Actually, what exactly is a router?
For the normal home or office user a router acts as a bridge between your local network and your Internet provider’s network. It can convert from one type of networking to another type of networking, such as Wi-Fi to ADSL and Ethernet to SDSL (all your wired computers and devices use Ethernet to talk to each other on your local network - also known as your LAN).
There are many different types of networking that a router can carry out, but we will focus on what is important for you to know when considering purchasing a router for normal home or office use.
On a slight tangent, the majority of normal home and office users will use a xDSL based variant to access the Internet such as DSL, ADSL, SDSL or even the more recently utilised VDSL. The acronyms are not too important but to touch on this briefly, DSL is what Virgin Media will provide over their Cable (DOCSIS) network, ADSL (Asymmetric Digital Subscriber Line) is what BT will provide over their PSTN (ATM) and 21CN (21st Century Network) and VDSL (Very High Bit-rate Digital Subscriber Line) which is considered as a 21CN product, acts as an extension for FTTC (Fibre To The Cabinet). VDSL handles the last mile into homes and businesses over the existing copper lines.
All three of these above network types, as well as all of the other providers out there, can offer most of the product variants due to them either owning or operating their own tier 1 and tier 2 21CN networks. Most of these providers will utilise Openreach’s access network (Openreach is a BT Group Company and maintains the BT network infrastructure) or by using wholesaling and reselling partnerships that exist between them.
Back to the routers - as well as being a bridge and converting one type of networking to another type of networking, the router does exactly what it says on the tin and ‘routes› information to and from your LAN and your Internet provider›s network and the Internet.
There are many different functions that are router can carry out, but to provide a summary overview for those that would just like an appreciation, rather than getting into the detail of things, these include providing some of the following;
WAN (Wide Area Network) Interface(s) Ethernet – RJ45, ADSL variants – RJ11 – The interface and wire that connects you to your provider’s equipment.
LAN/Switch (Local Area Network) Interface(s) – RJ45 – the bit you connect all your wired devices to to create your network in your house or business.
- WLAN Interface - Wireless Access Point – The radio interface that your wireless devices connect to.
- Firewall – Protects you from the baddies on the Internet
- NAT - Network Address Translation, a fundamental element of bridging between your IP network and your providers IP network.
- Parental Controls – help keep the kids safe whilst using the Internet
- USB ports – Print and Network Hard drive capabilities
- QoS – Quality of Service for Internet applications
- VLAN – Virtual LAN Capabilities
- Mobile Broadband - 3G Capabilities, good as a back-up.
Each of the above functions is brought together in one integrated device to provide the router functions that we expect from a unit today.
So you should now have a basic understanding of what a router does and why you need one to connect to the Internet.
Some of the older school generation may ask well why a router and not a modem? Well traditionally a modem connects to one device only, when a router allows you to easily setup a local network and connect several devices to the Internet rather than just one, so we would always recommend an xDSL router over an xDSL modem.
OK I understand the basic elements of a router and why I need one, but what exactly does all of the above mean and what are some of the different types?
This website will review all the fantastic functions that a router can do and will lay it out for you in a nice format to assist you in making an informed decision when purchasing your nice new shiny router. If you would like to know a bit more of what each of the router functions does then this is for you.
The WAN (Wide Area Network) Interface is what connects you to your provider’s network/equipment. In the BT ADSL world this interface is an RJ11 WAN interface on your router and a lead to connect to the BT NTE (Network Termination Equipment) or Master Socket which comprises of a face plate and terminating wall box. In the Virgin DSL world you would normally connect your router’s RJ45 WAN interface to the Virgin set top box that has an integrated DSL modem.
ADSL has evolved since it first implementations and now comprises of some of the following variants;
- G.DMT - also known as full-rate ADSL or G992.1, it is the first version of ADSL.
- ADSL2 - also known as G 992.3 and G 992.4, it was the next-generation version that allows for even higher rates of data transmission.
- ADSL2+ - also known as G 992.5, this variant of ADSL2 doubles the speed of signals from 1.1 MHz to 2.2 MHz, as well as extending the reach of the copper wire even further.
There are also other variants such as T1.413 and DTR/TM-06001 which are standards used by the US and Europe for ADSL networks.
