I live in the country, in a place where the beer is real, wellies are green and broadband is something of a latecomer. In fact I didn’t get broadband in this corner of Surrey until two years ago, at which point, and after years of reliable ISDN service from my old faithful Netopia 3100 router in connecting to both the Net and our corporate Cisco-based systems, I leapt excitedly on the DSL bandwagon with a Netgear DG814. Now I’d modestly reckon that I’m usually pretty good at assessing technology and getting it right (it being part of my job’n’all…), but, as what followed demonstrated, I do seem to have developed a rather Nelsonian blind spot with regard to low-end routers…
This piece of equipment just didn’t do what it said on the box: it dropped connections all over the place, had a firewall that could be defeated with a dirty look, and resolutely failed to have any loopback between the LAN and WAN interfaces (this is generally a Good Thing, as it allows you to access machine’s on your local network much more simply). Above all though, and as a clear indication of Netgear‘s attitude to the world, it implemented Netgear’s infamous ‘cheapskate stupidity’ NTP (Network Time Protocol) client, whereby ALL Netgear routers were hard-coded with the NTP server address of an innocent campus server at the University of Wisconsin , thus effectively causing a huge Denial of Service (DoS) attack on the University’s network.
That really does sum up Netgear’s apparent attitude: do everything on the cheap and sod the customers and anyone else whom they happen to inconvenience along the way. After considerable prompting, this device was finally replaced under warranty, with another that behaved in pretty much the same way. No support whatsoever thereafter came from Netgear, who were probably too busy settling the lawsuit from the U of Wisconsin to concentrate on much else.
So I replaced it, thinking that this time I’d go back to my corporate roots and buy something from a ‘serious’ networking company. Serious mistake: I settled on 3Com, and the snappily-titled 3CRWE754G72-A, one of their OfficeConnect range, designed for, as you might expect, connecting SOHO and branch offices to larger networks. So it came, in theory, with VPN passthrough, an packet inspection firewall and useful stuff like a built-in 802.11g Wi-Fi wireless base station. Sounds like a decent sort of device, doesn’t it?
Think again: I’ve staggered through the last year with it, discovering such trivia as:
- The inability of the firewall to be configured on a port range basis
- The fixed and limited number of firewall rules.
- A firewall that leaks like a sieve – my systems’ own firewalls are forever logging attacks that seem to sail straight through the 3Com’s own.
- Interference between the wireless hub and the router itself – the ADSL s/n ratio worsens by about 5dB when the wireless system is on – an utterly basic, freshman design fault.
- Utter unreliability if the link’s downstream S/N ratio drops below about 12dB (still well within ADSL spec)
- Logs that don’t persistent beyond a router hang and reset, making diagnosis all but impossible
- A ‘feature’ that causes it to hang on certain types of simple DoS attack (Land), requiring a manual power cycle to get it back. Seriously though, that’s how 3Com support, when I finally got through to them, described it.
- A registration and support site that resolutely refuses to work with standards-based browsers – if you’re not on Windows IE, forget it.
- Firmware upgrades that break basic services like video conferencing and chat services, even with the firewall off.
So that’s two networking companies well and truly off my Christmas Card list – so who’s left? There are the usual suspects like Linksys, D-Link, Zyxel and Belkin, coming largely from the SOHO/small systems end of things. There is of course Cisco who, despite their antediluvian and self-destructive corporate reflex behaviour towards attempts to document exploits for their COS operating system, I’ve found to be generally reliable and effective equipment, at least at the middling-to-megabuck level. But, after my 3Com experience, I’m nervous of lower end kit from a big manufacturer – they just don’t seem to understand the difference between cost-effective and penny-pinching design. And then there’s a Taiwanese upstart, Draytek who, despite a slightly laughable web site, are producing some well-specified and well-regarded systems. In fact, I’ve put a couple of these in over the last couple of years at clients’ sites and have not had one single support call on them – they’ve effectively vanished off my perceptual radar. Which can only be good. So I’m borrowing one today from a friendly supplier and will see what happens. And, if you’re reading this, it’s working…
One thought on “Router Madness”
I borrowed it. And it’s working very well indeed. I may however be forced to read the manual – the firewall looks very comprehensive, but slightly idiosyncratic in setup…