Re: vdsl2 router

2016-03-07 Thread E.S. Rosenberg 
Personally I don't bother with the modem/router supporting OpenWRT, I
bought a nice TP-Link router which functions as the router of my
networks and runs OpenWRT then the provider router/bridge/whatever box
is just used as a bridge device and nothing more.

There are far less xDSL devices that support *WRT and also you never
know if the device you'll get from your provider is under your full
control (these days with 2/3-play packages the router tends to not be
under your control since it also does your VoIP/TV) so as far as I am
concerned the provider-device is 'outside' my network and should be
treated as such

Also the provider devices tend to have terrible firmware/updates which
of course you want to salvage with *WRT.

Regards,
Eliyahu - אליהו

2016-03-01 13:40 GMT+02:00 Rabin Yasharzadehe :
> In my opinion , a good place to start is this list -
> http://www.netcheif.com/Articles/VDSL_Router/VDSL_Router.htm
> find one/two that meet your demand, and then check if they have support for
> openwrt/dd-wrt
>
> --
> Rabin
>
> On 1 March 2016 at 12:43, sara fink  wrote:
>>
>> Hi Everyone
>>
>> I would like to buy a vdsl2 router that supports openwrt or ddwrt. Anyone
>> has experience with a good router? Xphone gives dlink 225 which doesn't
>> support openwrt.
>>
>> ___
>> Linux-il mailing list
>> Linux-il@cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>
>
> ___
> Linux-il mailing list
> Linux-il@cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: vdsl2 router

2016-03-07 Thread E.S. Rosenberg 
re:all

2016-03-08 2:36 GMT+02:00 E.S. Rosenberg :
> 2016-03-08 1:45 GMT+02:00 geoffrey mendelson :
>> On 3/8/2016 1:07 AM, E.S. Rosenberg wrote:
>>>
>>> Personally I don't bother with the modem/router supporting OpenWRT, I
>>> bought a nice TP-Link router which functions as the router of my
>>> networks and runs OpenWRT then the provider router/bridge/whatever box
>>> is just used as a bridge device and nothing more.
>>
>>
>> Would you please post a direct link to where you bought it, and the exact
>> model. I asked about six months ago for a recommendation and in the end
>> could not figure out which was the exact model I needed, and did not want to
>> spend a couple of hundred NIS (I need two) to buy paperweights. :-)
> I have at different locations the WR740N (v4.23 iirc), WR841ND (v5.x
> iirc?) and WR1043ND (v1.x) and am extremely satisfied with all of
> them, note none of these devices support the 5GHz band but since I
> don't suffer from lot's of interference from neighbors and the 'big'
> consumers (laptops) anyhow don't support the 5GHz band either I
> haven't bothered getting a newer router as of yet.
>
> All these devices are available through both KSP and Ivory (and I'm
> pretty sure Bug also carries TP-Link).
>
> If your main use is wireless and you don't need very high speeds the
> WR740N is extremely high value for money since it also has pretty
> advanced features if you open it up (voiding warranty), I actually use
> 2 740s in a very large house to provide the whole house with coverage
> instead of bothering with one much stronger but much more expensive
> device.
>
> If you also want gigabit Ethernet the 1043 is the only option from the
> devices I mentioned, however there are plenty of other well supported
> TP-Link devices that also have Gigabit ethernet available here.
> In the past (4-5 years ago) I have managed to brick a 841 which I
> still have sitting on a shelve waiting for me to hook it up to a
> console and reflash it (at the time I was mucking around with flashing
> from CLI and modifying individual byte ranges manually and I used the
> bricking as the perfect excuse to get a 1043), but the other 841 I
> have is running perfectly fine.
>
> When I want to buy a new router I basically go through what is
> available and what is known about the hardware & support on
> OpernWRT.org and try to get the best value/NIS ratio, things to look
> for (other then connectivity details) are decent size RAM (at least
> 32MiB) and preferably also a larger ROM size so you can install the
> more expansive versions of OpenWRT
>
> Of the newer dual-band routers (the Archers C*) some devices seem to
> have good support but you'll have to check when you are deciding what
> to get
>
>>
>>> There are far less xDSL devices that support *WRT and also you never
>>> know if the device you'll get from your provider is under your full
>>> control (these days with 2/3-play packages the router tends to not be
>>> under your control since it also does your VoIP/TV) so as far as I am
>>> concerned the provider-device is 'outside' my network and should be
>>> treated as such
>>>
>>> Also the provider devices tend to have terrible firmware/updates which
>>> of course you want to salvage with *WRT.
>>>
>> I have a Cell-Com TV router. It is not the version with a VoIP interface, it
>> is for their "double play" service. It came with a decent user interface. I
>> got the admin name and password via their on-line support chat via their
>> website (in Hebrew). I had to do the usual ID number and credit card digits
>> verification.
>>
>> This was to open a port so that I could open a port on the router I have
>> bridging them to my network. It has a DMZ option, but I don't use it. The
>> port has stayed open since I changed it.
> Since the provider often has a was to access the device even if you
> have Admin access (very nice of them they allowed you, I know other
> devices where they make port forwarding available through the user
> interface and Admin is strictly them) and you also have nonsense like
> Bezeq_free lurking around afaik the provider device is not 'inside' my
> network.
>
>>
>> Note to prospective Cell-Com TV users, their router and connection work
>> fine, however before we had it, we had a gamer's package with Netvision.
>> This did some QOS tweaks to our connection at their end which improved
>> on-line gaming. The Cell-Com TV is QOS tweaked at their end for their
>> service, so we lost the gamer's package. It only really affects us during
>> the evening hours and all day Friday and Saturday.
>>
>> The Cell-Com TV boxes are on the wifi network on their router, and nothing
>> else is.
> What do you mean by this, you have no WiFi enabled devices except for
> the TV decoders? is the WiFi network isolated from your wired network?
>
>>
>> I also have a line with CCC on our network, I use the CCC line, my wife and
>> sons use the Cell-Com. We share DNS, mail, etc servers which split across
>> th

