Udostępnij za pośrednictwem


5 worst problems of home-grade routers

During our crusade for Home Server and Beta programs we faced a multitude of home network configurations. We learned a lot, and some of that we did not like. In fact, that's our beta-participants who did not like that, it's just they did not know what it is until we did investigations on the failing sytems. Now we know.

Let me share a few points on how the choice of your router can impact you, not just with Windows Home Server, but with any computers, Windows or not. Ever had a complain of a child that they need mom's computer to print a school report, because their computer "does not print"?

Routers is the most important piece of home network infrastructure, especially because most people set it right after cable or DSL modem and allow all the home machine to be connected to it. Here are in my opinion the worst things the router may do or have:

  1. Rejection-based firewall
    Some routers allow all traffic and only allow block a few specific ports of addresses. To make this worse, they may have a limited space for rules, hence allowing to block only a few ports. Fortunately they are also too dumb to be able to route incoming traffic, which alleviates most of security pains, but still leaves the home network pretty open, compared to permission-based firewalls, where all traffic is porhibited and opened for specific ports, with most popular ports preconfigured.
  2. No name resolution or name resolution that does not include local DHCP-managed hosts
    Some routers give out IP addresses over DHCP but don't bother to provide name resolution for them. As a result, home network machines cannot access each other. You can do a few tricks using workgroups with WINS or static IPs, but it's so better when a reasonable local name resolution is available.
  3. Blocking some internal traffic
    That's why UPnP may not work. Not just with WHS, but also with your Roku and other media streaming devices. Devices consuming media over network depend on UPnP discovery process. It may also interfere with file and printer sharing - a bad thing on Internet but very important inside the house.
  4. HTTP Proxy and HTTP Proxy configuration
    Looks like a cool idea, right? Especially, if you can configure parental control to restrict your child browsing with it. Parental control may be an important thing, but there are other ways to implemnet it on a router. As to the proxy, you need a real good implementation, which should be also bound with local name resolution for everything to work right. It occurs that some proxies in some routers out there are not implemented right.
  5. Limited bandwidth
    This one came as a surprise to me. Early in the game we decided that Windows Home Server will not be used as a boundary machine. Really, if you put a lot of sensitive data on it, you don't want it be directly connected to Internet. To my surprise, on a Russian forum on WHS (yes, we have one, WHS Beta was surprisingly popular there), a lot of people were asking if they could do that. When I asked why, the truth revealed itself. It happened that Windows Server 2003, which is the base on which Windows Home Server is built, is sometimes 10 times faster as a router than off-the-shelf gigabit routers. Apparently, gigabit network cards is not the only factor that defines your Internet speed.

I probably missed some problems like UI configuration usability, but it feels to me these are the big five. What would you add t this list?

Comments

  • Anonymous
    July 31, 2007
    The comment has been removed

  • Anonymous
    September 28, 2007
    The comment has been removed

  • Anonymous
    September 28, 2007
    I have a router that ignores the configured gateway settings for the machines on the network.  It happens that one day I wanted to set up Internet Connection Sharing on one of the machines on the net (my DSL was down, so I had to access the external world via a 56K modem for a couple of days).  However the router, instead of forwarding the packets destined for the ICS machine to it, noted that they were addressed to an external IP address and tried to forward them down its disconnected DSL link instead.   Or at least I assume that's what happened.  They certainly never got as far as the ICS machine. Also, reliability, as Remi says.  I have to reboot mine on an almost daily basis.

  • Anonymous
    September 30, 2007
    The comment has been removed

  • Anonymous
    September 30, 2007
    "It happens that one day I wanted to set up Internet Connection Sharing on one of the machines on the net" I had this happen before and I was able to work around it by plugging the uplink port of the router back into itself.  This is horrible network design, but somehow it worked and it was only a temporary solution.

  • Anonymous
    October 01, 2007
    How about including the tendency for home-based routers to automatically clear their NAT tables after about 5-20 minutes of idle connections?  I've been connected via SSH or telnet to a remote server and had the connection simply 'forgotten' by the router because I had moved on to another task for a few minutes.

  • Anonymous
    June 13, 2008
    The comment has been removed