Thursday, October 27, 2011

Netgear WNDR4500 (N900) review

Update (October 29th, 2011): See my update at the bottom.

I thought I'd put my comments on the Netgear WNDR4500 that I just bought. My old setup was an old Netgear ProSafe router (wired) and a Linksys WRT54G plugged in it and used only has an access point. This was plugged into cable Internet at a theoretical speed of 60Mbits/s.

The wired router couldn’t handle more than 30Mbits/s and it went down to 20Mbits/s going through the Linksys (I never dreamt of seeing those speeds when I bought the Linksys). If I plugged in a computer directly on the cable modem, I got a speed of 63.5Mbits/s. So since I didn’t need the small business features of ProSafe anymore and that I was starting to have some 802.11n equipment now I thought it would be good to upgrade. My only fear was to loose my wireless coverage. I have a medium sized home with a basement, a main floor and the master bedroom on the second floor. Everything was setup in the basement and I had good to excellent reception everywhere in the house which seems to be exceptional at the time. Today I know that routers offer much more speed but I wasn’t sure in terms of coverage/distance.

I had another issue that I hoped the new router could fix: I also have a NAS on my network where my movies reside. Maybe 10 times in a 2hrs movie, everything would freeze for 10-20 seconds. I tried different reader (Quicktime and VLC) that was not the issue. I thought it was the wi-fi connection so I managed to wire my computer, the issue remained. So to me it was either the router which couldn’t handle the load/speed or the NAS (or it’s drive) that sometimes freezes up. Or could it be my Macmini?

Now on to the Netgear WNDR4500 (N900). I won’t go into the technical details as this is not a review site and you can find all the info you want googling around. Starting with the positive, just by swaping this router in place of the old one I got the following results (which I just take with speedtest.net by the way): Wired I get the full 63.5Mbits/s. Which I expected since looking at review sites it looks to be over 13 times faster in terms of routing data to and from the Internet and my local Network than my old ProSafe router. It's just nice to see that there is no overhead at all, I get the full speed of my modem. The WNDR4500 offers wireless on two bands, 2.4Ghz and 5Ghz, both offer 802.11g and 802.11n signals. 5Ghz is newer and not all equipment support it and certainly not 802.11g devices. It seems that 5Ghz could be faster and 2.4Ghz could cover more distance. In my case, my mac mini has an 802.11n adapter and supports both bands. I tried both bands and I got the full 63.5Mbits/s speed on the 5Ghz and a very good 59.5Mbits/s on the 2.4Ghz. By default the 2.4Ghz setup is not set to emit at the maximum speed so those numbers are at the default settings.

Now the bad: I also have an old laptop that has a 802.11g adapter (using the 2.4Ghz band). Since the speed limitation of the technology I didn’t really expected to get much more than the 20Mbits/s. But instead I dropped down to 15-16Mbits/s. Both computers are in very different locations but both about the same distance from the router (the mac in the master bedroom and the laptop at the other end of the house on the main floor). Signal quality was good (not excellent) which is what I had before in that room.
Also I have a wireless printer that hooked up fine to the new network and a kobo e-reader that seems to connect just fine but I can get to the Internet with it so far. I admit that I never used the browser before so it may have had a problem since before my router exchange but the wireless software update always worked fine. The other thing that bothers me a bit is that the router seems a very touchy piece of equipment. Each time I changed a setting on it, it would seem to drop the Internet connect, I couldn’t even connect to it’s internal web page. If you reboot it, it wouldn’t get the Internet connection back up again. I always had to power it off and on again. When you have to go down 2 flights of stairs and into a cramped corner to get to it, it’s a bit of a pain. At first I thought it had stability issues but now it’s been on for 24 hours without any connection issue. So once it’s setup I think it’s ok. Note that I upgraded it to 1.0.0.58 right after some initial test and downgraded it to 1.0.0.50 when I was starting to have all those stability issues, I don’t think it was the firmware fault now but I’m leaving it like that until I see a more compelling reason to upgrade.

For my movie issue, I only watch about 15 min into a movie without getting any freeze. I’ll have to go through more testing to see if it’s really fixed.

I’ll continue my testing and post more updates directly here. But my first tough is that if you have 802.11g devices this is probably not a good router for you and there seems to be lots of complaints about its 2.4Ghz performance but that I can't confirm since it got almost the same speed as the 5Ghz band on the mac mini.

Update 1:
Ok, so I had time to watch a full movie and no glitch no freeze. I'm really glad that my problem is fixed. Copying a large file in between my NAS and my computer (all gigabit wired connections) is still a bit slow and it seems to stutter a little.

I also fixed my issue with the Kobo reader. For some reason the router did not send the DNS servers to the connected computers/devices so I didn't have access to the Internet. I decided to try to reboot the router through it's web interface and ... it actually worked. First the DNS issue was fixed but more importantly by doing this I didn't loose the Internet connection. Seems to contradict my experience of the first day.

I would say that once it's setup properly it seems to be stable. At least I didn't lost my Internet connection in the last days. I'll start playing a bit more with it's configuration in the next days and I let you know my findings.

Monday, January 31, 2011

Creating server and user certificates

I went through Hell to find out how to create server and especially proper client certificates that would work correctly with all browsers, svn and https on Apache2. I went through the Apache site, OpenSSL documentation, Google, no where did I found exactly what I was looking for, even the man pages had errors. I hope there's a better way to do that but if not, here you are for all those who are looking to do the same thing:

Create a server certificate
(for use with your HTTPS server, for example):
sudo mkdir /etc/apache2/ssl
cd /etc/apache2/ssl

Just make sure to use a password everywhere it asks for one. This seems to be necessary at least for the client certificate we'll create below if you use it in OS X.

Create the server key:
sudo openssl genrsa -out server.key 2048

Create the server's certificate request. You would send this to an official Certificate Authority (CA) if you wanted to have an official certificate instead of the self-signed certificate that we will generate here.
sudo openssl req -new -key server.key -out server.csr

Create the server certificate itself. You can use this one for your HTTPS site.
sudo openssl x509 -req -days 3652 -in server.csr -signkey server.key -out server.crt

Create a 'CA' certificate. We'll need this one to create a properly signed client certificate.
sudo openssl x509 -req -in server.csr -extfile /etc/ssl/openssl.cnf -extensions v3_ca -signkey server.key -out CAserver.crt

Create a client certificate
Create the client key:
sudo openssl genrsa -out user.key 2048

Create the server's certificate request.
sudo openssl req -new -key user.key -out user.csr

Create the client certificate signed with the 'CA' certificate we created above.
sudo openssl x509 -req -days 3652 -in user.csr -extfile /etc/ssl/openssl.cnf -extensions usr_cert -CA CAserver.crt -CAkey server.key -CAcreateserial -out user.crt

Create a PKCS#12 version of the certificate for use on the user system.
sudo openssl pkcs12 -export -in user.crt -inkey user.key -out user.p12

Just import this p12 file in your certificate manager (Key Chain in OS X).