project is an effort aimed at helping to solve a number of different
problems in current home router distributions, but its primary focus is on
problem of excessive buffering of network packets is endemic on the
Internet as a whole, but it is much easier to start addressing the problem at
the home router end, especially considering the easy availability of Linux-based
firmware distributions. Beyond bufferbloat, though, CeroWrt also enables
experiments with two "next generation" Internet features, IPv6 and DNSSEC.
CeroWrt is built atop the OpenWrt
project's router firmware. It uses the OpenWrt development version
("Attitude Adjustment") with extras added by the CeroWrt team. Unlike
OpenWrt's extensive list of
supported hardware, CeroWrt focuses on supporting just two router
Netgear WNDR3700v2 and WNDR3800. Both are capable devices with free
driver support for all of the hardware and, importantly, the wireless
The most recent release is 3.3.8-10 from
July 9. There is a 3.3.8-11 version available, but project lead Dave Täht suggested that people steer clear until a
problem with the 5GHz wireless AP is resolved. Installing CeroWrt is
fairly straightforward, either through the web-based GUI by uploading the
"sysupgrade" image, or via tftp using the "factory" image.
Once the device has been flashed, one can connect to it on its default
address, 172.30.42.1. CeroWrt specifically chose
to avoid the other blocks of non-routable IP addresses (10.0.0.0/8 and
192.168.0.0/16) so that it can be experimented with in existing networks.
Most home networks live in 192.168.x.y space and the 10.x.y.z addresses are
often used by Internet backbones. The web UI is hosted on port 81 (and
only available on the inside of the network, not via the WAN) so that users
can use port 80 for their own router-based web site if they wish.
The web UI is very similar to that of the current OpenWrt "Backfire" (10.03.1)
release that I run on my venerable Linksys WRT54GL. The UI is built using LuCI, a Lua-based tool for
building web interfaces for embedded devices.
LuCI is noticeably snappier on the WNDR3700v2 that I used for CeroWrt
testing than it is on the WRT54GL—presumably due to a faster CPU. The
interface provides a great deal of status information, as well as allowing
users to change various configuration settings. Everything from updating
the firmware and checking firewall rules to changing DNS settings and
examining system logs is available through the interface. In addition,
there are various realtime graphs of system load, network connections,
bandwidth usage, and so on.
steps after connecting to the router are some predictable things like
setting the root password and adding wireless passwords, but there is
another important step: enabling and configuring Active Queue
Management (AQM). Essentially, one must determine the download and
upload speeds (using something like SpeedTest.org) of the Internet link
to plug into the web form and enable AQM. Testing bandwidth that way is
static, so dynamic changes
are not reflected, which is sub-optimal and the project is looking at
better tests and ways to set those values automatically. It should also be
noted that in limited testing, no real difference was apparent (even when
copying large files while doing something interactive) with AQM enabled or
disabled—more study is clearly required.
The wireless networking setup is rather different than what OpenWrt (at
least for Backfire) provides. There are four separate SSIDs for various
kinds of WiFi access. CEROwrt and CEROwrt5 provide normal
access for 2.4 and 5GHz respectively, while CEROwrt-guest and
CEROwrt-guest5 are for guest access.
By default, they
all act as open access points and do not require a password, but enabling
WPA2 for the non-guest SSIDs (at least) is suggested. There are also two
SSIDs which are there to support mesh
The guest SSIDs correspond to the guest zone in the firewall
configuration. By default, guest traffic can only go to the Internet, so
it does not have access to other devices on the local network. That allows
one to give access to visitors (and neighbors) without risking unauthorized
access to systems behind the firewall. The 172.30.42.x address space is broken
up in to separate sub-networks such that each SSID gets its own set of
30 IP addresses, as does each set of
wired, mesh, and DMZ devices.
But the main focus of CeroWrt is to experiment with solutions to the
bufferbloat problem. To that end, it uses the 3.3.8 kernel (the CeroWrt
release numbering follows that of the underlying kernel) with the addition
of the controlled delay (CoDel) AQM
algorithm. CoDel requires
the byte queue
limits feature that was added in the 3.3 kernel.
But there are additional goals for the project, and IPv6 support
("make IPv6 networking in the home as simple as IPv4") is near
the top of the list. While it isn't as "simple" as IPv4 (yet), the instructions
are pretty easy to follow to have the router use a 6in4 tunnel, as well as
to provide IPv6 on the local net. That makes CeroWrt a nice choice for
experimenting with IPv6 as well, though some UI support to configure it
would be welcome.
There are other features to experiment with as well, including DNSSEC and the mesh
networking, though I didn't try those out.
Overall, the experience of switching over to the CeroWrt-powered router
was done with very few hitches—other than a balky router
"authentication" web application at my ISP. The addition of 5GHz WiFi is
welcome (though my ISP is typically the bottleneck anyway), as is the
availability of a guest zone. In fact, I haven't moved back to the old
router, though I probably will at some point so that the WNDR3700v2 can be
used for experiments without upending "Words with Friends" in the other
room. The router is cheap enough that getting a second (or more likely a
WNDR3800 at less than $150) to replace the
WRT54GL is certainly a possibility. Though messing around with mesh
networking between them might still result in spousal complaints.