OT: SSL certificates

2016-03-07 Thread Gabor Szabo 
Hi there,

I think it's time to move some of my sites to use https, but as I only had
self-signed ssl so far I wonder if you ppl have any recommendation where to
get the certificate from and how much
should I expect to pay?

I have one domain with about 20 subdomains (the translated versions of my
articles)
and a few other domains with 1-2, sometimes even more subdomains.

Most of them are probably considered commercial as they have ads on it and
on some of them I even have a few subscribers, but they are, unfortunately,
not a big business. Nevertheless I think this might exclude some "open
source" providers.

I looked at http://www.cacert.org/ but as I can see the certificate they
use on their own site is not recognized by either Chrome or Firefox. That
does not seem to be a good thing. (See https://www.cacert.org/ )

A found plenty of companies offering SSL certificates. One of them
https://www.ssl.com/
that was recommended by the domain registrar I am using had
$177 / year for the first 3 hostname and then $49 / year for each
additional hostname and $129/year for each wildcard domain.

Is that a reasonable price? Any suggestions?

regards
   Gabor
___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: OT: SSL certificates

2016-03-07 Thread Baruch Siach 
Hi Gabor,

On Tue, Mar 08, 2016 at 07:05:03AM +0200, Gabor Szabo wrote:
> A found plenty of companies offering SSL certificates. One of them
> https://www.ssl.com/
> that was recommended by the domain registrar I am using had
> $177 / year for the first 3 hostname and then $49 / year for each
> additional hostname and $129/year for each wildcard domain.
> 
> Is that a reasonable price? Any suggestions?

How about https://letsencrypt.org/ free certs?

baruch

-- 
 http://baruch.siach.name/blog/  ~. .~   Tk Open Systems
=}ooO--U--Ooo{=
   - bar...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: OT: SSL certificates

2016-03-07 Thread Amos Shapira 
I too would recommend letsenctlrypt. The only down side is possibly that
you have to keep renewing (automatically with a cron job) every three
months.
Alternatively, www.ssls.com lists very very cheap certs.
On 8 Mar 2016 4:49 p.m., "Baruch Siach"  wrote:

