Klueless
Very Senior Member
"Fastest" doesn't make it the "bestest". There are important features that aren't captured in reviews. Features you don't need when things are running well but features you'll wish you had when things aren't!
Case in point. October, 2013. We switched from a cable Internet provider (numerous outages) to a phone company that provided 16 mpbs / 1.6 mbps bonded DSL. The new provider provisioned a router/modem combo rather than just a modem like our original ISP.
New ISP insisted on keeping our old router in place. HAPPY they did! Their box was low end, wireless range was poor and it turns out we would have had to deal with a ton of legacy addressing issues. (That and, looking forward, it'd be nice to be able to plug our router into a cell phone type router as a backup and have everything just work.)
Anyway we ran perfect for TWO years (from October 2013 to October 2015)! On October 1, 2015 we started experiencing numerous and frequent outages that were all but crippling to our small business.
Numerous calls to our ISP, they didn't see any problems so it must be us! A couple weeks in my boss asked me to take a look ...no ego here, I was just the most "disposable" employee
On November 20th we started working reliably ... and still are ... to date ... January 2016. Wish I could say I did something but I really can't.
Anyway as I started looking at things I realized how helpless we were. We knew nothing about our traffic or even who was on our network. We've always been this way, no changes, and we just worked. Until we didn't and, worse, the ISP just washed their hands ... it must be us!
Then, on top of everything else, we had a four hour blackout. When power came back up our router didn't so I had to buy a new one.
While shopping I knew I wanted something that would give me data to give my ISP, that would either show I had a problem or help build a case that THEY had a problem.
I combed reviews and went to several store fronts. Speed, user interface, QoS and perceived reliabilty reputations. I needed more information but I bought one anyway. Bought a well rated AC router. Yeah, it had QoS but it was to make games run faster. Not what I wanted; I needed "work" to run faster.
Returned it and that began my love affair with my Asus RT-N66R (aka RT-N66U) Router! I will bore you, point by point, so that any and all might suggest an even better fit for us. Or ideas for better configuration and/or troubleshooting. Anything!
This is how we started:
Ethernet - Internal Servers and their clients.
SSID "Faster", 5Ghz WLAN, WPA/WPA2 - Internal clients we didn't have Ethernet runs for and nearby "production" PCs. (Originally I planned on using the same SSID for both 2.4 and 5Ghz but some of my 5Ghz PCs kept connecting to 2.4)
SSID "Further", 2.4Ghz WLAN, WPA/WPA2 - "Prodution" PCs that didn't work w/ 5Ghz due to age or distance (e.g., they're in bldg. 2)
Guest WLAN 1, SSID "BYOD", 2.4 and 5Ghz, WPA/WPA2 - employee devices; smart phones and iPADs. (Even though it's a "guest WLAN" I have a button I can click to give them access to our printers and servers.)
Guest WLAN 2, SSID "Guest", 2.4 and 5Ghz, "open" - customers and visitors, employees - non-business use. No access to our internals.
In the event of crazy traffic compromising our network I can now disable the "unknowns"; disable "guest", disable "BYOD" and maybe get some work done. (Downside is I have to document how those WLANs were configured because I have to recreate them after disabling.)
Results, so far so good:
ISP still thinks it's me but we haven't had another problem since, going on three weeks now. Maybe they inadvertently fixed the problem or maybe we're in for a storm after the holidays are over and other businesses go back to full throttle. If so we are almost in a position where we can stand up to our ISP and their techs.
Shortcomings:
Outstanding questions:
Any input? Better routers? Configuration suggestions? I really want to get smarter about all this stuff. (I need to.) Called a couple "network engineers". While I'm sure there are plenty of good ones out there I didn't find one. It was easier to find a decent router (which wasn't easy) and a lot cheaper than paying for a mediocre network engineer.
Thanks for your patience with this boring dissertation.
Case in point. October, 2013. We switched from a cable Internet provider (numerous outages) to a phone company that provided 16 mpbs / 1.6 mbps bonded DSL. The new provider provisioned a router/modem combo rather than just a modem like our original ISP.
New ISP insisted on keeping our old router in place. HAPPY they did! Their box was low end, wireless range was poor and it turns out we would have had to deal with a ton of legacy addressing issues. (That and, looking forward, it'd be nice to be able to plug our router into a cell phone type router as a backup and have everything just work.)
Anyway we ran perfect for TWO years (from October 2013 to October 2015)! On October 1, 2015 we started experiencing numerous and frequent outages that were all but crippling to our small business.
Numerous calls to our ISP, they didn't see any problems so it must be us! A couple weeks in my boss asked me to take a look ...no ego here, I was just the most "disposable" employee
On November 20th we started working reliably ... and still are ... to date ... January 2016. Wish I could say I did something but I really can't.
