Gargoyle - Good Family Network Solution

[tals]

I'm a gamer, I have 4 other members of the family who don't game but also like to download/browse the web/play videos etc. I initially bought a Billion which I loved as a router but QOS wise it just wasn't managing to achieve the results I needed, basically meaning that I had to play after bedtimes or kick people of the network.

Whilst chatting in the Billion forum last week I came across an open source solution called Gargoyle, these guys have taken an existing Linux firmware and then tacked a user friendly web front end onto it. Makes it easy to manage and further they are gamers/family men as well so my QOS issue was also in the solution. Now I have the solution I am totally blown away by it - to the point you want to shake people and say, why use that solution when this one exists at a fraction of the cost!

So what's involved, IMHO the easiest method is to get a Netgear 3700 v2 router (v1 or v2 will work), then using the Netgears update facility flash it onto the router and you have Gargoyle. Downsides, you need an adsl modem as the 3700 is a pure router (I used my old 834g which can be changed from an adsl router into a modem). Once up you have a surprisingly tidy set of options, you can set static ips from the web interface and ban ones not set by you, you can force users through the dns you set and a whole load more stuff.

The easiest way to demo what it has though is to show some screen shots

Breakdown of Connection list, note wifi signals and traffic for each of the connections

QOS Upload screen, you define rules (I use IPs) that fit for each of groups and then you set what type of distribution they should have

QOS Download - Similar to Upload and note you can see how the traffic breaks down

Now the great bit of Gargoyles QOS - the active congestion control, you set the bandwidth you have and then Gargoyle will keep an eye on the ping and if it starts going south it brings down the bandwidth to keep it in check - it will do this by a factor of 5. i.e set it to 5000 it will bring it down to 1000 if required

Want to restrict the study activities

Want to know whats being accessed on the web

Want to see what is being searched for

Lots more but I thought the bandwidth breakdown was also quite neat

 

[tals]

So is it perfect, well teh QOS i'm still assessing. As part of this exercise - one of the Gargoyle devs was incredibly helpful. It turned out that whilst I have an 8mb connection at night that was turning to a 2mb bandwidth. It ewxplained a lot of the congestion issues I had been experiencing. Going from an 8mb standing start for active control was too much. I've set it now at 4500 and we shall see. You also have the worry you could potentially brick the router - was straight forward but it can never be guaranteed

The study restrictions, whilst in theory are great appear to still allow services to work, so you can restrict web pages but then that allows msn - not perfect but significantly better than I had

Feel free to fire away any questions/thoughts etc.

 

[tals]

Just going to add to this as I have learnt along the way and maybe now understand a little why previous QOS solutions have been ineffectual for me. To the point I started to believe QOS on adsl was impossible.

The trouble with adsl is the line speed is rarely static. So for me if I download now i'll probably get between 6 and 7mb, however if I go into peak time I might see as low as 3 to 4mb. However QOS relies on you being able to state a space between what you can do and what your line can do. So typically you should set what you can do to 80% of what your line can do (on the download), this leaves a space in the line to stop the congestion and allow all the rules to be processed. But in the example I have I set my 6mb example at say 5mb max - as soon as my line starts creeping down to 5mb and below QOS will no longer work and the line can get congested. I believe Gargoyle is the only system that effectively tracks the cogestion of the line and as it detects congestion it pulls the limit down up to 20% of the actual line speed.

Works incredibly well and for the first time in years I now have no worries what the family is doing whilst I game.

 

[tals]

Currently their is no way of scheduling qos - you could post on gargoyles forums re this feature but tbh I think you will be surprised how well the active control works. All it does is ensure that for your current line speed you operate at 85% but that difference is huge for general web performance and gaming etc.

Also note if only one class is on then it realises qos would be pointless so it doesn't enable it. Finally it only brings in % distribution if the line is maxed and then only proportionally between the classes on.

I would recommend one of the Atheros AR71XX Routers from this list

http://www.gargoyle-router.com/wiki/doku.php?id=supported_routers_-_tested_routers

Because you can use the routers existing flash capability to achieve, personally I think the netgear 3700 v2 is a good bet but it's your call.

Any questions fire away. The gargoyle forum is also very actively supported

 

[tals]

Do your house mates know your are monitoring what websites they are browsing or what they are looking for on them web?

Seems like a massive breach of privacy on their part.

My children you mean?

