Router considerations for LAN party 200+ people

K

kkeirnan

n00b
Joined
Apr 20, 2010
Messages
42
We're running pfsense. Trying to get some ideas on what would be an ideal speed and any sort of configuration options that I'd want.

IN the past we've had issues with Punkbuster games and dual WANs. Sometimes PB traffic would go out one WAN and the game traffic would go out another causing problems. Single WAN though gets easily overloaded.

Squid will cache steam downloads (and i think origin). But then might the LAN interface get bogged down from that as well?

Thoughts. I'm open to any and every suggestion.
 
Ideally you should be aiming for a 200Mbit connection. A 100Mbit connection should be fine assuming most of your gaming related traffic is going to be on local servers.

How much bandwidth do you have from your ISP?

Are you using altQ?

Are you also using IP or port based traffic management?

I'd make multiple VLANs and rate limit each VLAN or port just to keep things more manageable.


Take a look at these links:

http://elgwhoppo.com/2012/11/17/usi...nerfing-the-steam-downloads-and-http-traffic/

http://skear.hubpages.com/hub/How-to-Configure-Deep-Packet-Inspection-Using-pfSense
 
We just had a 150Mb connection and it was barely usable. No matter how much you stress to update and install games before arrival there is always people who dont.

VLANs I'm not so sure are possible. Game servers on a different subnets will never be viewable in the game's server browsers due to broadcasts. People all over the event can setup their own servers.

QoS has been setup before using port and ip based rules. I didnt see much of an improvement either way. I'm starting to think that a large WAN for internet would be a good idea and then smaller WAN's with game traffic only going out them.

We're coming up on a time where LAN's are no longer limited to LAN servers. With games like CoD and Battlefield, etc, going to matchmaking or no LAN server support we need to make sure internet traffic gets through smoothly.
 
kkeirnan said:
We just had a 150Mb connection and it was barely usable. No matter how much you stress to update and install games before arrival there is always people who dont.

VLANs I'm not so sure are possible. Game servers on a different subnets will never be viewable in the game's server browsers due to broadcasts. People all over the event can setup their own servers.

QoS has been setup before using port and ip based rules. I didnt see much of an improvement either way. I'm starting to think that a large WAN for internet would be a good idea and then smaller WAN's with game traffic only going out them.

We're coming up on a time where LAN's are no longer limited to LAN servers. With games like CoD and Battlefield, etc, going to matchmaking or no LAN server support we need to make sure internet traffic gets through smoothly.
Click to expand...

What you could do is block windows updates as well as updating from Steam, the people who show up and need to update have to pick up their box and move to another section reserved just for those people with its own internet connection and they can do their updating over there.
You could also throttle any large files if anyone goes to try and download game patches.
 
koolaidkitten said:
What you could do is block windows updates as well as updating from Steam, the people who show up and need to update have to pick up their box and move to another section reserved just for those people with its own internet connection and they can do their updating over there.
You could also throttle any large files if anyone goes to try and download game patches.
Click to expand...

Moving their boxes is not advisable at all. Some of these machines are absolute beasts. However, What if I have two LAN interfaces with traffic rules. If someone needs to download or update we could manually set their IP settings.

But at this point we're reserving a big chunk of bandwidth that wont always be used. We're also limiting that bandwidth to the people who had no foresight to begin with and "punishing" those who came prepared.

Multiple LAN interfaces might be a good way to think about this. I thik I was onto something with Squid caching Steam downloads. But I was also worried about the LAN interface being overwhelmed as well. I just thought this up a few seconds ago...

Muleple LAN interfaces.
DHCP server with non overlapping pools on the same subnet, but the only difference is the gateway they hand out.

Everyone is on the same subnet still and will be able to see everyones game servers. However the squid cache will go out the LAN interface of the requesting PC thus limiting the bandwidth on one particular interface.

I never tried to configure to LAN interfaces before....
 
kkeirnan said:
We just had a 150Mb connection and it was barely usable. No matter how much you stress to update and install games before arrival there is always people who dont.

