All the interfaces faster
than Fast Ethernet or ASUS RT-N15

Main page

Maxim Klimanov

16 August 2009 14-48

Introduction

Fast Ethernet and Wi-Fi 802.11g have already become a common thing. But now Gigabit Ethernet and 802.11n begin to replace them in the SOHO segment. Today we are going to talk about such device - ASUS RT-N15, a router supporting both Gigabit Ethernet and 802.11n draft standards. If gigabit LAN ports can be considered as an ordinary feature, a gigabit WAN port is a characteristic that can be found not in every device. Yet this does not mean that the routing speed will be as high as that. It is quite possible that the speed will just about 100 mbps point. Let’s check it in our tests.

Exterior Design

The case of ASUS RT-N15 is made of white plastic with silver insert and rounded corners. The device will fit well on a table but it will need some additional fixtures for mounting on a wall or in a rack.

DSC03201

On the side panels there are the device model name and embossed vendor name. Besides, there are small vent holes at the bottom of the case.

DSC03216

The device has a turning stand for more stable positioning on the table and labels with a lot of information.

DSC03213

As the router can be positioned upright only, on the top of the case we can find additional vent holes and the model name.

DSC03210

On the front panel there are only LEDs indicating device and port status.

DSC03205

The rear panel has five ports for RJ-45 plugs (four LAN ports and one WAN port), power connector, and WPS and Restore buttons. The restore button is used for resetting and rebooting the router whereas the WPS button helps in establishing wireless network.

DSC03208

So, we got a full picture of how the device looks like. Now let’s examine its electronic components.

Hardware

RT-N15 hardware platform consists of a green printed circuit board. There are no large digital elements on the back of the board.

DSC03223

The most part of the front side is covered with metal screens, except three chips.

DSC03220

The operating memory is composed of two chips: 16 Mbyte EtronTech EM639165TS-6G and 16 Mbyte Samsung K4S281632K-UC60. Macronix 29LV320CBTC-90G with capacity of 4 Mbytes functions as a flash memory. Palmchip Surfboard is used as a processor. This can be found out via a command line.

Firmware upgrade

The firmware upgrade is a quick and easy process. To perform this you just need to select Firmware Upgrade category in Administration menu then choose the latest firmware file and click Upload button.

The uploading process is fully automated and takes about a minute.

After rebooting the router is ready for use.

Firmware restore

In case the current firmware is corrupted it is necessary to use the Firmware Restoration utility which can be downloaded from the vendor’s site. It must be mentioned that the restoration is possible if only the image of the operating system is corrupted. This can occur when, for example, the power goes down during the upgrade process. The restoration utility interface is available in different languages: English, Hungarian, Greek, Spanish, Italian, Chinese, German, Polish, Portuguese, Rumanian, Russian, French and Czech.

After the Restoration utility is installed on the computer, you need to launch it, choose the working firmware file and run the restoration process.

Yet, it must be kept in mind that this utility is not a cure-all solution even if used together with system resetting. The restoration of previously saved configuration from the corrupt file can destroy the system and an ordinary user won’t be able to repair it. Such a result can be reached with the help of the attached file. We strongly recommend not doing this. The only way out from the mentioned situation is to address to the Asus service center. Here we finish the review of the firmware restoration utility.

Web-interface review

After connecting a computer or a notebook (laptop) to RT-N15 LAN-port, open browser and type a standard IP-address 192.168.1.1 in its address line. The user name and password are common for Asus network devices: admin/admin.

Upon successful authentication, the user finds himself in the router main page. Here he gets an opportunity to change the interface language. This feature can be very useful for those who are not good in English. Those who wish to study the Russian variant of web interface can address to the Russian version of this article.

We are not going to describe RT-N15 web interface in detail but speak about the most interesting features. In the center of the main page the user can get a quick access to WAN, WLAN and LAN ports parameters by clicking on a corresponding icon. Let’s turn to the left frame of the web interface.

The Wireless submenu supports WPS (Wi-Fi Protected Setup) for easy adding of user devices.

The Wireless-Professional submenu allows an administrator to set up additional parameters for wireless, for example the time interval during which RT-N15 will work with wireless clients.

In LAN menu we take interest in the Route submenu which allows us to add static routes and enable multicast routing. It also allows receiving routes via DHCP.

Here for the first time we felt like opening the manual to learn more about parameters of this tab that can be enabled or disabled as the information in Help document was not enough.