The ADSL service is provided over a pair of copper wires that runs from the customer’s premises to the local telephone exchange. The copper wires can be bundled several times and pass through RJs, DPs and Cabinets on the way to the local telephone exchange, and eventually turn up on a MDF (Main Distribution Frame). These are then patched through to a DSLAM (Digital Subscriber Line Access Multiplexer - pronounced dee-slam) or an MSAN (Multi Service Access Node).
These terminating devices provide the ADSL based service to your router and connect it to the bigger network and onwards to the Internet. It is ultimately the distance between your device and the DSLAM/MSAN on the copper wire that affects the possible synchronisation speeds of your devices ADSL WAN interface. The variables on the copper line are the Line Profile / Sync Speed set on the DSLAM/MSAN port, the Line Attenuation (dB), the SNR / Signal to Noise Ratio (dB) and the SNR Margin (dB). These are electrical variables that affect the way that the signals move over your copper line.
There are many elements to the network that provides ADSL, from the DSLAM/MSAN and their VPI/VCI settings, through to the LAC, LNS, and LTS routers which your PPPoA tunnel (Point-to-Point Protocol over ATM) is established. There are also the server based elements such as the BT and your providers RADIUS servers that authenticate you as a valid user, and the DNS servers that convert the domain names such as www.bbc.co.uk into the IP addresses that are needed to connect to the servers that provide the web pages.
When you carry out a speed test on the Internet it is the capability of this interface and your Internet connection path to the speed test’ website that you are testing.
These elements are important to mention as we have to consider these when bench marking equipment. One good example of this is the TCP windowing size that Microsoft Windows sets to transfer data, this can actually be increased to allow extra throughput when doing other speed tests such as Iperf that can show better results and give a true indication of your speed. You can achieve a similar thing with doing several concurrent downloads and adding the download speeds together.
Remember your Internet connection is like a rope, it is only as strong as it’s weakest point, your provider can ensure your throughput through their network, but once this leaves their network and into the Internet world there is no control, the Internet after all is a collaboration of millions of different global networks meshed together, there are regulators that hold it all together but no one can ensure an end to end speed from your connection to every server in the Internet.
LAN or Switch Interface(s)
The LAN or switch interfaces are what connect your wired devices in your internal network. For you to build a LAN your devices need to be connected together using a switch or a wireless interface.
Most commonly a RJ45 interface in your router’s switch and on your personal device will connect together using a CAT5/6 patch lead with RJ45 connectors on either end. These interfaces can vary in speed from 10Mb, 100Mb or 1000Mb (1Gb) speeds. Your router will usually auto negotiate a speed between itself and your device depending on the best match, for example if you have a 1Gb card in your laptop and your router has a 1Gb interface they will negotiate a 1Gb link between them, if your laptop can only support 100Mb then a 100Mb link will be established to a 1Gb router interface.
All the devices that connect to the switch interfaces on your router use a standard called Ethernet. TCP/IP (Transmission Control Protocol/Internet Protocol) is the main protocol that your devices use to speak over Ethernet.
On the LAN interface you will more than likely want to run a DHCP service. The Dynamic Host Configuration Protocol allows your router to dynamically assign the network information, such as the IP address, subnet mask, default gateway and DNS servers to the devices on the LAN. This saves the need to manually configure a device before it can connect to a network. The device, if set to use DHCP, send out a discovery message when it is connected to a LAN/WLAN, the router will receive this broadcast and respond to the device in a series of messages and assign the necessary information for it to connect to the network.
The WLAN (Wireless Local Area Network) Interface is the wireless/radio access point with in your router.
In the UK that are two frequencies that are utilised, these being the 2.4GHz and 5.8GHz frequencies. More commonly the 2.4GHz band was used, but this is proving more troublesome with time as further devices come online, as most other wireless devices such as Bluetooth, your cordless phone, your baby monitor and even your microwave use this frequency and can cause conflicts and interference between each other. There are methods such a DSSS that try to overcome these conflicts.
Therefore more recent devices are bringing dual band capabilities that allow a user to use the 5.8GHz frequencies also which are less congested. Wireless network providers have more commonly used this frequency as OFCOM considered it a light license band and asked providers to register their devices.
