Firmware FAQ

From DD-WRT Wiki

Revision as of 19:28, 12 October 2013 by Mdjango (Talk | contribs)
Jump to: navigation, search

Contents

Before install

Is my router supported?

We have a page in the Wiki just for you. Supported Devices


Will my Router Support Eko NEWD-2 Builds?

The NEWD-2 is a wireless driver that supports newer Dual or Single Radio N routers so it was introduced. (like the WRT610N)

Be careful with NEWD2 builds...it bricks some (older) models and requires recovery by JTAG


Wiki page for compatible models

I have a Linksys WRT54G version 5 or 6 router.

We have a page in the Wiki just for you. Version 5 And 6 Router Information

I have a Linksys WRT54GS version 7.2 router.

The WRT54GS v7 is now fully supported, but requires again a special flashing way, which is easier this time compared to the v5 and v6 vxworks killer.

Detailed Flash instructions: read posting by sigmaxix

I have a Linksys WRT54G version 8 router.

The WRT54G v8 is now fully supported, but requires again a special flashing way, which is easier this time compared to the v5 and v6 vxworks killer.

Once the flashing procedure has been performed, the "firmware upgrade" option present on the dd-wrt firmware can be used for later releases (unless noted otherwise).

v8.1 seems to be a special case. See this thread.

Which router should I buy?

In short, the

  • Buffalo WHR-G125 (UPDATE:JAN2011 Not sold anymore) is the cheapest 100% compatible wireless router. The antenna is not detachable on this router. For more information see Supported Devices.


Here are some other good choices:

  • Linksys WRT54GL Both versions are fully supported.
  • Linksys WRT54G or WRT54GS Version 4 or lower are fine but anything newer than that is not recommended. Any version above 4.0 does not have enough memory to support the full versions of DD.WRT firmware
  • Buffalo WHR-HP-G54 It has better range than the Linksys routers due to a built in amplifier.
  • Asus WL-500G It has USB ports that can be used for network attached storage (NAS) or a USB printer.
  • Asus WL-520GU Has a single USB port that can be used for network attached storage or printer.
  • Linksys WRT350N and WRT600N Both of these routers support the 802.11N standard and have gigabit switches. They can run dd-wrt mega and have USB. Use these routers if you need the increased speed throughout your network.

As of November, 2007, Buffalo is not shipping 802.11a/b/g devices in the United States (legal problem). [1]
As of December, 2008, Buffalo is again shipping 802.11 devices to the US [2]

Where do I download firmware?

https://secure.dd-wrt.com/dd-wrtv3/dd-wrt/downloads.html

See What is DD-WRT?#File Versions to know which image to download.

What's the difference between generic, mini, micro DD-WRT versions?

See What is DD-WRT?#File Versions.

Which V24 build do I flash onto my router?

See What is DD-WRT?#Which V24 build do I flash onto my Broadcom router

How do I access the router's settings?

If you have DD-WRT installed, your router's settings should be accessible by opening a web browser and typing http://192.168.1.1/ in the address bar.

If you have changed the LAN IP address on the router, you'll need to type in the correct one instead.
If your router doesn't have DD-WRT installed yet, try http://192.168.1.1/ or http://192.168.0.1/ or else consult the manufacturer's documentation.

If you are running Windows, can connect to the router, and the DHCP service is assigning an IP address, the default gateway will normally be the address you need. Type IPCONFIG at a command prompt. It will be listed under the active network connection. You should find it on the fifth line!

You can also attempt to obtain your router IP. Whether you have DD-WRT installed or not, make sure your comp. The default login/password is root/admin.

After factory defaults init (push down reset button at least 20 seconds) try to access it by inputting the following command in command prompt:

telnet 192.168.1.1

how i can apply WPA in ad hoc mode of DD-WRT?

During install/upgrade

How do I install DD-WRT firmware?

Make sure you have a compatible router. Make sure you follow all the instructions, especially the part about resetting your router before flashing and in between each additional flash. See Installation.

How do I upgrade DD-WRT to a newer release?

See Upgrading to a Newer Version of DD-WRT.