Anyway as I started looking at things I realized how helpless we were. We knew nothing about our traffic or even who was on our network. We've always been this way, no changes, and we just worked. Until we didn't and, worse, the ISP just washed their hands ... it must be us!
Then, on top of everything else, we had a four hour blackout. When power came back up our router didn't so I had to buy a new one.
While shopping I knew I wanted something that would give me data to give my ISP, that would either show I had a problem or help build a case that THEY had a problem.
I combed reviews and went to several store fronts. Speed, user interface, QoS and perceived reliabilty reputations. I needed more information but I bought one anyway. Bought a well rated AC router. Yeah, it had QoS but it was to make games run faster. Not what I wanted; I needed "work" to run faster.
Returned it and that began my love affair with my Asus RT-N66R (aka RT-N66U) Router! I will bore you, point by point, so that any and all might suggest an even better fit for us. Or ideas for better configuration and/or troubleshooting. Anything!
User Interface was good, good enough that a no-talent like me could muck my way around.
QoS was good. Out of the box it prioritized work over uh "miscellaneous". (Work for us is web; web CRM, web comps, web-based financing, web-based inventory, web-based e-mail.)
Gigabit Ethernet (overkill for us, 100 Mbps would have been fine).
2 WLANs, one 2.4Ghz and one 5Ghz
6 Guest WLANs, three 2.4Ghz and three 5Ghz
Low end traffic monitor. I could finally see traffic! 24 hour charts. 10 minute real time monitor. Wired, 2.4Ghz, 5Ghz and composite views.
Support for b/g/n. No AC. In hindsight I see no need for it? N is plenty fast enough for us.
WPA/WPA2, etc. Yeah they all have it but our old router was WEP only so we just ran "open". Luckily no one ever bothered hacking us but the bigger issue is we had so many "unknowns", like 45 "somethings" were connected to us.
QoS was good. Out of the box it prioritized work over uh "miscellaneous". (Work for us is web; web CRM, web comps, web-based financing, web-based inventory, web-based e-mail.)
Gigabit Ethernet (overkill for us, 100 Mbps would have been fine).
2 WLANs, one 2.4Ghz and one 5Ghz
6 Guest WLANs, three 2.4Ghz and three 5Ghz
Low end traffic monitor. I could finally see traffic! 24 hour charts. 10 minute real time monitor. Wired, 2.4Ghz, 5Ghz and composite views.
Support for b/g/n. No AC. In hindsight I see no need for it? N is plenty fast enough for us.
WPA/WPA2, etc. Yeah they all have it but our old router was WEP only so we just ran "open". Luckily no one ever bothered hacking us but the bigger issue is we had so many "unknowns", like 45 "somethings" were connected to us.
This is how we started:
Renamed devices to names to help identify who's who and what's what.
Password protected our WLANs (except for "guest"). We went from 40 plus connections to 20 something - most of which I can identify now.
Changed default passwords on all routers/modems. (ISP wasn't happy I changed theirs but I told them upfront. I can deal with a little "grumpy".)
Traffic Monitor: It showed we do NOT have a traffic problem. Internet traffic is well suited to our subscribed service. Even though we have two internal servers and several clients to them their traffic (local, non Internet traffic) is well within reason.
LANs and WLANs: This is how we restructured our network:Password protected our WLANs (except for "guest"). We went from 40 plus connections to 20 something - most of which I can identify now.
Changed default passwords on all routers/modems. (ISP wasn't happy I changed theirs but I told them upfront. I can deal with a little "grumpy".)
Traffic Monitor: It showed we do NOT have a traffic problem. Internet traffic is well suited to our subscribed service. Even though we have two internal servers and several clients to them their traffic (local, non Internet traffic) is well within reason.
Ethernet - Internal Servers and their clients.
SSID "Faster", 5Ghz WLAN, WPA/WPA2 - Internal clients we didn't have Ethernet runs for and nearby "production" PCs. (Originally I planned on using the same SSID for both 2.4 and 5Ghz but some of my 5Ghz PCs kept connecting to 2.4)
SSID "Further", 2.4Ghz WLAN, WPA/WPA2 - "Prodution" PCs that didn't work w/ 5Ghz due to age or distance (e.g., they're in bldg. 2)
Guest WLAN 1, SSID "BYOD", 2.4 and 5Ghz, WPA/WPA2 - employee devices; smart phones and iPADs. (Even though it's a "guest WLAN" I have a button I can click to give them access to our printers and servers.)
Guest WLAN 2, SSID "Guest", 2.4 and 5Ghz, "open" - customers and visitors, employees - non-business use. No access to our internals.
In the event of crazy traffic compromising our network I can now disable the "unknowns"; disable "guest", disable "BYOD" and maybe get some work done. (Downside is I have to document how those WLANs were configured because I have to recreate them after disabling.)
