Need to get caught up? Read Part 1 and Part 2 of this series.
The days of static web pages and emails comprising the bulk of Internet traffic are long gone, replaced by a mix of applications and appliances that require high-throughput and low-latency connections in order to work properly. Surprisingly, many routers will treat all of your packets the same way despite the fact that some of your data is much more important than others.
The Quality of Service (QoS) feature in the Tomato firmware allows you to impose limits on any device or application on your network that is requesting a connection to the outside world, be it outbound or inbound (uploading/downloading). Under the QoS section on the Tomato main page you’ll find the Basic Settings link which allows you to input your connection’s available bandwidth and set a portion to be reserved for each specific class of traffic — handy, should your connection begin to become saturated.
This is where having knowledge of your connection speed, networked devices, and the sort of resources your applications require comes into play.
One of the biggest causes of headaches for many people is getting a VoIP solution to work properly and maintain clear voice quality behind a router. Its bandwidth needs aren’t all that great but it requires unfettered access if you want your call to sound clear on both ends. Starting up another connection-hungry application that knows no limits could impede on other connections. Setting up some priority for your programs will ensure that important data links aren’t harassed by lesser traffic.
With enough digging around you’re likely to find the ports your VoIP solution is likely to use and just how much bandwidth your application would need. If you’re lucky, Tomato firmware will provide a preset like in the case of Skype classifications. For others, simply plug your VoIP solution’s name into Google along with the term “ports” and you will be well on your way.
The Classification link is where you’d want to feed this information. It allows you to create rule sets so as to assign specific applications or devices into its appropriate priority class. That said, there are plenty of not-so-elegant ways to go about getting many software VoIP solutions running smoothly.
But as far as hardware based VoIP products are concerned, they are far easier to manage as their IP’s or MAC Addresses on your network are enough to get a rule set started, but digging up how much bandwidth they’d need is still necessary.
The View Graphs section, also under the QoS header, gives you access to detailed pie charts which display what open links belong to each class on both incoming and outgoing connections. The graph slices can also be clicked for a detailed text list of all current connections. A handy tool to see if your meticulous class/priority setup is actually doing its job.
What’s Mine is Mine
While dedicating bandwidth is a great way to make sure your most important tools get their due, minimizing the amount of bandwidth available to certain services is also helpful. Some applications just don’t play nicely when given free reign over your available bandwidth so capping their data rates can cut down on those “mysterious” connection slow downs, which in fact a few programs can reliably produce.
Those applications (namely P2P) also have a habit of bringing down even the beefiest of home/small office routers given the massive number of simultaneous connections they can request, and which, invariably, the router has to keep track of.
Getting the latest Linux distributions is of utmost concern, so keeping things running smoothly is of great importance to many users. A number of these open source firmwares are capable of handling many more active connections than what’s normally included on routers, cutting down on the number of unresponsive connections and random router crashes.
The Connection Tracker (conntracker) feature, which can be found under the Advanced section in the Tomato interface, also allows you to fine tune just how long certain connection states stay active, sometimes improving on the “time out” lockups certain programs encounter. However, settings such as these are generally best left at their defaults as you wouldn’t want to disturb the fragile nature of some Internet-based applications.
A Look Behind Door Number Three
Port forwarding has been a feature on even the cheapest of models but you’re likely to find plenty of limits imposed by preloaded firmwares, most notably in the number of entries you can add, and even when there’s plenty of room to work with, you’re likely to lose track of what’s what.
Tomato spruces things up by offering basic, DMZ, and triggered port forwarding. This allows you to set up specific rule sets on where incoming traffic on specific ports should be routed to, which destination address on your network should be fully exposed to the Internet’s flurry of traffic (which comes in welcomed, mundane, and malicious flavors), and when and what ports should be open depending on outbound traffic from your network. There’s even support for the much-maligned Universal Plug and Play (UPnP) standard which sees plenty of usage in many applications.
There’s a ton of possibilities with Tomato and other open source firmwares. Configuration settings and features that were once limited to high-priced models are suddenly open for anyone with the appropriate, low-cost hardware to use.
Though the number of features at your disposal with any of the open source firmwares is daunting, with enough time, and a bit of sleuthing, you’ll be able to maintain a secure, reliable, and snappier network for your small office or home office.
This article was first published on EnterpriseITPlanet.com.