Despite this great bounty for only $120, they do have a major weakness – they tend to lock up after about 2 weeks of normal use, which requires a hard power-cycle to resolve. After some Googling, I recently stumbled across a work-around on Netgear’s forums. It seems by setting an SNMP OID to a certain value, you can cause the access point to do a soft reboot. The trick is to schedule such an event on a weekly, or even daily, basis, so that it occurs before the AP has a chance to lock up. The command below works quite well using the Windows task scheduler and the Net-SNMP tool set.

snmpset.exe -v 1 -c private 10.10.10.10 1.3.6.1.4.1.4526.4.3.9.1 integer 1

Just change the community string (in this instance, private) to your R/W community, and of course the IP address to match your AP. I have this running at two locations each rebooting 5 of these AP’s on a weekly basis and so far no lockups.

I decided to make the jump from Comcast after debating prices vs. features and picture quality, finally settling on a FIOS package relatively equivalent in both price and features to my current Comcast package. I placed a call to Verizon, and ordered the 5/2 Internet service, the premier package television service, the “movies” add-on, 1 DVR box, and 2 standard boxes. We have three TV’s in our house, and each television requires a box with Verizon. With my order complete, and installation date scheduled (about 2 weeks out), the wait began.

Installation

Two days before my installation, I received an automated call from Verizon confirming my installation date and reminding me that someone over the age of 18 must be present. The day before my installation I received a second call, this time from an actual person who basically regurgitated what the automated message said.

The day of the installation, I received a call from the installer informing me he was on his way to start the Internet install, and that the television installer would be arriving shortly afterwards. Both installers arrived at the same time, within about 30 minutes, and introduced themselves and explained what they were going to be doing. I showed them my existing wiring (home-run RG6 and CAT 5e), my network closet, and the location of the three televisions. We consulted on where the cables from the optical network terminal (ONT) should enter the house and where the battery backup unit (BBU) should be installed. I was one of their “new-style” installs that used a single coax cable from the ONT for both television and Internet. This allowed them to simply “jack in” to my existing coax and kept their wiring job to a minimum. They split a television run that went right by the BBU and used my existing wiring as is. Very easy.

They replaced my cable modem with an Actiontech router, and plugged the coax cable right into the back. The router provides Internet access for the computers, upstream access for the cable boxes (for on-demand, the guide, and the like), and an internal network for the cable boxes to communicate on. This later option is used mainly by the home media DVR feature, something I may check out in the coming months.

In all, the installers were on-site for around 3 hours, including “training” me on the use of the cable television and configuring my router. The entire time both techs were friendly, happy to answer questions, and very professional. I couldn’t be more pleased. I thanked them for their time, they thanked me for making their work easier (pre-wiring is a big deal), and they were off. While I don’t expect every installation to be as smooth as mine, I have no doubts that Verizon goes much further for their customers than Comcast.

Internet

I decided to tackle the Internet connection first, as I needed to integrate it into my existing network configuration to get back online. In the past I used a Motorola Surfboard cable modem to connect my Comcast cable Internet to a Linux router/server. With this new install method of a single coax, however, I was forced to use their router. I didn’t feel like trying to reconfigure the router as a bride, so I simply changed the IP range of the router to a different class C, and set my Linux server as a DMZ host. This essentially gives me a double-NAT’ed Internet connection, but everything works just fine. I was also pleased to see that I was a DHCP customer, rather than PPPoE, which makes for a much easier configuration to deal with.

Speed levels so far have been consistent, with very low latency and no packet loss. The 2Mb upload speed (in reality, about 1800Kb) is fantastic, and makes for slightly snappier VPN or remote desktop sessions over the ‘net. Verizon blocks in-bound port 80, but not 443, so my SSL enabled web mail server runs just fine. No other ports seem to be blocked in either direction, including outbound SMTP. I’m able to relay mail through my web-host’s mail servers straight over port 25, something Verizon DSL customers have been prevented from doing in the past. All in all, I’m very happy. I’m considering bumping up to the 15/2 plan, although I may wait until they upgrade it to 20/5.

