Quotas for downstream routers running DHCP

[swsl]

Hi all - I'm managing a small community network that shares a limited bandwidth (Satelite) and daily quota. It looks like Gargoye is really going to help.

Our network is complex in that each of the 6 households has it's own wireless AP. Some of those APs are wired directly to the router and others require a wireless "backhaul" - as I believe it's called - to the router using a seperate client device. Hope that's clear.

OK, so my house for example. Currently family and guests that want to get online connect to my local AP and get an address passed on from the central router.

I want to set a quota for the whole household of X MB per day. That is, in each household, I want to set a quota for the aggregate of all users known and unknown, who may connect on the household's AP that day.

I'm thinking that group Gargoyle quotas might work one of these ways...
1) My household AP has a static address of, say, 192.168.1.15. So, I set a quota for that addy and then set the local AP to give out addresses, with NAT on. If I understand right, that will make everything that gets to the router via that AP to enter as 192.168.1.15 and will be under the ...15 quota.

2) I assign the quota on Gargoyle to a range of addys for each house, say 101-110, 111-120, etc. Then I have the household AP hand out that limited range of addys. No NAT. This might be better if it can work, as I believe that NATting won't allow me administer the router/modem from behind my local AP.

3) