AP ROUTER NG– FIRMWARE (LAST UPDATE: 04/Sep/2006)
=> CONTACT INFO
http://www.aprouter.com.br
=>Version 6.1
Requirements:
--> Realtek RTL 8186 chipset based equipment
--> At least 16 Mbytes Ram and 2 Mbytes Flash
=> CHANGELOG FROM VERSION 6.0a
* 5 operation modes: Gateway, Bridge, WISP Client, Router (Ethernet WAN), Router (Wireless WAN)
* MAC Address traffic control when acting as BRIDGE Access Point
* Faster traffic control execution
* Corrections regarding DNS
* Real time RSSI measure, showing dBm signal
Features:
--> 5 main operational modes: Gateway, Gateway, Bridge,WISP Client, Router(Ethernet WAN) and Router (Wireless WAN).
--> Telnet (client) added
--> /etc/cbu.conf file editing via WEB
--> Enable/Disable SSH server
--> New Configuration method: Save and Apply
--> Clone WAN MAC option
--> ACK Timeout control
--> MESH (OLSR) support: http://www.olsr.org
--> SSH Client support
--> Easy personal script /etc/script.sh file editing via web interface
--> Region Domain selection via WEB (11 or 14 channels)
--> Easy /etc/ethers file editing via web interface
--> Tx power control
--> Iptraf Utility
--> Tcpdump Utility
--> Remote access via SSH2
--> Cron daemon
--> Prende o MAC ao IP e fornece ip estaticamente baseado no MAC
--> Freedom to edit your own scripts
--> Bandwidth control ( IP, MAC and Interface ) with groups option
--> Ping based Watchdog
--> Block Relay
--> PPPoE Relay
--> DHCP Relay
--> Config Wizard
--> Auto Discovery Tool
--> 802.1x, WPA and Radius
--> Mac, ip, ports filter
--> DMZ Host
--> PPPoE-Client
--> PPTP Protocol
--> DDNS Protocol
--> IAPP Protocol
--> Hide SSID
--> WEB Interface
--> Signal meter
--> AP, Client, WDS+AP, WDS and Ad Hoc modes
--> Site Survey
--> DHCP server
--> DHCP Client
--> Up to 5 IP Alias via WEB interface
--> uPNP
--> Spanning Tree Protocol
--> WAN Management protection
--> MAC clone ( for just one machine )
--> System commands via WEB interface
--> Log system ( local and remote )
=> TESTED MODELS
- WAP 253
- WR 254
- Kodama KOD-770
- Zinwell G-120 and G-120 plus (Requires modified firmware)
- Realsat 5209Apg (Requires modified firmware and special licence)
- Edimax 7209Apg (Requires modified firmware and special licence)
- GI-Link b/g
- Alfa AIP-W606F
- Afla AIP-W608
OBS.: It's supposed to work with any RTL8186 device.
=> NOTES ABOUT TX POWER CONTROL
Tx power control setting was currently tested on WAP 253 and WAP 254 up to100mW. Tx power setting only works for 802.11b mode.
Only WAP 253, Edimax 7209 could reach 250-400mW. We don’t know yet if all hardware version can do it. WR 254 model could reach 200mW.
NOTE: WE DO NOT RECOMMEND HIGH TX POWER OUTPUT. I MAY CAUSE OVERHEATING AND/OR REDUCE EQUIPMENT LIFE TIME.
OS.: IF ANYONE HAVE TESTED OTHER VENDOR MODEL GIVE US SOME FEEDBACK, PLEASE.
=> VERSION NOTES
This firmware version comes with 4 variants as follow:
- ital8186v5_3-en-wap253.bin; To be used with Abocom WAP 253.
- ital8186v5_3-en-g120.bin; To be used with Zinwell G120 e Zinwell G120 Plus.
- ital8186v5_3-en-edimax.bin; To be used with Edimax 7209 e Realsat 5209.
- ital8186v5_3-en.bin; Generic version to be used with 5 ethernet port hardwares, such as Kodama, WR 254 and GI-Link.
There are as well, special editions with SNMP and VTUN (VPN system) enabled versions.
=> INSTALATION PROCEDURE
WARNING:
NEVER SWITCH OFF YOUR EQUIPMENT WHILE FIRNWARE UPLOAD PROCEDURE.
THIS UPGRADE WILL ERASE YOUR CURRENT CONFIG SETTINGS.
IMPORTANT NOTES:
1. DO NOT FORGET TO CHANGE SSH ROOT PASSWORD!!!
2. IF YOU HARDWARE RESET YOUR EQUIPMENT ( KEEPING RESET BUTTON PRESSED FOR 10 SECONDS ), YOU WILL NEED TO UPLOAD THE LICENCE FILE AGAIN!!! IF YOU JUST WANT TO RESET TO FIRMWARE DEFAULTS VALUE, DO IT VIA WEB INTERFACE!!!
3. YOU NEED LICENSE FILE VERSION 6.0 WITH THIS FIRMWARE VERSION!!!
=> NORMAL PROCEDURE
NOTE: DO NOT USE NORMAL PROCEDURE WITH REALSAT 5209 AND EDIMAX 7209 FROM ORIGINAL FIRMWARE TO AP ROUTER NG. USE TFTP MODE INSTEAD. THIS PROCEDURE IS JUST FOR THE FIRST TIME ONLY. FOR FURTHER AP ROUTER NG UPGRADE, YOU CAN USE NORMAL PROCEDURE.