We downloaded the full manual ((E3515) RT-N15 manual.pdf) from the Asus web-site and found out that the described interface had nothing in common with the one at hand. It looked as if in this manual there were pictures from the guide of some other wireless router.

Let’s go to the WAN group. Here we can configure provider connection rules. Besides static and dynamic IP addresses WAN-port also supports PPPoE, PPTP and L2TP tunnels. You can specify local ports for IPTV translation as well.

Here we also noticed the following features: when selecting PPTP the user can get a dynamic IP address of the physical interface or configure a static one; when selecting any connection type except PPPoE the user can’t specify some additional parameters like MTU. Besides, the administrator can select PPTP encryption parameters: no encryption, MPPE 40, MPPE 56 or MPPE 128.

The QoS subcategory of WAN menu provides the administrator with means for bandwidth management. Actually, it is an opportunity to specify the priority of a certain service in comparison with the other flows.

Besides selecting the priority for a certain service it is possible to specify the priority for the host, or to block it. To perform this it is necessary to go to the Network Map and click Clients button. The displayed list consists of all the clients found in the local network segment. Of course, we captured this network scanning by Wireshark utility. The file with transmitted packets can be found here. ASUS RT- N15 defines the presence of HTTP server and NetBIOS protocol support in scanned clients. It must be mentioned that there exists a risk that such actions of the router can activate personal security programs like Firewall or Antivirus.

In the Firewall group the LAN to WAN Filter submenu arrested our attention by its additional options. Firstly, you can define the time-schedule when the filter will be enabled. Secondly, it is possible to not only filter the sockets but also specify the allowed TCP-flags.

The status of NAT (enable/disable) can be changed in the Operation mode subcategory of Administration group by selecting an appropriate mode.

The brief review of the most interesting features of the router web-interface comes to an end. Yet, it should be mentioned that the process of saving and applying is very slow and can cause the router rebooting.

Command line interface

Despite the fact that ASUS RT-N15 firmware has telnet daemon protocol, it doesn’t run automatically with the system startup. You can do it manually from the hidden page http://192.168.1.1/Main_AdmStatus_Content.asp. Here it is possible to run not only services but also any system command you like. However, we are interested in access via telnet. Enter «/usr/sbin/utelnetd -d» command in the System command input field and click Refresh button.

Now it is possible to connect to the router without a password via telnet protocol. To disable such an access you can from the web interface as well. To perform this you need to Refresh «killall utelnetd» command. It must be mentioned that telnet access fails after the reboot.

On entering the RT-N15 command line, we immediately face the brief information about the shell we work with. More detailed information about BusyBox will be displayed after entering the namesake command.

stdin, stdout, etderr: 0 1 2

BusyBox v1.4.2 (2009-03-05 10:29:07 CST) Built-in shell (ash)

Enter 'help' for a list of built-in commands.

/ # busybox

BusyBox v1.4.2 (2009-03-05 10:29:07 CST) multi-call binary

Copyright (C) 1998-2006 …Erik Andersen, Rob Landley, and others.

Licensed under GPLv2. …See source distribution for full notice.

Usage: busybox [function] [arguments]...

   or: [function] [arguments]...

        BusyBox is a multi-call binary that combines many common Unix

        utilities into a single executable.  Most people will create a

        link to busybox for each function they wish to use and BusyBox

        will act like whatever it was invoked as!

Currently defined functions:

        [, [[, arp, ash, basename, cat, chmod, cp, date, diff,

        dmesg, echo, egrep, fgrep, ftpget, grep, halt, ifconfig,

        insmod, kill, killall, klogd, ln, logread, ls, lsmod,

        mesg, mkdir, mkfifo, mknod, modprobe, more, mount, nslookup,

        ping, ping6, poweroff, printf, ps, pwd, reboot, rm, rmmod,

        route, sed, sh, sleep, syslogd, test, top, touch, traceroute,

        umount, uname, uptime, vconfig, wc

The system runs a comparatively recent BusyBox version – 1.4.2. By the time the article was written 1.14.2 version of the shell had already existed.

Naturally, we were interested in other processes run on the router at the moment.

