Bandwidth limiter for guest network slowed down entire LAN

[iFrogMac]

Hey all,
as an effort to fix my smart lights disconnecting, I followed instructions on a different forum, but for the same situation I had to create a dedicated guest network for the smart lights, and limit it's bandwidth to 1 Mbps up and down. Well I found 2Mbps up and down was a good spot for me, and it did seem to stop the disconnections. What I didn't expect however, was for it to also enable QOS, and slow my gigabit connection for wired clients down to 500 Mbps. I was able to confirm this was the problem by running the router's built in speed test, and got my full speed, then I disabled bandwidth limiter and this also turned off QOS. My speeds are back to normal. My question is, is there a way to still use bandwidth limiter, if I NEED to without cutting the speeds in half to clients not even related to the guest network?

Thanks

Right now I have the guest network set to not limit bandwith. If things continue to work without drops, I'll leave it as is. However, if limiting the bandwidth also helped for these devices, I'll need to find a way to do this without slowing the whole network down.

 

[The_bhagwan]

Enabling QOS or bandwidwidth limiting will disable hardware acceletration, AKA "cut through forwarding" (CTF), on the whole router. CTF siginifigantly speeds up router throughput, double or more. Bandwidth limiting and QOS are incompatable with CTF. CTF is the reason I never enable QOS or bandwidth limiting.

 

[iFrogMac]

Enabling QOS or bandwidwidth limiting will disable hardware acceletration, AKA "cut through forwarding" (CTF), on the whole router. CTF siginifigantly speeds up router throughput, double or more. Bandwidth limiting and QOS are incompatable with CTF. CTF is the reason I never enable QOS or bandwidth limiting.

I realized what was going on. I found some more info on it while I was waiting for an answer and also double checking to make sure I hadn't configured something wrong. I'm hoping simply moving the lights to their own guest network is what helped settled the disconnects, if it was a combination of that and limiting bandwidth, then I'll have to come up with something else. Since the Panoramic gateway from Cox has two Ethernet ports, maybe I can run two routers at the same time, one for the main network and one specific to the smart home, so if I have to limit bandwidth to help stabilize things, it won't affect the rest of the network. I'll see what happens in the next few days. If things remain stable this way, I'll leave it as it is.

 

[drinkingbird]

I realized what was going on. I found some more info on it while I was waiting for an answer and also double checking to make sure I hadn't configured something wrong. I'm hoping simply moving the lights to their own guest network is what helped settled the disconnects, if it was a combination of that and limiting bandwidth, then I'll have to come up with something else. Since the Panoramic gateway from Cox has two Ethernet ports, maybe I can run two routers at the same time, one for the main network and one specific to the smart home, so if I have to limit bandwidth to help stabilize things, it won't affect the rest of the network. I'll see what happens in the next few days. If things remain stable this way, I'll leave it as it is.

You don't need to limit bandwidth for smart bulbs, they use hardly any.

There are a few potential common issues:
Being on the main LAN with lots of broadcast/possible mDNS traffic sometimes overloads these basic wifi chips. In this case isolating them onto a guest network fixes it.

You are heavily using your wireless and/or internet bandwidth causing the bulbs not to be able to communicate and disconnecting. In that case you actually need to use QOS to guarantee the bulbs some bandwidth, not limit them. In the case of saturating your wifi you may need a separate access point for your smart devices, or get your other devices off the 2.4Ghz radio which is what I'm assuming they're using.

2.4Ghz (which smart bulbs almost always use) has a lot of interference in your area (common issue these days), in which case you may need to try playing with the channels. Also disable "universal beamforming" and "airtime fairness" if they're enabled on 2.4. Try to limit other devices from using 2.4 as mentioned above too so what little bandwidth there is can be used by the bulbs. Make sure it is set to 20mhz bandwidth and not 40.

 

[iFrogMac]

You don't need to limit bandwidth for smart bulbs, they use hardly any.

There are a few potential common issues:
Being on the main LAN with lots of broadcast/possible mDNS traffic sometimes overloads these basic wifi chips. In this case isolating them onto a guest network fixes it.