1. Access your equipment via HTTP, normally
2. Go to "Upgrade Firmware" and put italXX.bin file
3. Configure your machine IP address to 192.168.2.2 subnet mask: 255.255.255.0
4. Acess your equipment via HTTP: http://192.168.2.1
5. Go to upload licence and put your .dat licence file
6. That's it. You have a fully functional Ap Router NG
=> UPGRADE VIA TFTP PROCEDURE (SAFE MODE)
- Tur on your equipment with RESET button pressed for 5 seconds
- At this point, your equipment will enter TFTP server mode with IP address: 192.168.1.6
- Configure your machine IP address to 192.168.1.2 subnet mask: 255.255.255.0
- You have to use any TFTP Client software and choose BINARY format. The TFTP server address will be 192.168.1.6 (YOU WILL NOT BE ABLE TO “PING” 192.168.1.6)
- Upload your italXX.bin firmware file
- Within few seconds, your equipment will automatically burn the firmware into flash memory and reboot
- Proceed with steps 3 to 5 from normal procedure
=> PROCEDURE TO PUT ORIGINAL FIRMWARE
To put back original firmware version, firstly you have to request a modified firmware version.
- Go to upgrade firmware and put the modified firmware
- Access the radio via IP 192.168.2.1
- Go to upgrade firmware and put your desired firmware
- You can now access your equipment with default IP address ( from original version )
NOTE: THIS PROCEDURE HAS BEEN TESTED ON THE FOLLOWING DEVICES:
- WAP 254
=> NOTES ABOUT MAIN OPERATION MODES
- There are 5 main operation modes:
Gateway
Bridge
Wireless ISP
Router (Ethernet WAN)
Router (Wireless WAN)
-- Gateway mode:
- With this mode, eth0 interface + Wireless will be LAN (br0) Segment. LAN2 (eth1 interface) will be WAN port. NAT will be enabled.
-- Bridge mode:
- All interfaces ( ETH0 + ETH1 + Wireless ) will be LAN (br0). All firewall functions will be disabled. NAT will be disabled.
-- Wireless ISP mode:
- eth0 + eth1 will be LAN (br0). Wireless (wlan0) will be WAN. NAT will be enabled.
-- Router (Ethernet WAN):
- Eth0 + Wireless will be LAN (br0) Segment. Eth1 interface will be WAN port. NAT will be disabled.
-- Router (Wireless WAN):
- eth0 + eth1 will be LAN (br0). Wireless (wlan0) will be WAN. NAT will be disabled.
=> HOW TO USE BANDWIDTH CONTROL
NOTE: This control uses QoS with HTB and DOES NOT operate over WDS connections.
BAndwidth control it's done through Traffic Control menu, via web interface or via /etc/cbu.conf file. You can limit all traffic via Interface control or you can control via IP and/or MAC basis. Further more, you can create QoS groups and share the group rate amoung the members of that group. You can as well, guarantee minimum rate for group member.
Ex:
CASE 1:
You are going to install this equipment for a Wireless ISP client, which has maximum 256 kbit download speed and 128 kbit upload. Go to traffic control menu and enable "Interface traffic control", with the values:
LAN Output rate: 256 -> LAN control downloads
WAN Output rate: 128 -> WAN control uploads
With interface based traffic control, you can control maximum interface speed, regardless NAT function enabled or not.
CASE 2:
You are going to install this equipment for an inn establishment, which have 3 clients. Each client wants to have their own speed rate.
With this scenario, you can control them via IP or MAC address. To do it so, enable you desired option ( IP/MAC control ) and put your client's IP/MAC address. One entry for each client. This way, you will limit desired speed for each individual client. Further more, you can activate firewall option to block any other machine not listed.
To use IP/MAC control, you must disable interface traffic control.
=> HOW TO USE BANDWIDTH CONTROL WITH QoS GROUP OPTION
QoS groups are used to limit a group of users, and share the total rate. The idea here is simple:
- Any member of the group can reach the total rate of the group
- The total sum of all member's traffic together, will not exceed the total rate of the group
- Any member of the group can have guaranteed bandwidht
- Equal bandwidth sharing
Let's back to our example above. Inn establishment, which have 3 clients. All clients have 256 kbit speed contract. One of the clients has 2 machines, which he likes to use internet on both. How to solve this case, if he has 256 kbit speed and two machines? Simple. Let's enable QoS group option.
Go to traffic control and enable QoS group option. Create a group as follow:
Group ID: 1
LAN Out rate: 256 -> Total rate for download
WAN Out rate: 256 -> Total rate for upload
Next thing to do is to put the two machines of that client inside the group ( via IP or MAC control ), as follow:
Group ID: 1 -> Member of QoS group ID 1
IP: 192.168.x.x -> machine's 1 IP
LAN Out rate: 0 -> 0 for equal sharing
WAN Out rate: 0 -> 0 for equal sharing
IP: 192.168.x.x -> machine's 2 IP
This is the example for equal sharing between those 2 machines. Now, let's suppose that, this client wants to have at least 200 kbit guaranteed ...
m_1jaa