Modem/router woes



  • Last night, I was attempting to set up a Minecraft server and configure port forwarding on our router so some friends could join. Along the way I discovered a WTF-infested router that, given the supplier, really shouldn't have suprised me.

    It's a combination DSL modem/router/WAP provided by our ISP (who is a major WTF themselves, I suppose TRWTF is monopolies because we literally can't switch provider). I logged into its web configuration page and got a 500 Internal Server Error. Tried again. Same thing. The third time I must have paused because it worked. And I quickly discovered that if you click any button or link within 2 seconds of the page load, you get a 500 Internal Server Error.

    I navigated through the menus, counting "One-one-thousand, Two-one-thousand" with each click, and found the port forwarding configuration page. I typed in the IP of my server and the port number, and clicked "Accept". It took about 20 seconds, but it completed without (visible) error.

    Great. I texted my friend, he tried to join, and couldn't. I looked at the page and saw there were no port forwarding rules configured. Thinking my Minecraft-deprived brain had given me the tremors and caused me to click the wrong button, I reconfigured it...and there were still no rules configured. Because of the "If it doesn't work then keep trying and eventually the stars will align and it'll work" philosophy that was painfully beat into my brain last year by Apple's Xcode IDE, I tried several more times. I eventually concluded that port forwarding is totally broken, and cannot be configured.

    Time to try a firmware update, since this thing has major issues anyway. And this is the culmination, the "Representative Dialog Box" of the router's config site, and a monument to my ISP's sins. I really wish I'd taken a screenshot. Here is the dialog that it presented me: "This will update your router's firmware. Click OK to cancel, or Cancel to continue."

    (Of course the firmware didn't help, and we ended up switching back to the old router this one had replaced, which has working port forwarding but randomly disconnects from the DSL all the time.)



  • @mott555 said:

    ... I suppose TRWTF is monopolies...

    Why don't you just set up your own community broadband service?

    I'm sorry. That was meant to be funny, but I realise now it was just dark.



  • I once encountered a similarly poor router when sorting out WiFi for friends of the family in a small office, having not consulted anyone before buying the equipment (knowing only that they needed 'One of those rootah thinigies') they now decided they needed help to set it up.


    It was some cheapy plastic Chinese attempt from a brand I had never heard of in a box plastered with Engrish.


    The first thing was of course to hook it up to a laptop, log in with the default login and start configuring the thing... I wish it was that easy, up pops the login page and as I start to type, my text disappears, 'How odd.' I thought.


    After a couple more attempts I realise that the page is being refreshed, so I could mess about killing the refresh or try and post the information myself... ahh sod it I'll race the router.


    The easiest way to log in was to copy the password into the clipboard and then race between page refreshes to type 'ADMIN-TAB-CTRL-V-ENTER' as quickly as possible.



  •  I think now that modem-router combos are bad idea. And if you happen to have cable, a DOCSIS compliant device can't be end-user upgradeable (that's a DOCSIS requirement). So you can't upgrade your cable router firmware, otherthan having your provider to push the upgrade from their end.

    I've had pretty good experience with Netgear 6300 router. Although, I suspect the poor thing, when starts, runs the TFTP server for firmware upgrade not only on LAN side, but also on WAN side. It so happened that it used to hang during boot if WAN link was up.



  • Frontier (an ISP) routers have this bit of Javascript in the onkeyup of the password field in the login page: http://privatepaste.com/cb97bea514 (Link because it's huge). I was quite confused when I set up lastpass to remember the password and it wouldn't work until I discovered the number of asterisks in the field were different from the number of characters in the password when I typed it manually, decided to debug, and discovered it.

    And I mean it's the value of the onkeyup attribute of the <input type="password"> element. It's all in one line there in the HTML; I split it into lines for readability.

    Edit: pass2 is the id of the password field (although its "name" attribute is set to "passwd1"). pass1 is a hidden input just above it with the name "passwordmask_1001322147" - the name looks random but seems to only change after a login attempt instead of on every refresh. However, that field is also empty, because submitting the form clears it out and populates *another* field with the name "md5_pass".

    My bank doesn't have this much security. Why would it? It just uses SSL...



  • @alegr said:

     if you happen to have cable, a DOCSIS compliant device can't be end-user upgradeable (that's a DOCSIS requirement).

    From the end-user's perspective, is there any good reason for this?



  • @lolwtf said:

    @alegr said:

     if you happen to have cable, a DOCSIS compliant device can't be end-user upgradeable (that's a DOCSIS requirement).

    From the end-user's perspective, is there any good reason for this?

    Your neighbor can't upgrade their device in a way that breaks stuff for the ISP and thus interrupts your service.  So kinda?  Depends what other near by end-users are like.



  • @locallunatic said:

     

    Your neighbor can't upgrade their device in a way that breaks stuff for the ISP and thus interrupts your service

     

    But he probably can upgrade YOUR device, because your ISP left the default authentication password of "CiscoSystems1234" and the protocol uses 16-bit encryption keys. That the router doesn't even check properly due to a (well known) bug in the 1995 encryption libraries that it uses.

