At what point do you just stop upgrading Merlin FW?

[Grievous Angel]

I'm at Merlin 376.47. I'm at 27 days of rock solid uptime--and would be longer (possibly much longer) if not for power flickers and outages.


I've been watching with interest all the new upgrades but can't bring myself to do it. This version has all the features I want, and, as already noted, very stable for me. It's serving my family of four with their gaming, streaming, typical stuff, across about 3000 sqft of a single level home.

For this same reason I can't bring myself to upgrade my router either, though I'm sure I'd love the 68p (I'm on the AC66).

Router stability is such an issue so often, I'm loathe to change a damn thing at this point.

 

[AdvHomeServer]

I'm at Merlin 376.47. I'm at 27 days of rock solid uptime--and would be longer (possibly much longer) if not for power flickers and outages.


I've been watching with interest all the new upgrades but can't bring myself to do it. This version has all the features I want, and, as already noted, very stable for me. It's serving my family of four with their gaming, streaming, typical stuff, across about 3000 sqft of a single level home.

For this same reason I can't bring myself to upgrade my router either, though I'm sure I'd love the 68p (I'm on the AC66).

Router stability is such an issue so often, I'm loathe to change a damn thing at this point.

I know what you mean. When I still used my Asus RT-N56U on stock firmware, an Asus spokesperson often said there is no reason to upgrade if your current system works fine. Later, when I moved to DD-WRT on a couple of different routers, I had issues with some releases until I found a couple of older Kong releases. They do what I need quite well and I am reluctant to upgrade just because a new one is out. Especially, with DD-WRT, the newest releases have had issues reported on the DD-WRT forum, although the quantity of the reports is decreasing. Padavan's firmware is now on the RT-N56U, but the router is retired. If I ever put it back in service I would probably upgrade to Padavan's newest release unless issues were reported (unlikely since his versions come out pretty slowly).

Few things are more annoying than hearing a family member complain about the network being broken right after you changed something.

 

[RMerlin]

Check the changelog to decide whether you want to update or not. Primary reason to upgrade right now would be the security fix in 376.49_5.

 

[System Error Message]

I always update whenever a new firmware comes out, it usually helps a lot and sometimes brings performance improvements and security fixes. If things break when update than install the older version that worked.

Obviously id love to see a year of uptime but i find updating to be a lot more beneficial as long as i dont experience any unplanned downtimes.

 

[martinr]

I'm at Merlin 376.47. I'm at 27 days of rock solid uptime--and would be longer (possibly much longer) if not for power flickers and outages.


I've been watching with interest all the new upgrades but can't bring myself to do it. This version has all the features I want, and, as already noted, very stable for me. It's serving my family of four with their gaming, streaming, typical stuff, across about 3000 sqft of a single level home.

For this same reason I can't bring myself to upgrade my router either, though I'm sure I'd love the 68p (I'm on the AC66).

Router stability is such an issue so often, I'm loathe to change a damn thing at this point.

Good question. And so easily extended to updates to the operating system on, say, an iPhone or a Windows machine.

You might find some answers in this recent article:

http://netsecurity.about.com/od/secureyourwifinetwork/fl/Is-Your-Wireless-Router-Too-Old-To-Be-Secure.htm?nl=1

Here's an extract from it: "As with all Internet connected technology, hackers are continually finding bugs in things like the encryption algorithms used to secure networks, flaws in operating system software, etc. Manufacturers release patches to fix these holes, but if the user doesn’t install the patch, or upgrade their firmware to fix the issue, then they become vulnerable to attack."


Martin

 

[JohnOCFII]

At what point do you just stop upgrading?

I don't stop.

Once I have a stable environment, then I really slow down the pace of upgrades, often waiting 4 months to do an update, and always waiting at least two weeks after a release to see if others come up with bugs.

Using John's scripts to save and restore the NVRAM make the process pretty easy. For those upgrades that require a manual re-set -- well, that just takes a bit of planning.

The reason I try it stay fairly close is that eventually there WILL be a real reason to upgrade, and if you are 18 months behind, the possibility to have issues increases quite a bit, and the number of other folks going through the same changes will be fewer, so it can be harder to get assistance.

Just my two cents.

John

 

[L&LD]

I agree don't stop.

Nothing else stops, whether it is os updates, driver updates for client devices, security scares, or new devices that absolutely need the latest router enhancements to provide stable, secure and fast performance.

While four months is way too long for me to wait... , a couple of weeks or a less to see how a new release behaves for most is enough to recommend the upgrade to all my customers.

With this system, I've had much less hair pulling, all-nighters and trying to learn a years worth of stuff in a night, than simply telling my customers that next week, the network needs maintenance and testing, afterwards.

As a matter of fact, a now loyal customer was debating this method with me when they were deciding to hire me last year. They initially balked at a monthly or at least a quarterly (they went with monthly in the end) inspection, tuning of their systems stating that their system had been running for almost a decade previously without all this babysitting as they saw it. However, when they searched their records for the cost of keeping the network running over that time, with about a two to three year break between network and other computer maintenance, not new purchases, btw, my 12 times a year visits are cheaper by almost 70% of those historic averages. And they themselves stated that they have never had a network running as smooth and stable and as reliable, day after day, ever.


