With the development of China's routing industry, and the application of Internet cafe routers is also more extensive, here we mainly analyze the problem of Internet cafe router disconnection. The increasing number of these applications puts forward higher and higher requirements on the speed and stability of the network. Therefore, the performance requirements for routers in Internet cafes are also increasing accordingly: first, more and more functions are required by hardware. Secondly, the routers are required to adopt distributed processing technology to improve the routing processing capability and speed. Third, the shared bus that is easy to cause congestion is gradually abandoned, the exchange routing technology is used to ensure the stability of the network.
It is precisely because of the complexity of Internet cafe applications that make network resources more tight. In such an environment, the disconnection of Internet cafe computers has become a heart problem that troubles Internet cafe owners and administrators. In order to avoid disconnection, major network equipment manufacturers have also made a lot of effort on the internet cafe router products. After long-term research and analysis on the internet cafe network application environment, we have developed a series of optimization measures and advanced functions for network applications in complex application environments. Let's take a look at the special technologies used in Internet cafe routers to prevent disconnection:
Internal pc ip address-based Speed Limit
Currently, many network applications, such as BT, e, Thunder, FTP, and online video, all occupy a very high bandwidth. Taking a 200-scale Internet cafe as an example, the outbound bandwidth is 10 Mbps, the average bandwidth of each internal PC is about 50 k. If a few people download resources in a crazy way and all the bandwidth is occupied, the network speed of others will be affected, large files are downloaded, and up to 1518 bytes of IP packets, that is, 1.5 kb. All applications downloaded are large packets. during network transmission, data packets are transmitted in units, if a few users are downloading at the same time, a large amount of bandwidth is occupied. If someone is playing online games at this time, a card may occur.
An IP address-based speed limit function can limit the speed of all PCs in the Internet cafe, and can respectively limit the upload and download speeds, which can limit the speed of all PCs in the Internet, you can also set the speed of a specified internal PC. How much is the speed limit suitable? It has something to do with the specific outbound bandwidth and the size of Internet cafes, but the minimum bandwidth should not be less than 40 kb. It can be set to-kb.
Limit the number of NAT links in an internal PC
NAT is the most widely used function in Internet cafes. Due to insufficient IP addresses, carriers generally provide one IP address to Internet cafes, while a large number of PCs exist in Internet cafes, so many pcs use this unique IP address to access the Internet. How can this problem be solved? The answer is NAT network IP address translation ). When an internal PC accesses the Internet, a corresponding list is created inside the vro. The list contains information such as the internal PCIP address, the external IP address to be accessed, the internal IP port, and the destination IP port to be accessed, therefore, each ping, QQ, download, or WEB access has a list of corresponding links on the vro. If the network link corresponding to the list has data communication, these lists will be retained in the vro. If there is no data communication, it will take 20 to 50 seconds to disappear. For RG-NBR series routers, these times can be set)
There are several kinds of network viruses that will send tens of thousands of consecutive connection requests for different IP addresses in a short time, so that the vro needs to establish more than NAT links for the PC. Because the NAT links on the vro are limited, if they are all occupied by these viruses and other people access the network, the resources without the NAT link will become inaccessible, this is because all NAT resources are occupied by network viruses.
In this case, many Internet cafe routers provide the ability to set the maximum number of NAT links for the internal PC, and can uniformly set the maximum number of NAT links for the internal PC, you can also restrict each PC. At the same time, these routers can also view the content of all NAT links to see which PC occupies the largest number of NAT links, and the network virus also has some special ports, you can view the specific content of the NAT link and find out which PC has been poisoned.
ACL protection against Network Viruses
Network viruses are emerging in an endless stream, but they are full of tricks. All Network viruses are transmitted over the network. The data packets of Network Viruses must also follow the TCP/IP protocol, a certain source IP address, and a destination IP address, source TCP/IP Port, destination TCP/IP Port, the same network virus. Generally, the destination IP port is the same. For example, the port of the shock wave virus is 135, and the port of the shock wave virus is 445, as long as these ports are restricted on the vro, the external virus cannot enter the Intranet through the vro's unique entry. packets initiated by internal network viruses, because of the limitations on the vro, The vro does not process it, which can reduce the amount of network bandwidth occupied by virus packets.
Excellent Internet cafe routers should provide powerful ACL functions, which can restrict network packets on Intranet interfaces, or restrict virus network packets on the External King interface, you can also restrict incoming network packets.