Hello,
I am curious to know how many client machines can the MTNL triband routers practically support in a LAN in order to give decent internet connectivity to all?
There is a LAN network where there are around 7 machines using static ips (not LInux) and the triband router is the gateway machine also attached to the LAN. When connected directly to a machine the internet connectivity is good but when all machines are up internet takes a long time to resolve and speeds are in bursts. When it keeps searching for the web page or there is no connectivity, one cannot even log into the router. Pinging the router is fine. The router too has been replaced by MTNL. The entire setup is spread across 4 floors. Initially the LAN wiring was suspected but the crimping of the router cable was done again and otherwise, internal file sharing works perfectly.
I am suspecting that the router gets overloaded trying to NAT so many requests, given its tiny architecture. Should I install a separate router to this LAN? Are the separate routers designed to handle large NAT traffic? I want to avoid holding up one machine for internet sharing.
Regards,
Rony.
GNU/Linux ! No Viruses No Spyware Only Freedom.
On Thu, Mar 12, 2009 at 9:00 PM, Rony gnulinuxist@gmail.com wrote:
Hello,
I am curious to know how many client machines can the MTNL triband routers practically support in a LAN in order to give decent internet connectivity to all?
There is a LAN network where there are around 7 machines using static ips (not LInux) and the triband router is the gateway machine also attached to the LAN. When connected directly to a machine the internet connectivity is good but when all machines are up internet takes a long time to resolve and speeds are in bursts. When it keeps searching for the web page or there is no connectivity, one cannot even log into the router. Pinging the router is fine. The router too has been replaced by MTNL. The entire setup is spread across 4 floors. Initially the LAN wiring was suspected but the crimping of the router cable was done again and otherwise, internal file sharing works perfectly.
I am suspecting that the router gets overloaded trying to NAT so many requests, given its tiny architecture. Should I install a separate router to this LAN? Are the separate routers designed to handle large NAT traffic? I want to avoid holding up one machine for internet sharing.
Hi rony, Based on what you are describing, i suspect the built in DNS resolver on the router. They are the usual culprits, and when you combine them with the already flaky(sometimes) DNS servers of mtnl, it's a messy mix. Do try to specify a static DNS configuration, with MTNL and OpenDNS servers, and see how the performance is.
Regards R. K. Rajeev
Regards,
Rony.
GNU/Linux ! No Viruses No Spyware Only Freedom.
Rony,
I would suggest using openDNS server. It should be of some help. I can't comment much on the above setup you have mentioned, haven't seen or setup one. Also, there probably would be a switch for local networking between computers and that switch should probably have some sort of a WAN switch.
If one of the computers can be directly connected to the internet (MTNL router) and if it could run a proxy server for serving internet to other computers, that should do some good. Ofcourse, the squid proxy should run on any of the distros possibly allowing different configuration options for it.
On Thursday 12 March 2009 21:00, Rony wrote:
Hello,
I am curious to know how many client machines can the MTNL triband routers practically support in a LAN in order to give decent internet connectivity to all?
There is a LAN network where there are around 7 machines using static ips (not LInux) and the triband router is the gateway machine also attached to the LAN. When connected directly to a machine the internet connectivity is good but when all machines are up internet takes a long time to resolve and speeds are in bursts. When it keeps searching for the web page or there is no connectivity, one cannot even log into the router. Pinging the router is fine. The router too has been replaced by MTNL. The entire setup is spread across 4 floors. Initially the LAN wiring was suspected but the crimping of the router cable was done again and otherwise, internal file sharing works perfectly.
I have 25+ machines on a 256k adsl. It has about the same performance as a good dialup (or cdma). Of course a linux dns + proxy + firewall sits in between. The dlink adsl just forwards a few ports. working very well or several years.
I am suspecting that the router gets overloaded trying to NAT so many requests, given its tiny architecture. Should I install a separate router to this LAN? Are the separate routers designed to handle large NAT traffic? I want to avoid holding up one machine for internet sharing.
More likely doze boxes pissing packets all over the net.
