I have been working now for several weeks on my home virtual lab. One goal that I had was to also monitor my network devices including my Linksys WRT350N router and my Motorola Surfboard SB5101 cable modem.
I deploy most System Center products in my virtual lab at this point. I was looking to monitor my Linksys router using System Center Operations Manager 2007 R2 using the simple network management protocol (SNMP). As a later goal, I will create some cool reports and diagram views using what I discover from SCOM.
As for the modem, I'll figure that out later. For now, I will discuss how I peeled away the challenges to get the Linksys router managed.
In SCOM, in order to monitor a device with SNMP, you must first discover the device. For this to be possible, the device must actually communicate with SNMP (v1 or up to v2c). You must also provide the device's IP address and read-only community string.
After fighting with the Linksys for a couple of days and performing significant online research, I determined that SNMP is not enabled on the router, and there is no actual way to turn it on. Or is there?
After delving through some of the Linksys community forums, I found out that with the factory-shipped Linksys firmware, many features that are possible are turned off and access is locked down because of what is exposed and how you can manage the router using the Linksys firmware.
Now I have needed to update my Linksys firmware in the past because of a buggy feature, so I am familiar with the process. It turns out, that you can actually replace the firmware in your router with firmware from another software manufacturer altogether.
For those unaware of what firmware is, think of when you use your computer. To access any of the features, you use Windows, Internet Explorer, the BIOS, etc. These are all examples of software on your computer which provide functionality that is useful in some way. Firmware is the software on a router or device that does the same thing.
So after digging, I found a company called dd-wrt that produces Linux-based firmware that is compatible with Linksys routers (amongst many others). I did my due diligence and educated myself on this product and asked around in my professional network. I know two or three IT pros who have changed firmware and swear they will never go back. Based on this feedback, I decided to throw the switch and change my router firmware.
A cautionary note here: Because I am installing non-Linksys firmware on a Linksys router, I should never expect to get support on the functioning. This suits me fine since the only support I ever really needed was to locate the hard reset procedures when the router locked up or I had to update firmware for buggy features. So what will this upgrade get me?
Here are a few awesome features which incented me to make the switch:
- SNMP support
- SSH support (administer the router using command line)
- VPN server (I'll talk about this lower)
- Simultaneous router and gateway functionality
- VPN client (for tunneling)
- Spanning tree protocol
- VLAN support for the switch
- Actual performance indicators for wireless clients in main interface
- Many performance metrics which can be managed
Essentially, I am turning my consumer-grade Linksys router into more of a commercial-grade product. ( And let's not forget the cool factor because after all, that is what's really important!)
Okay, for those of you who have read my previous post on my home lab, I was looking at purchasing a separate device such as a Fortigate to provide firewall services and a VPN server. The fact I can use my Linksys router also as a VPN server is really cool. It remains to be seen whether this will actually be sufficient in functionality to replace the need for the Fortigate altogether.
Incidentally, this product has a lot to offer. I only named a few features but so far I am loving it, particularly since the price for the new firmware is...free! Here are a few other things I've found out about it.Configuration settings
The process to make sure I capture my config settings was a little time consuming, but well worth it.Since I cannot use any previous backups from the Linksys firmware going forward, to capture the settings currently stored in my router, I either have to write them down, or use screen shots. Supposedly there are scripts on the dd-wrt site to do this for you as well, but I haven't tracked them down yet.Support
You cannot get this project done without doing your homework. This means read. The Web site support offers a Wiki, and there is a lot of information to be found there. There is also a really great user community reachable directly from the site.
Installation for your particular router will be documented (assuming dd-wrt firmware can support it). There are also tables which include information you may never have even known about your router like the CPU speed, or RAM, or amount of flash memory installed in it. The support Wiki also contains information on which builds of the firmware to load. I started with the build that had the words stable build written beside it!
All aspects of the install are considered. They explain that you will be offline during the upgrade and what to prepare beforehand. They also mention MANY times that failure to install precisely according to directions can "brick" or break the router.
Lastly, I conducted the upgrade myself. Actual time to perform the upgrade and reconfigure the router took about one hour as I needed to learn the new interface. The time taken does not include all my research and reading, but the time investment is well worth it!
Has anyone out there installed the dd-wrt firmware on their router? Share your experiences.
Brad Bird is a lead technical consultant and MCT certified trainer based in Ottawa, ON. He works with large organizations, helping them architect, implement, configure, and customize System Center technologies, integrating them into their business processes.