[HN Gopher] Hidden Networks in TP-Link Routers
___________________________________________________________________
Hidden Networks in TP-Link Routers
Author : ignitionmonkey
Score : 202 points
Date : 2021-12-21 20:42 UTC (2 hours ago)
(HTM) web link (jahed.dev)
(TXT) w3m dump (jahed.dev)
| clajiness wrote:
| Hard to beat OPNsense on Protectli machines with your favorite
| flavor of networking hardware (Unifi, Microtik, etc).
| chana_masala wrote:
| Any recommendations for an ethernet only router? I do know I
| could use the Pi to do that, but it seems like a waste.
| orev wrote:
| Qotom boxes seem to work well and can run OpenWRT, opnsense,
| pfsense, etc.
| adambatkin wrote:
| Mikrotik!
| jagger27 wrote:
| Mikrotik has a ton of options for that.
| SavantIdiot wrote:
| Huawei AX3 does something similar. As does any Xfinity router
| (but I think you can turn that off) but the Xfinity mesh is
| actually pretty decent if you have a subscription. Similarly, in
| Vietnam HCMC you can connect to wifi anywhere in the city because
| every telco/isp router creates a mesh like Xfinity. It's not a
| bad idea: having wifi network everywhere, but I suspect 5G will
| obviate this need. Wouldn't surprise me if home routers became a
| thing of the past in some areas if 5G delivers.
|
| FYI: `airodump-ng` is a great way to see whats going on with any
| new router since it hops channels.
| treesknees wrote:
| The public hotspot systems are actually much "worse" in terms
| of the overheads the author wrote about.
|
| With a couple of unused SSIDs, they're just sending out a
| simple 802.11 beacon frame every so often and that's it. The
| energy cost and disruption to surrounding networks/channels
| must be minimal.
|
| With a hotspot, not only do you have regular network traffic
| flowing and causing more potential interference, your
| router/modem is also using more power to process the traffic
| and modulate that signal into the wireline side. At least one
| estimate I found would be around $23/year of 24/7 use of the
| hotspot network (it may be less with newer hardware, article is
| from 2014) https://www.extremetech.com/computing/185560-new-
| report-illu...
| amenghra wrote:
| Too bad fon/fonera didn't span out. The idea was to share
| your access point (in a secure way) and earn credits for
| doing so.
| dariosalvi78 wrote:
| I still own a couple of foneras, I liked the model..
| SavantIdiot wrote:
| I don't follow your reasoning at all.
|
| It sounds like you are claiming public 802.11 hotspots are
| more noisy that everyone running their own routers. You do
| realize it is the same spectrum, right? It is literally the
| same impact, except with a larger BSSID you can route traffic
| more effectively.
|
| Sharing more stations across phy APS in the same BSSID would
| be less overall traffic because it can be evenly distributed.
|
| Maybe I missed your point: please explain how personal router
| vs public hotspot over rented router is different w.r.t.
| 802.11 interference.
|
| EDIT: Deleted the part where I computed power cost
| incorrectly, because I'm an eeeediot.
| treesknees wrote:
| No, that is not what I am claiming. If you read the
| article, the author claims that the 2 unused networks are a
| source of interference. I'm simply claiming that a busy or
| utilized hotspot will be a much larger source of potential
| interference than an unused network doing nothing but
| broadcasting a few beacon frames every few ms.
|
| Your power calculation is only based on the power of the
| broadcasting signal, not evaluating the electrical load on
| the router to do so or to process received signals and
| process traffic (performing NAT, encapsulation, etc.) The
| article I linked you to clearly states this
|
| >According to Speedify's testing, the router draws 0.14
| amps when idle and 0.22 amps when loaded. By the company's
| calculations, this comes out to roughly $23 per year at
| mid-Atlantic power rates
| SavantIdiot wrote:
| Gotcha. Makes way more sense now. Thanks!
| [deleted]
| chronogram wrote:
| Last week I bought a TP-Link AX55 and went through the settings
| and enabled all the neat things and disabled all the regular
| consumer ease of access things (WPS, meshing things), and the
| only hidden networks in my area with the same app are several
| decibel away with a different MAC address. Either it's not around
| in the newer models or it's part of one of the regular consumer
| ease of access things.