You are heavily using your wireless and/or internet bandwidth causing the bulbs not to be able to communicate and disconnecting. In that case you actually need to use QOS to guarantee the bulbs some bandwidth, not limit them. In the case of saturating your wifi you may need a separate access point for your smart devices, or get your other devices off the 2.4Ghz radio which is what I'm assuming they're using.

2.4Ghz (which smart bulbs almost always use) has a lot of interference in your area (common issue these days), in which case you may need to try playing with the channels. Also disable "universal beamforming" and "airtime fairness" if they're enabled on 2.4. Try to limit other devices from using 2.4 as mentioned above too so what little bandwidth there is can be used by the bulbs. Make sure it is set to 20mhz bandwidth and not 40.

Everything mentioned has been considered and configured already. The reason for the limiter was to insure a slower connection to prevent them from being overloaded. Anyway, my main devices such as phone, iPad, etc are on 5Ghz, the only devices on the 2.4 main are a couple smart plugs and amazon echo speakers. The majority of high demand devices are wired. Since adaptive QOS doesn't disable HW acceleration would it work to help with bandwidth stability to the bulbs? Also only 4 out of 9 bulbs have the issue, and they are the A21 bulbs. The A19 ones don't suffer from the issue as much. For Now, I'll leave them on the guest with bandwidth limiter disabled to see if the guest was the only thing I needed to do for them. If I still have issues will look into QOS.

 

[drinkingbird]

Everything mentioned has been considered and configured already. The reason for the limiter was to insure a slower connection to prevent them from being overloaded. Anyway, my main devices such as phone, iPad, etc are on 5Ghz, the only devices on the 2.4 main are a couple smart plugs and amazon echo speakers. The majority of high demand devices are wired. Since adaptive QOS doesn't disable HW acceleration would it work to help with bandwidth stability to the bulbs? Also only 4 out of 9 bulbs have the issue, and they are the A21 bulbs. The A19 ones don't suffer from the issue as much. For Now, I'll leave them on the guest with bandwidth limiter disabled to see if the guest was the only thing I needed to do for them. If I still have issues will look into QOS.

Yeah, the "slower connection to prevent them from being overloaded" doesn't make any sense. The only thing that would overload them is excessive broadcast/MDNS traffic which putting them on the guest would solve.

I guess limiting the bandwidth may reduce the number of broadcasts and MDNS that make it to the bulb but I highly doubt that traffic is using 2mbit. They are very small packets. And all you'd be doing is compounding the problem as now the bulbs won't have enough bandwidth to communicate with what they need to hit.

Apple and Amazon devices are both known for being very noisy with MDNS broadcasts so the isolation of the guest network (as long as you don't put those devices on it) should help. Most smart home devices will accept, process, and respond to MDNS and if there is a lot of excess it can overload those cheap wifi chips. However by isolating the bulbs, they will no longer be discoverable. That can cause some issues even once they've already been discovered and set up, so keep that in mind also.

Make sure "access intranet" is disabled on guest otherwise putting them there accomplishes nothing. But again, that may cause some other issues.

 

[iFrogMac]

Yeah, the "slower connection to prevent them from being overloaded" doesn't make any sense. The only thing that would overload them is excessive broadcast/MDNS traffic which putting them on the guest would solve.

I guess limiting the bandwidth may reduce the number of broadcasts and MDNS that make it to the bulb but I highly doubt that traffic is using 2mbit. They are very small packets. And all you'd be doing is compounding the problem as now the bulbs won't have enough bandwidth to communicate with what they need to hit.

Apple and Amazon devices are both known for being very noisy with MDNS broadcasts so the isolation of the guest network (as long as you don't put those devices on it) should help. Most smart home devices will accept, process, and respond to MDNS and if there is a lot of excess it can overload those cheap wifi chips. However by isolating the bulbs, they will no longer be discoverable. That can cause some issues even once they've already been discovered and set up, so keep that in mind also.

Make sure "access intranet" is disabled on guest otherwise putting them there accomplishes nothing. But again, that may cause some other issues.

