Horrible Throughput Problem

[M i k e]

I am an aspiring Networking major who happens to find this stuff very interesting, so as much detail as possible would be great. My problem is:

About 5 months ago we picked up a new wireless router for our network. At the time of purchase our network required some type of bandwidth control and I ended up picking up a TP-LINK WR1043ND because our current Linksys router had no DDWRT capabilities and TP-LINK comes loaded with bandwidth-control features. Rather than throwing away or getting rid of our old Linksys router I thought to myself, "I could use this for G-mode only and the TP-LINK for N-mode only to improve throughput." I hardwired the Linksys router into the TP-LINK router and then hardwired the TP-LINK into our DSL modem. So, basically, we have an infrastructure that looks like this:

Wall --- DSL modem --- TP-LINK --- Linksys

The first thing I did was set each wireless router to broadcast on different channels- they're only a few feet apart- and with different SSID names. The second thing I did was disable DHCP on the Linksys router and enable it on the TP-LINK. I added a few clients to the reserved address list on the TP-LINK's config page and then limited the bandwidth to the remaining IP address range. I configured some DoS protection rules, set up the security type and passphrase, chose not to broadcast the SSID name, and then connected three clients to the TP-LINK. Everything went quite swimmingly for about 3 months and then throughput started to get horrible. After this happened I began doing some research and found a few different proposed solutions for making the network more efficient. One person suggested bridging the TP-LINK and DSL modem and another suggested putting the TP-LINK in the DMZ of the DSL modem and then putting the Linksys in the DMZ of the TP-LINK. I haven't tried any of these solutions yet for two reasons: 1.) There are a few things I don't understand and 2.) I didn't want to reverse-engineer the entire network configuration to do something that might not work. So, rather than waste anyone's time trying to do troubleshooting steps and going back and forth between reconfiguring and responding... I thought I might make it easier by just saying exactly what I want to happen and let someone else tell me how THEY would configure everything to be as efficient as possible.

First, could someone please explain to me exactly what bridging is and what it does? Why would bridging the TP-LINK and DSL modem be useful?

Second, what exactly is a DMZ and how do you set one up? I heard that, by doing this, it would give all connections a clearer path through the network. Is that true?

Basically, what I want is to have all administration and protection take place on the TP-LINK because it has a much more inuitive and user-friendly interface than the Linksys and DSL modem. I wanted all traffic to have a straight shot through the DSL modem to the TP-LINK where all filtering would take place. I want the DSL modem to be like it's not even there and set up firewalls and protection on the TP-LINK. I want the Linksys router to broadcast in G-mode only and basically give everything connected to it a clear shot through to the TP-LINK, where I'm hoping I can configure EVERYTHING. Is this a good idea? I want to have the max data rates I can on the TP-LINK (the three clients connected to it require the 300mbps data rates) and the Linksys operating in G-mode is inconsequential- it's just there for everything else to connect to and is only there because there are a few G-only devices needing to connect to the network. I heard that switching the TP-LINK to mixed mode would negatively affect throughput so I thought having these two routers operate in different modes would be best. Is that true? If you had a mixture of G/N devices on a network, where the N-devices require the best possible data rates and throuput, how would YOU configure the network? If anyone can help, please be as specific as possible and I will be eternally grateful for your assistance.

 

[eibgrad]

Bridging the DSL modem only makes sense if it’s a combo device (i.e., modem+router). If so, then clients behind the TP-Link would be double NAT'd, and that can cause various problems (but performance isn't typically one of them). To eliminate the double NAT (and everything else having two routers implies; multiple DHCP servers, multiple firewalls, etc.), you can sometimes bridge the modem+router so that it's effectively demoted to ONLY being a modem. And as such, all its routing capabilities, NAT, firewall, etc., are disabled.

But bridging is completely irrelevant if the modem is already just a modem.

As far as the DMZ, the DMZ is simply an IP address to which all INBOUND traffic, that would otherwise be blocked by the firewall, will be redirected. It essentially allows ONE DEVICE to exist outside the firewall. That’s all it means!

So why would someone use it? To simplify remote access. So rather than dealing w/ port forwarding, or enabling UPnP on the internal network, you designate one IP that’s resides outside the firewall to avoid dealing w/ these other solutions. Of course, it comes w/ some risk unless that device in the DMZ has its own personal firewall.

