Jump to content

Option to Bypass Congestion Control?


Recommended Posts

Hi,

 

Is there any software option to allow a specified device to bypass the congestion control of the Duma (or even something like allowing a device to be part of a DMZ under the Duma?). If not, is this something that could be implemented into the Duma interface?

 

NetDuma's "Reactive" congestion control setting stops the VPN that I have to use on my work's laptop from connecting. Setting it to "Preemptive" allows it to connect just fine, however I can only achieve top speed of 25Mbs on a wired connection this way (of a 200Mbps service that normally I achieve consistently) which is too slow given the volume of data I need to transfer for work. I don't know what protocols the VPN uses (but the software is "GlobalProtect" by Palo Alto Networks). I get similar issues when trying to use my own L2TP VPN I have set up - Reactive blocks it whereas Preemptive allows it (I raised this in a previous post a while back but it seems to have disappeared now).

 

Currently the hierarchy I have is VM Superhub (modem mode) --> Duma (router) --> Nighthawk (wifi only). I'm reluctant to change the hierarchy of my hardware devices in order to achieve this though - one of the key reasons I bought the Duma is for its congestion control/QoS (which has worked very well for me so far), and changing the order would result in all Wifi devices bypassing Duma's congestion control by connecting to the Nighthawk above it; or alternatively I could limit that to specific devices but would have to rely on the NetDuma wifi for others, but this is notably not as well-performing as the Nighthawk's is.

 

Would appreciate thoughts.

 

Thanks,

 

NeeWii

 

 

 

 

Link to comment
Share on other sites

  • Netduma Staff

Hi, welcome to the forum. There isn't currently a feature on the software to achieve that, but it's been suggested so we're looking into implementing it. 

 

We're aware of the issue with reactive so we're trying to fix it for DumaOS; and if it isn't fixed on the launch we'll certainly be able to fix it in the future. We use OpenVPN; L2TP is something we can look into for DumaOS. Currently the speed you can achieve with the VPN feature is around 10MBPS. This may be related to the hardware (so we may or may not be able to improve this, but we'll try.) Regarding using pre-emptive, you should be able to get speeds of around 60MBPS using these settings:

 

- Pre-emptive Algorithm
- 100% anti-flood
- Share excess enabled
- Reset device prioritisation & apply
- Disable IPv6 in WAN, LAN & misc
- Ensure the ethernet cables you're using work properly.
 
It looks like you have the optimum set-up currently, however I know you probably want full speeds which you aren't getting at the minute. Is it possible to use a PC VPN client instead of going through the router to achieve faster VPN speeds, and then changing your router settings to get full speeds?
Link to comment
Share on other sites

Hi Jack,

 

Thanks for the quick response. Not sure I fully understood your reply, think you've maybe interpreted my post slightly differently (but apologies if I'm just being slow). The VPNs I'm talking about (both my work GlobalProtect VPN, and my L2TP VPN) are configured on software clients on PCs - I don't actually make use of the NetDuma's built-in VPN feature at all (nor would I be able to for the purposes of e.g. work, as I don't have access to my employer's VPN configuration to set up myself).

 

So what I'm saying is that on Reactive mode, the Netduma causes certain VPN clients on PCs to stop being able to connect to the remote networks they're configured for. As soon as I switch to preemptive, they work straight away.

 

Good to hear that a bypass might be possible at some point though! And if it's ever going to be possible to get these VPNs working with Reactive mode in the future, even better!

 

The settings you provided - would they provide any benefit to my situation if I'm not using the NetDuma VPN option?

 

Thanks,

 

NeeWii

Link to comment
Share on other sites

  • 1 month later...

Any update on this item NeeWii? I ask because I have the same setup but a slightly different problem. The IP settings configured on the VPN are not handed down correct. As a result DNS resolution does not function once connected to the VPN. I get an IP address, full /32 bit subnet, which is wrong (should be /24), and the DNS server that's handed is the IP of my NetDuma. I've been frustrated from the beginning due to this VPN limitation but have some hope if you have the GlobalProtect setup and work without issue. Albeit a bit slower. Any information you can provide is greatly appreciated!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...