I can give you this feedback. The access intranet option is set to disable. I did the bandwidth limiter per suggestion on the forum I saw the solution on. (not this one) and the person's reasoning to do this was to help with low signal to the bulbs. It sounds like what you're talking about is a completely separate issue, so applying the solution I did for what I thought I was helping was incorrect, or only partially true.

I've left my guest network for the bulbs in tact with all original settings with the exception of turning off bandwidth limiter. So, we'll see how things play now.

 

[iFrogMac]

@drinkingbird a couple other questions:
1. I'm using an Asus RT-AX86U, so it can have 3 guest networks per band. Should I put the smart speakers on their own guest vs the main 2.4 network as well?
2. Also, do you know if Guest network pro will come to the standard X86U? Right now it's only supported by the pro models, but asus says more models coming.

Also fyi I am using Wiz bulbs and they have the option to disable local UDP communications if I want and rely on cloud only. So far I have not had trouble using the lights on the guest network, even with intranet access disabled.

 

[drinkingbird]

I can give you this feedback. The access intranet option is set to disable. I did the bandwidth limiter per suggestion on the forum I saw the solution on. (not this one) and the person's reasoning to do this was to help with low signal to the bulbs. It sounds like what you're talking about is a completely separate issue, so applying the solution I did for what I thought I was helping was incorrect, or only partially true.

I've left my guest network for the bulbs in tact with all original settings with the exception of turning off bandwidth limiter. So, we'll see how things play now.

So bandwidth limiter is different from changing the maximum connection speed which I'm assuming is what they were suggesting. With bandwidth limiter, the device can connect at full rate (150mbit for 2.4 ghz assuming it is 2-stream, or 75 if single stream) but then the software limits the throughput to what you specify. As far as the bulb is concerned, it is still trying to maintain a 150 or 75M connection.

Reducing the maximum connection rate is different, that would be to allow the bulbs to only connect at a very low rate like 1M or 2M (which is 802.11b rates). In the Asus, the only way to really do that is to set it to "Legacy Only" which would still allow higher speeds, just not as high as N. If you had a more advanced AP you could specify exactly what connection speeds to allow but it impacts everything that connects to 2.4 and also would potentially disable a lot of the benefits of N that may be helping with congestion etc.

 

[drinkingbird]

@drinkingbird a couple other questions:
1. I'm using an Asus RT-AX86U, so it can have 3 guest networks per band. Should I put the smart speakers on their own guest vs the main 2.4 network as well?
2. Also, do you know if Guest network pro will come to the standard X86U? Right now it's only supported by the pro models, but asus says more models coming.

Also fyi I am using Wiz bulbs and they have the option to disable local UDP communications if I want and rely on cloud only. So far I have not had trouble using the lights on the guest network, even with intranet access disabled.

If you want the smart speakers isolated from the main LAN then can't hurt to give them their own guest network, but again if there are other things you want them to be able to connect to on the LAN that could interfere. If the bulbs are the only thing having issues then just moving them off should be sufficient. It is typically only the real cheap wifi chipsets (smart bulbs, outlets, etc) that can have a lot of trouble with LAN "chatter". The smart speakers likely have better wifi and typically support 5Ghz and can ignore that chatter fine usually, unless it is really excessive which would only be if something was malfunctioning. If everything else is working ok I wouldn't worry about it.

With stuff like bulbs it depends. Some are configured directly from your phone app, meaning you'd have to put your phone on that network to change configuration. Others your phone tells the cloud server what you want, then that tells the bulbs. In that case the isolation shouldn't hurt anything. If you have a hub like Alexa that you want to control the bulbs, can be the same thing there, some are native and discover and communicate directly with the bulbs, others use a skill which may or may not control them via the cloud. You'll just have to see if you notice any ill effects of having them isolated.

