Route technology to prevent Internet café from falling off line

At present, Internet cafes users based on the application has been from a simple web browsing, extended to video QQ chat, VOD, online games, education and training, IP telephony and other more extensive areas, these applications have increased the speed and stability of the network has raised more and more high requirements, So now the Internet bar on the performance of the router requirements are also increased: firstly, more and more functions are required to be implemented by hardware, and secondly, routers are required to use distributed processing technology to improve the capability and speed of routing; Thirdly, the shared bus which is prone to congestion is gradually discarded, and the switched routing technology is adopted, Ensure the stability of the network.

It is because of the complexity of the application of Internet cafes, making the network resources become more nervous, in such an environment, Internet cafes computer offline phenomenon has become a problem for Internet cafes owners and internet café Administrators, and in order to avoid the fall of the line, the major network equipment manufacturers also in the Internet cafes router products above a lot After a long time to the Internet Bar Network application environment Research and analysis, developed a series of complex application environment for network application optimization measures and advanced functions, we will take a look at the Internet Café router above are all adopted which special technology to prevent the Fall line:

Internal PC based on IP address speed limit

Now the network applications are numerous, BT, Electric Donkey, Thunder, FTP, online video, etc., are very occupied bandwidth, to a 200-scale Internet cafes for example, export bandwidth of 10M, each internal PC's average bandwidth of 50K or so, if there are a few people in the crazy download, the bandwidth is occupied, Will affect other people's network speed, in addition, the download are large files, IP message maximum can reach 1518 byte, That is 1.5k, download applications are large packets, in the network transmission, is generally a packet for the transmission, if several people at the same time downloading, occupy a lot of bandwidth, if someone is playing online games, it may appear card phenomenon.

A function based on the speed limit of IP address, you can restrict the speed of all the PCs inside the whole internet bar, and can limit the speed of uploading and downloading, which can limit the speed of all the PCs in the interior, or set the speed of a specific PC in the internal setting individually. How much is the speed limit appropriate? and the specific export bandwidth and the size of Internet cafes, but the minimum is not less than 40K bandwidth, can be set in the 100-400k more appropriate.

Internal PC limit number of links to Nat

Nat function is the most widely used function in the Internet café, because the IP address is insufficient, the operator provides to the Internet café is generally an IP address, and the Internet café has a large number of PCs, so many PCs have to go through the only one IP address for the Internet, how to do this? The answer is NAT ( Network IP address translation). When the internal PC accesses the extranet, within the router to create a corresponding list, the list contains internal PCIP address, access to the external IP address, the internal IP port, Access destination IP port information, so every time ping, QQ, download, Web Access, there are on the router to establish a corresponding list of relationships, If the list corresponds to a network link that has data traffic, the lists remain in the router and, if there is no data communication, it takes 20-150 seconds to disappear. (These times can be set for RG-NBR series routers)
Now there are several network viruses, in a very short period of time, issued tens of thousands of consecutive requests for different IP links, so that the internal router to the PC to build more than a few NAT link.

Because of the NAT link on the router is limited, if all of these viruses to occupy, other people access to the network, because there is no NAT link resources, will be unable to access the network, resulting in the phenomenon of disconnection, in fact, this is the network virus to occupy all the NAT resources.

In response to this situation, many Internet café routers provide the ability to set the maximum number of NAT links for internal PCs, you can set the maximum number of links for the internal PC, or you can limit each PC individually.

At the same time, these routers can also see the content of all the NAT links, to see which PC occupies the highest number of NAT links, while the network virus also has some special ports, you can see the NAT link specific content, to the end of which PC poisoned to find out.

ACL Anti-network virus

Network viruses are emerging, but while, outsmart, all network viruses are transmitted through the network, network virus data packets must follow the TCP/IP protocol, must have the source IP address, destination IP address, source TCP/IP port, destination TCP/IP port, the same network virus, The general purpose IP Port is the same, for example, the port of the Shockwave virus is 135, the wave virus port is 445, as long as these ports on the router to limit, then the external virus can not through the router this unique access to the intranet, the internal network virus originated messages, Because of the restrictions on the router, routers do not handle, you can reduce the virus messages occupy a large number of network bandwidth.

Excellent Internet café Router should provide powerful ACL function, can restrict the network message on the intranet interface, also can restrict the virus network message on the external Wang interface, can not only go out the message now, but also can restrict the incoming network message.