With my above setup, i get about 35% blocked traffic. Also since large number of sites are blocked, the doze boxes are prevented form harvesting their usual payloads. eg. av and firewall packages which are uninstalled but leave all sorts of payloads intact.
jtd wrote:
On Thursday 12 March 2009 21:00, Rony wrote:
Hello,
I am curious to know how many client machines can the MTNL triband routers practically support in a LAN in order to give decent internet connectivity to all?
There is a LAN network where there are around 7 machines using static ips (not LInux) and the triband router is the gateway machine also attached to the LAN. When connected directly to a machine the internet connectivity is good but when all machines are up internet takes a long time to resolve and speeds are in bursts. When it keeps searching for the web page or there is no connectivity, one cannot even log into the router. Pinging the router is fine. The router too has been replaced by MTNL. The entire setup is spread across 4 floors. Initially the LAN wiring was suspected but the crimping of the router cable was done again and otherwise, internal file sharing works perfectly.
I have 25+ machines on a 256k adsl. It has about the same performance as a good dialup (or cdma). Of course a linux dns + proxy + firewall sits in between. The dlink adsl just forwards a few ports. working very well or several years.
So you have only one box actually talking to the ADSL. Will a hardware router help in my case? I will also try out openDNS as suggested by others.
On Fri, Mar 13, 2009 at 11:17 AM, Rony gnulinuxist@gmail.com wrote:
So you have only one box actually talking to the ADSL. Will a hardware router help in my case? I will also try out openDNS as suggested by others.
You are overloading the MTNL router. It cannot handle too many machines. Its supposed to handle only one machine. Anyway, the best way around this is get a small machine ( even a netbook would do ), install your favorite distro and then DONT NAT. Use squid proxy. I believe it can DNS cache too. I wouldn't recommend using OpenDNS ( i've my bones to pick with them :P ). You can use MTNLs DNS servers ( several of them ) and try how the performance is. Also you can block connection to the major update sites and allow them only during a particular interval ( maybe at night? ) and set the doze machines to update then.
Dinesh Joshi wrote:
On Fri, Mar 13, 2009 at 11:17 AM, Rony gnulinuxist@gmail.com wrote:
So you have only one box actually talking to the ADSL. Will a hardware router help in my case? I will also try out openDNS as suggested by others.
You are overloading the MTNL router. It cannot handle too many machines. Its supposed to handle only one machine. Anyway, the best way around this is get a small machine ( even a netbook would do ), install your favorite distro and then DONT NAT. Use squid proxy. I believe it can DNS cache too. I wouldn't recommend using OpenDNS ( i've my bones to pick with them :P ). You can use MTNLs DNS servers ( several of them ) and try how the performance is. Also you can block connection to the major update sites and allow them only during a particular interval ( maybe at night? ) and set the doze machines to update then.
Hmm, so I will have to put a box between the MTNL router and the LAN.
On Fri, Mar 13, 2009 at 11:26 PM, Rony wrote:
Hmm, so I will have to put a box between the MTNL router and the LAN.
That, according to me, is the best thing to do. The computer is more strong than the router to handle queries and forward requests. Especially, when the computer can run a distro with the Squid proxy along with fetching records from OpenDNS.
On Fri, Mar 13, 2009 at 11:26 PM, Rony gnulinuxist@gmail.com wrote:
Dinesh Joshi wrote:
On Fri, Mar 13, 2009 at 11:17 AM, Rony gnulinuxist@gmail.com wrote:
So you have only one box actually talking to the ADSL. Will a hardware router help in my case? I will also try out openDNS as suggested by
others.
You are overloading the MTNL router. It cannot handle too many machines. Its supposed to handle only one machine. Anyway, the best way around this is get a small machine ( even a netbook would do ), install your favorite distro and then DONT NAT. Use squid proxy. I believe it can DNS cache too. I wouldn't recommend using OpenDNS ( i've my bones to pick with them :P ). You can use MTNLs DNS servers ( several of them ) and try how the performance is. Also you can block connection to the major update sites and allow them only during a particular interval ( maybe at night? ) and set the doze machines to update then.
Hmm, so I will have to put a box between the MTNL router and the LAN.
why put another box. you could use one of the existing boxes for this
-- Regards,
Rony.
GNU/Linux ! No Viruses No Spyware Only Freedom.
