I recently updated my router's firmware from the manufacturer. It was the first update in a few years, and although it was a few months old (I don't often check for router firmware updates), it did proclaim some performance improvements. It was wrong.

I did see a speed improvement, but I think that was due to changing the security from WEP to WPA2. I've noted before that I'd found that WEP caused the WiFi connection to peak around 10Mb/s. The wife got a new laptop from her work, and the Android devices can all use WPA2, so there is no longer a need to cling to WEP. I made the change. Speeds jumped from 10Mb/s to over 60Mb/s, which is double what the Internet speed is, so it's sufficient for those needs (the LAN speeds are much higher, but that's seldom what the WiFi is used for).

That's the good news. The bad news is that I also saw frequent reconnection failures. When taking a connected device away from the network, a later return would result in a "connected" state, but get stuck at "getting IP address." I could fix it by visiting the router's WiFi configuration page and saving the configuration, without making changes. Almost instantly, the devices would connect. Taking devices to the second floor (the router is in the basement) would also lead to connection drops, and that would sometimes lead to failures to reconnect, too.

That's just plain unacceptable.

I've been considering using dd-wrt for some time. It's an open-source router firmware replacement for a lot of routers. There are others out there, but this seems to be the most stable and featureful FOSS firmware out there. It offers on-the-device iptables and even web server front ends.

Since I can't abide constantly tickling the router to make what should be an easy connection, I bit and did the upgrade. It was pretty painless. Visiting the dd-wrt site, and searching for my router led me to the firmware binaries, and a link to a how-to. Poking through the documentation, it was as simple as using the router's admin page to upload the dd-wrt binary as the firmware, and then repeating the process with an apparently more specific one for my router.

I spent a few minutes reconfiguring my static IP, setting my WiFi security back to what the devices expect, and adding the one (currently) NAT port forward I use to SSH from the Internet to my workstation at home. It took me just two "saves" to realize the "save" button didn't activate the change, and that the "apply changes" would save before applying (I was doing "save" and then "apply").

As I went through the process, I watched on my Android phone's WiFi setting screen. During the first upgrade, my WiFi disappeared, as I expected. There appeared a new network, named dd-wrt, which I found to be the default name of the router once the upgrade was completed. I changed that as part of the reconfigure, and the device reflected the change.

Once the WiFi configuration in the router matched what the device expected, the connection was quickly established and the device connected. With each change I applied (that affected the WiFi or rebooted the router), the network would disappear and come back with the router, and the connection would quickly be reestablished.

I also tested by turning off the WiFi on the phone. Turning it back on, an action that led to the "getting IP address" spin before, quickly noticed and connected to the network. Also, it seems that the WiFi signal is (as advertised on the  dd-wrt site) stronger; at least on the icon there's an additional strength bar.

Running SpeedTest through the WiFi, on the phone, came up with faster speeds than the one I ran after the last upgrade with the manufacturer's firmware. The manufacturer's upgrade resulted in a 13174kb/s download, while dd-wrtg reports 16210kb/s. I'm gonna go with the capablities of the phone as the bottleneck. For a complete assessment, running the test from my wired workstation that uses the router results in a closer-to-expected 21Mb/s.

I've stepped through the router's configuration page, and it looks like everything that could be a potential security leak starts as disabled. The only thing that I'm unsure of is whether the access to the configuration is allowed from WiFi or WAN clients; I need neither as I have wired workstations and can make SSH tunnels as necessary.

One last first impression is that the interface is quick and slick. There are all manner of reports and graphs and details that were missing from the other configuration.

In this first few minutes of using it, I'm wondering why I hesitated.