| submeta wrote:
| I aggree that the situation the author describes is unacceptable.
|
| But I am wondering why the author does not value his personal
| time. I can't help but think of opportunity costs. He spends a
| lot of time writing this article, reverse engineering backups and
| whatnot instead of shelling a hundred dollars to get a new
| device? I see this pattern so often in the tech world.
| subhro wrote:
| > But I am wondering why the author does not value his personal
| time.
|
| Maybe, because it is fun reverse engineering stuff?
| submeta wrote:
| I agree. I like tinkering myself. But then why mention
| avoiding spending a hundred dollars for a new device, but
| spending a couple of hours as if those hours are worth less
| than said amount of money.
| A_non_e-moose wrote:
| Should customers of a product be forced to either spend
| 100$ for a new product and generate more ewaste, or tinker
| with their device leaving it in an unsupported perhaps even
| out of warranty state?
|
| Maybe some people are happy with either option, but it sure
| is unethical to force that choice, especially when all the
| effort it could have taken from the manufacturer was to add
| a boolean flag.
|
| I'd complain too, not everyone is in the same situation,
| and this is dodgy behavior anyway regardless of me liking
| the workarounds or not, simply having to workaround is bad
| enough in principle.
| adamauckland wrote:
| I'm not sure if you're trying to be funny for jokes, but we
| all know you don't get paid for hours which you can't bill,
| so...
| yjftsjthsd-h wrote:
| "Time you enjoy wasting is not wasted time."
| rgj wrote:
| Out of principle maybe?
| tibu wrote:
| Maybe he wants to make other aware of the strange things TP-
| Link does. Which is a huge help, now I won't buy any TP-Link
| device either unless I can reflash it with OpenWRT
| lordnacho wrote:
| I had a related problem with their PowerLine TPA-4220 devices
| yesterday. It turns out there's a DHCP server on it that you
| can't turn off! It's supposed to be smart and know when there's
| another DHCP server on the network, but it appears that this
| sometimes doesn't work. So I found that my laptop sometimes ends
| up configured on the wrong subnet, which of course kills the
| internet connection. The thing is, the web interface does not
| have a setting to shut off the rogue server.
|
| If I hadn't done a CCNA I don't think I would have ever figured
| this out. I don't know what ordinary people do when this happens
| to them.
| ceejayoz wrote:
| I had a similar experience with my Netgear Orbi; they have a
| dual 2.4/5 GHz network on the same SSID, but certain devices
| just cannot handle it (including apparently Facebook's Oculus
| and quite a few smart home devices).
|
| Turns out you can split them up into separate SSIDs, but only
| by telnetting into your base station and each satellite and
| running some cryptic commands on each. It _used_ to be possible
| via the web UI, but they just... dropped it.
| 35mm wrote:
| Perhaps they would buy a new router, then replace other things
| randomly until it worked again. This approach might even be
| quicker. Much more wasteful however.
| fomine3 wrote:
| This feature is stupid. I never buy TP-link products because I
| can't believe people who ship like this. ref:
| https://community.tp-link.com/en/home/forum/topic/160293
| radicaldreamer wrote:
| Eero seems like a company which makes simple, plug and play mesh
| routers and doesn't seem to pull anything funny with their
| equipment.
| yjftsjthsd-h wrote:
| Eero is owned by Amazon now, so I'm not sure how far I'd trust
| that. Like, I trust them to be technically competent, but not
| to act in my interests.
| avidiax wrote:
| The security model for this doesn't look utterly broken. Seems
| that you need to go into the main router and "add" the mesh
| nodes. They obviously appear there by attaching to these hidden
| networks.
|
| But since this is configuration-free, that suggests that the mesh
| devices store a single static key for these networks and can join
| any such network. Whatever protocols exposed on that interface
| better not have any security problems, or you'll have a backdoor.
