Tuesday, August 18, 2009

Gigabit Router - DGL-4100

I just replaced my aging existing router with a shiny new D-Link gigabit DSL-4100. The obvious point here is that PCs with gigabit network connections connected to this router can then share files much faster than with the old 100M router. Good. What I didn't expect was to have web surfing sped up, but in fact, it is. Now the downlink from the web hasn't changed, at most, it's a 9M link anyway, and although a single hop speed has increased, you wouldn't think this would have such a large effect.
What's giving me the speed increase is the QOS implementation and probably general hardware speed of the router. I've set up the router to prioritise outbound traffic based on a few simple rules, shown below.

The rules specify priorities (lower number, higher priority) for IP address source, target and port. The rules I've used are (highest to lowest priority)
  • VOIP - all traffic from my VOIP ATA at highest prioriy, 10
  • DNS - all UDP DNS lookups at high priority, 100
  • ICMP - all ICMP requests at high priority, 100
  • PDC - all traffic from my primary domain controller at medium priority, 200
  • HTTP and SSL - all websurfing at medium priority, 200
  • Everything else, like bittorrent on my PC at default low priority, 255
This works really well for me. For example, I can now have my bittorrent client open and filling my outbound bandwidth to the max (256M), and then open a bunch of tabs in a browser as normal. Previously, it would have taken a lot longer for all the pages to load because of the torrents flooding the uplink. Now I can watch the torrent bandwith meter die right back as the router throttles it. The same goes when I'm using the phone, I can see the bittorrent client get notched back about halfway, as VOIP doesn't use all the pipe, but gets exactly what it requires.
Note, if you are looking here for help with your DGL-4100, FIRST upgrade your firmware to the latest!! If you are trying to get a VPN pass-through to work, you should try turning off the IPSEC ALG under Advanced/Firewall as your VPN client probably supports NAT traversal. TO get my VOIP ATA working, I had to forward the main port under Advanced/Virtual Servers, and the SIP port range under Advanced/Gaming.

[update - removed the PDC entry as network would starve for bandwidth when PDC was doing a large update!]

No comments: