Recently, there have been more and more vrouters with multiple WAN ports on the market. In addition to its obvious advantages over soft routes in terms of stability, reliability, and ease of maintenance, the hardware Internet cafe routers are much more mature in terms of function arrangement and performance implementation, especially multi-Wan port processing, professional manufacturers have already done a lot of research on the application of multiple WAN ports in Internet cafes.
After using the broadband routers of multiple manufacturers, I feel that the products of domestic manufacturers are the most suitable for the complex needs of domestic Internet cafes. Taking one of the Two-line broadband routing gateways of Shanghai aitai Technology Co., Ltd. as an example, its functions can greatly improve the satisfaction of Netcom's broadband users:
1. Access Line
Currently, China's Internet networks are mainly operated by two ISPs: China Netcom and China Telecom. When users use China Netcom's optical fiber cables. Access to various websites and game servers on China Netcom is normal, while access to various servers on China Telecom is very slow; this interactive access problem also exists in optical fiber lines using China Telecom. This problem mainly occurs because the interconnection between China Netcom and China Telecom ISP networks is not smooth enough, and the bandwidth is relatively small, which cannot meet the mutual access needs of the two networks. Network games have high requirements on the network environment, and the problem arises for Internet cafes: using the optical fiber of China Netcom cannot smoothly play games on the telecom network; however, the optical fiber of China Telecom cannot smoothly play games on the Network of China Netcom.
The solution to the above problems is only to connect to the two-line communication network and China Telecom respectively, to meet the online game speed requirements of Internet cafe customers. In this way, the dual-WAN port router can be used. Internet cafes use dual-WAN ports and Routers:
First, the device investment is reduced, the network structure is simplified, and the client settings are completely transparent. The client system does not need to be modified. The smart device analysis judges the client's Internet access requests, automatically select the optimal egress of the Internet line so that customers can enjoy the optimal speed no matter where they play online games or browse the website.
The technical principle of the routing device that intelligently selects the Internet egress is to determine the ISP carrier network where the IP address is located by analyzing and comparing the IP address sent by the client to select the best internet egress for its data flow. In the end, the access to the Netcom site only follows the China Netcom line, and the access to sites other than China Netcom follows the China Telecom line to solve the problems brought about by the interconnection of China Southern Telecom and China North Netcom.
Internet cafes are a big industry and market. For China Southern Netcom, if the interconnection problem is solved, it will be able to have a place in the internet cafe market and expand to other businesses, space for development in the fierce market competition.
Second, dual-line access can also achieve bandwidth convergence: access to multiple broadband lines, through load balancing, to meet the internet cafe's demand for insufficient bandwidth. You can perform load balancing as follows:
◆ Multi-line NAT session balancing ensures that multi-threaded applications of Intranet users can use Bandwidth Resources of two lines at the same time;
◆ When the bandwidth ratio is balanced among multiple lines to ensure that the bandwidth of multiple lines is inconsistent, the traffic can be allocated to multiple lines according to the bandwidth ratio reasonably;
◆ Multiple lines are balanced Based on the Intranet IP segment. You can specify the Intranet PC to use the specified line;
◆ Multiple lines are balanced based on the Internet IP segment. You can specify the lines used to access certain websites. The above mentioned solution to interconnection is actually implemented in this way.
Third, dual-line backup can be performed on each other: in some cases, the master line may be disconnected or the service may be stopped. When a problem occurs on the master line, the system automatically switches to the backup line to ensure that the Network is uninterrupted and the Internet cafes are operating normally. The most important prerequisite for line backup is how to quickly and accurately detect the disconnection and quality of the line. You can perform the following checks:
◆ ICMP detection gateway-sends ICMP data packets to the Access Gateway at a fixed interval;
◆ ICMP detection public network address: An ICMP packet is sent to the public network address at a fixed interval. This packet is used to detect the connection interruption and quality, and is applicable to the ping prohibited environment of the Access Gateway.
◆ ARP detection Gateway: sends an ARP request to the access line gateway at a fixed interval to detect the connection interruption and quality. It is applicable to the environment where all access lines cannot be pinged.
◆ DNS resolution Detection: DNS requests are sent to the public network DNS server at regular intervals to detect the connection interruption and quality. This method is applicable to environments where the access time is continuously restricted by the operator.
Ii. bandwidth resource management
In the daily expenses of Internet cafes, apart from device depreciation and staff salaries, the biggest expense is the broadband rental fee. Today, more than 70% of Internet bandwidth is occupied by P2P Traffic. How to Increase the bandwidth utilization with limited bandwidth is a key issue to improve network quality and attendance.
At present, when many Internet cafe owners find that the bandwidth is insufficient, they cannot find out whether the cause of the bandwidth shortage is due to bandwidth shortage, or whether the bandwidth is occupied by downloading, P2P Traffic, and virus attacks, we can only blindly increase the bandwidth, not only spending more money, but also often cannot solve the problem.
The HiPER broadband Security Gateway provides powerful bandwidth monitoring functions to query physical ports, real-time and accumulated upload and download traffic for each user, and use it with the Internet monitoring function, you can monitor who is using a large amount of Bandwidth Resources in the intranet and why a large amount of bandwidth resources are used.
At the same time, the HiPER broadband Security Gateway also has a variety of bandwidth management functions, among which CBT bandwidth credit management is currently the most effective method to control P2P downloads. Using CBT bandwidth credit management, you can define a maximum download speed and a certain credit for Intranet users. Within the credit limit, users can upload and download freely, if the user continues to use the bandwidth that exceeds the preset value after the credit limit is exceeded, the user will take 50% as the gradient to speed down. In this way, P2P Downloads can be well restricted to ensure that other users in the Intranet can use the bandwidth fairly and effectively, and CBT bandwidth credit management does not increase the processing latency of data packets, this ensures latency-sensitive applications such as games and voice.
Iii. Maintenance and diagnosis Management
How to quickly diagnose problems such as disconnection and card freezing during Internet cafe access is also a headache for Internet cafe network management, common shared devices and software do not have or only have few monitoring and status functions. If something goes wrong, you can only restart the system. However, the system will soon fail. There are many diagnostic commands for vrouters of Cisco and other vendors, but complicated command lines have discouraged many users.
Iv. Network Security
Network security is a big topic. Every network vendor should consider how to provide users with simple and practical security services. Thousands of network security rules are stacked. Not only do most users have no way to configure them, but they often encounter attacks once in a lifetime. In addition, these policies not only affect the processing performance of products, it also greatly increases the product price.