VLANs I'm not so sure are possible. Game servers on a different subnets will never be viewable in the game's server browsers due to broadcasts. People all over the event can setup their own servers.

QoS has been setup before using port and ip based rules. I didnt see much of an improvement either way. I'm starting to think that a large WAN for internet would be a good idea and then smaller WAN's with game traffic only going out them.

We're coming up on a time where LAN's are no longer limited to LAN servers. With games like CoD and Battlefield, etc, going to matchmaking or no LAN server support we need to make sure internet traffic gets through smoothly.
Click to expand...


I could be wrong, but it sounds like something is not configured correctly or you don't have the proper core switch equipment in place.

You should probably have a couple of 48 port switches all connected via (2) Gbit lagg to the core switch(s) and a decent managed switch or two at the core.

You should also have 3-6 VLANs depending on how you choose to run your LAN, check out this thread for details: http://hardforum.com/showthread.php?t=1694661


With InterVLAN routing or L3 routes all things are possible.

Take a look at the first link I posted and make some comparisons to what you have done in the past.
http://click.hardforum.com/?url=htt...ic/&id=1&match=1&source=none&destination=none
 
host all the recent updates on a lan server. Problem solved.
 
Don't forget you can do rate limiting so that no single IP could consume more than 1-5mbps.

You can even configure a "PowerBoost" burst effect so only long downloads see the rate limiting.
 
kkeirnan said:
You can do this with pfsense?
Click to expand...

It can be done in pfsense using Traffic Sharping/HFSC. It's a bit of a lengthy video but the real info happens somewhere around 20 minutes in: http://www.youtube.com/watch?v=EfXImr5q-sw

I have my setup at home done like this, 37Mb down, for 20 seconds, then onto 25Mb down - right around how Comcraps powerboost works - works great. Steam downloads, HTTP, bittorrent, it doesn't impact me playing games.
 
I'm pretty sure I developed something fairly full proof for a large Lan. What it comes down to is that you want everyone to have as much access to internet as possible without affecting internet gaming.

To do this use dual wans. One pipe as large as possible. The other can be modest...50mbps. The first thing we want to do is setup two aliases. One for known web traffic ports: 80, 443, 21, etc... We then create a firewall rule on the Lan interface to direct this traffic out the big wan. Now it might take some monitoring in real time to adjust this rule and add additional ports.

Then make another alias for all other ports. Luckily we can specify ranges... 1:20, 22:79, 81:442, 444:65500,etc.... Just specify ranges to be between the ports you specified in the first rule. Then another rule on the Lan interface to direct all this other traffic out the small wan.

This essentially keeps all the high bandwidth stuff separate from gaming traffic.

The next thing to do would be to setup squid. It will cache your steam downloads and updates. Damn 5year old source games still have constant updates. Its a pain in the ass. Factor in the popularity of team fortress 2 and everyone will be downloading updates.

The last thing to do is also make sure you have two Lan interfaces and LAGG them. I'd do this so that the squid cache doesn't overload the lan interface and cause latency.

Done and DONE!

no fancy qos, no advanced config. I definitely used the KISS method here.
 
jadams said:
Then make another alias for all other ports. Luckily we can specify ranges... 1:20, 22:79, 81:442, 444:65500,etc.... Just specify ranges to be between the ports you specified in the first rule. Then another rule on the Lan interface to direct all this other traffic out the small wan.
Click to expand...

There is no sense in doing this, especially with pfSense. Just catchall below the first rule and it will be effectively the same without wasting your time. Use a different gateway (group).
 
kkeirnan said:
Squid will cache steam downloads (and i think origin). But then might the LAN interface get bogged down from that as well?
Click to expand...

Wait what? Are you saying that if you download a game through Steam with Squid acting as a caching server, that anyone else who downloads the same game will get it through the cache server? How long will it remain in that cache? :confused:

Really wanna know this since I have a few separate steam clients that download from my ISP who caps my monthly bandwidth.
 
obrith said:
There is no sense in doing this, especially with pfSense. Just catchall below the first rule and it will be effectively the same without wasting your time. Use a different gateway (group).
Click to expand...

