What's new

device to throttle bandwidth

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

t2clej

Occasional Visitor
Is there a router/device that I can use on my home network to limit bandwidth to certain devices. I have Asus with Merlin firmware (the best!) but QoS does not do the job. Thanks.
 
Hi - in general, properly-implemented BW limiting is something you're only going to see offered on select SMB-class routers and higher. Some consumer boxes offer it in their stock firmware, but usually you'll need to use third-party firmware with those units.

So first off, if the model of Asus you've got is ccompatible with Tomato ARM, it allows for limiting per IP, IP range or MAC address.

If your Asus isn't compatible with Tomato or another firmware like DD-WRT that may also support BW limiting, then you could simply buy one that is (AC56U, 68U, etc.). There are also much more technically-capable routers like MikroTik and/or Ubiquiti which allow for limiting in a bunch of different ways, but they are not for network novices and require manual building of their configs to get up and running. There are also other linux firewall OS's which offer BW limiting through package additions, such as pFsense, but pF and the like are typically run on pre-built or DIY x86 boxes, which I would assume is overkill for your needs. Just figured I'd cover most of the bases though. :)
 
Many QoS features work only on UPLINK (LAN to WAN) traffic. I assume you're trying to limit downlink bandwidth.

Use the Router Finder and set the QoS section Type to B/W and Direction to BOTH to find ones we've tested. Many TP link routers support B/W filtering in both directions.
 
Trip and thiggins,

Thank you very much for the help. And yes, I'm primarily trying to throttle download speeds for two devices.

I have an extra Asus RT-AC68 so I may try the tomato firmware first. The RT-AC68 looks to be supported.

If that doesn't work, then I'll look at getting another router.

Trip - I looked at the MikroTik website. Is there a model you recommend?

Thanks again guys. Appreciate your help.
 
thiggins

Used the Router Finder and it lists the Asus RT-AC68 as capable of B/W limiting in BOTH directions. I have not been successful in implementing QoS for this device. It seems to ignore the rules I have in place. Do you have a recommendation on another router? Should I try a tp-link?

Thanks.
 
So I upgraded to most recent Merlin firmware and there is now an option to limit bandwidth for IP address. So far this seems to work with +/- 10% variation.
 
@t2clej - it all depends on the throughput you need to hit. And you can see all of those metrics for each model on routerboard.com, at the bottom. (I usually look at the Mb/s metric under 512-byte packet size, with 25 simple rules, as a good gauge of real-world throughput). All of their routers run the same OS, so the $29 hAP lite will more or less have the same overarching features as the $3,000 CCR-1072; it's just the processing power and architecture that will vary. For the nitpickers, of course, the higher-end stuff will offer some features that the base plastic models can't, but by and large, ROS is 90+% identical throughout the product vertical.

What you won't find, however, is the MikroTik equivalent of a Netgear R7000, as that market segment really isn't their focus. Their stuff tends to get picked up by this crowd due to the low price point and "enterprise-ish" behavior. Consequently, I find it's best utilized in a piecemeal setup (separate router, AP, switch, etc.), as opposed to the silver-bullet that most SNB buyers are looking for. If that's ok, then just a note on support: basically, there is none. At least not for the end-user buying off Amazon. You need some chops and OS familiarity before you go dumping one of these things into production. That said, there are MikroTik's wiki's and video stuff like Greg Sowell's page: http://gregsowell.com/?page_id=951 .

If I haven't scared you away yet ;) and you want an all-in-one but don't mind missing AC wifi, the RB2011-UiAS-2HnD-IN is good. Otherwise, a little guy like an RB750GL + whatever AP you like -- UniFi, consumer box, or whatever.
 
Last edited:
the last time i checked the CCR1072 costs $2000 unless the suppliers have been marking up the price.
While mikrotik has really good QoS though complicated there are some things you cannot control on the download such as random incoming non TCP based DoS which is something i never see. Floods mostly seem to use TCP which is why enterprise hardware firewalls are fun when you use tarpits on them and watch bots just grind to a halt from your full WAN to a few pps.

Enterprise speed charts (such as for mikrotik, ubiquiti, etc) are used for routing and not NAT which is what homes need. NAT performance is usually 1/4 of rated routing performance on MIPS but on a CPU like x86 or PPC the difference between NAT and routing performance narrows.