> Hi Gabor,
>
> On Tue, Mar 08, 2016 at 07:05:03AM +0200, Gabor Szabo wrote:
> > A found plenty of companies offering SSL certificates. One of them
> > https://www.ssl.com/
> > that was recommended by the domain registrar I am using had
> > $177 / year for the first 3 hostname and then $49 / year for each
> > additional hostname and $129/year for each wildcard domain.
> >
> > Is that a reasonable price? Any suggestions?
>
> How about https://letsencrypt.org/ free certs?
>
> baruch
>
> --
>  http://baruch.siach.name/blog/  ~. .~   Tk Open
> Systems
> =}ooO--U--Ooo{=
>- bar...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -
>
> ___
> Linux-il mailing list
> Linux-il@cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: OT: SSL certificates

2016-03-07 Thread Michael Tewner 
As far as I know, letsencrypt.org certs are only good for 90 days, and
you'll want to have a script automatically renew and replace the cert in
the background all the time.
I like https://www.namecheap.com , as it helps you find the cheapest
between different CA's.
CACert is worthy of this community's support, but as you mentioned, their
certs aren't included in any browsers or OS's.



On Tue, Mar 8, 2016 at 7:24 AM, Baruch Siach  wrote:

> Hi Gabor,
>
> On Tue, Mar 08, 2016 at 07:05:03AM +0200, Gabor Szabo wrote:
> > A found plenty of companies offering SSL certificates. One of them
> > https://www.ssl.com/
> > that was recommended by the domain registrar I am using had
> > $177 / year for the first 3 hostname and then $49 / year for each
> > additional hostname and $129/year for each wildcard domain.
> >
> > Is that a reasonable price? Any suggestions?
>
> How about https://letsencrypt.org/ free certs?
>
> baruch
>
> --
>  http://baruch.siach.name/blog/  ~. .~   Tk Open
> Systems
> =}ooO--U--Ooo{=
>- bar...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -
>
> ___
> Linux-il mailing list
> Linux-il@cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: vdsl2 router

2016-03-07 Thread Amos Shapira 
What exact model of TP-Link have you got?
I have a TP-Link AC1750 ADSL2+ modem router which is great except that
OpenWRT doesn't support this specific model's WiFi well (see multiple
"Notes" in https://wiki.openwrt.org/toh/tp-link/archer-c5-c7-wdr7500)
So I'm half-heartedly on the lookout for something to run OpenWRT or VyOS
on, with 1Gb ethernet and 802.11ac WiFi and which can be used to do smart
and efficient routing especially over OpenVPN tunnels.


On 8 March 2016 at 10:07, E.S. Rosenberg  wrote:

> Personally I don't bother with the modem/router supporting OpenWRT, I
> bought a nice TP-Link router which functions as the router of my
> networks and runs OpenWRT then the provider router/bridge/whatever box
> is just used as a bridge device and nothing more.
>
> There are far less xDSL devices that support *WRT and also you never
> know if the device you'll get from your provider is under your full
> control (these days with 2/3-play packages the router tends to not be
> under your control since it also does your VoIP/TV) so as far as I am
> concerned the provider-device is 'outside' my network and should be
> treated as such
>
> Also the provider devices tend to have terrible firmware/updates which
> of course you want to salvage with *WRT.
>
> Regards,
> Eliyahu - אליהו
>
> 2016-03-01 13:40 GMT+02:00 Rabin Yasharzadehe :
> > In my opinion , a good place to start is this list -
> > http://www.netcheif.com/Articles/VDSL_Router/VDSL_Router.htm
> > find one/two that meet your demand, and then check if they have support
> for
> > openwrt/dd-wrt
> >
> > --
> > Rabin
> >
> > On 1 March 2016 at 12:43, sara fink  wrote:
> >>
> >> Hi Everyone
> >>
> >> I would like to buy a vdsl2 router that supports openwrt or ddwrt.
> Anyone
> >> has experience with a good router? Xphone gives dlink 225 which doesn't
> >> support openwrt.
> >>
> >> ___
> >> Linux-il mailing list
> >> Linux-il@cs.huji.ac.il
> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >>
> >
> >
> > ___
> > Linux-il mailing list
> > Linux-il@cs.huji.ac.il
> > http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >
>
> ___
> Linux-il mailing list
> Linux-il@cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>



-- 

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il