     



  • @mott555 said:

    I logged into its web configuration page and got a 500 Internal Server Error. Tried again. Same thing. The third time I must have paused because it worked. And I quickly discovered that if you click any button or link within 2 seconds of the page load, you get a 500 Internal Server Error.
    Just got a new DSL modem/router combo and ran into the same thing, except I get a 400 Bad Request error.  Strangely, it only happens with Firefox and not Internet Explorer.



  • @El_Heffe said:

    Strangely, it only happens with Firefox and not Internet Explorer.

    I've encountered quite a lot of ISP-supplied routers that really can't be properly configured except using IE6.



  • @alegr said:

     I think now that modem-router combos are bad idea. And if you happen to have cable, a DOCSIS compliant device can't be end-user upgradeable (that's a DOCSIS requirement). So you can't upgrade your cable router firmware, otherthan having your provider to push the upgrade from their end.

    I've had pretty good experience with Netgear 6300 router. Although, I suspect the poor thing, when starts, runs the TFTP server for firmware upgrade not only on LAN side, but also on WAN side. It so happened that it used to hang during boot if WAN link was up.

    I probably am lucky then, because my ISP who uses cable offers the option of "turn my modem/router combination into a modem". Which means that I could use my own router if I wanted to :)



  • I noticed that my ISP started giving out modem/router combos to VDSL customers that can only be configured through their service pages (not directly on the router). However, when they started giving them out, the service pages weren't ready yet, so if you wanted to do any kind of settings, you had to phone the ISP, and had them configure the thing (when I had VDSL with them, the modem they gave was just a modem, and the optical converter I have now is also just that; luckily, even these new boxes can be put in just modem state, but when I was configuring them at client's locations, that meant phonecalls).



  •  @lolwtf said:

    @alegr said:

     if you happen to have cable, a DOCSIS compliant device can't be end-user upgradeable (that's a DOCSIS requirement).

    From the end-user's perspective, is there any good reason for this?
    Suppose you bought your own cable modem-router at Fry's. The provider won't upgrade its firmware ever. That was the case with Motorola SurfBoard modem/router/access point. It was quite shitty, wireless was shit. Its "DoS attack protection" had the side effect of fucking with your DNS requests, so you keep getting "host not found" errors.


  • @lolwtf said:

    @alegr said:

     if you happen to have cable, a DOCSIS compliant device can't be end-user upgradeable (that's a DOCSIS requirement).

    From the end-user's perspective, is there any good reason for this?

    You can DOS your neighbourhood by jamming the feedback channel. Pretty strong motiv for making it hard for the user to change anything.



  • When I upgraded my Comcast package the technician threw to the side my perfectly functioning linksys router running dd-wrt to put in some abomination of a modem/router combo.  At least port forwarding works on mine, but the Dynamic DNS page simply gives a 404 when you try to enable it.

     No way to put the thing into bridge mode or anything like that either it seems so you're basically stuck using this POS.  I've been meaning to replace it with my own "Comcast approved" modem but haven't felt like wasting a day doing it, which is what by others' accounts is the time it takes to argue with Comcast to get them to authorize the thing.

     The most frustrating part is I'm sure the OEM device offers all the functionality you would expect, but the ISPs just cripple them with their own half baked firmware.



  •  I guess I'm lucky the. Here if you chose cable you only get a modem and it is "rented" meaning if you cancel the contract you need to return it. They do offer you a cheap router but you don't have to take it and hence can choose your own.Ifyou go with one of the phone companies eg. DSL, you in general get a modem-router. That alone was reason enough to go cable besdies the way higher bandwith at same cost.



  • A friend of mine has a router where the background is gray-on-white text reading "DEMO DEMO DEMO".

    Anyway, install Linux on that junk.



  • @beginner_ said:

     I guess I'm lucky the. Here if you chose cable you only get a modem and it is "rented" meaning if you cancel the contract you need to return it. They do offer you a cheap router but you don't have to take it and hence can choose your own.Ifyou go with one of the phone companies eg. DSL, you in general get a modem-router. That alone was reason enough to go cable besdies the way higher bandwith at same cost.



    I spent a summer in college working phone support for a dsl company. I know EXACTLY why they prefer customers use modem/router combos sourced by them. It make supporting it over the phone a lot easier when you can walk the customer through a specific series of steps instead of having to guess and hope that they are actually describing what their firmware looks like. And just going "oh, you have some shitty, cheap off-brand chinese router; sucks to be you" doesn't really help with customer satisfaction. Instead yu have to sit there and hope that when the person with the inpenetrable appalachian accent describes a blue button that says "restart" they actually mean the restart button and not the "reset to factory default, wipe all info on the router and lose all the work you've been doing for the past hour" button.

    That said, it's also nice to be able to just do support on the modem, get them internet on one machine and tell them to call linksys or something to fix the router problems. It's just that for the kinds of people who buy shitty rural dsl, they don't really understand the difference between YOUR magic box that gives them lolcats and the OTHER GUYS magic box. And they get real pissy when you try to pass the buck.

     


Log in to reply