Managing TP-Link easy smart switches from Linux

I’ve recently acquired some TP-Link ‘Easy Smart’ managed switches – cheap, decently built (metal casing), and a lot of features above the usual unmanaged stuff:

  • Effective network monitoring via Port Mirroring, Loop Prevention and Cable Diagnostics
  • Port and tag-based QoS enable smooth latency-sensitive traffic
  • Abundant VLAN features improve network security via traffic segmentation
  • IGMP Snooping optimizes multicast applications

Unfortunately, it uses a windows application to manage the switches – the 5 and 8 port varieties don’t have a usable built-in web server to manage them. Luckely, there’s a way to make that still work on Linux ;) as it seems that it’s just a JavaFX application. The only thing you’ll ever need a windows installation for (or use Wine) is to install the actual application.

After installation, You’ll find a file called “Easy Smart Configuration Utility.exe” in the installation path. Copy that to your Linux installation, rename to .jar, and you’re good to go.

To run it, you’ll also need the Oracle Java distribution, as JavaFX is not yet part of OpenJDK. Install that in your distribution of choice, and you’ll be able to start the application using java -jar “Easy Smart Configuration Utility.jar” and it’ll start right up.


Unfortunately, it doesn’t work out of the box. The tool doesn’t find any devices on the network, but they are there.
Checking with netstat, the tool bound itself on UDP port 29809, on the local ip address.

$ PID=$(pgrep -f "java -jar Easy Smart Configuration Utility.jar"); netstat -lnput | grep -e Proto -e $PID

Proto  Recv-Q  Send-Q  Local Address            Foreign Address  State  PID/Program name 
udp6   0       0       [your ip address]:29809  :::*                    28529/java

Checking with tcpdump showed that the traffic was returning, but since our tool is only listening on the local ip, and not the UDP broadcast address, it never sees anything.

# tcpdump udp port 29809
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlp1s0, link-type EN10MB (Ethernet), capture size 262144 bytes
09:35:48.652235 IP [your ip address].29809 > UDP, length 36
09:35:48.961586 IP [switch ip address].29808 > UDP, length 159

It seems the tool binds to the local IP instead of the ‘any ip’,, so you need to locally forward the traffic incoming on the port to your local ip. To do this, execute this command (and/or add it to your local firewall script):

# iptables -t nat -A PREROUTING -p udp -d --dport 29809 -j DNAT --to [your ip address]:29809

And don’t forget to enable IP forwarding

# echo 1 > /proc/sys/net/ipv4/ip_forward

Now you should be able to find and configure the switches in your local network.

OpenWRT, dual routers, dual SSIDs and VLANS

Back in the day I used to have one router in the house: the D-Link DIR-825, flashed with OpenWRT. Configured with two SSIDs – one for internal network use, and one for guest access – the latter being separate from the internal network of the flat.

After moving to our house, I discovered that the house construction materials provide a better shielding for radio signals, which in turn meant that the reach of my WiFi router wasn’t quite what it should be to reach the far corners of the place. I tried increasing the output wattage, but that had only a marginal increase in reach. So in the end I opted getting a new primary router – the TP-Link Archer C5 (though mine has three antennas?), which was promptly reflashed with OpenWRT. The DIR-825 was moved to the opposite corner of the house to increase reach, and at the same time I lowered the output wattage of the radios.
Because of time constraints, I didn’t bother stretching the guest wifi to the second router, as it requires a bit more configuration to properly separate the flows of data between the two networks: vlan configuration.

Continue reading

OpenWRT, Atheros & channel availability

If you’re living outside the US, and you’re using OpenWRT (a fantastic 3rdparty opensource firmware for many routers), you might have noticed that not all the WiFi channels which are legally allowed in your region are actually available for you to choose from.

This is a known issue, and stems from the fact that the OpenWRT images are built without CONFIG_ATH_USER_REGD=y (which allows overriding the wifi-card builtin default regulatory domain), so that the builds are compliant with the regulations of the US. (see trac ticket 6923)
If you pick another region in the settings, the ROM will pick the most restrictive of the two – in my case this means that WiFi channels 12 and 13 are not available to choose from.