Results, so far so good:
Boss' daughter was in for the holidays. I don't know what kids do with iPADs but she had our uplink and downlink pegged for days. No one noticed, everything ran fine. I'm thinking QoS really works!
Sales manager bought a new iPhone. It was saturating our 1.5 mbps outbound link. No one noticed, we were running fine - QoS to the rescue! Even better I brought him in to look at the ASUS traffic monitor, had him shut off his phone and look at the traffic monitor again. Traffic stopped when he shut off his phone. He got mad at me. This went on for several more days, don't know root cause, but, eventually, his phone "fixed itself" and ... he's talking to me again.
I now run "Ping Plotter" as an overlay to my traffic monitor. On December 10 we had our first outage in three weeks (prior to they had been a near daily occurance). Ping Plotter showed a possible problem with the ISP's border router and the Asus traffic monitor showed almost NO traffic.
Sales manager bought a new iPhone. It was saturating our 1.5 mbps outbound link. No one noticed, we were running fine - QoS to the rescue! Even better I brought him in to look at the ASUS traffic monitor, had him shut off his phone and look at the traffic monitor again. Traffic stopped when he shut off his phone. He got mad at me. This went on for several more days, don't know root cause, but, eventually, his phone "fixed itself" and ... he's talking to me again.
I now run "Ping Plotter" as an overlay to my traffic monitor. On December 10 we had our first outage in three weeks (prior to they had been a near daily occurance). Ping Plotter showed a possible problem with the ISP's border router and the Asus traffic monitor showed almost NO traffic.
ISP still thinks it's me but we haven't had another problem since, going on three weeks now. Maybe they inadvertently fixed the problem or maybe we're in for a storm after the holidays are over and other businesses go back to full throttle. If so we are almost in a position where we can stand up to our ISP and their techs.
Shortcomings:
Asus tech support leaves much to be desired.
Would be nice to be able to simply resume a WLAN rather than having to reconfigure it to reenable it.
Would be nice to be able to disable a singe device rather than an entire WLAN and to be able to simply resume it.
Would be nice to see traffic by device.
Would be nice to be able to remotely manage (like the new Linksys devices?)
Would be nice to be able to simply resume a WLAN rather than having to reconfigure it to reenable it.
Would be nice to be able to disable a singe device rather than an entire WLAN and to be able to simply resume it.
Would be nice to see traffic by device.
Would be nice to be able to remotely manage (like the new Linksys devices?)
Outstanding questions:
How to properly set up QoS? I had to take some guesses. The Asus Gigabit WAN port connects to the ISP's router/modem.
All 2.4Ghz WLANs run on the *same* channel (1) and all 5Ghz WLANs run on the *same* channel (40). Am I shooting myself in the foot by running so manys WLANs / SSIDs on the same channels?
Two routers = double NAT? Another forum suggested I put my router port into the ISP's router/modem's DMZ. I did but I think I still have double NAT? I don't mind putting in a little effort but stuff is working(?) so I'm reluctant to take heroic or disruptive efforts here.
Subscribed service for outbound (from me) traffic is 1.6 mbps and speed tests show I actually get 1.6 so I pinched my gigabit outbound to 1.5 mbps (to mimic my ISP).
My inbound service is 16 mbps but speed tests never reach 15 mbps I so pinched my gigabit inbound to 15. I considered 14 but since I have NO understanding of the benefit of inbound QoS I went with 15.
I do not know if I should do similar with my provider's modem/router or if I should leave well enough alone? (Actually, I'm not even sure if I have that option now that I think of it.)
My inbound service is 16 mbps but speed tests never reach 15 mbps I so pinched my gigabit inbound to 15. I considered 14 but since I have NO understanding of the benefit of inbound QoS I went with 15.
I do not know if I should do similar with my provider's modem/router or if I should leave well enough alone? (Actually, I'm not even sure if I have that option now that I think of it.)
All 2.4Ghz WLANs run on the *same* channel (1) and all 5Ghz WLANs run on the *same* channel (40). Am I shooting myself in the foot by running so manys WLANs / SSIDs on the same channels?
Two routers = double NAT? Another forum suggested I put my router port into the ISP's router/modem's DMZ. I did but I think I still have double NAT? I don't mind putting in a little effort but stuff is working(?) so I'm reluctant to take heroic or disruptive efforts here.
Any input? Better routers? Configuration suggestions? I really want to get smarter about all this stuff. (I need to.) Called a couple "network engineers". While I'm sure there are plenty of good ones out there I didn't find one. It was easier to find a decent router (which wasn't easy) and a lot cheaper than paying for a mediocre network engineer.
Thanks for your patience with this boring dissertation.
