When I returned from my trip, I was shocked to find that my Internet connection was not working as expected. The issue was the low speed. I pay for and have a 100 Mbps full duplex connection from ACT Broadband, when I did a speed test after noticing slower than usual load times for websites, I found I was getting around 20-30 Mbps only. I had obviously not changed anything since I was away, but I was not so sure about the ISP. There is a local technician whose number I have, so I called him and asked. He said he did not recall any maintenance and confirmed that at their end, all the bits and flags for my account were as they should be.
Abysmal throughput, a mere shadow of the actual potential of the connection!
The Spec
I have a self-assembled monster of a PC running a Core i7 2600 on an ASUS P8Z68-V Pro Gen 3 motherboard. The system has 32GB dedicated Corsair Vengance RAM. This system has a built in Intel 82579 Gigabit NIC. I also have a Lenovo IdeaPad Z510 laptop with a built in Gigabit NIC. My WAN/LAN router was a Cisco Linksys E900 running stock but updated firmware.
Internet throughput as it should have been. 100 Mbps full duplex.
The Troubleshooting
For the next week, I got little sleep. I tried every combination of computers, cabling and router. Every test confirmed one thing — when my router was made the WAN gateway, the bandwidth sucked. Directly connected to any of my computers, I got the full speed I should.
Thinking that this router has had its final day of speedy usefulness, I thought of replacing it. About a year ago, I had similarly moved from a Linksys WRT54G router in pursuit of Wireless “N” happiness. So, I purchased an ASUS RT N56U and tested with that. Nothing changed. All combinations gave exactly the same results as before. Put a router in between and throughput drops to 20-30 Mbps.
Now, I was getting frustrated and it started to show. Even my better half got into the act seeking to help me get some peace. I reached out to folks I knew were good at stuff like this, but I got all the same advice back, things I had tried and failed. Finally, I decided enough was enough. There was a simple fix looming — I’d make my own router.
The New Router
Years ago, I used to be the expert at this, traveling far and wide to setup networks at institutions and offices by the bushel. Looking to the internet for the in-vogue technologies (as someone said to me a year ago, I have spent time in a cave recently), I decided I needed a Gigabit NIC of some good brand and an 8-port switch. I would also get a USB-LAN adapter.
The plan was to dual home my PC with two NICs — one was already built-in, the new NIC would also go in. One NIC would face the Internet, directly connected to the Ethernet from my ISP. The other would be my “intranet plane”. Then the PC and the Raspberry Pi would connect to the switch. I needed a PCI-e NIC for my motherboard and ended up buying the TP-Link TG-3468 and for the switch, the D-Link DGS-1008A. No particular reason for either choice, other than that, my local retailer had both models aplenty in stock. Plugging in the card into my PC, it was automatically detected by the system and drivers installed.
I set up the onboard NIC on the internet plane and replaced its MAC address with the address of my E900. Since I have a Static IP (bound to the mac address) internet connection, this was important. Then I set the adapter to get its IP address via DHCP and disable/enable toggled the adapter. It was instantly humming away on the Internet.
Next, I ran a speedtest. No surprise… it was nearly a 100 Mbps!
Throughput back to (and even better than !!!) the “should be” throughput.
Turning my attention to the new NIC, I set it up with a static internal IP address (192.168.1.x) but left the gateway field of the IP address settings blank. That was not required, and would come a little later. I plugged in the cable from this NIC to my new switch. I also attached the cable from the Raspberry Pi (previously set up to a static IP address) to the switch. Pinging from both systems, they found each other. Actually initially the PC had its firewall configured to reject PINGs, after turning it off for the Private network, this worked fine.
How to turn on Ping: Open the “Windows Firewall with Advanced Security” tool from Administrative tools. Under “Inbound Rules”, find “File and Printer Sharing (Echo Request – ICMPv4-In)” under the “File and Printer Sharing” group. Enable this rule. Remember to enable it only for the Private and Domain groups. If you check it ON for Public, then everyone on the Internet will be able to ping your system (you don’t want a ping-flood DDoS attack now, right?)
Finally, I hooked up my old E900 to the switch. On the E900, I completely removed the WAN settings, disabling it. I left the Ethernet ports available and reconfigured it to use WMM and QoS, boosting the N-class wireless devices that would connect to it. The router runs a DHCP server for the WiFi clients, to let these clients connect to the internet, I changed the gateway to point to the internal IP address I had set on the PC earlier. Since SSID, etc. was the same as before, I did not need to reconfigure the clients.
I connected to the WiFi using my phone and it managed to download the gateway after two attempts.
Now it was time to bring the routing on the PC and get some routing done between all of these systems. They could all see each other, but except for the PC, none of them could actually connect to the Internet. RRAS to the rescue…
PS:\> Add-WindowsFeature -name Routing -IncludeManagementTools
30 seconds later, RRAS was up and running. In the Routing and Remote Access MMC, right-click the name of the PC and select “Configure and Enable Routing and Remote Access”. I selected to configure both VPN and NAT as I predicted I may want to VPN into my PC when I am travelling. I selected the internet plane adapter and finished the wizard. On the screen for DHCP, I elected to forward DHCP requests to the E900 by providing its static IP address.
As a final step, I clicked on both the interfaces under the “IPv4” node and in the Properties window, checked ON the “Enable router advertisement” options.
Using my previous created fail over PowerShell scripts, I switched my DNS and web roles from the Raspberry Pi to the PC.
Eh? Why Are My DNS and Web Servers Not Working?
Running tests from sites like DnsStuff.com and MXToolbox.com, I was surprised to see that my DNS and web servers were not being found. Hunting around firewall rules, I found that everything was fine. Looking in the Routing and Remote Access console, I noticed the “NAT” node under IPv4. Here, if you right-click the internet adapter, I saw the “Services and Ports” tab. I remembered that this had to be configured in addition to the system’s firewall rules for things to work. DNS is not on the list here, so I added it manually, and enabled the rules for HTTP. A few options that were checked (like the VPN I had selected earlier), I unchecked as I did not need those ports open as yet.
Checking again, everything was fine and dandy. Another test by connecting my mobiles and laptop, everything was running to spec. Yay!
