Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless Reviews

In Use

A requirement of is you have to keep your home wireless router or access point powered on and connected to the Internet. This makes sense, as the remote wireless router or access point needs to tunnel your traffic back to your home wireless router or access point, as shown below.

Using wireshark, it looks like devices send small UDP messages to the network every 60 seconds, as shown below. Anyfi says these keep-alive messages meant to keep the communication channel through the NAT open. The device in the below packet capture is and the mobility server is

Registration Packets

Registration Packets

I experienced inconsistent results remotely connecting my Windows 8 laptop and iPhone via In some tests, my laptop and iPhone immediately were able to connect to my home network. This is when the value of was apparent. I was able to connect to my home Wi-Fi network even though I wasn't at home. I didn't have to enter a new Wi-Fi password or pay to join a hotspot, I was online without any configurations on my part!

In other tests, my laptop and/or iPhone intermittently could not see my home SSID, and thus could not connect to my home network. I contacted about this issue, they reported it was likely a "NAT issue... 'disappearing SSID' is typically what happens when the visited AP fails to reach the home router."

In other words, my inconsistent results were likely due to my home firewall. I had installed the TP-Link behind my home router (a Linksys WRT310N), so the TP-Link was sitting behind another NAT (network address translations) router. For a remote wireless router or access point to set up a tunnel to your home wireless router or access point, an end to end connection must be setup between the remote and home wireless router/access point. Thus, a firewall between two devices can interfere with the connection. Without a firewall between the remote and the TP-Link, I had consistent connectivity to my home network with both my laptop and iPhone.

Depending on how you deploy, a firewall may not be an issue. If you deploy an wireless router directly connected to the Internet, remote wireless routers or access points should have no problem connecting to it. On the other hand, if you deploy a wireless router or access point behind a firewall as I did, that firewall can interfere with connectivity. is working on a solution they call their "supernode feature" that routes Wi-Fi tunnel traffic through a server with a public IP, which can possibly overcome firewall issues.

Wi-Fi Tunnel

An interesting aspect of is the Wi-Fi tunnel to your home network. Your Wi-Fi device gets an IP address from your home network and you have access to everything on your home network. Essentially, it works like a VPN tunnel. The security isn't as tight as an IPSec VPN tunnel, as it uses Wi-Fi encryption, but it is a simple means of connectivity to your home network.

I see pros and cons to this Wi-Fi tunnel. A pro is you have an easy tunnel to your home network without VPN hardware, software or configurations. Another pro is the remote network you are visiting stays secure. Remote networks allowing connections are safe from those visiting clients, as those visiting clients only have access to their Wi-Fi tunnel.

The biggest con I see to the Wi-Fi tunnel is bandwidth. When connected to your home network, all your traffic goes through the Wi-Fi tunnel to your home network. When surfing the Internet while visiting another network, your Internet traffic is going through the tunnel to your home network. That means the web pages you download are first being downloaded to your home network, then uploaded from your home network to the tunnel, then downloaded by your laptop, smartphone, or tablet. The bottom line is the fastest you'll be able to surf while roaming is limited to the upload speed of your home network. In my case, I have DSL with 12 Mbps download and 600 Kbps upload. Thus, the fastest I am able to remotely surf via is about 600 Kbps.

If you're deploying on an access point, there are configurable Quality of Service settings to minimum and maximum bandwidth limits from mobile users for access points, shown below. However, these QoS options don't exist on wireless routers, which seems a bit odd. The TP-Link router I tested with software did not have these options.



Out of curiosity, I measured throughput over an Wi-Fi tunnel. I used my usual throughput measuring tool, iperf with default TCP settings. I ran iperf on two PCs running 64-bit Windows 7 with their software firewall disabled. My Wi-Fi tunnel was between the Ubiquiti AP and the TP-Link wireless router, both connected to the same wired LAN as shown in the diagram below.