Ignore updates at your own risk. To your time, your digital security and possibly to your pocketbook too. YMMV.

 

[sinshiva]

openssl updates are a good reason, among other security fixes. the open source world has been hit pretty hard in general this last year. also, it's good practice for the router rodeo

 

[Grievous Angel]

I'm going to catch up tonight. After everyone is in bed and no one is around to scream at me.

Hell I might even go for the new beta.

Just hate to mess with a good thing.

On a similar train of thought--you guys think I'll notice anything by buying the 68p (over the 66u)? Along that same line of thinking--the 66U is meeting my needs--no one in my house is complaining. BUT THAT NEVER STOPPED 90 PERCENT OF THE FOLKS ON THIS SITE FROM GETTING THE LATEST.

I think I'd go for the 68p .. the 86u seems a little too bleeding edge for me.

 

[leszek]

I had no choice but to get 68p. I have an OpenVPN bridge setup between two houses that's used to share TV and media. With the 68p I get an average of 60% with spikes to 80% of CPU usage across both cores when using the full 50Mbits/sec FIOS bandwidth. With 66U I was limited to 14Mbits/sec and 100% CPU.

 

[janosek]

I just upgraded my ac66u from 47 to 49_5 when I saw nat loopback was fixed in .48

 

[AdvHomeServer]

On a similar train of thought--you guys think I'll notice anything by buying the 68p (over the 66u)? Along that same line of thinking--the 66U is meeting my needs--no one in my house is complaining. BUT THAT NEVER STOPPED 90 PERCENT OF THE FOLKS ON THIS SITE FROM GETTING THE LATEST.

I think I'd go for the 68p .. the 86u seems a little too bleeding edge for me.

I'm happily using a couple of refurbs, both with AC capabilities. There's nothing wrong with spending money on a hobby, but do you buy a new microwave oven for your kitchen whenever a new color or great popcorn options comes out?

If, for example, the security fix involves fixing a broken stateful firewall or uPnP is always on and the fix changes it, or Heartbleed 2 is discovered and your OpenVPN connection is compromised, then go for the security upgrade. The Heartbleed fix didn't amount to squat for people who were using routers with OpenSSL but were not using any OpenSSL features. It was a non-issue.

What would be an example of a some (several) security issues that realistically affected home routers and required a firmware upgrade? Downloading a trojan horse would happen with or without a high functioning router.

 

[Grievous Angel]

I jumped all the way to Beta 2 . . murdered my full month of up time.

New stuff looks slick though. I like the enhancements to the network map. I'm assuming all current (known) security fixes are rolled up into this new release.

 

[L&LD]

Yes, all known security and other fixes are included.

If you intentionally upgrade the firmware, that is not murdering uptime. That is scheduled maintenance.

 

[Trebuin]

Scheduled Maintenance:
theory:Fixing or making something better
fact at my work: Breaks everyone's work email. Per regs, all fix request outside our capability will be requested via official work email only. I've been email free for two weeks while tech requests the fix via snail mail. I'm expecting that will be rejected since the request wasn't sent via official digitally signed email.

 

[RMerlin]

Scheduled Maintenance:
theory:Fixing or making something better
fact at my work: Breaks everyone's work email. Per regs, all fix request outside our capability will be requested via official work email only. I've been email free for two weeks while tech requests the fix via snail mail. I'm expecting that will be rejected since the request wasn't sent via official digitally signed email.

Let me guess: Exchange?

 

[Trebuin]

Let me guess: Exchange?

Yes, via military

 

[RMerlin]

Yes, via military

And there's no POTS-based backup plan for formal requests? Better hope the Internet doesn't go down in case of an invasion

 

[Trebuin]

And there's no POTS-based backup plan for formal requests? Better hope the Internet doesn't go down in case of an invasion

You'd shake your head if you worked where I did. Most of the fixes involve smart people who know workarounds to fix things. No so well in the email case...but less work for me. Microsoft updates...far more effective than China at disabling the internet.

As far as backup plan...trouble ticket was submitted via telephone...we're probably 10,000 in the cue.

 

[AdvHomeServer]

Yes, all known security and other fixes are included.

If you intentionally upgrade the firmware, that is not murdering uptime. That is scheduled maintenance.

Even Microsoft allows enterprise users to selectively push through fixes after the corporate IT department tests them. In fact, given that each year it seems Microsoft is embarrassed because some patch Tuesday file broke a large number of PCs, it's considered a conservative practice to NOT blindly update.

Scheduled maintenance, defined as just downloading the next release or patch only because it's there, is a risky practice.

With respect to DD-WRT, the broadcom section of their forum has noted at least twice in recent weeks that an upgrade release may brick a router if it's simply loaded. One was pulled immediately and the other had (as of yesterday) a public warning it may brick routers that fall into an almost undecipherable group.

The moral, just because it's new doesn't mean you need to be first. Although, my personal thanks if you are because I need to know if it works or not and I'm not going to be first.

Re Microsoft patch Tuesday: I go to a site called Ghacks.net every month. If It's a bad batch of updates, the news will come out quick and they write about it. Computerworld and others also write about especially bad patches. If a week or so passes with no post, I take a chance. I don't know where people b*tch about bad Exchange patches - maybe Computerworld or Infoworld.