It's always recommended that you reset to default settings before and after the flash. Then you should do your settings manualy, not with the config backup file! The backup file is only for restoring the settings for the same dd-wrt build.

How can I tell if my router is truly bricked?

Since this question involves many variables, we do not have an article for it yet. See Hard reset or 30/30/30 and Reset And Reboot.

If the power light flashes on and off, then the firmware is messed up, but the router should be recoverable. The CPU must be running in order for the power light to be flashing, which tells you the hardware is probably not toasted yet. To test this, give your computer a static IP address of 192.168.1.x where x is between 2 and 254. Set the subnet mask to 255.255.255.0. Then ping 192.168.1.1. If you get replies, then your router is not dead.

It may also be possible that your router has a different IP address. If you do not know the address, you can attempt to obtain the router IP. Also, try pinging the router while it is booting. If you're able to get a reply for a short time, you should be able to reflash the firmware while the router is booting.

I think I've bricked my router!

There are a lot of variables in answering this question and we don't have articles to cover all the different situations. But, for now, search the wiki and the forums for more information, just to verify that it's truly bricked. See Recovering from a bad flash.

Why has http stopped working on my router after flashing DD-WRT?

Verify that the computer is on the same subnet as the router. The router's IP address is probably 192.168.1.1. Verify that the computer is set to dynamically receive its address if it's not statically set to 192.168.1.x. If your computer's IP address is 192.168.0.50, you may not be able to access the interface.

What Are Firmware or Factory Defaults?

DD-WRT firmware default settings (sometimes called factory defaults) are stored in NVRAM. For more information, see Factory Defaults.

How do I upgrade my firmware with TFTP?

Flashing with TFTP must not be seen as the standard procedure for flashing: only use it when specifically told to do so (for example in the specific instructions for flashing your brand or type of device). Normally, the GUI flashing method should be used; this should be adequate for standard situations. See Installation.

Debricking for Asus WL-xxx

Debricking Asus WL-xxx after unsuccesfull DD-WRT flash or Corrupted NVRAM.

This guide applies ONLY when WL-xxx does NOT respond to the normal ASUS firmware restoration tool! (See your Driver CD for the utility)


IMPORTANT


Read this first! How To: Erasing the effects of pin 9 short


Step 1: Download this file pack which includes the necessary tools for the recovery process and unrar it. This restoration firmware was made by OLEG from http://www.wl500g.info.

Step 2: Download latest firmware from asus.com, rename it rom.trx

Step 3: Open your router by taking off the rubber nobs on the bottom, then unscrew the 4 screws.

Step 4: Configure your NIC with the IP 192.168.1.2 make sure that it is in 10MB half duplex mode!

Step 5: Look for a small chip called 29lv320 and short PIN 10 with the golden wireless plug using a paperclip. The router will show the powerlight blinking and one of your LAN interfaces should come active. Sometimes shorting PIN 9 and 10 at the same time helps..

Step 6: Ping 192.168.1.1 If no response go to step 5 and try again.

Step 7: Open the commandshell of windows and type: tftp -i 192.168.1.1 PUT nvram.trx, and wait 5 min. Reboot your router and do step 5 again.

Step 8: Open command shell and type: tftp -i 192.168.1.1 PUT rom.trx, and wait 5 min. Reboot your router, it should show you Power, Air and connected LAN interface.

Step 9: Praise the lord, and pass the ammunition. You just did an emergency flash recovery of your WL-500G Deluxe.

(Guide by Thomas Motshagen)

After install

What's the default username and password?

Starting with v23 SP1, the default username is root and the default password is admin. You can use http, telnet or ssh (if enabled) to log in. If this doesn't work, you didn't follow proper installation or upgrade procedure...both of which should include doing a hard reset before and after flash!

Keep in mind, versions post-v24 SP1 now require you to change the password on first boot.

Why does my router hang when using P2P applications? (BitTorrent, eMule,...)

You probably need a little tuning. We have a page in the Wiki just for you: Router Slowdown

Why can't I obtain an IP address from the WAN side via DHCP?

