From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pg1-x52c.google.com (mail-pg1-x52c.google.com [IPv6:2607:f8b0:4864:20::52c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 4D0023B2A4 for ; Mon, 23 Oct 2023 13:04:16 -0400 (EDT) Received: by mail-pg1-x52c.google.com with SMTP id 41be03b00d2f7-5b8a88038b4so1236747a12.1 for ; Mon, 23 Oct 2023 10:04:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1698080655; x=1698685455; darn=lists.bufferbloat.net; h=content-transfer-encoding:to:subject:message-id:date:from :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=WFL5peuOmgZdldkJvnILvSeEjZGDr1rU2E1JYfmVGJ0=; b=OjAFIrcSQ7lfr238v5m2eqQH696XGFn4+u/9XimELcvIJ488q0sXAQwl9FZjO/KCln dQyNJavegXjaGhbpHYa9ZSAZhkv2mh5DezpGvpkSGDp1b5UEgsvv6x22jVysddQWMmNa 3t4j7X6Y0JOF+bNOgXxQbWQ7WkIQR930NaJFDOBbm1xfL8+BUhHWEBJFFhx9DqOoSbFn gUysCLZOyx23AHM94SWVF8e6+W4GHN+EXY45CMtAUl25Bc0Z5+LqJfI8XFREY7yMJ6o5 f2w1y4s/TroOka2f6odPkacpUOXIqVJnw6MC/KBelTWS+uLg8CDEgTKdsBmAkm469kkd qn7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698080655; x=1698685455; h=content-transfer-encoding:to:subject:message-id:date:from :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=WFL5peuOmgZdldkJvnILvSeEjZGDr1rU2E1JYfmVGJ0=; b=uVbovK2O9tdjYhPTIEtegmwPUwEhaitrYOahRrKTmC8FuNuoB3BvVuIKBwTpEH6oT3 WX8RbVuH0nwh3y16I2ZDjkLrrjxDbMtmhGl2onJwDfVfvEpdm4aN4nL50dxj1zT9NlXB +ahreBeyW+0lrQ+noeOU9UVcuqP6KDkHsD8lVesxuofAVUM9jLkp9tmp6re5Qbvohuxm HNFwm6sxChn3G91b9+bf4mQTxZ8xY7P1/VaM0xZ7suiPXC39cr0ByYE+EUwPTE3V1FmS 23+dxZJKSuYtQnTddYk4nuZp5O3l494rZYYI5IerJBOTH+gYplZObfoJLp+rKtaRPTbF qNJw== X-Gm-Message-State: AOJu0YwcnAASqThGtinL5iundRQsHj9peS9AfF1oiB6DyrMBrEfiPGPp mfyKohLGHM8ZDYdWkKf9j2/xNChA4z4MT6WwjeMAAfwuOVM= X-Google-Smtp-Source: AGHT+IFMvO5cYJOYyaEgjNS60IvW4vCb4teFJVXgPf/WM3JoDiFOp3RDsOAxb8X8xwZMEKSkS2r78Yp4nlVptJN+CHY= X-Received: by 2002:a17:90b:4b11:b0:269:a96:981a with SMTP id lx17-20020a17090b4b1100b002690a96981amr12679140pjb.5.1698080654652; Mon, 23 Oct 2023 10:04:14 -0700 (PDT) MIME-Version: 1.0 From: Dave Taht Date: Mon, 23 Oct 2023 10:04:02 -0700 Message-ID: To: =?UTF-8?Q?Network_Neutrality_is_back=21_Let=C2=B4s_make_the_technical_asp?= =?UTF-8?Q?ects_heard_this_time=21?= Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: [NNagain] upgrading old routers to modern, secure FOSS X-BeenThere: nnagain@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: =?utf-8?q?Network_Neutrality_is_back!_Let=C2=B4s_make_the_technical_aspects_heard_this_time!?= List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Oct 2023 17:04:16 -0000 I loved that this guy and his ISP burned a couple weeks learning how to build openwrt, built something exactly to the need, *had it work the first time* and are in progress to update in place 200+ routers to better router software, that just works, with videoconferencing, IPv6 support, and OTA functionality. No need for a truck roll, and while the available bandwidth deep in these mountains in Mexico is meager, it is now enough for most purposes. https://blog.nafiux.com/posts/cnpilot_r190w_openwrt_bufferbloat_fqcodel_cak= e/ I have no idea how many of this model routers were sold or are still deployed (?), but the modest up front cost of this sort of development dwarves that of deployment. Ongoing maintenance is a problem, but at least they are in a position now to rapidly respond to CVEs and other problems when they happen, having "seized control of the methods of computation" again. OpenWrt is known to run on 1700 different models, already, (with easy ports to obscure ones like this box) - going back over a decade in some cases. Another favorite story of mine was the ISP in New Zealand that deployed LibreQos and had all their support calls (from gamers and videoconferencers) cease overnight. The support tech, formerly drowned in angst from the users, set to work automating an reflashing 600 old agw routers they had "retired" on the shelf, and then distributing them to customers as extenders because the wifi finally worked right with the fq_codel stuff now in that release. I feel like I am tooting my own horn here a bit too much, but solving the right problems like MTTR, MTBF, bufferbloat, and taking back control of your software infrastructure while being able to customize it for purpose, and turning what otherwise would be ewaste into something that will last a decade more, is my inner "green", my inner stewart brand. Compare that to so many others being marketed to, to death, that buy the latest (and often inferior) thing, every few months, perpetually fooled by promises that do not pay off in the field, and often, really lousy MTBF. Good embedded software takes many years to develop, say, oh, 7, while the hardware cycle is closer to 2, nowadays, and requires many eyeballs to fully debug and get to lots of 9s of reliability. Back when I was even more radical about good, open, embedded, software than now, I used to say: "Friends don't let friends run factory firmware.". I do wish somehow the long term maintence costs of hardware with a decade plus service lifetime would be adaquately covered. Insurance? by law? a formal setaside from the purchase price? Otherwise we run the risk of turning the world's internet into a giant toxic waste dump that will require Superfund levels of cleanup, one day, and ever more contributions to trillions of dollars of fraud, and persistent actors having first broken down the front door, perpetually on the inside, wreaking more havoc. Somehow preventing that mess, up front, seems cheaper. Take this string of vulns: https://www.google.com/search?q=3Dcisco+router+vulnerability (try that search string with *any* manufacturer - juniper, netgear, tplink, There is a new vuln going around about some very old software in a cisco mx series which is ancient and yet 100k+ are vulnerable - (I worked on this while at montavista in the early 00s!) - abandonware, toxic waste... Anyway, in Mexico at least, 200+ routers are going to be a lot better, through the actions of all that contribute to linux, openwrt, and one smart and caring engineer. --=20 Oct 30: https://netdevconf.info/0x17/news/the-maestro-and-the-music-bof.htm= l Dave T=C3=A4ht CSO, LibreQos