|
| You could make this somewhat secure by having a TPM in the mesh
| device that signs a challenge-response to get the hidden network
| key by MAC-address, but that seems too complicated.
|
| They could simply having the mesh endpoints broadcast a
| proprietary AP, and 'adding' by joining that network from the
| primary device and setting configuration.
|
| https://www.tp-link.com/us/support/faq/2532/
| sebow wrote:
| tomxor wrote:
| > they didn't provide a good hardware solution for 4G. That's
| right, my street doesn't have fibre despite being in the tech
| startup heart of London. So here I am with a TP-Link router.
|
| Same situation, another UK city, without fiber, and with an
| incredibly noisy, effectively useless 1Mbit ADSL line.
|
| I spent a lot of time trying to figure out the best LTE solution
| for a flat - learnt way too much about LTE in the process, but
| ultimately the solution was fairly simple: A Netgear MR2100 LTE
| router and a couple of magnetic Mimo antennas out the window. The
| trickier part if selecting the best network for your location -
| you just have to do this by trial and error, _do not buy
| contracts_ , only buy pay monthly, for the UK there are only 3
| physical networks so this didn't take long.
|
| This thing is not cheap (~PS400 it's actually gone up), but
| mobile internet is generally cheaper anyway and it is absolutely
| worth getting a proper Cat10 modem. Do not be tempted by the
| masses of cheapo LTE routers on amazon, (many TP link ones too).
| The Cat10 ones are expensive, but you need all of the carrier
| aggregation you can get hold of to get a decent reliable signal
| and decent throughput a Cat4 or 6 modem will never reach it's
| frequently advertised theoretical maximum throughput.
| formerly_proven wrote:
| So after the Ubiquiti debacle I went out and looked for a similar
| combination (solid hardware + not-too-annoying software). After
| briefly considering Mikrotik (which has issues with ac (wifi 5)
| and no ax (wifi 6) support) I settled on Grandstream for now.
| They don't just make phones but a small set of fairly nicely
| featured wifi APs for ok prices. Hardware seems solid, Software
| not annoying.
|
| I've bought a few pieces from TP-Link when I was a poor student,
| not too bad as far as datasheet-specs per dollar goes, but the
| firmware was always exactly the kind of trashfire you'd expect
| and the hardware exactly what you paid for (not much). Definitely
| the kind of device you have to try real hard to fake your
| surprise when you find dozens of unpatched CVEs and no firmware
| updates.
| willis936 wrote:
| Ubiquiti's Unifi line seems riddled with issues. Why would I
| want an account or the internet involved in any part of my
| network control?
|
| However, I am quite happy with the Edgerouter series. I just
| wish it got more updates. The last update to EdgeOS is 6 months
| old. I don't like my security gateway not being patched with
| weekly security updates.
| andrewxdiamond wrote:
| I don't think an account is actually required for UniFi,
| although it's the default route. It enables remote
| management, which is an nice feature for techies helping
| parents with wifi problems.
| lotsofpulp wrote:
| I have good experiences with Aruba instant on stuff for home
| networking.
| newhotelowner wrote:
| Aruba instant on is super simple, and very easy to setup.
| comboy wrote:
| Got rid of Ubiquiti and the breach was just a footprint.
| Personally I'm really happy with Mikrotik. I do not recommend
| it if networking is not your thing and you just want some plug
| and play. So far I love it, wifi performance is better to me
| than unifi but that has many dimensions (I care most about
| reliability and low latency), plus it allowed me to have 10Gbe
| at a reasonable price.
|
| It's still closed source, but if you're a bit paranoid then
| OpenWRT does not solve your problems (re some other comment).
| Switch chips are computers on their own and you have no control
| over them. I would be really really surprised if they don't
| have tons of adventures in them. Reacting to magic packets or
| even something that may not be visible to L3 sniffer seems
| trivial to implement in ASIC. Firmware of network cards is also
| something outside your control.
|
| Long story short, I would suggest starting to treat your local
| network as if it was public Internet. E2E, firewalls, honeypots
| (obscure ones) and backups. I mean, if you care, perfectly fine
| not to, life's short.
