Tuesday, 26 July 2016

Supercharge Your Router

As routers become more mature the manufacturers seem to be removing many features in order to make them more "user friendly".

I have a suspicion this is being done not to make them more user friendly, but rather to reduce the number of things someone has to understand, thereby reducing the manufacturer's support costs. In the name of simplicity we are being denied security capabilities and many great features.

Fortunately we don't have to stick with the status quo. There is a free alternative that can turn most home routers in to the equivalent of a powerful enterprise-grade router, and it doesn't cost a cent.

DD-WRT can be loaded on literally hundreds of different routers, and once it is the results are amazing. You can check to see if your router is compatible here. I loaded it on my Dlink-DIR880L router a few months ago and was thrilled to see it's capabilities, far more than D-Link shipped it with!

The performance of my router increased once I loaded DD-WRT. If you didn't realize your router has a CPU and RAM just like your computer you're not alone. Routers are just small purpose-built computers.

Because DD-WRT is very efficient l found that most of the CPU and RAM in my router is now unused. This isn't a bad thing, it means the router is running so well it doesn't need as much horsepower as I have to get the job done. That translates in to faster routing, it's primary job.

Below is a snapshot of my current router load, I have 20 tabs open in my web browser, am streaming satellite radio over my ipad, have my FireTV box updating some add-ons, and I'm sure several other devices in the house are talking to the internet.


As you can see the load average on my router's CPU is below 1%, and the RAM is 86% free. That means my router has a lot of resources ready to deal with any increased demand I suddenly drop on it.

Now let's talk about some of the capabilities you get with DD-WRT that probably aren't on your current home router, including the ability to adjust the WiFi transmit strength.

VPN

Ever gone to work and wished you could grab a file off your home network to use? Or maybe you wanted to stream music from your home network at the office. With a VPN you can. VPN stands for Virtual Private Network.

In this case the VPN creates a secure, encrypted, end-to-end tunnel between the computer you are using outside of your network, and your home network. Once it's connected you have access to all the same resources you do when you are home, including files and printers. VPN's keep out prying eyes, and as long as you choose a strong password, they are pretty safe to use.

Dynamic DNS

So using a VPN sounds great, but how do I connect to it? My ISP (Internet Service Provider) is always changing my IP address, and I can't remember all those numbers anyway.

No problem, DD-WRT supports several dynamic DNS solutions, including the FreeDNS service from afraid.org  You register a name for free (Like homegeek.afraid.org) with the service and the router will "phone home" to FreeDNS any time your ISP changes your address.

You just set your VPN to connect to the name you chose (in this case homegeek.afraid.org) and let your router and FreeDNS take care of figuring out the rest.

Website Blocking

Most routers let you set rules to deny access to certain websites, and DD-WRT does as well. In addition DD-WRT will let you block access to websites containing any keywords you choose to enter.

In fact, you can set different rules for different devices, and have them run on different schedules (Days of the week, hours of the day). Suppose you wanted to keep the kids ignorant of Pokemon GO!. You could easily create a rule to deny any website that contains the word "Pokemon". Problem solved! At least until they go to a friend's house.

Firewall

I've had several people ask me how to block certain IP addresses on their routers, usually because they want to get around geo-blocks for streaming services. (Think watching US Netflix in Canada).

With many home routers the ability to block an IP address or set of IP's has been removed. With DD-WRT you can easily block as many IP's as you want, just like a commercial firewall.

There are security reasons you may want to block IP's. I recently read an article that discussed an outbreak of ransomware originating from several IP's in Turkey. (Ransomware is bad software that encrypts all your files and demands a cash ransom to unlock them)

I blocked those IP's on the router and now I don't have to worry about anything on my network connecting to them, the router refuses all inbound & outbound connections to those addresses.

Other Services

There are a bunch of other things you can do with DD-WRT. It can filter out common ads, act as a WiFi HotSpot, run an FTP (File Transfer Protocol) server, act as a web server, even change the transmission power of your WiFi.

Every option has a help tab to explain what it does and how it works. There is also an extensive Wiki that goes in to greater detail on the various capabilities offered by DD-WRT, you can read it here.

At this point if you want to learn more about installing DD-WRT you can click here for full instructions. When I installed DD-WRT the process took about 10 minutes, time I consider well spent.

Happy surfing!

-The Home Geek








No comments:

Post a comment