That's another valid way of doing it....
 
Skillz said:
Wait what? Are you saying that if you download a game through Steam with Squid acting as a caching server, that anyone else who downloads the same game will get it through the cache server? How long will it remain in that cache? :confused:

Really wanna know this since I have a few separate steam clients that download from my ISP who caps my monthly bandwidth.
Click to expand...

It sure will. I did a basic squid config that cached EVERYTHING to test this. I would tweak the config to not do that but it was just for testing. I'm pretty sure the cache is fifo'd so jt wont delete until it fills up. I haven't test origin yet either.
 
jadams said:
It sure will. I did a basic squid config that cached EVERYTHING to test this. I would tweak the config to not do that but it was just for testing. I'm pretty sure the cache is fifo'd so jt wont delete until it fills up. I haven't test origin yet either.
Click to expand...

Time to setup a Squid server somewhere. Any special configuration you had to do or did you just set it up to cache all traffic? Gonna have to do some reading on Squid now.
 
If you use pfsense and use the squid package you'll be presented with alot of options in regards to file types, minimum sizes, max sizes, black lists, white lists, etc...

In my testing I made it as loose as possible just to ensure it was caching the steam files. If I were doing this for a big lan like this thread is geard to id setup ip white lists for steam, origin, windows update and those kinds of downloads using ip's.
 
jadams said:
If you use pfsense and use the squid package you'll be presented with alot of options in regards to file types, minimum sizes, max sizes, black lists, white lists, etc...

In my testing I made it as loose as possible just to ensure it was caching the steam files. If I were doing this for a big lan like this thread is geard to id setup ip white lists for steam, origin, windows update and those kinds of downloads using ip's.
Click to expand...

Not trying to thread jack, as my needs are similar only the most in my LAN parties will have ~20 people. Not 200+, but it's only on a 10 Mbps cable connection.

So if this does cache the steam files, the first download will be my max ISP download (10 mbps) and the rest of them after that's downloaded/cached should max out the LAN connection?

Whats the cons of running a loose setup like that to catch all? I mean, why wouldn't I just run it that way all the time?
 
Skillz said:
Not trying to thread jack, as my needs are similar only the most in my LAN parties will have ~20 people. Not 200+, but it's only on a 10 Mbps cable connection.

So if this does cache the steam files, the first download will be my max ISP download (10 mbps) and the rest of them after that's downloaded/cached should max out the LAN connection?

Whats the cons of running a loose setup like that to catch all? I mean, why wouldn't I just run it that way all the time?
Click to expand...

Your cache could fill up and overwrite quickly?? Supposedly there is higher latency when it has to search for things in the cache. Good for downloading, not sure what impact it will have on normal browsing. It might also have an impact on dynamic WebPages such as forums and other pages that change and update.
 
I'm in the process of building a 21TB NAS, don't think space will be an issue anytime soon. At least I hope not.

Now I can see the issue with caching everything. How would I only cache specific things using IPs? Are Steams server IPs listed somewhere or will I have to fetch them in logs?
 
Skillz said:
I'm in the process of building a 21TB NAS, don't think space will be an issue anytime soon. At least I hope not.

Now I can see the issue with caching everything. How would I only cache specific things using IPs? Are Steams server IPs listed somewhere or will I have to fetch them in logs?
Click to expand...

In order to cache to externally to a nas you would have to use samba. And if you successfully install and configure samba on pfsense please let me know how you did it.

There is a place for white listing ip's. You'd probably have to go through logs or load up wireshark to see what ip's its going to.
 
I was actually going to run Squid on the NAS. It's not like it's doing anything else.
 
I remember when we used to do 150+ person lan parties on a T1 lol... all this talk about 200mbit connections geewhiz we came a looooong way.

We would advertise .... ONE POINT FIVE Mbps Connections for the fastest speeds you've ever seen at a lan party... and everyone was like YEEEAH BABY!
 
150man tetris/pacman? :p
Biggest problem nowadays is that a lot of games just want internet connection for all kinds of fiddly even when playing local lan.
 
You must log in or register to reply here.
Back
Top