/ # ps

  PID  Uid     VmSize Stat Command

    1 0           544 S   /sbin/init

    2 0               SW  [keventd]

    3 0               SWN [ksoftirqd_CPU0]

    4 0               SW  [kswapd]

    5 0               SW  [bdflush]

    6 0               SW  [kupdated]

    7 0               SW  [mtdblockd]

   15 0               SW  [rtmpWscHandle]

   38 0           312 S   udhcpc -i eth2.2 -p /var/run/udhcpc0.pid -s /tmp/udhc

   40 0           676 S   /usr/sbin/httpd br0

   41 0           540 S   /usr/sbin/pppd file /tmp/ppp/options.wan0

   42 0           308 S   /usr/sbin/infosvr br0

   43 0           340 S   /sbin/syslogd -m 0 -t MST-3MDT -O /tmp/syslog.log

   47 0           316 S   /sbin/klogd

   49 0           360 S   /sbin/wanduckmain

   51 0           344 S   lld2d br0

   52 0           396 S   watchdog

   53 0           348 S   networkmap

   54 0           384 S   /bin/sh

   55 0           360 S   /usr/sbin/wanduck

   56 0           364 S   ntp

   57 0           368 S   ots

  108 0           252 S   /usr/sbin/utelnetd -d

  109 0           424 S   /bin/sh

  111 0           332 R   ps

Let’s see what commands are available in /bin, /sbin, usr/bin è usr/sbin catalogues.

/ # ls /bin

wscd              ps                iwpriv            egrep

uname             ping6             iwconfig          echo

umount            ping              iptables-save     dmesg

touch             mtd_write         iptables-restore  date

spicmd            mount             iptables          cp

sleep             more              igmpproxy.sh      chmod

sh                mknod             igmpproxy         cat

set8366s          mkdir             i2ccmd            busybox

sed               mii_mgr           grep              brctl

rt2860apd         ls                gpio              ated

rm                ln                flash             ash

reg               lld2d             fgrep

pwd               kill              ez-ipupdate

/ # ls /sbin

wsrom                route                halt

write175C            rmmod                gpio

write                restore175C          getSSID

wps_stop             restore              getPIN

wps_start            reboot               getMAC

wps_pin              read175C             getCountryCode

wps_pbc              rc                   getChannel

wps_oob              radioctrl            getBootV

wmac                 pspfix               gen_ralink_config

watchdog             poweroff             gbr

wanduckmain          ots                  gbe

wan-up               nvram_restore        erase

wan-down             ntp                  ddns_updated

vconfig              modprobe             convert_asus_values

syslogd              lsmod                config8366s

stopservice          logread              config175C

start_ddns           klogd                ateshow

startWan             ip-up                atehelp

speedtest            ip-down              asuscfe

setPIN               insmod               arp

setMAC               init                 FWRITE

setCountryCode       ifconfig

rsrom                hotplug

/ # ls /usr/bin

wc          top         nslookup    killall     basename

uptime      test        mkfifo      ftpget      [[

traceroute  printf      mesg        diff        [

/ # ls /usr/sbin

wanduck       udhcpc        pppoe-relay   networkmap    httpd

utelnetd      tc            pppd          l2tpd         dproxy

upnp          pptp.sh       nvram         l2tp-control  bpalogin

udhcpd        pptp          ntpclient     infosvr

Now we go to /proc catalogue to see what kind of files exist here.

/ # cd proc

/proc #

/proc # ls

116          47           3            interrupts   iomem        bus

109          43           2            filesystems  partitions   irq

108          42           1            dma          slabinfo     misc

57           41           self         cmdline      ksyms        rt2880

56           40           loadavg      locks        kcore        pci

55           38           uptime       swaps        net          mtd

54           15           meminfo      execdomains  sysvipc      Config

53           7            version      mounts       sys

52           6            modules      kmsg         fs

51           5            stat         cpuinfo      driver

49           4            devices      ioports      tty

/proc # cat version

Linux version 2.4.30 (root@magic_pan) (gcc version 3.3.6) #1953 2009õ╣┤ 04öÜÈ 14ö×å öØßöÜßô║Ì 09:33:06 CST

Let’s estimate how RT-N15 is loaded. For this purpose, we examine the content of uptime and loadavg files. In cat uptime output there are two numbers that correspond to uptime and idle time of the router. The first three numbers in cat loadavg output show the average load of the device for the last 1, 5 and 15 minutes. As we can see, at this moment our router is not loaded at all.

/proc # cat uptime

1617.67 1557.85

/proc # cat loadavg

0.00 0.00 0.00 1/25 119

As the most part of the electronics is covered with protecting screens, it will be interesting to find out what kind of processor is used in the router via the cat cpuinfo command, the output of which is displayed below.