Television

While the Internet connection is very nice, it’s nothing special. I never had problems with my Comcast connection, so I didn’t really gain or loose anything with FIOS Internet. Television, on the other hand, seems like the FIOS killer app.

Picture quality is excellent. High-definition channels look just as good as Comcast, which was always excellent. Standard definition (SD) channels are hands down the best I’ve ever seen. Nothing brings out a crappy SD picture like an HDTV, and on my set SD Comcast looked particularly crappy, with compression artifacts all over the place. Thanks to the bandwidth and on-demand architecture of FIOS TV, there is no
noticeable compression on any of the SD channels. The picture and sound are crystal clear, and playback is smooth and instantaneous.

The sheer number of channels is overwhelming. With their “Premier Package” (in reality their most basic standard plan), I have over 200 english-language channels, plus the HD channels, plus 40+ digital music channels, for less than $35 a month. Wading through all of these channels was a little frustrating at first, but it’s gotten easier over the last week as we get used to where our favorite channels are.
The DVR box is the same basic crappy Motorola set Comcast uses, with slightly different software. While better than the Comcast solution, it’s no TiVo. Still, there are little things about the FIOS DVR software that are a lot nicer than the Comcast DVR software. Recorded shows are grouped together, the cursor jumps to the next logical selection, and the box jumps back 8 seconds or so when you finish fast-forwarding, obviously trying the imitate TiVo’s jumback feature but failing miserably. For downsides, the Verizon guide is a little more jumbled than Comcast’s, their provided remote does not have a page down button, and there series-recordings are as flexible. However, until the Series 3 TiVo drops below $200, I’ll stick with the Verizon DVR.

Conclusion

All in all, I’m very pleased with the Verizon FIOS service and highly recommend it. Comcast can probably make you better deals right now, as their sales reps have more freedom with package pricing, but Verizon will catch up to this. Also, if you have a lot of televisions, Comcast may be cheaper since Verizon requires a box for every TV. However, if you care more about picture quality and features than about saving $10 a month on your bill, this service is definitely for you.

This whole project changed when I happened to check-up on pfSense, a firewall distribution based on FreeBSD. Lo and behold, they had added multiple WAN support over the summer. A quick download and test run later, and I had my winner. It had the raw support for the features that I need, with the polish coming down the pike in the coming months. It was free, since I already had a spare server to put it on. It was configured completely through a web interface, making for easy administration. It was… a done deal.

We went live with the setup before Christmas, and it’s been running flawlessly. Policy-based routing allows me to control which packets go where, and strong NAT/firewall rules make it a breeze to publish services out to the world. I’ve even got it running a fourth interface for a guest VLAN. More on that later…

With the easy part out of the way, I embarked on a quest to manage two WAN links. Our firewall/gateway is a Microsoft ISA Server, which doesn’t support multiple WAN links. The only ISA add-on that does support multiple WAN links has just been deemed end of life by EMC. Just as well, as it was $3000. So, I began looking for hardware solutions. Thus began the hard part.

I found many SOHO solutions that can load balance multiple WAN connections. The list includes the NetGear FVX538, Xincom DPG602, Linksys RV082, and a few others. All of these are low-cost, feature rich solutions, but are obviously built on low-cost hardware. They don’t seem capable of handling the throughput of a large network, as evidenced by their 253 user limit. I’m not even certain what this user limit is, or how it’s enforced. In any event, these seem best suited to small offices of 50 PCs or less. Certainly not ideal for our 300+ node environment.

My next foray led me to the Cisco 1841 router. There are a few users on the ISA Server message boards that seem to be raving about this router. It has many features and options, but my initial impression is that it cannot handle the routing speeds of a broadband cable connection. My CDWG rep is looking into this, so I should have some more information shortly. If it can meet my needs without breaking the bank, I think it’s a sure bet. Enterprise class features and support are always a plus.

Finally, an intriguing option would be to setup a Linux-based router using this article as a guide. This is option has the appeal of low cost, many possibilities with traffic control and QOS, and of course all the smell of a fun project. However, support and service are realistically nil, so the long term outlook isn’t good.

Hopefully I’ll have some more options and answers in the coming days, and I’ll post an update then.