Yes they are all aware and I have sat down with them to show what level of monitoring it does. The web monitoring is an option you can have on or off and you can disable monitoring for selected ip addresses.

 

[tals]

Nice !!!! I want to be a PITA too ... Think I'll stick this into a VM and have a play.

BTW Are there any others out there ?

Gargoyle sits on openwrt, so you get that as well.

Tomato is another that springs to mind but active congestion control I believe is only on gargoyle, so pretty much the only working qos solution on an adsl line - unless your adsl line speed remains static

 

[tals]

I'm sure they're 2 steps ahead of you bruv with your fancy pants QoS and packet filtering

Bet the 5 yr has an SSH tunnel bouncing off several servers and through Tor.

Unlikely, but you never know, tbh the use of the monitoring I'm still in two minds on - did I mention this has support for tor as well

 

[tals]

Ah ok that's fair enough. The original post just said house members and there are a lot of posts on this sub forum to deal with shared households and dealing with people who download all day.

Although anyone else using this for households such as the above might want to take this into account.

Agreed, i wouldn't expect web monitoring to be enabled in this event, or if it was then all flatmates to have access to the information via the router, my wife for instance has the connection details for the router. tbh the big feature in Gargoyle is it's ability to handle QOS on adsl lines which can be a pain as the line speeds can be all over the shop

** corrected my original post **

 

[tals]

That does look good, the gargoyle forum will also give you views but price wise that looks nice.

I think I have mentioned it but just in case you also need an adsl modem, if you have a netgear 834 (any of them - mine is an 834n) Then I used this page http://vpncasestudy.com/download/DG/DG834_Tips100.pdf, just do that no login details. The modem goes into the phone line then cable from the modem to the router and on gargoyle you set it as ppoe and do the connection as you would normally do on an adsl router. If you don't have the 834 then either you get a modem or bridge your existing router, but the modem route is easier - just bought another 834g from eBay for 10 pounds as a backup. The nice thing with this solution is I now have a backup modem and I have 2 backup routers

Finally the web monitoring is something that really shouldn't put people off, the default of monitoring is off and really is only of use for families. The features you get from gargoyle are very tidy and the active Congestion controlhas to be seen, it was even kicking in when I had Internet problems and my line sped was sub 1mb but gaming ping remained good.

I would recommend changing the default classes from slow med, fast to the names of your flat mates then group their devices, that way if an iPad is streaming that user takes the hit. Do class Identifying by ip, I force the ips using gargoyles dhcp of all devices and set the ip to keep it static.

Post how you get on or if you have any queries.

 

[tals]

One aspect I liked on the netgear is if you do brick it then recovering it seems to be fairly straight forward

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=79802

Looking around the buffalo doesn't seem to bad but it is still more complex, that said it's unlikely and I'd prefer a buffalo to the netgear, but I do like this particular netgear - v2 not v1

I got mine for 65 after trawling the web and striking lucky but was worried I might have a v1 - not that it wouldn't have been fine as well

 

[tals]

I am on 1.51 with no issues just didn't do 1.52 more because I couldn't see any major reason. But will probably update next update.

On the router issue, because Gargoyle is effectively a front end for openwrt then if it's listed in the supported routers on openwrt then it's supported on Gargoyle but you may want to confirm that on the Gargoyle forums but 99% certain that is how they do it.

Good luck I had a lot of fun setting mine up, its very intuitive.

 

[tals]

You need an adsl modem not an adsl router (unless as you say you bridge an adsl router). Personally go for the 834 then you switch it as a modem and it's really painless or if that doesn't work it can act as a router (bridged). Otherwise if you are getting one get a pure adsl modem. When it's a modem (as per my link) it really is - no authentication etc just works as a modem

Bridging I haven't tried - not sure if it adds any latency to the connection etc over modem, more complex to set up etc - really don't know tbh.

 

[tals]

You can kick me if the 834 doesn't work aka modem mode, but rereading that modem post it says all 834's and I have an 834N which must be the top end of the 834 range - as I said I like the solution so much that I have now purchased a second one. Does mean if you ever get any issues you change it back to an adsl router and then can test/compare line speeds etc,

 

[tals]

Should say I got mine for £9 all incl second hand, but I wasn't in a hurry as it's a backup and I found a poorly worded ebay ad - always a winner

 

[tals]

Yeah, there is one ending now for about £10 see what happens, there seems to be an auction nding every few hours, so one is bound to go cheap! I'm in no particular rush!