| newhotelowner wrote:
| Ubiquiti was nice. But updates were horrible.
|
| If there is a power outage, or cloud key gets restarted without
| shutting down, database gets corrupted. None of the other
| hardware - microtik, ruckus, Aruba instant or OpenWrt - has
| that issue. Ubiquiti added a battery to new cloud key to fix
| the issue.
|
| I moved my hotel's wifi to Ruckus & another to Aruba instant
| on. It's been more than 12 months, and everything is working
| without any issue.
| andrewxdiamond wrote:
| > So after the Ubiquiti debacle...
|
| I was in this same boat, but did you know that data breach was
| completely fabricated by a disgruntled employee? They didn't
| actually leak any data or had any real breach. It's still not
| great that this was doable, but at some level, someone has to
| have the keys to the kingdom.
|
| https://news.ycombinator.com/item?id=29411775
|
| I think Ubiquiti makes really nice gear for prosumers, and it
| is completely unfair that their good reputation has suffered so
| much over this incident.
| bpye wrote:
| There was more to the debacle, for example, putting ads for
| their other products in the controller UI.
| azinman2 wrote:
| Given their inexpensive pricing, as long as they only do
| that in their admin interface and don't mess with my
| packets, it's not worth throwing the baby out with the bath
| water in my book... especially since there are no real
| competitors offering good hardware with nice UI.
| rhizome wrote:
| Does Ubiquity use a standard ad network architecture that
| allows code from unknown third parties to run within your
| network?
| sgarman wrote:
| Or the new version of their controller software missing
| huge chunks of functionality causing you to keep switching
| from new UI to old UI depending on what you needed to get
| done.
| icelancer wrote:
| I think most of the complaints about UI are overblown (as
| commenters in this thread have pointed out) but this one
| is absolutely brutal. Sitemap works in one UI but not the
| other; some features work in new but not old...
| ridiculous.
| universenz wrote:
| Although to be fair, while this has been super annoying,
| they are slowly getting there with recent releases. It
| definitely has the new product manager 'start from
| scratch clean slate' vs 'inherited mess' while co-
| existing vibes. Once they have hit parity, the cadence of
| this new team's releases should turn into a feature
| because they are consistently releasing updates/fixes way
| differently to previous management.
|
| I still hate that the iOS Protect UX/UI has never used
| their own app beyond 9-5, as dark mode was removed and
| the interface is PURE WHITE. The iOS Network UX/UI
| designer has clearly used their app at night, hence a
| dark mode existing.
| petre wrote:
| We have an EdgeRouter. The firmware is super annoying, I
| couldn't get it to do everything that I want, boring stuff
| that is easy with FreeBSD or OpenBSD and PF, Linux or
| Mikrotik for that matter. IPv6 also is only configurable from
| the console. The hardware us good though, does lots of pps.
| Too bad its ruined by annoying software.
| alerighi wrote:
| I like products from GL-inet. I have one of their small routers
| for my house, native support for OpenWRT, without doing
| anything difficult to install it (no need to flash via serial
| port, there is also a nice uboot recovery web interface in case
| you brick the device by flashing the wrong image as I did!),
| everything works nicely out of the box.
|
| They are small AP so not that big range, but rather inexpensive
| and you can have a lot of them in your house (of course if you
| already have a wired network).
|
| And by the way if you don't want to bother flashing OpenWRT...
| the stock firmware is already a custom build of OpenWRT, and
| fully unlocked, you can connect in SSH, install Luci, and
| install packages without limitations. Of course you can also
| use the simplified web ui that they provide that is nice. I
| installed a custom version just because I wanted to have more
| updated packages, but the stock one works fine if you only need
| an AP.
| cbdumas wrote:
| While we're talking routers I'll plug Mikrotik. Some basic
| knowledge of the Linux networking stack is required so they're
| not great for a general user, but for ~$50 I got a device that
| handles my setup with ease (Ipv4 over PPPoE and IPv6 over 6rd)
| and I'm seeing throughput significantly higher than my previous
| router which was a Zotac mini computer running pfsense. If you
| are more toward the power user / networking nerd end of the
| spectrum I'd recommend Mikrotik.