  • If you have just updated the firmware, you probably need to reset the router. The router is reading the old settings, and getting hung-up (stuck). See Hard reset or 30/30/30 and Reset And Reboot.
  • Unplug the power from both the router and the cable modem. Plug back in the cable modem first and wait until it is online. Then plug in your router. Does this help?
  • If not: Clone the MAC address from the old router/computer. Some ISPs have a MAC address registered for service on their end. Since these ISPs usually assign only one dynamic address at a time, you may need to release the IP assigned to the old router/computer to allow the DD-WRT router to get a new one.
    • Now you may have an option to click the DHCP Release button and then turn off the MAC cloning.
  • (v23sp1 after upgrade from stock Linksys WRT54G v1.1)

Kiev - is East-European IT-centre. You can rent apartment in Kiev for long period

Why can't I access the web configuration for my router?

If you've read the previous question and it didn't help, then your router's HTTP Daemon might not be running. See Web Interface#Regaining Access. Another problem that currently causes this is incorrect HTTP Redirector settings, found at "Administration" > "Hotspot". By default the HTTP Redirector is disabled. If you enabled the HTTP Redirector and you suspect you might have created a problem, see the fix on this page: HTTPRedirect

Why do I only get blank pages when I try to change a setting in the web interface and hit apply?

  • If you have just updated the firmware, you probably need to reset the router! See Hard reset or 30/30/30 and Reset And Reboot.
  • Sometimes the address bar shows http://routerip/apply.cgi, and no content displays. Simply wait a few seconds for the router to make the change take, and go back to the page you were on with by using browser history. Some changes also requiring waiting for several seconds while the router implements them.
  • Clear out your web browser's cache and/or try another browser.
  • This is really odd, but try turning off your firewall temporarily while you're updating the pages. A friend of mine and I were experiencing this and we disabled Symantec Firewall temporarily and it allowed us to complete the configuration. I've also seen document on the web where others have had this problem with ZoneAlarm. I'm not sure of the mechanism where the firewall is interfering with the web page content, but somehow it is.
  • This could also be a result of incompatibilities with Firefox. Try switching to an alternative browser (e.g. Internet Explorer or Konqueror) for the WebUI Management.
  • If you're on a Mac, try getting Chromium (i.e. Google Chrome for Mac). Safari and FireFox may not work at times, however Chromium worked for all my needs (including reliable firmware upgrade via web interface).

Why can't I save any changes after flashing to DD-WRT?

There are multiple possibilities here.

  • If you have just updated the firmware, you probably need to reset the router! See previous question. See Hard reset or 30/30/30 and Reset And Reboot.
  • Clear out your web browser's cache and/or try another browser. (Firefox does not work try IE)
  • If you're on a Mac, try getting Chromium (i.e. Google Chrome for Mac). Safari and FireFox may not work at times, however Chromium worked for all my needs (including reliable firmware upgrade via web interface).

How do I clear the NVRAM? Reset to factory/firmware defaults? Cold reboot?

See: Hard reset or 30/30/30 and Reset And Reboot.

After upgrading to DD-WRT, my Internet doesn't work anymore!

  1. First, you may need to release and renew your computer's IP assignment. For XP users, simply right-click your network connection and choose Repair.
  2. Then, most typically you are a DSL user, and need to go to http://192.168.1.1 (your router's network address), choose PPPoE and put in your login and password for your DSL account, and click Apply at the bottom. The DD-WRT firmware, by default, tries to acquire network information and a public IP (via DHCP protocol) over the router's WAN port; this primarily works with Cable Modem users. If you are a Cable Modem user, step one should be enough.

Help! My Internet still does not work!

A problem for which there is no single common fix. Understanding some basics about networking, subnets, NAT, etc. would be in your best interest to troubleshoot this issue. You may need to call your Internet Service Provider (ISP) for settings that are particular to your connection. Some ISPs not using PPPoE expect the MAC address (hardware address) of the router to match that of your computer, especially when you used your computer without the router to setup everything initially. You may need to use the "Clone MAC Address" feature. Many Comcast users report needing to use the "Clone MAC Address" feature. If using PPPoE, make sure you use the correct username and password. For cable and satellite users, generally DHCP is the correct setting. For Comcast Cable users, be sure to disable STP. For users trying to share a dial-up connection, you'll need to read the Wiki article Sharing Dialup. At any rate, it's a near 99% chance that the problem is not your DD-WRT firmware, but instead a lack of understanding with networking.