Not sure if/when the pro will come to other routers. I suspect like VLANs they'll probably reserve it as a feature of the Pro line. However the regular routers do use VLANs for Guest Wireless 1 so part of that feature set is there. You'll notice anything you put on GW #1 gets totally different IPs (192.168.101.x or 192.168.102.x) than your main LAN. It is totally isolated in a separate virtual router of sorts. Whereas Guest Network 2 and 3 are basically on your main LAN, but firewall rules prevent communication. Either should work for your purpose however, they are both accomplishing preventing "noise" from the main LAN from getting to those bulbs.

 

[iFrogMac]

If you want the smart speakers isolated from the main LAN then can't hurt to give them their own guest network, but again if there are other things you want them to be able to connect to on the LAN that could interfere. If the bulbs are the only thing having issues then just moving them off should be sufficient. It is typically only the real cheap wifi chipsets (smart bulbs, outlets, etc) that can have a lot of trouble with LAN "chatter". The smart speakers likely have better wifi and typically support 5Ghz and can ignore that chatter fine usually, unless it is really excessive which would only be if something was malfunctioning. If everything else is working ok I wouldn't worry about it.

With stuff like bulbs it depends. Some are configured directly from your phone app, meaning you'd have to put your phone on that network to change configuration. Others your phone tells the cloud server what you want, then that tells the bulbs. In that case the isolation shouldn't hurt anything. If you have a hub like Alexa that you want to control the bulbs, can be the same thing there, some are native and discover and communicate directly with the bulbs, others use a skill which may or may not control them via the cloud. You'll just have to see if you notice any ill effects of having them isolated.

Not sure if/when the pro will come to other routers. I suspect like VLANs they'll probably reserve it as a feature of the Pro line. However the regular routers do use VLANs for Guest Wireless 1 so part of that feature set is there. You'll notice anything you put on GW #1 gets totally different IPs (192.168.101.x or 192.168.102.x) than your main LAN. It is totally isolated in a separate virtual router of sorts. Whereas Guest Network 2 and 3 are basically on your main LAN, but firewall rules prevent communication. Either should work for your purpose however, they are both accomplishing preventing "noise" from the main LAN from getting to those bulbs.

Thanks for the info. I put the lights on whatever guest network is the one furthest to the left and the one furthest to the right is the one with the info by it about Alexa, So the middle one and far right guests are not configured.

As far as the lights, they only require the app to be on the same band for paring. Once paired the app doesn't have to be on the same band, they can also have local UDP connections disabled for security and rely on cloud communications only. What about the option of doing a double nat if needed? I have multiple routers I brought in the move, so If I need to isolate things even more I could connect one of those other routers to the Asus and use it as a dedicated 2.4ghz AP but with this own DHCP range. Not saying I need to do that, just saying it's an option if I need it.

The TP-Link router I have is also a Wifi 6 model and it's guest network has an additional feature the Asus doesn't seem to have, it has the option to isolate guests from the main network, but then it also has a feature to isolate guests from each other. Would either of this be beneficial over the Asus guest network ?
Thanks

 

[sfx2000]

I followed instructions on a different forum, but for the same situation I had to create a dedicated guest network for the smart lights, and limit it's bandwidth to 1 Mbps up and down.

Even w/o bandwidth management, it's not like your lightbulbs are downloading the latest DLC packs for Call of Duty.

If they use that a MB per year, I'd be surprised.

There was (and maybe still is) an issue with AirTime Fairness and some of the low tier WiFi chipsets used in IoT - give that a try for the 2.4Ghz radio...

 

[iFrogMac]

Even w/o bandwidth management, it's not like your lightbulbs are downloading the latest DLC packs for Call of Duty.

If they use that a MB per year, I'd be surprised.

There was (and maybe still is) an issue with AirTime Fairness and some of the low tier WiFi chipsets used in IoT - give that a try for the 2.4Ghz radio...

Airtime Fairness is disabled. I misunderstood the bandwidth limiting function / use. The reason it was suggested was to take into account low signal for the bulbs to help prevent disconnects if the signal dropped beyond a certain point if the router expected a faster response. As @drinkingbird explained I got settings and usage mixed up. I also double checked what guest network I am using for the lights and it's guest 1, I checked the clients list, and they do have a different IP from the main network. The main network is 192.168.50,x and the guest is 192.168.101.x, so they are most certainly on a different subnet.

