Community discussions

MUM Europe 2020
 
cylent
Member
Member
Topic Author
Posts: 383
Joined: Sun May 28, 2006 10:30 am

Satellite connection optimization

Tue Jun 06, 2006 11:22 am

I am on a satellite connection to the internet and my average ping to yahoo ranges from 800+ms to a max of 950.

My three questions are as follows:

Whats the best value for the MTU for the lan card connected to the Linkstar box? (its currently at 1500)

Also since i am on a satellite connection my dns can take half a second to a second to resolve. So i would love to make the dns cache in routeros be first before going out and doing the dns from the ISP.


Another thing would be to have the web proxy work its magic so (just like the dns) i can get the cached stuff first.

Any help on how to do these things would be greatly appreciated.
Last edited by cylent on Tue Jun 06, 2006 4:08 pm, edited 1 time in total.
 
savage
Forum Guru
Forum Guru
Posts: 1214
Joined: Mon Oct 18, 2004 12:07 am
Location: Cape Town, South Africa
Contact:

Re: Satellite connection optimization

Tue Jun 06, 2006 11:32 am

I am on a satellite connection to the internet and my average ping to yahoo ranges from 800+ms to a max of 950.
Welcome to the world of satellite. At the speed of sound (which sat signals travels at), it takes about 300ms to go to the satellite, and 300ms to get back down to earth. At best, you can have arround 500ms / 600ms. Add to that, overhead, small latencies you get all over the internet...

Your pings are quite normal.
Regards,
Chris
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Re: Satellite connection optimization

Tue Jun 06, 2006 3:24 pm

At the speed of sound (which sat signals travels at)
Oh, really?
300ms=0.3s
speed of sound at sea level = 340.29 m/s (ask Google)

0.3s * 340.29 m/s = 102.087 m (Altitude of the satellite)
Sorry, could not resist :)

Eugene
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
savage
Forum Guru
Forum Guru
Posts: 1214
Joined: Mon Oct 18, 2004 12:07 am
Location: Cape Town, South Africa
Contact:

Tue Jun 06, 2006 3:48 pm

Yes, really :P

http://www.vsat-systems.com/satellite-i ... tency.html

23,000 miles up, 23,000 miles down... 46,000 total. Let's presume it does not get bounched arround from one satellite to another either... :)

Given, it's the speed of light, not the speed of sound...

Light travels at a speed of 186,000 miles a second (when it's not in a vacuum) - also keep in mind that pressures and the like also influences it. Therefore absolute MINIMUM latency on a 46,000 mile trip will be approx 0.4 seconds (400ms)

Add to that, that even on copper and wireless, networks aren't perfect and transmission errors occurs... The retransmission of packets... Add congestion on the satellite hub as well as on the transponders on the dish itself in the sky... Remember also that transmission errors occurs both from your CPE to the Satellite, as well as from the Satellite to the satelliet hub (earth station)...

I don't think I'm to far off...
Regards,
Chris
 
cylent
Member
Member
Topic Author
Posts: 383
Joined: Sun May 28, 2006 10:30 am

Tue Jun 06, 2006 4:09 pm

and while i'd love to sit here and talk about the speed of light and sound with you guys i am desperate to know the answers to my questions so here we go again:
My three questions are as follows:

Whats the best value for the MTU for the lan card connected to the Linkstar box? (its currently at 1500)

Also since i am on a satellite connection my dns can take half a second to a second to resolve. So i would love to make the dns cache in routeros be first before going out and doing the dns from the ISP.