Why aren't DHCP served IP addresses on LAN sequential (100, 101, ...)?

This is normal. DD-WRT uses DNSMasq and does not give sequentially ordered IP addresses. The addresses are calculated based on your computer's MAC address and "a variable". It's just a little different from the way the original Linksys firmware worked. You can disable this behavior by disabling "Use DNSMasq for DHCP" in the Basic Setup page (although it is not recommended, as you would need to change also your DNS address). For those who want the details about DHCP variable, it's calculated using something like [lease_start + [[mac_hash + variable] % lease_max]]. The "variable" changes whenever DNSMasq sees a conflict.

Why is there no jffs-space left? Why can't I write to directories other than /tmp?

  • Usually the generic/standard dd-wrt takes up almost 100% of the 4 megabytes of flash space.

Why are LAN computers not shown in the local DHCP table, but are able to use network?

The lease table is cleared when the router is upgraded, unplugged, rebooted, and in situations where a config change requires a reboot. If your computer is already connected when this happens, it will remain connected but will not be in the lease table until the next time it tries to renew. You can disable this by enabling "Use NVRAM for client lease DB" on the Services page. This will store the lease database in the NVRAM.

What to do if you forget the password and you have SSH access to the router (using ssh pub key)?

You can clear the password in NVRAM by executing the following commands:

nvram set http_passwd=
nvram commit

After that you will be able to access the Web interface of your router without using a password. Don't forget to set a new password!

Why did the router reset its parameters to default values?

This problem affects Broadcom routers like Linksys WRT54Gx, Buffalo WHR-G54S, Asus WL-500 and others. After a power cycle suddenly your setup is gone and the router restarts in its default and unsafe state. This seems to be caused by a CFE bug, but it looks that other firmwares with the same CFE do not have this problem. To minimize the risk of incurring in a revert, check the power supply mains connection and the DC plug, the contacts should be absolutely reliable. If you can, use UPS. It's also possible to flash a customized firmware, which reloads parameters when needed. It can be found here. Remember: flash the new firmware only with jffs enabled (check if /jffs/tmp exists)

Why aren't there any man (help) pages for the busybox linux commands?

For example, when using Putty (ssh), "Why doesn't 'man syslogd' provide any output?" Or "Why doesn't 'syslogd --help' provide any output, and instead, goes back to the shell prompt?" DD-WRT uses BusyBox, a stripped-down version of linux for embedded devices. There is not enough space inside the typical 2 or 4 megabytes of flash-rom to store additional help files. Please see http://linux.die.net/man/1/busybox to get a complete list of supported commands and their switches inside the busybox shell.

Issues

This section is for posting devices that currently have issues with DD-WRT. Please dont make this into a forum topic. Post the device (make/model/number), DD-WRT version and build number, and the number given in the bug tracker report.

Airlink101 670W

Restore original firmware

It appears to be impossible to brick this router, if you think you have a brick try this. Follow these steps to get back to Airlink's firmware if you're having issues or just aren't satisfied with DD-WRT:

  • Unplug everything from the router including the power except for your computer in one of the LAN ports
  • On your computer configure your adapter to use the IP address 192.168.1.11
  • While holding in the reset button in the back plug the power back in
  • The LAN lights in the front will do a little sweep from right to left, this signifies recovery mode
  • Navigate to 192.168.1.10 in your browser to access the recovery flash page
  • Select the 1.01 firmware .bin found here
  • After it's done flashing you've got the original firmware back

Asus WL-500W

IMPORTANT

Read this first! How To: Erasing the effects of pin 9 short

AND

Last-ditch debricking method for WL-500W/GP v2

Here is a Tool Pack which contains Oleg's original wl500-clear-nvram.trx and wl500-restore.trx utilities for restoring the NVRAM should it become corrupted.