The one question I have is, with the Asus routers, is it possible to enable ax for the main 2.4ghz network, but keep it off for the guest? Seems like my devices don't have issues with it being on, and the only devices that might not like it, are the bulbs, and they are now on their own guest network isolated from the main network. I have of course, turned off bandwidth limiter, so the light guest network has full bandwidth available to it now.

 

[MartinF]

I don't know much about details of this, I'm mainly just a stubborn problem solver, so I may be completely off base in my suggestion... but problems I've had always seemed to be either a weak signal or interference from neighbors, mainly for my outdoor Ring camera/light. Since I don't use 2.4 GHz band for anything else, I set it to the narrowest bandwidth possible, which helped make my signal stronger, and above any interference. I also added a cheap TP-Link range extender in my garage to reach the outdoor light and garage lights better. Again, no problem with reduced bandwidth, since it's only for IOT devices.

At one time, I had an old router connected as a wired range extender, along with 2 old range extenders, but I suspect having too many actually made it worse due to interference with each other, perhaps. Also, made it too complicated, so I retired the excess and things have been working well now for a good while.

 

[iFrogMac]

I don't know much about details of this, I'm mainly just a stubborn problem solver, so I may be completely off base in my suggestion... but problems I've had always seemed to be either a weak signal or interference from neighbors, mainly for my outdoor Ring camera/light. Since I don't use 2.4 GHz band for anything else, I set it to the narrowest bandwidth possible, which helped make my signal stronger, and above any interference. I also added a cheap TP-Link range extender in my garage to reach the outdoor light and garage lights better. Again, no problem with reduced bandwidth, since it's only for IOT devices.

At one time, I had an old router connected as a wired range extender, along with 2 old range extenders, but I suspect having too many actually made it worse due to interference with each other, perhaps. Also, made it too complicated, so I retired the excess and things have been working well now for a good while.

Thanks for the feedback. signal is good here. I think the situation may have been what @drinkingbird suggested noise on the network from other devices. I will offer this piece of info as an update. I can ask Alexa for network diagnostics by saying "Alexa, Are you connected"
Previously with everything on the same network certain devices would report a busy network "as in noise". Well after putting the bulbs on their own guest network, and asking for diagnostics today, all echo devices reported a clean network with everything OK. So, I'm thinking putting everything on the main network without a guest network was a bad idea and it created too much wireless noise that the more basic stuff couldn't handle well. Will have to wait for time to tell.

 

[drinkingbird]

Thanks for the info. I put the lights on whatever guest network is the one furthest to the left and the one furthest to the right is the one with the info by it about Alexa, So the middle one and far right guests are not configured.

As far as the lights, they only require the app to be on the same band for paring. Once paired the app doesn't have to be on the same band, they can also have local UDP connections disabled for security and rely on cloud communications only. What about the option of doing a double nat if needed? I have multiple routers I brought in the move, so If I need to isolate things even more I could connect one of those other routers to the Asus and use it as a dedicated 2.4ghz AP but with this own DHCP range. Not saying I need to do that, just saying it's an option if I need it.

The TP-Link router I have is also a Wifi 6 model and it's guest network has an additional feature the Asus doesn't seem to have, it has the option to isolate guests from the main network, but then it also has a feature to isolate guests from each other. Would either of this be beneficial over the Asus guest network ?
Thanks

The only way adding another router would help is if your router CPU or wireless is getting overloaded, I don't think that is the case though. Having the bulbs on an isolated subnet is essentially accomplishing the same thing. Unless you need more coverage I'd see how the setup you have now works.

Asus automatically isolates guests from each other I believe. I know guests on the same guest network can't see each other, and ones on GW #1 can't see GW #2 (due mainly to the two different architectures of GW1 vs the others). I have not tried between 2 and 3, my guess is they are also isolated automatically.