I searched for 834 and then hooked into the one with the worst description/details

 

[tals]

There's one that's collection only Although it's 330miles away, probably not worth my while. Lets be honest i've just spent around 90 notes on a router, is 9,10 or 12 squidoo's going to make a huge difference now...?

Agreed, tbh I got so excited about it I would have easily put down £20 to just get it going Amazon I believe have some for sub 20.

 

[tals]

How are you getting on with it, all in place yet?

As an appendum to my story the 834 duly arrived lacking power supply and stand, not a huge deal as I got it at such a steal but the price works out closer to £20 so I should have just gone for those when I had the chance and kept it simple

 

[tals]

This article by the Gargoyle developer of QOS maybe of interest

http://www.gargoyle-router.com/wiki/doku.php?id=qos

The QOS in this router has literally changed my networks ability to have voip and gaming lag free, because I have set it so each persons devices are grouped then if one person streams then it only affects them all other devices are ok - I could get even better by seperating the actual streaming but this a fairer solution.

 

[tals]

Wow! Well spotted totally missed that. Because it is such a great release - notes posted here

New in 1.5.4:
Bumps OpenWrt version to latest Backfire version for latest wireless fixes and support of multiple switch models in Buffalo WZR-HP-G300NH routers
New improved version of Active Congestion Controller. Paul has done OUTSTANDING work on this, and there is now fairly comprehensive QoS documentation on the wiki!
Implements ability to configure router as a Tor Relay/Bridge including ability to configure an Obfsproxy bridge (for routers that support Tor)
Implements ability to connect to Tor bridge (including Obfsproxy bridge) instead of directly to a relay (for routers that support Tor)
Allows monitoring of total Tor Bandwidth usage (for routers that support Tor)
Allows access to Tor hidden service addresses from all hosts (toggled and untoggled) when Tor is active and separately toggled for each host (for routers that support Tor)
Allows monitoring of bandwidth to/from router itself, which was before included in the "Total" categories, but not recorded seperately
Option to attempt to save configuration when upgrading. Some versions may still be incompatible.
Fixes monitoring of web history/searches for ranges of IPs
Some fixes for mounting/formatting of USB drives
Fixes security issue -- bandwidth.csv is no longer visible if not logged in
Adds two new optional date formats: dd.mm.yy and yyyy-mm-dd
Enable ps wide output in busybox -- allows more accurate listing of running processes when logged in via SSH
Sets cron loglevel to 9 so syslog doesn't show every time a cronjob runs (which can quickly clutter up the system log)

http://www.gargoyle-router.com/phpbb/viewtopic.php?f=3&t=2461

Going to try it now

 

[tals]

Right i've just fell upon this whilst trying to work out how to QoS after many failing with flatmates etc... I think i might jump and give it a try. Is it possible to just enable QoS at certain times? I don't want to be doing this all the time, but "peak" hours the internet MUST be shared, which is what some people don't understand at all... .

It's been a while since I last posted, solution still has been working marvels and family remains sane. Tbh the qos works so well and unlike other qos solutions if the bandwidth doesn't require qos it doesn't use it and further I have 5 groups (classes) in the network splitting the bandwidth 20% for each class which represents each family member. If however only my daughter and I are on then the. It is clever enough to split the proportion 50% each as it proportionally sets it. If we weren't maxing it though it wouldn't be active.

That said should you want todo what you requested it is theoretically possible with the latest patch! You now have the ability to set quotas and a quota when kicking in can do one of 2 things it can either disable Internet if breached or it can push the machines effected to specific qos classes. On top of this you can have the quota disabled at certain times so basically you'd shove everyone to one class and set a very low quota so when active each device would go to a set class, I have no idea if it would work but it should do but due to how qos works on the gargoyle it wouldn't actually be necessary.

On an additional thing I have added, I now have plugged a USB drive into he back of the router and have this act as a simple nas drive for the family through gargoyle firmware - even pushed my sons iTunes folder to it last night as his laptop was struggling on capacity

On another note, if people are looking at this there is now a 3700 which is v3 so make sure you only get a v1 or v2 or one of the other atheros routers listed in the supported routers section, more memory and flash memory is good - which it lists in that section on the gargoyle supported routers section. The atheros AR71xx routers personally I would go for as you can use the standard provided router web page to push gargoyle onto the - no fancy tricks etc