Updated 9/2/2013 tunnel throughput test setup tunnel throughput test setup

The best TCP throughput I measured in this optimal condition was 2.47 Mbps in either direction, shown in the screenshot below. 2.47 Mbps is not great, but it is fine for general web surfing.



[Note, running a simple iperf throughput test between two PCs uses the command iperf -s on one PC and iperf -c (ip) on the other PC. Note also, the PC connected via Wi-Fi was about three feet from the AP.]

To put this measurement into perspective, I also ran a reference wireless performance check and measured around 22 Mbps from the wireless client to wired client on the LAN. Wired throughput between the two machines used when both were connected to the Gigabit Ethernet switch was 359 Mbps.

Referrence Wi-Fi throughput test setup

Referrence Wi-Fi throughput test setup


I had the benefit of communicating with Björn Smedman, the CEO and Co-founder of, who filled me in on's security. supports Open, WPA, WPA2 and EAP/RADIUS Wi-Fi security. doesn't support WEP because they feel it's not sufficiently secure.

Open networks are allowed only on carrier tunnel termination gateways, not on normal wireless routers or access points. Encryption over the Wi-Fi tunnel utilizes the 802.11 AES (or TKIP) encryption, all the way from the mobile device to the home wireless router or access point.

Further,'s Mobility Control Server does not know your home Wi-Fi password, only your SSID and the MACs of devices that have already accessed your network. Thus, even if's servers were compromised, there isn't any information in them that has the password to your Wi-Fi network.


I have two concerns with related to the Wi-Fi tunnel. One, the issue with firewalls could be a concern if you're using a wireless router or access point behind another NAT/firewall as the home Wi-Fi device. Based on my tests, I recommend that your home wireless router or access point(s) are not behind NAT/firewalls.

Two, performance through a Wi-Fi tunnel isn't blazing fast. It can be sufficient for Internet surfing, but remember an Internet connection with a slow uplink can impact download performance. Anyfi says it has a solution for the uplink limiting problem for service providers. When they integrate software in residential gateways, the ISP can install a 1U rack mount box (the Optimizer) that can open Wi-Fi tunnels and break out Internet-bound traffic centrally.

There are multiple options on how to get a wireless router or access point with software. If you want to purchase a router preloaded with, Inteno offers the VG50 and DG301. is working with Inteno on including their software in more models and is in discussion with other Wi-Fi vendors to include welcomes other vendors to integrate their software as well. According to's website, software is "available to all (wireless router and access point) vendors under a no-charge royalty-free license". Vendors are invited to follow's step-by-step integration guide at engineers are available to work with integration and licensing as needed. software is also integrated into CarrierWrt firmware. CarrierWrt bills itself as a stable version of OpenWrt firmware. The TP-Link wireless router I tested is an 802.11n Wi-Fi gateway router, loaded with CarrierWrt software based on OpenWrt 12.09. There are versions of CarrierWrt for other makes and models of wireless routers and access points available for free download on CarrierWrt's download page.

Even with my two concerns stated above, I like's notion of having your "home Wi-Fi everywhere." I would love to not pay for both home Internet and a data plan on my smartphone. If can increase the availability of Wi-Fi and drive down the cost of Internet/data access, I'm all for it!

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hi all.I have a 420/35 line and for some reason lately I've been having issues where the speed will randomly drop.I did have an issue with LAN 1 dropp...
Since I bought the DES-1210-28P (hardware version B1) switch back in 2013, the fans have always run at full speed and are stupidly loud. The switch is...
Hey, question to the owners.As far as I understand the RT-AX89X is in fact the best mainstream router right now? The only minus is uncooked firmware, ...
I was curious other than the interface skin and cosmetics, are there any differences between the normal AX58U and the TUF edition. And can the TUF Fir...
Hi all,I'm running the latest standard merlin on my AC86U alongside my older dsl-N55U which I managed to bridge a few months back.For a long long time...

Don't Miss These

  • 1
  • 2
  • 3