The one nice thing about Guest Wireless 1 is that the Main LAN can initiate connections to things that are on it (but not the other way around). This wouldn't work for that initial setup/pairing but for many other things it would, so even if you wanted to be able to control them from your main LAN you should be able to. This isn't the case for the other guest networks though, the main LAN cannot talk to them when "access intranet" is disabled.

However broadcast and multicast/MDNS on the main LAN will not go through so they are still protected from extra "chatter"

 

[iFrogMac]

The only way adding another router would help is if your router CPU or wireless is getting overloaded, I don't think that is the case though. Having the bulbs on an isolated subnet is essentially accomplishing the same thing. Unless you need more coverage I'd see how the setup you have now works.

Asus automatically isolates guests from each other I believe. I know guests on the same guest network can't see each other, and ones on GW #1 can't see GW #2 (due mainly to the two different architectures of GW1 vs the others). I have not tried between 2 and 3, my guess is they are also isolated automatically.

The one nice thing about Guest Wireless 1 is that the Main LAN can initiate connections to things that are on it (but not the other way around). This wouldn't work for that initial setup/pairing but for many other things it would, so even if you wanted to be able to control them from your main LAN you should be able to. This isn't the case for the other guest networks though, the main LAN cannot talk to them when "access intranet" is disabled.

However broadcast and multicast/MDNS on the main LAN will not go through so they are still protected from extra "chatter"

Sounds good, did you read my more recent posts about alexa saying the network was cleaner after I took the bulbs off? maybe it was too congested.

 

[drinkingbird]

Airtime Fairness is disabled. I misunderstood the bandwidth limiting function / use. The reason it was suggested was to take into account low signal for the bulbs to help prevent disconnects if the signal dropped beyond a certain point if the router expected a faster response. As @drinkingbird explained I got settings and usage mixed up. I also double checked what guest network I am using for the lights and it's guest 1, I checked the clients list, and they do have a different IP from the main network. The main network is 192.168.50,x and the guest is 192.168.101.x, so they are most certainly on a different subnet.

The one question I have is, with the Asus routers, is it possible to enable ax for the main 2.4ghz network, but keep it off for the guest? Seems like my devices don't have issues with it being on, and the only devices that might not like it, are the bulbs, and they are now on their own guest network isolated from the main network. I have of course, turned off bandwidth limiter, so the light guest network has full bandwidth available to it now.

No there is only a single 2.4Ghz radio so it is either AX enabled or not. Honestly AX on 2.4 is somewhat useless anyway. When set to "auto" it should allow even the lowest connection rates (1mbps). If you still have issues you could try setting it to "legacy" but I don't think that would be needed and may make things worse. If the bulbs do drop down to 1 or 2mbps that will slow down other devices on 2.4, are they really far away?

 

[iFrogMac]

No there is only a single 2.4Ghz radio so it is either AX enabled or not. Honestly AX on 2.4 is somewhat useless anyway. When set to "auto" it should allow even the lowest connection rates (1mbps). If you still have issues you could try setting it to "legacy" but I don't think that would be needed and may make things worse. If the bulbs do drop down to 1 or 2mbps that will slow down other devices on 2.4, are they really far away?

Not too far away, and, I disabled AX on 2.4, so it's now b/g/n.

 

[drinkingbird]

Thanks for the feedback. signal is good here. I think the situation may have been what @drinkingbird suggested noise on the network from other devices. I will offer this piece of info as an update. I can ask Alexa for network diagnostics by saying "Alexa, Are you connected"
Previously with everything on the same network certain devices would report a busy network "as in noise". Well after putting the bulbs on their own guest network, and asking for diagnostics today, all echo devices reported a clean network with everything OK. So, I'm thinking putting everything on the main network without a guest network was a bad idea and it created too much wireless noise that the more basic stuff couldn't handle well. Will have to wait for time to tell.

Technically not wireless noise, just each "smart" device (most of them anyway) is constantly announcing itself using a protocol called MDNS, and every other device has to keep track of all those announcements and respond to them. The gust network stops those messages from flowing between the two networks. There are also broadcasts and other stuff that can overwhelm the cheaper wifi chipsets. Even most tablets, computers, and phones use the MDNS protocol now.