IEEE 802.11 is a set of standards for implementing wireless local area networks (WLAN). These standards include, 802.11a, 802.11b, 802.11g, 802.11n and 802.11ac
The main ones that are utilised are;
- 802.11g - which operates in the 2.4 GHz band at 54 Mbit/s
- 802.11n operates in both the 2.4 GHz and 5GHz bands and by adding multiple-input multiple-output antennas (MIMO) data rates of up to 600Mb/s can be achieved. MIMO antennas come in 1/1, 2/2, 4/4, or 8/8 configurations.
- The wireless frequencies are broken up into channels. The channels supported by the wireless routers in various countries are different. Channels 1 to 11 are supported in the U.S. and Canada,and Channels 1 to 13 are supported in Europe and Australia.
The radio frequency channels used in 802.11g in the UK are listed below:
- Channel 1: 2399.5 MHz - 2424.5 MHz
- Channel 2: 2404.5 MHz - 2429.5 MHz
- Channel 3: 2409.5 MHz - 2434.5 MHz
- Channel 4: 2414.5 MHz - 2439.5 MHz
- Channel 5: 2419.5 MHz - 2444.5 MHz
- Channel 6: 2424.5 MHz - 2449.5 MHz
- Channel 7: 2429.5 MHz - 2454.5 MHz
- Channel 8: 2434.5 MHz - 2459.5 MHz
- Channel 9: 2439.5 MHz - 2464.5 MHz
- Channel 10: 2444.5 MHz - 2469.5 MHz
- Channel 11: 2449.5 MHz - 2474.5 MHz
- Channel 12: 2454.5 MHz - 2479.5 MHz
- Channel 13: 2459.5 MHz - 2484.5 MHz
Unlike wired networks wireless doesn’t really understand physical boundaries and can propagate outside of the walls of your premises and into neighbouring properties. Therefore wireless networks should be secured. There are various types of encryption and security from the weaker WEP type that uses fixed encryption keys through to the more secure WPA-PSK, WPA2-PSK combined with TKIP and AES encryptions. You should always use the highest encryption level available to you. Some routers also have a WPS function (Wi-Fi Protected Setup) that require you to carry out one of 4 security options, one of which is to physically press a button on the router to allow the connection of a new device to your wireless network.
When you enable the wireless function on your router it broadcasts its SSID (Service Set Identifier). An SSID is a unique ID that is used for naming wireless networks. When multiple wireless networks overlap, an SSID makes sure that the wireless data gets sent to the correct device/destination.
Wireless devices can operate in different modes. Your router as default will work in the Access Point mode. Some routers are capable of operating in a WDS (Wireless Distribution System) mode and create a mesh like network that will allow the client devices to roam across other wireless devices without having to drop their connection and re-connect to a new wireless network, basically avoiding interruptions to your Internet connection. For example, if you had a large building that your single router couldn’t cover with its own wireless signals you could install other WDS capable devices that can connect together and repeat the same SSID/wireless network throughout the building using a common gateway for Internet/network access.
The firewall in its basic form permits or denies network traffic based on a set of programmed rules and is used to protect networks from unauthorized access while permitting legitimate traffic to pass.
Networking data is broken down into small packets of information to be easily sent over networks, and the firewall uses information in these packets to wok out whether they should allow them to pass or not.
There are three main types of firewall, a packet filter, a stateful filter and an application layer firewall.
A packet filter pays no attention to whether a packet is part of an existing stream of traffic, therefore it doesn’'t store any information on the connection state, it just filters each packet based on the information contained in the packet itself using a combination of the packet's source and destination address, its protocol, and sometimes the port number.
A stateful filter examines each data packet as well as its position within the data stream. This type of firewall records all the connections passing through it and determines whether a packet is the start of a new connection, a part of an existing connection, or not part of any connection.
With an application firewall the key benefit is that it can understand certain applications and protocols and can detect if an unwanted protocol is sneaking through on a non-standard port or if a protocol is being abused in any harmful way.
Your router will more commonly use a stateful packet firewall and your computer will use an application layer firewall to protect itself. With the combination of the two you can usually ensure a secure network.
As standard you firewall will be set to allow all out and block all in, basically only allowing established traffic to return back through the router. Routers can be programmed to allow data to come in through the firewall to your network without there being an established connection. This would be done for example if you wanted to allow remote access to one of your computers on your network from the Internet. You could allow a rule that says traffic for port 3389 from the Internet is allowed through the firewall to the internal IP of 192.168.1.5, you would then set a PAT rule that says to forward this port from the WAN IP to the above LAN IP and you will have enabled Windows Remote Desktop to come through your router to your computers with the IP address of 192.168.1.5 on your internal network.