On Saturday 14 March 2009 01:22, Harsh Busa wrote:
Hmm, so I will have to put a box between the MTNL router and the LAN.
why put another box. you could use one of the existing boxes for this
Bad policy, running a desktop user on a critical services machine. The user decides to play quake while watching some movie, while leaving open his wedding pics slide show.
On Friday 13 March 2009 20:59, Dinesh Joshi wrote:
On Fri, Mar 13, 2009 at 11:17 AM, Rony gnulinuxist@gmail.com
wrote:
So you have only one box actually talking to the ADSL. Will a hardware router help in my case? I will also try out openDNS as suggested by others.
You are overloading the MTNL router. It cannot handle too many machines. Its supposed to handle only one machine. Anyway, the best way around this is get a small machine ( even a netbook would do ), install your favorite distro and then DONT NAT. Use squid proxy. I believe it can DNS cache too. I wouldn't recommend using OpenDNS ( i've my bones to pick with them :P ). You can use MTNLs DNS servers ( several of them ) and try how the performance is.
All are equally rotten with round robin breakdowns.
Also you can block connection to the major update sites and allow them only during a particular interval ( maybe at night? ) and set the doze machines to update then.
-- Regards, Dinesh A. Joshi
On Sat, Mar 14, 2009 at 12:51 AM, jtd jtd@mtnl.net.in wrote:
All are equally rotten with round robin breakdowns.
Doesn't matter as long as you have SEVERAL of them in place and are running a DNS cache.
On Friday 13 March 2009 20:47, Rony wrote:
jtd wrote:
On Thursday 12 March 2009 21:00, Rony wrote:
Hello,
I am curious to know how many client machines can the MTNL triband routers practically support in a LAN in order to give decent internet connectivity to all?
There is a LAN network where there are around 7 machines using static ips (not LInux) and the triband router is the gateway machine also attached to the LAN. When connected directly to a machine the internet connectivity is good but when all machines are up internet takes a long time to resolve and speeds are in bursts. When it keeps searching for the web page or there is no connectivity, one cannot even log into the router. Pinging the router is fine. The router too has been replaced by MTNL. The entire setup is spread across 4 floors. Initially the LAN wiring was suspected but the crimping of the router cable was done again and otherwise, internal file sharing works perfectly.
I have 25+ machines on a 256k adsl. It has about the same performance as a good dialup (or cdma). Of course a linux dns + proxy + firewall sits in between. The dlink adsl just forwards a few ports. working very well or several years.
So you have only one box actually talking to the ADSL.
Yes.
Will a hardware router help in my case? I will also try out openDNS as suggested by others.
A "proper" router costs 30K ++++. And does less than a linux box with a few extra packages. DNS is just one of the problems. Running a caching dns will solve the intermittent zero access problems. It still wont help the speed problem without a block list for the doze boxes.
On Sat, Mar 14, 2009 at 12:48 AM, jtd jtd@mtnl.net.in wrote:
A "proper" router costs 30K ++++. And does less than a linux box with a few extra packages. DNS is just one of the problems. Running a
Oh really? A Linux box on a x86 / x86_64 cannot handle the several bazillion packets per second that hit a CISCO router. None of the motherboards actually have the amount of bandwidth that REAL routers have.
caching dns will solve the intermittent zero access problems. It still wont help the speed problem without a block list for the doze boxes.
agreed.
On Monday 16 Mar 2009, Dinesh Joshi wrote:
On Sat, Mar 14, 2009 at 12:48 AM, jtd jtd@mtnl.net.in wrote:
A "proper" router costs 30K ++++. And does less than a linux box with a few extra packages. DNS is just one of the problems. Running a
Oh really? A Linux box on a x86 / x86_64 cannot handle the several bazillion packets per second
Umm their BW must be bagazillions then. Considering that 2Mbps leased lines are a luxury in most places, you would have to munge a few cds physically thru the router to get that traffic.
that hit a CISCO router. None of the motherboards actually have the amount of bandwidth that REAL routers have.
partly true. However read previous para. A slow poke 33MBs (264mbps) pci slot will be able to handle a 100mbps local pipe blasting stuff out on a 2Mbps external link.
the bottle necks are elsewhere.
caching dns will solve the intermittent zero access problems. It still wont help the speed problem without a block list for the doze boxes.
agreed.
