A tutorial on network speed limit for private routers

To the Internet café computer speed limit settings, can effectively ensure that all computers have enough bandwidth for network applications.

A common router speed-limiting operation is to block the service's normal operation by setting AC on the router to seal off the port used by the service.

Below specifically said the Internet Café special Router network speed limit operation steps.

One, limit the number of stand-alone connections

Using this method to limit the number of connections to all hosts on the intranet, mainly based on the broadband router to do NAT conversion, will maintain some connection entries for the application, Peer-to-peer software use when the need to occupy a lot of connections, and the broadband router itself can tolerate the number of connections is limited, so, When the number of connections to the host is limited to a range, the number of broadband router connections is maintained effectively.

Second, limited Peer-to-peer software

The intranet uses Peer-to-peer host to be able to connect the outside net main opportunity to be many, but, cannot completely limit the Peer-to-peer software application. Can be set up in the "Security settings-ip address filtering", because the Thunder server usually use 3076,3077,3078 these three ports and client communication, so sealed off these three ports, thunder download speed will be reduced a lot. Similar methods are used to monitor ports on other Peer-to-peer software.

Iii. Control of dynamic ports

Nbar is a dynamic technology that can find protocols in four to seven layers, it can not only achieve the common ACL can control static, simple Network Application protocol TCP/UDP port number, can control the general ACLs can not do dynamic port of those protocols. is a very good speed-limiting method for routers.

Iv. limiting malicious traffic

To realize the control of BT flow, it is necessary to implement the support of PDLM on the router, and the module of the description language of the packet. It is a description of the protocol layer for high-level applications of the network, for example, the protocol type, service port number, and so on, its advantage is to let Nbar adapt to many existing network applications, while it can also be defined to enable Nbar to support many emerging network applications, and the use of PDLM can limit the malicious traffic on some networks.

Five, seal the port

This method can only limit the use of Peer-to-peer software in a small scope, the effect is not very good, because a lot of peer-to-peer software can manually specify the listening port, even if you can not manually specify the listening port, the software itself to use the listening port range is also relatively large, usually 0~65535.

If you just browse the Web, send and receive mail, QQ and other applications, you can completely put most of the ports do not need to be banned.

Above is the Internet café dedicated router network speed limit operation steps, I hope to help you.