The reason some ppl bring up the topic DMZ when dealing w/ more than one router is because they’re suggesting that you place the WAN IP of the second router in the DMZ of the first router. You’re effectively disabling the first router’s firewall since all the traffic that hits the first router’s WAN will eventually be forwarded to the second router’s WAN.

But NONE of this has anything to do w/ performance. It’s a remote access issue for INBOUND requests.

As far as the hidden SSID, there’s absolutely no benefit from it. As long as you’re using good wireless security, that’s all that matters. SSIDs can be easily discovered, hidden or not. And certainly by those who would be the most likely to hack your network. In fact, hiding your SSID can sometimes cause problems, esp. in older versions of Windows. It can cause wireless adapters to “wonder” in search of better connections. And according to Windows, those broadcasting their SSID are preferred to those NOT broadcasting their SSID. So it’s pointless to hide your SSID.

As far as mixed-mode wireless, w/ most modern equipment, it’s only going to negatively affect performance to have both G and N users on the same radio in the sense that G users take longer to complete their transactions. And since wireless access is serialized (everyone takes their turn), total throughout is reduced whenever G users are active. But by placing the G users on their own wireless radio, then obviously you maximize throughput on the wireless N network.

So while in principle I would recommend isolating G and N users, it’s not really as big a deal if they share the same wireless radio in mixed-mode, esp. if wireless G actively is infrequent. Merely have wireless G devices “associated” shouldn’t diminish wireless performance for N users at all (at least for modern equipment).

Now where you *might* have a problem w/ mixed-mode and wireless N is if you can’t say, enable channel bonding except in wireless N-only mode. IOW, if mixed-mode somehow limits your access to other performance enhancing features.

Btw, it's not necessarily the case that what is assumed to enhance performance, always does. In my experience, I’ve found that channel bonding often performs WORSE than simply using a single channel. Or that mixed-mode will actually perform better than N only, even if I don’t have G users! Wireless is a strange beast. A lot of things are counter-intuitive. Even wireless engineers can’t always explain the strange phenomena we see with wireless. It’s not a perfectly well understood science. So I recommend you experiment w/ various settings and verify what works best for YOU! Don’t assume something or some configuration MUST be best because anyone says it must be, or should be. The only thing that ultimately counts is your own real world results.

 

[M i k e]

eibgrad-

Just wanted to say thanks, before anything else, for taking the time to explain all of that. My understanding of a few networking terms just got a little better.

You mentioned about the DSL modem being just a modem. I initially assumed the same thing when I hooked up the TP-LINK. Unfortunately, to my dismay, it is not just a modem- it's a modem+router (sorry, I should have included that information). I found this out too late and honestly never thought to contact our ISP for any information on it or even check it out myself. When the network was first configured it was done so with just the DSL modem/router and the Linksys. I was not the one who initially configured the network so it never occured to me to check the settings in the DSL modem/router. So, if everything behind the TP-LINK is being double NAT'd, should I bridge the TP-LINK and the DSL modem/router for a more efficient network? Bridging these two would take the DSL router out of the equation and make it function like a simple modem, right? Then I could configure everything on the TP-LINK and it would be like the master router? That is my understanding of what you said, so I hope I got it all right.

Now, my next concern is about the SSID for the TP-LINK being hidden. I know that Microsoft advises against it and I understand the reasoning for it but the network is located in a very remote area where there really is no threat of someone hijacking our network. The only reason I have the SSID hidden is to create the illusion of simplicity on the network for the other clients and to avoid some... unnecessary inquiries and potential situations. It's really nothing important. Thinking about what you said, do you suggest that I enable SSID broadcast on the TP-LINK for better performance? If I could possibly get better performance out of it I will definitely enable it, but if it's only security related I feel confident enough that the network is safe and may leave it hidden.

For the most part I think you have confirmed that I had the right idea in how I configured the network. The Linksys operates in G-mode only and the TP-LINK in N-mode only for efficiency. I want the Linksys to be used for nothing but allowing the G-devices to connect and all administrations to take place on the TP-LINK. I wanted the DSL router/modem to be nothing more than a modem and it is my understanding that I need to bridge the TP-LINK and DSL router to achieve that. Other than the bridging and the hidden SSID, is there anything else that you could think of for me to try? I want to have a solid plan before I change anything- I plan to reset and reconfigure each of the 3 devices we're discussing.

Once more, thank you so much for your reply. I greatly appreciate it.