Random bricks (most can be recovered using the Pin 9 method)

https://secure.dd-wrt.com/phpBB2/viewtopic.php?t=38869&highlight=asus+wl500w

https://secure.dd-wrt.com/phpBB2/viewtopic.php?t=47987&highlight=asus+wl500w

https://secure.dd-wrt.com/phpBB2/viewtopic.php?t=48840&highlight=asus+wl500w

https://secure.dd-wrt.com/phpBB2/viewtopic.php?t=48003&highlight=asus+wl500w

Here is a great site with pictures and even video of how to install a serial port on the WL500W:

http://www.abeghyan.com/2009/06/11/asus-wl-500w-serial-port-com/

Wireless questions

I'm having lots of TX (transmit) errors.

Try setting the ACK Timing to 0. If you have the transmit power turned up higher than 84 mW, turn it down to 84 mW. Other things that may contribute to a lower error rate: set beacon interval lower than the default of 100 (75, for example), use a different channel (aka frequency) for wireless (so not to clash with other 2.4 GHz devices). Use a better antenna than the stock antenna your device comes with, this actually helps you more than increasing output power as this option increases both output and sensitivity at the same time.


SEE THIS Wireless Packet Info - RX/TX Errors

How high should I set the transmit power on my router?

Somewhere around 84 mW is considered to be the best setting for maximum power with minimum noise for most hardware. The Buffalo WHR-HP-G54 has a built-in amplifier. The amplifier is turned on by default; the radio power should not be set above 10mW (on v23SP2), or 70mW (on v24). The forums have had discussions about what power level is safe, with little consensus. Use common sense and don't set the power higher than you really need to. If you're trying to get more range, consider using a different antenna and make sure you have a clear line of sight, two of the most critical factors in your router's range.

From a network security standpoint, the transmitter power level should be just enough to cover the intended area reliably. Optimal power settings can be determined by trial-and-error.

How can I increase my wireless range?

Many factors affect your range. What method you use to extend your range will depend on whether you are trying to increase the range inside a building or outside. Read the next two FAQs below.

Consider getting a good antenna and try setting up your wireless devices with a clear line of sight. Best range is achieved by using one directional parabolic dish or Yagi antenna and then disabling the other antenna on your router. For a cheap easy antenna option, try www.freeantennas.com. This site details how to make a directional antenna from household items which can result in 10 db or more in gain. For situations where you need omnidirectional distance instead of directional linking, be sure to use a good omnidirectional antenna and mount it high enough to broadcast signal in the area of focus. This is often 20 to 50 feet high, depending on the rated signal downturn of the antenna. This means how steep of an angle the donut of radiated signal is pitched down from the vertically-mounted antenna.

Also, try increasing your router's transmit power to 84 mW (unless you have a Buffalo with a built-in amplifier). DD-WRT also has settings for frame burst and afterburner. You may see an increase in range by turning these off. If you are mostly interested in Internet access, then 802.11b (as opposed to 802.11g) has longer range and may actually give you faster Internet speeds in long-range, low-signal situations.

Note: If you are using encrypted communication such as WPA, you can not use "802.11b Only" mode with WDS. If you are using unencrypted communication, "802.11b Only" mode will work for WDS. WPA encryption via WDS will only work if "Mixed" or "802.11 g Only" modes are set for WDS. "WPA Pre-shared Key" with "AES" encryption is the only currently known WPA encryption model to work with WDS setup.

How can I increase range indoors?

Some buildings do not allow your signal to pass through very well. The usual reason for this is foil-clad plasterboard or insulation. In an effort to insulate buildings and keep heat in, new plasterboard is foil clad to reflect infrared energy back into the room. However this means you effectively have huge metal sheets stopping all radio waves, so mobile phones, baby monitors, audio radios, and WiFi will all have problems with signal. Doors and windows usually allow wireless to pass through nearly unaffected (unless the window has Low-E Coatings), so positioning your antennas so the signal lines up through these openings will help. Also, you need to consider using a proper CAT5 cable between the points since the speed and reliability of this is far better. If you need wireless coverage, consider using more than one Access Point but wire them with network cable rather than attempting WDS repeater mode, because for every in-line WDS-link, the bandwidth get halved. Also, routers using RP-SMA (For example, Buffalo) and TNC (For example, Linksys WRT54Gx products) have a number of excellent 9 dB and 12 dB RP-TNC antennas available on eBay. A 9db antenna, meant for internal use [although it can be weatherized, otherwise must not be exposed to water!] can be purchased for about 11USD or 8.30€.