/proc # cat cpuinfo

system type             : Palmchip Surfboard

processor               : 0

cpu model               : unknown V6.12

BogoMIPS                : 265.42

wait instruction        : no

microsecond timers      : yes

tlb_entries             : 16

extra interrupt vector  : yes

hardware watchpoint     : no

VCED exceptions         : not available

VCEI exceptions         : not available

Here we end the once-over of the router command line and pass on to the testing.

Testing

We begin our tests with determining the device boot time, which means the time interval between the moment of power connection and the return of the first ICMP echo-response. ASUS RT-N15 boots in 22 seconds, quite a good result.

The next step is to test the device on the security flaws. To perform this we scan the device with Positive Technologies XSpider 7.7 network analyzer (Demo build 3100) from the network local segment. We found five open ports: UDP-53 (DNS), TCP-80 (HTTP), TCP-5431 (HTTP), TCP-9998 (unavailable) and TCP-18017 (HTTP). The most interesting vulnerabilities are shown below.

The detected availability of authentication via HTTP cannot be considered as a serious vulnerability as scanning was held when the router had default username and password. And one of the standard recommendations is to change them immediately.

Now it’s time to test the speed of data transmission via RT-N15. Here we use netcps utility that to our mind is able to generate the traffic close to the real network. First of all, we tested the wireless data transmission speed. The transmission speed in any direction directly depended on the number of streams. The summarized speed achieved its high point at simultaneous transmission in both directions and was about 90 Mbps. The stream speed in the direction from the wireless client to the router was 74 Mbps and in the opposite direction it was 81 Mbps. All test results are displayed below. Then we decided to test the speed with which ASUS RT-N15 routes date. Here the difference was not so significant: in the direction from the global network to WAN interface the result was 72 Mbps, in the opposite direction – 74,4 Mbps and the summarized speed of simultaneous streams in both directions was 76 Mbps. We also didn’t forget about data transmission through the tunnel as among Russian providers such kind of internet access is the most common thing. Here speeds were equal, that is did not depend on the stream direction and were about 15 Mbps. The tunnel speed testing was held via PPTP without encryption at all.

We should say that we failed to set up PPTP encrypted tunnel and the process of setting up the tunnel without encryption was accompanied by various errors messages like “server is unavailable” or “incorrect dynamic address”. Yet, after the tunnel was up, everything went like clockwork.

Type

Direction

Speed, Mbps

WLAN

Client->RT-N15

74

Client<->RT-N15

90

Client<-RT-N15

81

NAT

LAN->WAN

74

LAN<->WAN

76

LAN<-WAN

72

PPTP

LAN->WAN

15

LAN<->WAN

15

LAN<-WAN

15

On the basis of the results a diagram was composed.

Of course, we can’t but mention the devices used in the test.

PC

PC #1

PC #2

PC #3

Operation system

Windows Vista SP2 x64 Ultimate Eng

Windows XP SP2 x64 Eng

Windows Server 2003 x32 SP2 Eng

CPU

Intel Pentium 4 3,0 GHz

Intel Core 2 Duo 2,8 GHz

Intel Pentium 4 3.2 GHz

Motherboard

Asus P5GDC Pro

Asus P5K64 WS

IBM M71IX

Memory

Hyundai 2 Gbyte (DDR2)

OCZ 2 Gbyte (DDR3)

Micron Technologies 1 Gbyte (DDR)

NIC

Marvell Yukon 88E8053,
ASUS WL-130N

Marvell Yukon 88E8052/88E8001

Intel(R) PRO/1000 CT

We finish the Test part here. Let’s make the conclusion.

Conclusion

On the whole, ASUS RT-N15 wireless router leaves a very good impression. Still, the vendor should pay more attention to the firmware testing as it really needs to be touched up, to our mind. The device strong points are listed below:

-         good routing speeds (NAT and PPTP),

-         strong defense against network attacks,

-         WPS support,

-         Russian language in the web interface,

-         availability to enable/disable WI-FI module according to the time-schedule,

-         IPTV support,

-         dual data routing to internet and provider local network,

-         availability for PPTP connection with the dynamic address of the interface.

We can’t but mention the weak points as well:

-         bad reaction of the device on the restoration of the settings from the changed configuration file,

-         absence of up to date documentation,

-         rough Russian translation of the web interface,

-         slow web interface,

-         unfinished firmware.

We recommend RT-N15 for home network users with medium speed traffic.

By the time the article was written ASUS RT-N15 price in the Moscow internet shops was about 4700 rubles.

The author would like to publicly acknowledge the help of Andreeva Maria, who translated the article from Russian into English.

Main page