ADSL-optimizing trough severe network reconfiguration

Believe it or not, but these pages are hosted on a server hosting over 10 websites and a ADSL-link with only 400kbps upstream. Pretty weak stuff.

Granted, I remove most of the major load from my link by hosting static, bandwidth consuming stuff on a 100mbps offsite server. But still: 400kbps doesn't leave you much to fool around with when you include applications like Bittorrent.

In essence I capped my webserver at 200kbps and I capped Bittorrent at 200kbps to make sure that one service didn't consume the bandwidth needed for the other service to function properly. The net result was that for most of the time I could only utilize 50% of my already shitty connection. Not optiomal.

So what did I do this weekend? I replaced my network configuration consisting of 2 machines (Windows and Linux) both in parallel in the DMZ/INET-zone where one was the general gateway with a setup where the Linux machine worked as the only gateway to the internet and all traffic going trough that machine to provide me full control of my total upstream at one location.

Now why would I want to do that? What I want to do is implement traffic-shaping. Traffic-shaping allows me to assign priorities to different kinds of traffic, making sure the things I care about gets trough no matter how stuffed the connection is. This is cool.

It took quite a few hours to get done, and it involved a few steps.

  • Setup Linux box to function as a NATing gateway
  • Setup port-forwarding for the services that needs it (like these web-pages)
  • Setup traffic-shaping

Step 1 involved iptables. Step 2 involved iptables. Step 3 involved iptables. And I hate iptables. To be fair though: iptables suck a lot less than ipchains.

Anyway. The Linux-machine is hidden in a closet with only power and network connected. No monitor, no keyboard. If my network reconfiguration of that machine makes me lose contact, I have to reboot and start from square one.

I'm not going to bullshit you: I had to reboot the machine two times.

Anyway: Setting up NAT was less painful than I imagined. Setting up portforwarding, which I thought would be the easy part caused more issues than I can ever recall. Once all of this was in place, I got some sleep, woke up, sobered up, set up traffic-shaping, which was a lot easier than I could ever imagine.

Right now my Bittorrent client is running uncapped. My web-server is running uncapped. Everything I run involving outbound TCP/IP-traffic is uncapped. I can pretty much say I've doubled my effective bandwidth utilisation, yet things are working better than ever before.

For those with a spare Linux-machine, for those who has a Linux-machine as their internet-gateway or firewall... I can really recommend checking this out. Knowplace has a good traffic-shaping HOWTO which will guide you trough the concepts and implementation.

As much as I love Windows, and I really do, this is just the kind of thing where Linux wins hands down. There is no way you can implement stuff like this in Windows, unless you are willing to shell out money for Microsoft Internet Security and Acceleration Server, and I'm not.

I just think these kind of things shows how important it is to know your way around more than just one OS. Using the right tool for the right job is crucial to get the job done properly. And in my opinion a OS is a just as much a tool to get what you want done as anything else.

Thanks to knowing a little bit about Linux, I was able to double my effective utilisation of what can really be described as a subpar, crappy ADSL-link. Not bad. Not bad at all.

Thanks to

Various reasons

Misc stuff