Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless Reviews

QoS

A key element to Cradlepoint's WiPipe technology is Quality of Service, or QoS. According to Cradlepoint's whitepaper, WiPipe equipped routers can employ dynamic QoS functionality when using the 3G/4G modem for Internet access. In addition, the MBR900 supports Wireless Intelligent Stream Handling (WISH) and detailed Traffic Shaping. These features all come courtesy of the Ubicom CPU.

Dynamic QoS is an interesting concept. Cradlepoint's whitepaper states a “WiPipe powered router is capable of identifying the wireless environment in which it is deployed, and … can automatically self-configure for best performance.”  As shown in my speed tests results, the MBR900 performs as well as a far more powerful laptop connected to the same USB modem.

By default, WISH prioritizes HTTP and Windows Media Center traffic over the WLAN. Custom rules can be applied to all protocols, TCP, UDP, TCP and UDP, ICMP, or a specific protocol. A custom rule can be applied to a specific IP address or range, as well a specific port or port range. Four different priorities can be assigned to a wireless traffic type, from Background (low priority) to Voice (top priority.)

The traffic shaping feature has both an automatic element and a manual configuration element. The automatic element, as previously described, attempts to estimate your upload speed and determine whether you have a Cable or xDSL Internet connection. I enabled auto, which required a reboot, and observed the below screen when the router came back up.

MBR900 Traffic shaping

Figure 11: Traffic shaping

As previously mentioned, the router somehow determined my upload speed on my DSL connection to be 1518 Kbps when it actually was 650kbps. It was even further off when estimating the upload speed on the USB modem.  Thus, if using traffic shaping on the MBR900, you’re better off manually entering your connection speeds.

Manual traffic shaping is done by specifying your Internet connection speeds and via detailed traffic shaping rules. Traffic shaping rules use similar options as WISH rules and can be applied to all protocols, TCP, UDP, TCP and UDP, ICMP, or a specific protocol. Traffic priority is assigned a number from 1-255, with 1 being top priority. Traffic shaping rules also require specifying source IP and port ranges, as well as destination IP and port ranges.

Security

The MBR-900 has quite a few options for managing traffic flows on the network.  There are nine different menus for controlling security functions on the router.  Those menus are Access Control, Firewall, Gaming, Inbound Filter, MAC Address Filter, Special Applications, Virtual Server, and Web Filter.

The Access Control menu enables creating and applying a detailed filtering rule that can be run on a specific schedule; applied to one or more hosts on the LAN; log, filter, or block all web traffic; block traffic to specific IP and port ranges; and log web access. 

For example, an Access Control rule is needed to apply Web Filtering to specific PCs on the LAN.  I created the below rule to apply web content filtering to a specific PC, as shown below.

MBR900 Access control policy

Figure 12: Access control policy

The Firewall menu has numerous radio button and check box options for enabling/disabling functions such as Stateful Packet Inspection, UDP and TCP endpoint filtering, as well as the ability to create a DMZ for a single PC.  Enabled by default are application layer gateways (ALG) for PPTP, IPSec, RTSP, MSN, FTP, H.323, SIP, WOL, and MMS. 

Sometimes ALGs improve connectivity for various services, sometimes they interfere.  In my day job, we often advise VoIP customers to disable SIP ALGs in their routers.  I was impressed that even with the MBR-900’s SIP ALG enabled, I was able to use my company VoIP phone.

Gaming options enable opening the firewall for 27 common network based games, shown below.  Custom games rules can be created for other applications based on TCP and UDP ports.  Game rules can then be applied to specific PCs and on a custom defined schedule.

MBR900 Firewall gaming rules

Figure 13: Firewall gaming rules

Inbound filters can be applied to restrict inbound traffic to predefined IP addresses or ranges.  Further, devices can be allowed or denied Internet access with the use of the MAC Address Filter.

Application rules can also be created.  These are similar to Gaming rules, but instead of applying the rule to specific devices, the rule is applied to all devices connected to the MBR.  There are six prebuilt applications (AIM, BitTorrent, Calista, ICQ, MSN, and PalTalk), and more can be created based on TCP or UDP port numbers.

Virtual Server rules can also be created, which is a nice way to set up port forwarding.  Twelve typical network server applications are prebuilt, such as Telnet, HTTP, DNS, etc.., for forwarding specific outside traffic directly to an internal server.

The Web Filtering menu is where content filtering is enabled and customized.  The MBR-900 uses OpenDNS for web traffic filtering.  Enabling OpenDNS connects the MBR-900 to the free OpenDNS service.  I have been using OpenDNS free service in my home for some time, and I was pleased to see it built in to this router.  Instead of filtering traffic based on URLs, OpenDNS won’t resolve objectionable websites, instead returning a warning page as shown below.

MBR900 Access block message

Figure 14: Access block message

With OpenDNS enabled on the MBR-900, the device will use OpenDNS’ DNS IP address and one of 5 different levels of filtering, labeled minimal, good, better, best, or custom, as shown below.  You’ll also notice after you’ve enabled OpenDNS that the DNS IP addresses have changed on the MBR’s WAN interface. 

OpenDNS content filtering options

Figure 15: OpenDNS content filtering options

In addition to OpenDNS web content filtering, the MBR-900 allows you to create a whitelist or blacklist of specific URLs.  If a whitelist, then the router will only permit access to the listed sites.  If a blacklist, the router will block access to the listed sites and present a web page such as the one shown below.

Website block message

Figure 16: Website block message

I've tested several UTM (Unified Threat Management) security devices, which usually come with a monthly subscription fee for features like web content filtering.  The MBR900 provides all the above security features without any additional monthly costs.

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Split-horizon DNS, split-view DNS, split-brain DNS, or split DNS is the facility of a DNS implementation to provide different sets of DNS information ...
Hi,Is it possible to do inbox replace/upgrade to any newer QNAP or any other DIY NAS version?I would like to replace the h/w with the better one and u...
Hello, been reading for a long time, got 6x RT-AC68U with 384.17No problems but an annoying issue, so lets jump in at the deep end. 4g providers are m...
Since today I get the "curl: (60) SSL certificate problem: certificate has expired" error on one site:Code: # curl -v https://www.myip.ms/files/black...
I'm in a special situation and any idea might help me a lot.I have an EA2750 router (I don't remember the exact firmware version, but it's one of the ...

Don't Miss These

  • 1
  • 2
  • 3