Monthly Archives: December 2018

TP Link Archer VR600

TP-Link Archer VR600

You might be wondering why I’m blogging about another router just after buying myself something much nicer. The answer, as ever, is one of the handful of friends and family for whom I still do tech support. In their case, it really had to be a single-box solution which does everything, and while MikroTik is all good fun to spend hours configuring for oneself, something much more plug in and go was needed in this case.

The person in question had a Billion 8800NL (ISP supplied), which is well regarded but felt a bit flimsy. More to the point, it didn’t seem capable of reliably reconnecting after line drops without being turned off and on again. Things had massively stabilised (maybe one reboot per week required) and I was almost tempted to leave well alone, but even one failure to recover automatically is really too many for this user. It needs to Just Work, especially since we are indulging in the rather adventurous practice of VoIP over ADSL as this person’s primary “landline”.

A trawl around Amazon for ADSL routers is a rather boring thing. Anything costing less than £100 – and plenty costing that or more – seem to have at least some reviewers ranting about lock-ups, over-heating and dead spots. In the end, we spent £100 on the TP Link Archer VR600, partly because it looked OK and partly because I could go and get one from Argos rather than waiting for delivery.

It’s quite nicely built, and the web interface makes reasonable sense. It allows various things including setting it to respond to pings from the internet (essential for my tech support “clients”, whose lines I have configured on my monitoring system so I get notified of any outages), and the usual array of port forwarding, WiFi, etc. It was rather sad to find an option in there to have the thing reboot itself on a daily or monthly schedule – surely an admission that they haven’t engineered it very well in the first place…

That said, it was really good to find an option for automatic firmware updates – the days of downloading arcane .bin files and uploading them by hand are (or should be) well over, and I’d much rather have an installation like this one take care of itself automatically.

The router also allows remote admin from a specified IP address, which is handy as it allowed me to set it up for remote control from a location of mine with a fixed IP. This is good in theory, but the web interface is horribly broken unless you visit it at http://ip-address-of-router (i.e. anything different in the address bar, caused by assigning some DNS or reaching it indirectly via a port forward, causes it to get upset and fail to load its CSS).

I’ll update this post in a couple of weeks with how well it manages to hang on to the ADSL connection (and recover it in the event of blips).

Update, 5 January 2019: The end user now thinks the connection is rock solid reliable. Nagios shows it does still flake out occasionally, maybe once every few days, but these blips all seem to recover automatically without human intervention. The Billion is going on eBay.

Innotech iComm and SSH port forwarding

You don’t get uptime like that on anything modern

A bit of a blast from the past, this one.

Back in 2011, we replaced all the heating at the church. Sadly this was just before the era of off the shelf heating controllers which did multiple zones and could be controlled from a web page or an app. So instead, we have a more old-fashioned HVAC controller made by Innotech. It cost (from memory) a couple of grand to source and install, and it’s less capable (in my opinion) than a Raspberry Pi with a few relays wired to it.

It was designed to be controlled over serial, so the installer attached an Ethernet to serial module to it, we ran Ethernet to the basement, and bam – we can use their clunky but servicable suite of Windows apps to program the temperatures and seven day calendars controlling the heating and hot water.

Sensors report … lots of things

The installer claimed this could be done remotely by forwarding the port the software uses (20000) from our ADSL router to the controller, then connecting to our IP address remotely. This never worked at the time (we suspected the latency on our ADSL upset it), but now we have a Virgin Media link it was time to try again.

This stuff may be arcane, but exposing it unprotected to the Internet felt like asking for trouble. However! A quick port forward in PuTTY (connecting to the Raspberry Pi sitting in our comms cabinet), and it actually manages to talk to localhost and works.

Now that it’s finally possible to work with this stuff from the comfort of my own home, I am tempted to see if I can reverse engineer enough of its communications to write a web front end and ditch the elderly Windows apps.

Triple monitors + T470s: yes you can

If you happen to have a Lenovo T470s and a USB-C dock with a single HDMI output, it seems Windows 10 can cope with driving twin external displays: one over the dock, and one on the laptop’s own HDMI port. This is in addition to the laptop screen, although my particular monitors aren’t HD.

Update: don’t unplug the connections after suspending the laptop, or the internal display won’t work when you wake it up again!

Mikrotik hAP ac: really rather nice

Mikrotik hAP ac

I got myself an early Christmas present. Various things have always bothered me about ISP-supplied routers. In particular, the BT Home Hub 6:

  • Slow web interface
  • Can’t be made to respond to ping from the internet (or at least, the machine running my monitoring system)
  • IPv6 support feels sort-of iffy – hard to pin this down, but sometimes devices seem not to get a v6 address for no good reason
  • No way to get it to tell you stats, e.g. how much have I downloaded this month? (Useful to know if you’re pondering the cost of switching to an ISP with usage-based billing)
  • No guest WiFi network option
  • Broadcasts a BT Free Wifi type network with no way to turn it off
  • Occasionally gets a different IPv6 prefix when rebooted

And, although you can keep the WiFi network name the same when swapping in a new router, you still end up having to reconfigure static IP addresses, port forwarding, etc. Time to separate the job of routing from the job of speaking to my ISP…

Various colleagues recommended Mikrotik. I had a dig around their Home/SME offerings and decided on the hAP ac – for a two bedroom flat, fewer Ethernet ports and faster WiFi makes sense. It’s handy that it has five ports, because all four on the HomeHub were occupied, and of course you need an extra one to link to whatever takes over the job of establishing your DSL connection. Fortunately I happened to have one of these lying around:

The classic OpenReach VDSL modem (ECI). They don’t do them any more.

These aren’t the most awesome VDSL modems in the world – you can’t get it to tell you the sync speed, etc. – but the HomeHub claimed I was syncing at 80mbps down and 20 up, and speed tests via the above and the Mikrotik suggest I’m still in that ballpark. Maybe I’ll replace it with something fancier in due course.

First impressions of the Mikrotik are good – with their quick setup and some Googling, it took me less than 20 minutes to re-establish WiFi and an internet connection with IPv4 NAT and a sensible default firewall. Someone out on the internet had written up the instructions for getting BT’s IPv6 working, and it looks like their prefixes are supposed to last for 10 years – so hopefully telling the Mikrotik to supply a “prefix hint” to re-request the same one on reboots should put a stop to the occasional changes.

The web interface is nice and snappy and allows you into all the hidden corners. You do need to know a decent amount of networking, and a bit of Linux IPTables, to make sense of it all. You can also configure over SSH via the command line.

To make the transition easier, I set it to broadcast the same WiFi network name (with the same password) as the old HomeHub. Almost everything transitioned over seamlessly. The one exception was the Amazon Echo (interestingly, the newer Echo Dot was OK). A bit of Googling suggests that it does not like the default DHCP lease time on the Mikrotik. Ten minutes does seem a bit tight, so I’ve bumped it to 24 hours and Alexa now seems happy.

Finally, guest WiFi was easy to turn on. I have a more complicated future set-up in mind, but for now, everything is in place and it’s nice to know that next time I change ISPs, I’ll only need to plug in a new bridge (or even just new credentials for the PPPoE link), and everything else will stay the same. And for the first time in four years, Nagios can run active ping checks on my home connection and see that it’s up.

Update: the “Torch” and packet dumping features are excellent – this sort of instrumentation capability comes in really handy for the discerning nerd, e.g. seeing what your IoT devices are up to.