Some newer routers and firewall devices can also provide e-mail and web filtering functions that work more on an application layer and can bring enhanced protection to your network and devices.
NAT (Network Address Translation)
When your computer talks in a network it identifies itself and talks back and forth using two addressing schemes which are called your MAC address (consider this to be your home address) and an IP address (consider this to be your telephone number). We are going to work with IP addresses for our explanation.
NAT works with both of these addressing schemes, but when speaking to the Internet it changes your computer’s LAN IP address to your Internet IP address. Think of your LAN IP as your internal extension number in work and think of your Internet IP as your main office telephone number. It works on the same basis that you want people to have their own number internally and be able to make outbound calls, but you wouldn’t want people outside of your office to be able to dial all the different internal extensions in your office willy-nilly, you want them to dial the main number that comes into a central place like your reception desk, which can then decide and distribute to the right internal extensions if the call is allowed to be connected. NAT in essence is a good security mechanism that keeps your computers separate from the other computers on the Internet; a firewall just extends these capabilities and allows the user to set specific rules.
NAT can be set-up in several ways. It can work on a one to one basis, which means the public WAN IP is directly mapped to an internal LAN IP/device (Full Cone NAT), or on a one too many basis, which means the router can map the public WAN IP to all the internal LAN IPs/devices when required. There are other NAT based functions such as PAT (Port Address Translation) that can map specific ports from the WAN interface to a specific device on the LAN. DMZ (Demilitarized Zone) is where a sub-network is created and a device(s) placed within this that is then exposed to the Internet and not sat behind the security of NAT.
Embedded parental controls within a router allow you to control access to all devices on a network, rather than running this separately on the devices, and can include controls such as schedules which allow access to the Internet only at certain times of day. Content filtering which can look at a websites rating and block adult material. User based permissions requiring the user to login at the router to gain access to the Internet and have specific permissions applied to them. Email and IM control and URL/Website address filtering.
USB ports in your router allow you to connect wireless printers or an external hard drives for printing or streaming media to your wireless devices.
Quality of Service allows you to set priorities on certain data types within your network.
QoS can help applications such as VoIP, Video and Gaming traffic be prioritised over other types of traffic. Your router will delay lower prioritised traffic and ensure that your higher priority traffic gets the option of being sent and received first.
Unfortunately QoS ideally needs to be end to end, whereby every device in the connection path respects and understand the QoS metrics that should be set on the traffic. When your traffic hits your providers and the Internet this QoS is not honoured and different traffic shaping exercises are carried out. Between LANs and on P2P private links and dedicated internet circuits QoS can be an effective tool for traffic management, within the general Internet though your QoS settings have no affect and are therefore only good for your traffic prioritisation on your LAN.
A VLAN is a Virtual Local Area Network. It allows you to divide your physical network into different virtual segmentations that are as good as a physical network. This is utilised more within a larger IT environment that has a need for different network segments or locations.
For the more advanced home user it would allow you to obtain a range of static IP addresses from your provider and create a public VLAN that you could host your own web servers, e-mail servers and other services such as gaming that can benefit from being sat on a public accessible IP and not behind NAT. You still then have the ability of having a private VLAN where your client machines can sit with the added protection of NAT.
Mobile Broadband - 3G Capabilities, good as a back-up.
Some routers come with 3G broadband capabilities and either let you inserft a SIM or a USB 3G device.
As this 3G access is enabled within the router you can share this connection with all the devices on your LAN either over Ethernet or wireless.
This option can be more ideal for builders or building sites requiring temporary broadband internet access, or temporary internet access at exhibitions, or even for the more unfortunate that cannot currently get conventional ADSL or cable broadband. If you have a troublesome connection then you can also consider this as a broadband backup solution.
There are many different extras that a router can come with and we will cover these in our reviews, some of these can include useful features such as DDNS (Dynamic DNS) which is a service that allow you to assign a domain name to your router that updates itself when ever your router changes it dynamic IP address. Other useful features include remote administration that allow configuration of the router from remote locations which can be good for remote offices that don’t have IT staff locally.