Another thing would be to have the web proxy work its magic so (just like the dns) i can get the cached stuff first.
 
savage
Forum Guru
Forum Guru
Posts: 1214
Joined: Mon Oct 18, 2004 12:07 am
Location: Cape Town, South Africa
Contact:

Tue Jun 06, 2006 4:17 pm

Answer... Except maybe a bit og QoS... Nudda

1) The link is managed by the linkstar,
2) Any *possibility* of optimisation on the link / throughput, will happen on the linkstar,
3) Anything related to the flow of the data into space, You guessed it... LinkStar
Regards,
Chris
 
cylent
Member
Member
Topic Author
Posts: 383
Joined: Sun May 28, 2006 10:30 am

Tue Jun 06, 2006 5:18 pm

damn. this linkstar gadget does everything then eh?

well i'll be damned! :lol: :shock: :D
 
User avatar
djape
Member
Member
Posts: 469
Joined: Sat Nov 06, 2004 7:54 pm
Location: Serbia

Tue Jun 06, 2006 6:29 pm

Hi there,

RouterOS DNS cache can help a lot :)
There is a firewall rule that can intercept all DNS request and redirect to DNS cache ;)
ip firewall nat >

;;; intercept all DNS requests
chain=dstnat protocol=udp dst-port=53 action=dst-nat to-addresses=x.x.x.x to-ports=0-65535
(where x.x.x.x is address of your gateway)

also there is rule to do transparent proxy (intercept all traffic that goes to http port 80 to proxy)

ip firewall nat >
;;; Transparent Proxy
chain=dstnat dst-address=!x.x.x.x protocol=tcp dst-port=80 action=redirect to-ports=3128
(where x.x.x.x is address of your gateway)

By applying this you will not save much bandwidth but you surfing will go smoother ;)

Cheers dude....
I drink like a pirate and smoke like a hippie...
 
cylent
Member
Member
Topic Author
Posts: 383
Joined: Sun May 28, 2006 10:30 am

Tue Jun 06, 2006 7:27 pm

thanks djape.

heres what i have now.

please advise:
[admin@grnzne-inet] ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic 
 0   ;;; masquerade hotspot network
     chain=srcnat src-address=192.168.0.0/24 action=masquerade 

 1   ;;; masquerade hotspot network
     chain=srcnat src-address=192.168.0.0/24 action=masquerade 

 2   chain=dstnat in-interface=ether2 dst-address=0.0.0.80 protocol=tcp 
     action=redirect to-ports=8080 

 3   chain=dstnat protocol=udp dst-port=53 action=dst-nat 
     to-addresses=192.168.0.1 to-ports=0-65535 

 4   chain=dstnat dst-address=192.168.0.1 protocol=tcp dst-port=80 
     action=redirect to-ports=3128 
[admin@grnzne-inet] ip firewall nat> 
also it seems whenever the router is restarted the dns cache is flushed. how can i get it to KEEP the cache? we have lots of power outages here and the router is always rebooting. (no worries. its protected by a UPS)
 
User avatar
djape
Member
Member
Posts: 469
Joined: Sat Nov 06, 2004 7:54 pm
Location: Serbia

Thu Jun 08, 2006 9:57 am

Why do you have masuarading rules for same network? 0 and 1?
Field 2, why is dst-address=0.0.0.80 what does that mean?
Field 4 you should set dst-address=!192.168.0.1

I never noticed that DNS cache is lost after reboot...

Cheers...
I drink like a pirate and smoke like a hippie...
 
cylent
Member
Member
Topic Author
Posts: 383
Joined: Sun May 28, 2006 10:30 am

Thu Jun 08, 2006 10:04 am

field 2 is currently disabled. it didnt make sense to me either to i turned it off.

the masquerading stuff was done by hotspot automatically.

i have also disabled the transparent proxy and the dns redirect.

the only thing i have on is the 1st one: ;;; masquerade hotspot network

also i am not 100% what this does anyway but if i disable it my hotspot wont work.

so to sum up it looks like this for me:
[admin@grnzne-inet] ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
 0   ;;; masquerade hotspot network
     chain=srcnat src-address=192.168.0.0/24 action=masquerade

