Forum Replies Created

Viewing 7 posts - 16 through 22 (of 22 total)
  • Author
  • in reply to: Bonded ADSL Performance (UK) #45512

    Your problem could be induced by out of order packets, slowing down the TCP connection.

    perhaps you should try with an UDP connection, and see if you get the normal bandwith.

    in reply to: zeroshell with iftop? #46113

    IPtraf is nice, but it does not give you interesting details about each QOS queue lenght on the router.

    This information is very usefull to fastly find a bootleneck.

    Another interesting parameter is the induced jitter for each class of traffic.

    As soon as a queue has too many paquets in it, you know that you should do something to solve the problem.

    Queue statistics is the key to set a good QOS system.

    IPtraf or all other external monitoring system will not give you an inside view of the router QOS queues.

    That’s why it is important to monitor those parameters through SNMP or similar protocols.

    in reply to: zeroshell with iftop? #46111

    IFTOP is nice for rapid manual checks, but monitoring QOS queue parameters with SNMP is really a must to detect problems in the traffic.

    in reply to: Linux QOS is not efficient enough for VoIP over shared WANs #46161

    Who is using 400 Mhz PC computers today ? You can find second hand computers, with miniature desktop cases, 1.6 Ghz Intel Pentium 4 processors, 256 or 512 Mo DRAM, for less than 100 euros.

    They are not power hungry, and you can do a lot more than linksys soho routers and similar embeded products with them.

    As soon as you are using OpenVPN on small embeded routers, the performance drop because the processor is not fast enough.

    That’s why i think that for small enterprise routers, specially if you need VoIP and VPNs at the same time, it’s better to use standard PC hardware with a distribution like zeroshell.

    If you try to use small soho embeded routers in the field with this setup, you will see that it does not work correctly as soon as the traffic rise to a few simultaneous calls with VPN traffic at the same time.

    Zeroshell, Vyatta, and similar projects do not have this limitation.

    More i’ve found the Zeroshell GUI very clear, fast and easy to use.

    Behind the professionel usefullness of projects like zeroshell, there is a fantastic opportunity for informatic enthousiasts to learn more easily the IP network technologies.


    in reply to: Linux QOS is not efficient enough for VoIP over shared WANs #46158

    I know quite well Openwrt, and DD-WRT. The last one do not have a perfect stability, is not as polyvalent, but the GUI is better.

    The first one do have a good stability, but does exhibit ping latence rising after some days of use.

    Kamikaze, the next openwrt version, should be better, but is still beta, bugged, and miss some usefull libraries, like ncurses, so that we can’t use MTR or similar tools on it. It does not support broadcom wifi on the 2.6 kernel neither.

    I’m almost sure that the linksys do not have a hardware level 3 wired router in it. According to my knowledge, only the integrated level 2 switch is fully hardware.

    When you need to route with Openwrt and linksys hardware, the level2 traffic is going to the 200 Mhz risk processor for serial processing through vlan traffic inside a shared 100 Mbps link to the 5 ports switches.

    Zeroshell does the same function, but do have a really better interface, is easy to install and use a more standard Linux environement. It does not have the shared 100 Mbps limitation : you can use 1 Gbps network cards, and each card has full bandwith.

    More, it will run on normal PCs; using 2 Ghz or more processors, lot of memory…

    To get the level of performance you are talking about, you need to use Cisco or Juniper like products, with DSPs inside. This is not the same price… And not really easy to use.

    in reply to: QOS via DSCP #46089


    One bad thing i’ve found on hardware level3 multi-wan routers, is the lack of polyvalence to setup the link down state detection.

    Some routers only watch for PPPOE session state. This is clearly not a good method for broken link detection, because the PPPOE session can be ok, but routing on next routers down.

    On a good multi-wan router, i think that there should be at least those possibilities for broken link detection :

    – pppoe state detection

    – ping detection to a known target

    – http / ftp connectivity test to a known target

    – SIP / IAX2 connectivity tests, and more generally a possibility to define custom scripts to detect the liveness of a specific target.

    The second important thing, is certainly to be able to shape each class of traffic, load balanced it, or not, define a primary link and backup links for each traffic, etc…

    I think that it is very important to have a good failover support, more than a full options load balancing support. Load balancing only works for session oriented traffic, and even with this traffic it is sometimes necessary to lock it on a specific WAN link.

    To support multilink with connection oriented protocols, like VoIP, we need link agregation instead of load balancing ; like for example MLPPP. This is clearly not possible without support from the ISP.

    Inbound shaping is important as well, unfortunately with Linux it is only possible to do it by paquet drop, to my knowledge.
    For TCP traffic, it would be more adequat to shape the inbound traffic by manipulating the TCP window.

    The third thing is perhaps multi IP support for wan, and explode it on multiple NAT network on different VLANs, or bridge specific IP addresses directly to a specific host.

    If you need some interesting informations about GUI interfaces for multiwan routers, instead of reinventing the well, you could download the manuals of PepLink, Draytek, Edimax (level2 multiwan), Xincom. They are the most interesting products i’ve found. Edimax is special because they are level2 (expensive) multi-wan routers. They do work with all protocols and can do things that a level3 multiwan router cannot do.

    I’ve found the Draytek Vigor 3300 GUI quite interesting and powerfull. I advice you to download the manual and take the good GUI ideas.

    Last, in the hardware multi-wan router area, IPv6 is non existent, except on Cisco products…

    A good function is to be able to bridge IPv6 coming from a dual protocol PPPOE session to the LAN side so that we can have IPv6 even if we don’ t have advanced control on it. This is a first stage to experiment with it. Perhaps just adding RADVD to announce the IPv6 network prefix to the workstations.

    I have the chance to have an IPv4 / IPv6 PPPOE ADSL connection here, so i can test this.

    There is a no mans land with IPv6 on GUI interfaces. Strange… Ipv6 is not so complicated, and simplify the administrator work, for example to connect large IP cameras networks.

    There are toons of very complicated and efficient software on Linux, like OpenVPN. I can’t explain why there is such a big hole and lack of documentations with QOS and Multi-Wan.

    Projects like ZeroShell are very profitable to the Opensource community.

    Best Regards,


    in reply to: QOS via DSCP #46087

    As it is my first post, first let me say that i’m impressed by the quality of your project.

    It is version 1.0 but do have a lot more functions than older similar project, specially for QOS htb support.

    DSCP support would be very nice for VoIP.

    It does simplify a lot QOS setup, specially with asterisk.

    Net balancer will be very interesting as well. I tried some well known hardware products, they are quite expensive and bugged.

    I’m using actually Openwrt for WAN routing and VPN, but the project seems to slow down.

    More, using embeded devices can become a problem as soon as the traffic need realtime speed (VoIP for example).

    Keep up the good work,


Viewing 7 posts - 16 through 22 (of 22 total)