How to set up the Internet bar router to prevent the network from losing line

Source: Internet
Author: User
Tags continue backup

Internet cafes computer Drop line phenomenon, has been puzzling internet café owners and internet Café Administrator's heart. In the previous article small series also mentioned routers is also the Internet Bar network drop the root of one of the sources (see "Internet cafes network off the source of the router"). In order to avoid the fall of the line, the major network equipment manufacturers are also in the Internet Café router spent the mind, today small make up and you share, the Internet bar router How to set the line can not be dropped:

Internal PC limit number of links to Nat

Nat function is the most widely used function in the Internet café, because the IP address is insufficient, the operator provides to the Internet café is generally an IP address, and the Internet café has a large number of PCs, so the NAT function came into being, that is, the network IP address conversion. When the internal PC accesses the extranet, within the router to create a corresponding list, the list contains the internal PC, IP address, access to the external IP address, the internal IP port, Access destination IP port information, so every time ping, QQ, download, Web Access, there are on the router to establish a corresponding list of relationships.

Now there are several network viruses, in a very short period of time, issued tens of thousands of consecutive requests for different IP links, so that the internal router to the PC to build more than a few NAT link. To prevent viruses from invading, these routers can also view the content of all the NAT links, and see which PC is using the most NAT links, which can be found by looking at the NAT link specific content.

Internal PC based on IP address speed limit

Now the network applications are numerous, BT, Electric Donkey, Thunder, FTP, online video, etc., are very occupied bandwidth, to a 200-scale Internet cafes for example, export bandwidth of 10M, each internal PC's average bandwidth of 50K or so, if there are a few people in the crazy download, the bandwidth is occupied, Will affect other people's network speed, in addition, the download are large files, if several people at the same time download, occupy a lot of bandwidth, if someone is playing online games, it may appear card phenomenon.

Smart manufacturers to the router to add a speed based on the IP address speed limit, can give the entire Internet bar inside all the PC, can limit the speed of upload and download, so that the effective allocation of network resources.

ARP Address spoofing feature

On the web, there are two addresses, one is the IP address, one is the MAC address, the MAC address is the network physical address, the internal PC to send the message to the net, first according to the IP address of the gateway, through ARP to query NBR MAC address, and then send the message to the MAC address. So on each PC, there is the corresponding relationship of ARP, is the IP address and the corresponding table of MAC address, these correspondence is through ARP and RARP message to update.

There is currently a virus on the network, will send fake ARP messages, such as the IP address of the gateway to send the ARP message, the gateway IP corresponding to their own Mac, or a Non-existent MAC address, while the fake ARP message broadcast in the network, All the internal PCs will update the IP and Mac counterpart tables. Wait until the next time the Internet, will be sent to the Gateway MAC message, sent to a non-existent or wrong MAC address, which will cause disconnection. This is arm address spoofing, which is causing the disconnection of the internal PC and the extranet, a virus that has been particularly rampant in the previous period. In response to this situation, anti-ARP address spoofing features have appeared in a number of professional router products, see the article "ARP Spoofing and attack when the Internet Café router How to set?"

Load Balancing and Line Backup

About load balancing and line backup, for example, the Ruijie RG-NBR series routers, such as all support VRRP hot backup protocol, can be set up to 2-255 sets of NBR router, while linking 2-255 broadband lines, these NBR and broadband lines, to achieve load balancing and line backup, In case of line disconnection or network equipment damage, can automatically realize the backup, in line and network equipment are normal situation, you can achieve load balancing. This feature is supported on all routers in Ruijie.

The RG-NBR series routers in the rg-nbr1000e, but also provides 2 WAN, if necessary, there is a module expansion slot, you can plug in the electric port or optical interface module, and link 3 broadband lines, this 3 broadband lines between the load balance and line backup can be achieved, Can be based on bandwidth load balancing, but also on the internal PC to group load balancing, but also can set access to Netcom resources to go netcom line, access to telecommunications resources to go telecom line load balance.

ACL Anti-network virus

Internet viruses are emerging, all network viruses are transmitted through the network, network virus data packets must follow the TCP/IP protocol, the same network virus, the general purpose of the IP port is the same, excellent Internet bar routers should provide a powerful ACL function, can be in the internal network interface to restrict network messages, Also can restrict the virus network message on the outside Wang interface, can go out now the message, also can restrict incoming network message.

Wan Port anti-ping function

Hackers on the network before launching an attack, all the IP addresses on the network to scan, one of the common scanning method is ping, if there is a response, the IP address is active, is able to attack, which will expose the target, At the same time, if there is also a large number of packets outside the RG-NBR series routers ping request, will also be the Internet Café RG-NBR series routers dragged off.

Now most Internet café routers have designed a WAN to prevent the function of ping, can be easy to open, all the outside of the Ping data message request, are deaf, so that neither exposes their goals, while the external ping attack is also a precaution.

Comprehensive performance

The task of the Internet Café router is very complicated, so it is not possible to highlight a particular aspect. Also need performance, function, security and other aspects of all-round development in order to give full play to its advantages, described as "many, fast, good, provincial, stable, simple, static, strong", 8 legs walk, well-organized, tens of thousands of NAT concurrent links, The performance of the wire speed download, simple configuration, quiet use of the characteristics of the harsh use of the environment, can be the internal speed limit function, telecommunications-level network operating system, in demanding the stability of the environment applications, and so on, these powerful comprehensive performance, can achieve an excellent Internet café router.

Internet Café routers in the continuous improvement, I believe that after the network of Internet cafes will continue to reduce the user experience of Internet cafes will continue to enhance.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.