 1 X ;;; masquerade hotspot network
     chain=srcnat src-address=192.168.0.0/24 action=masquerade

 2 X chain=dstnat in-interface=ether2 dst-address=0.0.0.80 protocol=tcp
     action=redirect to-ports=8080

 3 X ;;; ;;; intercept all DNS requests
     chain=dstnat protocol=udp dst-port=53 action=dst-nat
     to-addresses=192.168.0.1 to-ports=0-65535

 4 X ;;; ;;; Transparent Proxy
     chain=dstnat dst-address=192.168.0.1 protocol=tcp dst-port=80
     action=redirect to-ports=3128
[admin@grnzne-inet] ip firewall nat>
 
User avatar
djape
Member
Member
Posts: 469
Joined: Sat Nov 06, 2004 7:54 pm
Location: Serbia

Thu Jun 08, 2006 12:22 pm

Ok, this is cool

0 ;;; masquerade hotspot network
chain=srcnat src-address=192.168.0.0/24 action=masquerade

1 X ;;; masquerade hotspot network
chain=srcnat src-address=192.168.0.0/24 action=masquerade

2 X chain=dstnat in-interface=ether2 dst-address=0.0.0.80 protocol=tcp
action=redirect to-ports=8080

3 ;;; ;;; intercept all DNS requests
chain=dstnat protocol=udp dst-port=53 action=dst-nat
to-addresses=192.168.0.1 to-ports=0-65535

4 ;;; ;;; Transparent Proxy
chain=dstnat dst-address=!192.168.0.1 protocol=tcp dst-port=80
action=redirect to-ports=3128


;)
I drink like a pirate and smoke like a hippie...
 
User avatar
aitsecurity
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Thu Mar 16, 2006 12:28 am
Location: venezuela

Re: Satellite connection optimization

Fri Jun 09, 2006 4:57 am

HI!

example i have 3 cyber with 22 PC in total, and 20 home user customers for internet, and the satellite give burst to 1024 kbps

i have squid (webproxy Mikrotik), and Dns cache.

but bercafull, with Cache dns, i have to much trafic, (cyber), to Dns, and my Dns go to full quickly.

i change this parameter, /ip dns cache set max-cache-limit=30m

by default in Mk is 1w = 1 week for TTL, i was changed to 30 minutes.

the reason, is because, one time, try use the internet, and the browser need time for open a website, but when use FTP go very fast mmmmm

i see in dns cache, is full, and take time for search the domain for give the IP or go to other dns.

other symptons is the CPU go to high example to 40%, now is 0% to 4%


now my service go very fast,

my satellite service is share service and my CIR is 512kbps and MIR to 2mbps (only in the night 11:30 am to go). the rate go to 800 kbps in the day to little up to 1024 kbps

Best Regards





I am on a satellite connection to the internet and my average ping to yahoo ranges from 800+ms to a max of 950.

My three questions are as follows:

Whats the best value for the MTU for the lan card connected to the Linkstar box? (its currently at 1500)

Also since i am on a satellite connection my dns can take half a second to a second to resolve. So i would love to make the dns cache in routeros be first before going out and doing the dns from the ISP.


Another thing would be to have the web proxy work its magic so (just like the dns) i can get the cached stuff first.

Any help on how to do these things would be greatly appreciated.
 
alex_rhys-hurn
Member
Member
Posts: 319
Joined: Mon Jun 05, 2006 8:26 pm
Location: Kenya
Contact:

another option

Mon Jun 12, 2006 11:38 am

I am running a WISP in africa, with two vsat links.

Exactly because of the reasons mentiod about dns cache performance dragging down the whole network we decided to buidl a big fast server to handle the caching.

We use a pentium 4ghz server with 1gb of ram and good fast scsi disks to ensure that the caches can be served quickly both for DNS and for webproxy.

This was worth it in view of the cost and performance of vsat bandwidth.

Same box is doing link aggregation and failover with no problems.

Who is online

Users browsing this forum: godzillante, Google [Bot], marisspringis and 82 guests