For transmission between floors, remember that the signal radiates away perpendicular from the antenna. This means that you can angle your signals up or down simply by angling the antennas, ideally so that both devices' antennas face each other on the same plane. For example, to broadcast directly upwards, point the length of the antennas used flat down. Also, on dual antenna routers, you can have one angled for upstairs and one for downstairs on the same device thereby giving each floor a targeted signal.

Why isn't WDS working?

WDS (Wireless Distribution System) is used to wirelessly connect multiple wireless access points (APs) in a mesh topology. Note that since most wireless access points use only one transmitter/receiver, performance is halved for each hop in the data path. It is best to start with only two access points:
1 - configure both as access points;
2 - turn off the 'spi firewall' on all but the access point that serves as the router for the Internet connection;
3 - disable wireless security on both APs;
4 - set both to the same wireless channel;
5 - set both to use either "Mixed" or "802.11g Only" or "802.11b Only" mode;
6 - on the WDS page for each AP use "LAN" connection and make sure the MAC address is for the wireless interface on the other AP.

If after doing the above you have a WDS connection, you can now enable wireless security. As of V23SP2, you must pick "WPA Pre-shared Key" with "AES" encryption. "802.11b Only" mode will not support encryption for the wireless WDS.

If you are still having problems, check your IP configuration and wireless signal strengths.

How can I increase range outdoors?

The most important thing for making your signal go far outside is height! The higher in the building (i.e. less obstructions - e.g. plant leaves containing water) you position your radio the further its signal will travel. Even a standard indoor unit with standard antennas can be used from 600 m (1,968 feet) away! To go farther you need to start using better antennas, the Access Point would work well with a 7 dB mounted just above roof height, this will give you a good 600 m (1,968 feet) to 1500 m (4,921 feet), it goes further in open areas and less far in built up areas. It's important to match the gain and height of your antenna to how far away you wish to receive your signal. You may end up picking up signals that you would be better off not being able to see. Also the use of too much height with a 12 dB antenna would mean your signal does not really come back to ground level for several kilometers past where you wish to use it. The effect of this is that it seems your signal is weak and does not go very far. This is an illusion: The signal could be going way over your head. A lesser gain antenna at a lower height would yield a far stronger local signal and immunity for interference from far away stray signals.

How do I read signal and noise ratings?

These numbers are given in decibels (dB) and are expressed as negative numbers. The more negative the number, the less strength it represents. Thus, -40 dB represents more strength than -70 dB. The values are logarithmic. A signal amplitude change of 3 dB is equivalent to a factor of two; 10 dB is a factor of ten.

Based on this Forum-post

Signal: (in dBm) A small negative number is good (-40 is good, -98 is bad)

Noise: (in dBm) A large negative number is good (-98 is good, -40 is terrible, -70 would be pretty bad in the real world)

SNR: (in dB) High is good (should be the same as difference between noise and signal, a difference of 20 would be great, a difference of 1 may barely work)

SNR(dB) = Signal(dBm) - Noise(dBm)

Signal Quality: High is good (somewhat like SNR but indexed to 100 with noise as the base, percentage of the best theoretical ideal quality in regards to your local-noise)

Signal - Noise = SNR
  -82  -  -98  = 16
Signal / Noise * SNR = Signal Quality -82 / -98 * 16 = 13.4%

Typically, noise will be -92 which means you should get a clean connection with a signal as low as -92. However, expecting to hold a good connection with a signal lower than -85 (e.g. -90), is expecting too much. The signal can be improved by -3 dB by doubling the power setting at the transmitting radio, e.g., 100 mW increased to 200 mW would improve your signal from -85 to -82. Antennas with increased gain will also help. Say you had the standard 3 dB antenna and changed it for a 12 dB antenna, that's a 9 dB increase, so your signal would increase from -82 to -73 which would be an excellent signal, probably capable of 54 Mbps. Using the term excellent in terms of running a WISP, it would probably be only 3 bars on a 5 bar signal strength meter. Don't worry if, as a WISP your signal quality is low, like 14%. It's not really a problem since -82 is considered acceptable.

