web services and so forth. As a result, the line’s constantly in-use. Even cranked back to minimum quality (optional using Vonage’s web site to control it) the calls will tend to break up and sometimes be almost unintelligible. This happens whenever traffic starts to crank up on your connection… so surfing the web while on the phone can actually cause the problem.

So what’s the solution? Well, here’s where the pain of the bleeding edge comes in which makes Vonage a little less than a “plug and play” solution. I am going to have to change firewall/router to something that will allow me to do QoS on my Internet connection. This means queueing to prioritize traffic across my connection. My thought is that I can then change the priority of my Vonage traffic to take priority over everything else. This in combination with my faster line (which is getting installed soon) should allow me to use Vonage as well as a land line… or at least as well as a cell phone.

Would this be a problem to most people installing Vonage? Actually, no. My problem is simply that my hardware is old; my router is an old D-Link which despite firmware upgrades provides no real low-level control of protocol traffic. Newer routers do provide a much better level of control, and in fact many of them (notably Linksys and “game routers”) actually prioritize VoIP by default. My D-Link can’t, is an unsupported model and cannot really be retrofitted to work better. Besides, the limitations of the unit have really started to irk me lately.

Where to now then? Well, my thought at the moment is to implement a Linux-based router. I want to keep the D-Link since it’s also my wireless access point for my home network. However, I would ideally like to eliminate the firewall portion of it, instead using a Linux box as a highly customizable and infinitely configurable router. I did that before, my router was a Linux box up until about 2.5 years ago when I changed it out; it was a rather pitiful Pentium 133 that finally started to give up the ghost… not due to any severe failure but rather because the hard drives started to die. Having said that, though; I am wondering if it’s worth it to pursue this avenue. This is simply because it might be easier to just invest in a new router.

I will, of course let the readers of my blog know what I did. I must admit I favor the Linux solution… but that’s because I’m a huge geek :)