| aquafox wrote:
| I'm the one who made the original observation of the hidden
| network in the TP-link forum: https://community.tp-
| link.com/en/home/forum/topic/170160
|
| Took a long time until TP-Link offered a firmware update to
| disable the mesh functionality. Happy to see the issue mentioned
| here.
| 3np wrote:
| A bit of a tangent, but I recently discovered GL.iNet[0] and
| ordered a couple of routers and hotspots. HK vendor for network
| devices running forked OpenWRT with a bunch of extras and
| customization.
|
| I haven't had the time to dive deep enough into all of the code
| yet, but so far I'm very optimistic. Not perfect; some of the
| more interesting functionality (like site-to-site VPN) is tied to
| a proprietary closed SaaS with associated telemetry (and maybe
| even backdoors, intentional or otherwise). The Wireguard setup is
| for some reason (legacy?) not using the OpenWRT WG-interfaces but
| set up using custom init scripts. And getting anything else than
| OpenWRT/LEDE running on them with full hardware support will
| probably be a significant effort. I'm a bit wary of using the
| stock OS without compiling it myself because, well, you know.
|
| Still, the sources are provided (including instructions on how to
| customize and compile your own OS/firmware). The locked-away
| functionality can be ported/unlocked if you're up for it. They
| fully support users hacking their devices all they want - and
| stuff like this[1] shows some hacker DNA. Out of the box the
| hotspot is by far the best I've found in the price-class.
|
| The mudi's pretty cool; pocket wifi with swappable miniPCIe
| 4G/WiFi cards and a small dongle for Ethernet. So one could make
| it into a fully customized road-warrior bridge for any
| WiFi/Ethernet devices, or whatever other shenanigans you can
| imagine with that.
|
| I really hope they steer course on the right track and don't fall
| to the same fate as Ubiquity. As mentioned I haven't battle-
| tested them extensively yet but so far I can warmly recommend
| them.
|
| [0]: https://www.gl-inet.com/
|
| [1]: https://github.com/gl-inet/portal-detection
| TechBro8615 wrote:
| I've got one of those, it's pretty nice. Last I checked
| (multiple years ago) it phoned home to a .cn address by
| default. I don't remember the details - please verify for
| yourself.
| 3np wrote:
| I will! Without the sketchy cloud stuff, the only thing I
| found so far was stuff like this, which I remove myself but
| is fully understandable - if you want to do zeroconf
| connectivity-checking on devices used in Mainland China you
| don't have much options otherwise. 8.8.8.8 certainly won't
| work.
|
| https://github.com/gl-inet/gli-
| pub/blob/326341dc5c14a256562e...
| gruez wrote:
| >[0]: https://www.gl-inet.com/
|
| I just checked out their site and their offerings look
| underwhelming. Their top of the range home router costs $90 and
| supports 802.11ax... but only at 1200Mb/s. You could buy a mid-
| range 802.11ac router with similar speeds, made by ASUS years
| ago, on sale. I guess you could argue "Openwrt" is worth the
| premium, but ASUS routers have asus-merlin for open firmware.
| 3np wrote:
| Horses for courses, I guess. For my purposes, Asus-Merlin
| does not even come close to cutting it - and I have ran it
| before on a couple of different devices.
|
| Asus routers are what's underwhelming in my experience - very
| unreliable and if you buy anything that's been on the market
| for <1-2y you never know which one will end up an expensive
| paper-weight down the line and which one will have decent
| support. The chipset vendor - avoid Broadcom - is a decent
| heuristic but not 100%.
|
| YMMV but the GL-AP1300 improved throughput, coverage and
| reliability significantly compared to my old RT-AC66U (which
| is one of the Asus devices that can actually run OpenWRT
| without jumping through hoops).
| m-p-3 wrote:
| Oof, I was about to order a Velica ($109) and they charge $47
| for shipping to Canada.
|
| No thanks.