How does the SNR impact the speed and range of my wireless connection?

SNR, range and speed (data rate) are tightly interdependent. Users often notice that higher data rates do not "travel" as far as lower data rates do - and frequently they think that increasing the power on the router will take the signal further (increase the range).

It is not the power of the router, it is Signal-to-Noise ratio (SNR) that dictates the data speed and the range of the signal. SNR determines which data rates can still be correctly decoded in a wireless connection - as data rates increase from 6 Mbps towards 54 Mbps, more complex modulation and encoding methods are used for transmission and that requires much higher SNR to properly decode the signal back to the data stream on the receiving side.

Using full 54 Mbps data rate requires at least 25 dB of SNR - and getting that much SNR is achievable only if router and client are relatively close together. As the signal travels further away from the transmitter, a path loss occurs (the signal gets attenuated) and SNR is getting lower and lower. Lower data rate transmissions can be decoded from much weaker signals (low SNR) and as a result the signal appears to travel further.

Increasing the power of the transmitter will often affect the listening side of the same device as well, affecting much higher noise levels (and worsening the SNR ratio). It is frequent occurrence with beginners to see their routers tweaked so they generate the highest possible wattage of signal, raising the floor of the noise as well - thus keeping the SNR at the same level, as if the router hadn't been tweaked at all.

Data Rate Minimum SNR Modulation/Encoding
6 Mbps 8 dB BPSK 1/2
9 Mbps 9 dB BPSK 3/4
12 Mbps 11 dB QPSK 1/2
18 Mbps 13 dB QPSK 3/4
24 Mbps 16 dB 16-QAM 1/2
36 Mbps 20 dB 16-QAM 3/4
48 Mbps 24 dB 64-QAM 2/3
54 Mbps 25 dB 64-QAM 3/4

What Wireless Security settings should I use at home?

For home or small network use, you probably won't have a RADIUS server ("enterprise"), so you'll be using pre-shared keys ("personal"), which use a common passphrase for the network.

Make sure your passphrase is sufficiently complex, e.g. at least five random words (such as from diceware).

The wireless security settings, in decreasing order of preference, should be the pre-shared key versions of the following:

  1. WPA2 + AES
  2. WPA + AES (only if all devices support it).
  3. WPA + TKIP (maximum security commonly supported by older wireless adapters - can be cracked as well) [3] [4]
  4. WEP (easily cracked in 5 minutes)
  5. Disabled (no security. Use some other security layer on top, like a VPN)

If your network includes a RADIUS server, you can use the RADIUS versions of the above.

WPA2 Mixed tries to fall back from WPA2 to WPA; similarly AES+TKIP tries to fall back as necessary. These may help support a mixed environment, but your ultimate security will be the lowest level.

WEP is easily cracked. It will stop the most casual roaming users but don't fool yourself into thinking you are secure. You're not.

MAC address filtering can be bypassed by cloning the MAC of an approved device on the network. MAC address filtering is not a substitute for encryption because all data is sent in the clear. Always use encryption when possible.

If you're using GNU/Linux on your laptop, you might encounter some problems with your wireless card and/or encryption. If both pose a problem, simply search on Google for a list of well-supported wireless USB-sticks (with working WPA). If the only problem is WPA encryption (wpa_supplicant won't work), there is always the (admittably complicated) fallback option of using OpenVPN to establish a secure, encrypted wireless connection.

To keep intruders out, you can filter out your own MAC address and install an IDS as a first line of defense. Using traffic shaping should also help if you're only using your wireless network for browsing, email, etc.

See also

  • Tutorials Many Walk-Throughs for Different DD-WRT Configurations
  • Glossary Wireless Networking Terms and Definitions along with DD-WRT Feature explanations
  • Changelog Track the Developer's changes to the firmware.
  • Roadmap See the plan for the next release.

External links