-- Regards, Dinesh A. Joshi
On Mon, Mar 16, 2009 at 7:01 AM, jtd jtd@mtnl.net.in wrote:
Umm their BW must be bagazillions then. Considering that 2Mbps leased lines are a luxury in most places, you would have to munge a few cds physically thru the router to get that traffic.
I was talking about the general case and not the specific case Rony mentioned. You could replace all CISCO / Juniper / whatever routers in India with x86 boxes and not have any effect on the overall efficiency of the network :)
partly true. However read previous para. A slow poke 33MBs (264mbps) pci slot will be able to handle a 100mbps local pipe blasting stuff out on a 2Mbps external link.
Well the I/O bus is the main bottleneck followed by the CPU. Again, I'm talking about the general case and not Ronu's specific case.
On Monday 16 Mar 2009, Dinesh Joshi wrote:
On Mon, Mar 16, 2009 at 7:01 AM, jtd jtd@mtnl.net.in wrote:
Umm their BW must be bagazillions then. Considering that 2Mbps leased lines are a luxury in most places, you would have to munge a few cds physically thru the router to get that traffic.
I was talking about the general case and not the specific case Rony mentioned. You could replace all CISCO / Juniper / whatever routers in India with x86 boxes and not have any effect on the overall efficiency of the network :)
partly true. However read previous para. A slow poke 33MBs (264mbps) pci slot will be able to handle a 100mbps local pipe blasting stuff out on a 2Mbps external link.
Well the I/O bus is the main bottleneck followed by the CPU. Again, I'm talking about the general case and not Ronu's specific case.
The PCIE 4x 2.0 (or whatever the latest incarnation is called) network card will give you 2GB/s or 16Gbps. This would require the memory to read/write at .5 nano secs. Current run of the mill ram speeds are 700Mhz or 1.4 nano secs, roughly 3 times slower. To me it seems that the big boys have witch craft + snake oil in their regular router boxes to make the ram run faster. We are not even talking of cpu inspecting packets as yet. The high end boxes do have multiple cpu and CAMs etc. But even there my bet is that the performance would be very bursty.
regular router boxes to make the ram run faster. We are not even talking of cpu inspecting packets as yet. The high end boxes do have multiple cpu and CAMs etc. But even there my bet is that the performance would be very bursty.
The switches and routers have dedicated chips for routing. The switch needs to examine only Ethernet address, but router needs to examine IP address and other info as well. They operate at wire speed (speed of electron flow) by using parallel processing and FPGA. No CPU can work at wire speed while examining the packet.
Warm Regards,
Mr. Mukund Deshmukh, Beta Computronics Pvt Ltd. 10/1 IT Park, Parsodi, Nagpur -440022 India. Web site - http://betacomp.com
Meet us at our Booth 10.1 A09 , CHINAPLAS 2009 , May 18 - 21, 2009, Pazhou Complex, Gaungzhou, CHINA.
On Tuesday 17 Mar 2009, Mukund Deshmukh wrote:
regular router boxes to make the ram run faster. We are not even talking of cpu inspecting packets as yet. The high end boxes do have multiple cpu and CAMs etc. But even there my bet is that the performance would be very bursty.
The switches and routers have dedicated chips for routing. The switch needs to examine only Ethernet address, but router needs to examine IP address and other info as well. They operate at wire speed (speed of electron flow) by using parallel processing and FPGA.
FPGA are orders of magnitude slower than fabbed devices. Therefore a fabbed cpu irrespective of arch will work faster than an fpga implementation. IF you take into account the need for cache memories on chip the fpga performs even worse.
No CPU can work at wire speed while examining the packet.
On Wed, Mar 18, 2009 at 3:23 PM, Rony gnulinuxist@gmail.com wrote:
Dinesh Joshi wrote:
Well the I/O bus is the main bottleneck followed by the CPU. Again, I'm talking about the general case and not Ronu's specific case.
You've got a typo there.
Yeah, sorry for that Rony!
-
Dinesh Joshi -
Harsh Busa -
jtd -
Mukund Deshmukh -
Rajeev R. K. -
Rony -
Roshan