Täht's 3.3.8-10 release announcement outlined the way forward (or a way
forward) for CeroWrt. There is lots of work to be done, but the
bufferbloat projects, including CeroWrt, are not funded, currently. That
is clearly making it difficult for Täht to continue working on
CeroWrt—at least to the level he would like.
While it appears that there are lots of volunteers and companies helping
out, the overall project maintainer role is languishing to some extent.
But, as he points out, all of the CeroWrt work is being pushed upstream to
OpenWrt (and CeroWrt frequently merges back as well). The two projects
are focused in different areas, but there is clearly some synergy between
them, which is likely to help both. It is a bit unclear when a "stable"
CeroWrt release might be forthcoming, but it is pretty usable in its
current form. What it most needs, perhaps, is some developer time and,
possibly, some funding.
Comments (2 posted)
There are a ton of reasons why Debian may have an older version of
an upstream release. For example, and I hasten to point out that
the following list is by no means exhaustive, and not all of the
possibilities are common:
* The Debian package maintainer is dead, but nobody noticed it yet, and
nobody has wanted an update badly enough to do an NMU or to adopt the
* The upstream release is actually a fake. It's a trojan, which was
put there by the NSA in order to infiltrate the CIA mainframe. The
Debian package maintainer noticed this and uploaded that version of
the package to non-free instead of main, since the trojan code does
not come with proper source.
* Upstream has moved the RSS feed for new releases without notifying
the old feed of the move, so the Debian package maintainer missed that,
and doesn't actually know about the new release. Due to a complicated
series of happenstance involving rainbows, midget unicorns, and the
ongoing rewrite of the Netsurf web browser, the Debian package maintainer
is not able to find the new feed because it would require doing a
web search and their browser doesn't have working form support now.
No other browser is available on the Amiga they're using as their only
* The new release is requested by insistent Hurd porters, and the Debian
package maintainer absolutely loathes the Hurd, and will refuse to
upload any packages that work on the Hurd.
* The Debian package maintainer suffers from mental problems cause by
reading debian-devel too much, and now has a nervous breakdown every
time they recognize a name as someone whom they've seen on the list.
* The Debian development process is being sabotaged by Microsoft sending
people to the developers' houses pretending to be TV license checkers
or Jehova's witnesses every time they detect, using the hardware
wireless keylogger embedded in every PC, that the developer is trying
to run any Debian packaging command.
* Apple is also sabotaging Debian by paying me to write snarky e-mails on
Debian mailing lists to distract everyone from working on the actual
release, so that we can get past the freeze and start uploading things
again without having to worry that it breaks things in ways that
makes the freeze longer.
-- Lars Wirzenius
Comments (1 posted)
The Debian project is attempting to rewrite its trademark policy to be "as
free as possible" while still protecting the project's identity; project
leader Stefano Zacchiroli has just announced a new draft for consideration.
"The objective of this trademark policy is to encourage widespread
use and adoption of the DEBIAN trademarks, styles, and logos (hereinafter
``trademarks'') while ensuring consistent usage which avoids any confusion
in the mind of the users. The goal of this policy is to encourage use of
the DEBIAN mark in commercial or non-commercial activity based around
Full Story (comments: 5)
The Debian release team reports that wheezy still has far too many RC bugs;
"As mentioned in the freeze announcement [RT:FRZ], the number of RC
bugs in wheezy is still significantly larger than would normally be
expected at the start of a freeze. Please feel encouraged to fix a bug (or
three) from the list [BTS:RC] to help get issues resolved in
" They also tell us that Debian 8.0 (wheezy+1) will be
known as "Jessie".
Full Story (comments: none)
The minutes from the July 30 meeting of the Fedora Engineering Steering
Committee show than an impressive list of new features has been approved for the
Fedora 18 release. New goodies in F18 will include Samba4
, the Linux Trace Toolkit
next generation (LTTng)
Full Story (comments: 16)
Colocation America is now a sponsor of Fedora Infrastructure with the
donation of a server in their Los Angles data center. "We have put
this server to use as a proxy and application server, so if you are going
to any fedoraproject.org sites and you are in North America you will likely
be accessing us from there.
Full Story (comments: 1)
Newsletters and articles of interest
Comments (none posted)
Ars technica has brief look
at the world's fastest x86-based supercomputer and Europe's fastest supercomputer—not to mention the 4th most powerful in the world. The SuperMUC, which runs SUSE Linux, is located at the Leibniz Supercomputing Centre (LRZ) of the Bavarian Academy of Sciences. "A statement issued by SUSE says that the supercomputer has a unique cooling system inspired by human blood circulation that significantly reduces energy consumption. The supercomputer is reportedly designed so that some of the energy can be recaptured and used to heat buildings at the LRZ campus. The statement also says that the SuperMUC has 155,000 processor cores capable of delivering a total of 3 petaflops of processing power. A report on Slashdot indicates that the computer has 324 terabytes of memory.
Comments (1 posted)
Page editor: Rebecca Sobol
Next page: Development>>