| aetherspawn wrote:
| I have been more than happy with both my tp-link AX50 and tp-link
| AX11000.
|
| The most stable routers and best router firmware that I've owned.
| louloulou wrote:
| Not sure what they mean by "build my own router", it's easy
| enough to flash open firmware on a lot of tp-link models.
| https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2021/1...
| heresie-dabord wrote:
| Build a Debian $latest firewall on an x86 box with two NICs
| (one upstream, one downstream/intranet). You don't need much
| CPU power for a router.
|
| To downstream, connect a good switch with port mirroring. (You
| might want to be able to capture traffic.)
|
| Connect a wireless router as an access point or do double-NAT.
|
| Let the AP be a dispensable component, not the main component
| of your network.
| tannr wrote:
| it sounds interesting, however manufacturer claims it can stop
| functioning if you install "wrong" locale (whatever that means)
|
| while I cannot get how hardware can die from install different
| "driver" warnings like that put me off from using tp-links.
| Perhaps I'll buy a cheap tp-link and give it a try just as
| experiment to see how far I can get
| cesarb wrote:
| > while I cannot get how hardware can die from install
| different "driver"
|
| There are many ways that could happen. For instance, the
| software could configure as an output a pin which, on that
| particular board, is hard-wired to a power rail; when the
| opposite value is set as the output (low when the pin is
| hard-wired to power, or high when the pin is hard-wired to
| ground) it would be a short-circuit. Or the software could
| configure a programmable voltage regulator to output a
| voltage which is higher than the maximum allowed voltage for
| one of the chips on that power rail. Or the software could
| configure more than one chip on a shared bus to output
| opposite values at the same time (again a short circuit,
| unless it's something like an open-collector bus). Or it
| could program invalid values on one-time-programmable
| antifuses, for instance setting the chip to use an external
| clock which doesn't exist. Or it could write an invalid
| program to the bootloader (for instance, it might be
| expecting memory to reside at a different address, so it
| always crashes) and there's no recovery method other than
| externally flashing the NAND (that one is technically a
| "soft" brick, but most people wouldn't be able to recover
| from it). And so on.
| aquafox wrote:
| Tried it, but Wifi speed on the Archer C7 was significantly
| reduced.
| gsich wrote:
| OpenWrt probably has to do everything through the CPU. Not
| hardware accelerated like in the stock firmware.
| mhitza wrote:
| This type of whackery is (the primary reason) why I try to buy
| computing devices on which I can flash a clean OS (OpenWrt/DD-WRT
| for routers)[1]. It sucks because it limits my choices down to a
| few, but at the same time I feel like I don't throw out money at
| abandonware.
|
| [1] don't even get me started on TP-Link releasing routers with
| the same name but v2/v3/2020/2021 update where it's hard to even
| know if I'm buying the one that supports the custom OS flash.
| 3np wrote:
| You may interested in my comment below. And yes, after helping
| a family member set up a TP-Link mesh I will do my best not to
| take part in expanding their coverage again. I'm not
| affiliated, just a bit psyched about discovering that there
| exist alternatives. :)
|
| https://news.ycombinator.com/item?id=29642616
| stonepresto wrote:
| TP-Link loves to make things proprietary. They have a custom
| protocol called the Tether Management Protocol, the weird
| OneMesh stuff noted here, custom firmware headers and signing,
| etc. all without proper documentation.
|
| Many major vulns in TP-Link devices have been a result of these
| protocols, save for a few prolific things such as FragAttack.
| But hey, I guess it gives people something to hack on.
| foxrider wrote:
| I used to do that and I suggest you look into OPNsense
| azinman2 wrote:
| The author touched on right of repair. I'd love to see a law
| requiring all devices to either be supported, or if being
| sunset, being required by law to provide
| tools/source/schematics to take over the device and extend its
| utility beyond the manufacturer's willingness. Particularly a
| last firmware that disables anything requiring phoning home to
| continue to function. We saw that with OnHub recently, when
| after only 6 years Google decided to render a lot of devices
| e-waste. The least they could do is recycle them for you at
| their own cost.
