Router recommendation - Light business use + P2P blocking

B

BrokenLink

Senior Member
Joined
Aug 7, 2008
Messages
963
Reaction score
0
Hi

I`m looking at possibly upgrading a router at some student housing we have. Its about 20 people using the 4mbps uncapped line. Seeing as they are students they tend to all have torrents open all day which kills the line.

Ideally im looking for a router that offers the option to block P2P connections completely. And a fairly high traffic load. Even with shaped line and low downloads i think the amount of connections coming from the computers might clog up the router memory....not sure though.

Any suggestions? I`m also looking at setting up a server to do the blocking, but would ideally want to do this with the router as not to use a whole PC just for that.

Thanks!
 
Use a Netgear DG834G router - I use them for clients and have no trouble. You will need to change the default outgoing rule to only allow specific ports eg port 25, 53, 80, 110, 443 etc but this will require some research on your part. Suggestion is to use an old pc even a good pentium 3 will do, download endian firewall (free) and use this as your firewall, proxy etc.
 
I use to have the DG834G, got taken out by lightning last year. If possibly i`d like to only block p2p connections, but last resort would be the port blocking and then manually adding the ones the guys use for gaming.

Thx for the feedback :)
 
You can't block torrents with ports, as soon as their is a port open the torrent client will use that for it's outgoing connection. It doesn't need an incoming port either.

The only way to block torrents is with a router/firewall that has packet inspection.
 
Thanks grim, I was just thinking about this. I was too quick to reply.

BrokenLink your best otion is cheap but good router, with a firewall to do the blocking. Endian and Untangle are good free distributions but do require a level of network knowledge, however if you are prepared to spend some time googling they will do what you need, or get a consultant to assist you.
 
I'd recommend a MikroTik router (as a firewall), hooked onto an ADSL modem. You can get something cheap, like the MikroTik RB750.

Otherwise, you can do as Peon suggested and get a PC with firewall software, like ClearOS / SmoothWall / IPCop.
You'll most likely get much better SmoothWall support on this forums than any other firewall software available.

Blocking P2P is almost impossible. Firewalls with Layer 7 packet inspection helps a great deal, but it still can't filter out P2P traffic 100%.
You'd most likely have to block all outgoing ports, except for a few critical services such as HTTP(S), FTP, IMAP, SMTP, IRC, etc.

I really don't know how people can game with a 4Mbps that is shared amongst that many people.
 
Thx! the MikroTik look exactly like the thing i need! Do you know where i can buy them? I found some at dbg.co.za, but they havent responded to my emails in a few days and http://www.poyntingdirect.co.za doesnt have stock of the RB750 or Rb450 or something along that line.
 
BrokenLink said:
Thx! the MikroTik look exactly like the thing i need! Do you know where i can buy them? I found some at dbg.co.za, but they havent responded to my emails in a few days and http://www.poyntingdirect.co.za doesnt have stock of the RB750 or Rb450 or something along that line.
Click to expand...

Scoop has the rb 750 in stock

edit: dunno if consumers can still buy from them coz the website says "dealer prices"
 
Last edited:
btw rb750g I dont think does adsl judging from the picture and write up

so if you were looking for adsl router, you just purchased a switch with 5 lan ports
 
BrokenLink: I've also had issues where Uniterm Direct (www.dbg.co.za) didn't respond to my E-mail, and it came out to that their E-mail server used my domain name's A record (which was 127.0.0.1), instead of its MX record to send the mail to - LOL.

I was always impressed with DD-WRT, but ever since I started working with MikroTik devices, DD-WRT doesn't impress me at all. WinBox is just so much better than the silly web interface that DD-WRT has, and the terminal interface uses the exact same names as you'll see in WinBox.

Setting up QoS on the MikroTik routers isn't easy either (unless you have lots of experience with RouterOS), but at least MikroTik has very good Wiki pages that you can go through.

I would recommend that you update the firmware to the latest versions, because the newer versions might have updated L7 packet inspection filters, which could improve the P2P detection.
 
If you can get someone with the skill to setup a mikrotik I'd combine a adsl router in bridge mode with the mikrotik doing the work, they're awesome at that kinda thing and cheap.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X