Some protocols can have QoS applied to them and some cant but thankfully 90% of common applications use a protocol that can be managed. One thing you can do with mikrotik is combine the layer 7 firewall with QoS meaning that if you want to apply QoS on a software that doesnt use a protocol you can work with you can apply the hash of that software, mark their packets and apply QoS on the marked packets. One fatal error that some tutorials have in mikrotik QoS is applying a rate limiter to firewall rules but all it does is basically saying this rule will handle x amount of packets/bandwidth and the rest will bypass the rule. This is meant to overcome floods or for example a small ISP preventing a user from flooding the account page or preventing a user account page from being flooded. In blocking bad traffic never put a rate limit on the rules which i have seen in a number of tutorials. As long as you stick to english speeking and professional cisco people tutorials that use mikrotik you should be fine, avoid the ones below the equator.

Some cisco tutorials actually use mikrotik in their layer 2 protection against things like the pineapple hack, you will find these tutorials more than 10 years old and yet consumer routers are still vulnerable to this :).
 
Thank you all for the help. Researching the recommendations now.

I did update to Merlin build 378.56_2 which added ability to limit bandwidth but that does not seem to work. I set the xbox one to 5 Mb/s down and 2 up. But when we had a large game update of 20GB the limit did not work. It went up to my max of 15Mb/s.

So, should I assume that using the Asus RT-AC68 is not going to be a viable option.

If not, could I ask that someone give me their personal recommendations (specific models if possible) for the following:

1 - cable modem: I'm currently using motorola SB6183 which seems to be working well

2 - router: Router that allows be to control bandwidth to each device (this can be wired only and I can add AP at different locations)

3 - wireless AP: I currently have two RT-AC68, one being used as the router the other as AP in another part of house.

4 - anything else I may need.

My budget is flexible - I'm not opposed to spending money to get what works.

Thanks to all.


 
When controlling bandwidth you need to reserve a little bit of bandwidth at both directions for the other direction. I.e. if you had 20Mb/s down and 2Mb/s up than you would want to reserve like 0.5Mb/s on upload for downloads and about 0.1Mb/s on downloads for uploads. For a download to happen a request would need to be made by uploading it and if all the bandwidth is used up you would not be able to control the download requests for example.

There are 2 things, one is the target bandwidth and the other is burst. There is no such thing as just setting the bandwidth for a device since it is more complicated than that. This is why you want a good router that allows for complicated settings and you will not find this in any consumer router.

So if you are willing to go the difficult route theres mikrotik, ubiquiti or pfsense. Pfsense is the easiest out of the 3 for controlling device bandwidth while for mikrotik it is very complicated as it does not work by device but rather by traffic but it can yield the best results if well configured.

At your speeds the ER-X from ubiquiti and the RB750Gr2 from mikrotik would be the minimum for you, for pfsense you have a lot of choices. Personally i'd suggest pfsense but if you have the skill than choose mikrotik.
 
Last edited:
@t2clej Just wondering - any particular reason you're want to limit bandwidth per client? If you're just doing it to try and preserve QoS in general, then IMHO implementing fairness queuing and buffer control via something like fq_codel would be way easier, and perhaps even more effective. Ubiquiti has this working out of the box in v. 1.7 in their smart queues feature. Similar results can be had in MikroTik via manual setup of simple queues and/or queue trees (per this extremely detailed wiki post), but as you can see and as SEM hinted at, it's well beyond the average person's level of comprehension. OpenWRT can also do codel via packages, and run on Atheros commodity gear (like a WDR3600) -- shaping up to around 75Mb/s. The ER-X should be able to do about double that, perhaps a bit more. Any of the above would be plenty for your current connection speed.

If you still want to limit bandwidth per client, it's also doable with any of the above suggestions, and also pfSense, but codel has not been implemented on BSD yet (to my knowledge), so pfsense is stuck using other methods, similar to MikroTik, which are not quite as "knobless".

In terms of hardware, as long as your cable modem handles your connection speed and channel count, I'd say your good, especially with Arris/Motorola -- the surfboards are solid modems. For the router, if you want to stay purely wired, I agree with SEM --- UBNT ER-X; maybe a MikroTik hEx if you don't mind getting very technical. Otherwise, perhaps OpenWRT on an Atheros box (Buffalo, TP-Link, etc), wifi turned off, or kept on for admin/private bandwidth. Then I'd use the twin 68's as your main and guest-serving APs, placed optimally, with channels set on non-interfering frequencies. Make sure you hook up as many endpoints/switches by wire or powerline/moca as possible, and you should be good to go.
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top