| msla wrote:
| "Right of repair" being focused on hardware is a neat little
| trick to enforce the illusion that changing software is
| _beyond_ your rights as a consumer. Yes, you can fix the
| antenna when it breaks, and focus on how hard the fight was
| to get the right to fix the hardware you own... which you don
| 't own as long as the company uses software to control what
| the hardware can and cannot do. But you sure physically own
| those mostly-useless atoms real good!
| R0b0t1 wrote:
| I had no idea it was focused on hardware. It applies to
| software too.
| tablespoon wrote:
| > "Right of repair" being focused on hardware is a neat
| little trick to enforce the illusion that changing software
| is beyond your rights as a consumer.
|
| Is it a trick, or just limited imagination?
|
| My impression is that "right of repair" came from
| mechanically-minded people seeking to maintain their
| traditional ability to repair physical devices in the face
| of corporate hostility (e.g. farmers vs. John Deere).
|
| > Yes, you can fix the antenna when it breaks, and focus on
| how hard the fight was to get the right to fix the hardware
| you own... which you don't own as long as the company uses
| software to control what the hardware can and cannot do.
| But you sure physically own those mostly-useless atoms real
| good!
|
| This seems more of software-centric Free Software attitude,
| which is not a place someone with mechanical skills but not
| very strong software skills is likely to arrive at
| themselves.
| rhizome wrote:
| Imagine not being able to use a lawn mower engine to make a
| go-kart.
| synergy20 wrote:
| Buy routers that can work with Openwrt, period.
|
| TP-Link actually has quite a few(not the newest models though,
| but the not-newest-model should work for 95% of the customers)
| that runs openwrt well.
|
| All my routers are running non-vendor firmware(e.g. openwrt) for
| the last 15 years, never had any troubles.
| jorvi wrote:
| Sadly OpenWRT doesn't support band steering.
| howdydoo wrote:
| If you have a home router, do yourself a favor and install
| OpenWrt. You won't have to worry about the UI lying to you.
| encryptluks2 wrote:
| Many TP-Link products are absolutely terrible. Their Mesh
| products at Costco, you have to use an app on your phone to
| manage them and they are tied to an online account so presumably
| they are shipping your network info back to China. They won't
| even let you change your login email address once you've
| registered.
| throwaway180118 wrote:
| Not only does their Deco mesh force you to use their cloud app,
| but there's no 2FA.
| orangepurple wrote:
| Cheap $20 TP-Link Wireless AC routers are capable of reliably
| running latest builds of DD-WRT if you turn the link power
| down. I run my TP-Link TX power at the minimum allowable
| setting. You can count on a reliable 866 mbps!
| 3np wrote:
| That last point was so infuriating. Was home visiting family a
| while back and helped them set up their new TP-Link network.
| Reluctantly installed the management app on a device of mine,
| and made my family member admin with full permissions (or so I
| thought).
|
| Only after I left town did we realize I'd have to hand them my
| account to actually give them the admin rights.
| tannr wrote:
| zokier wrote:
| > I had to move away from Asus as they didn't provide a good
| hardware solution for 4G
|
| Surely a 4G USB dongle would work fine in a linux router such as
| those from Asus?
| petre wrote:
| Oh come on, a dongle? In 2021, really? Most dongles on the
| market are Huawei anyway and they do NAT, no bridge or modem
| mode. You have to pull down some pin to ground and reflash them
| to get actual modem functionality. I've got one in my drawer.
| Plus when they get hot they'll start causing issues.
| aivisol wrote:
| Mikrotik SXT LTE6 works for me as I am in a very remote place.
| RouterOS is really great piece of software, you have web based
| GUI, you have fully featured CLI with all things you need from
| router: NAT, firewall, port forward, I cannot name them all, I
| believe I barely use few % of what is inside. Ubiquiti UAP-AC
| as an AP.
| depingus wrote:
| AT&T has been doing something similar for years.
|
| https://forums.att.com/conversations/att-fiber-equipment/pos...
___________________________________________________________________
(page generated 2021-12-21 23:00 UTC)