There are two ways to get around this:

  • Building OpenWRT from source, and enabling this option
  • Using reghack to patch the drivers (see the README on how to do this)

I only recently learned of reghack (thanks, Stijn!) which works nicely ;)

Backup & restore of your Tomato-based router statistics

Since I recently moved, and now have my Tomato based WRT54GL on 24/7, I also wanted a way to keep a backup of those nice statistics the router generates. You have the option (built-in) to write them to nvram or to a CIFS share, but the former has a limited amount of writes, and the latter is not really stable (and I don’t have anything powered on all the time to keep the backups on).

I found some nice scripts on that showed how to make backups on an ftp/website combination, but I wanted to move this to an internet-host (since that thing IS up 24/7 in contrast to my inhouse infrastructure) and I didn’t really like them, I ‘redesigned’ them.

Lo and behold!

The only thing you need to do is put this in your WAN-up script:

killall rstats

FILES="rstats-history.gz rstats-speed.gz rstats-stime rstats-source"

for FILE in $FILES; do
  ftpput -u $USER -p $PW $FTP \$FILE $STATSDIR/\$FILE
chmod a+x $FTPSCRIPT

cru d bkstat
cru a bkstat "2,15,30,45 * * * * $FTPSCRIPT"
for FILE in $FILES; do
  wget $URL/$FILE
sleep 10

Don’t forget to change the lines reading URL, FTP, USER and PW to your respective website address, ftp server name, ftp login name and ftp password!

My ISP – Part deux

An update after my previous ISP post:

  • July 2007
    • Increase of data transfer for netconnect to 75gb
  • October 2007
    • Increase in prices :( BOOO! Well, only with a few euro’s, but still… :(
  • November 2007
    • Change in newsservice, now allowing more connections and dedicated text-news server ;)
  • December 2007
    • Increase of data transfer for netconnect to 100gb, netconnect + boostpack to 120gb
  • January 2008
    • Increased upload traffic in all accounts to 448kbit
    • Increased data transfer with the boostpack to 150gb
    • Increased download speed (2048kbit) on mediumband with boostpack
    • Started delivery of Cityconnect – a new ADSL2+ product line (available in Leuven only sofar…)

Needless to say, I’m still a very happy customer ;) But I am going to cancel my boostpack, since it no longer has use (I need the upstream speed, not the data transfer..)

wrt54g time to live exceeded?

I wonder how long the lifetime is of a Linksys WRT54G v2.2 router… I have one, and it’s been showing more and more problems with the WiFi part of the router: often after a powerup it just doesn’t initialise, no WiFi to be seen. The router reports it’s up, but there just isn’t any signal.

It usually takes 2-3 powercycles (unplugging and replugging the power) to get it running. Kinda annoying if half of your infrastructure depends on said WiFi :p and the router is on another floor :p

I just swapped my WRT54GL (that I used in a WDS setup) with the WRT54G, and now the internet-connected router is working well but the WDS one isn’t :p Time to either:

  • use my spare WRT54G v5 (which is flashed with dd-wrt micro)
  • buy a new WRT54GL (and flash it using Tomato – what I use now on my routers)

I’ll see. I still have a voucher for MediaMarkt that I need to use… ;)

Telenet pushed the button… and nothing happened

Telenet has launched a big campaign, known as Telenet drukt op de knop (Telenet pushes the button) touting that their product line would be dramatically altered. Rumours flew around like a scrapping of the limits they impose, doubling of speeds, …

In the end, it’s basically just a big non-event: they multiplied the speed of their lowest subscription by 4, going from 256kbit to 1mbit… but keeping the ultra-low limit of 400 megabytes. Yes, that’s correct, megabytes.
They also increased the upload speed of the other subscriptions.

So now these people will be able to get a lot faster on smallband (56kbit connection), or buy blocks to increase their limits… and increase Telenet’s revenues – ofcourse!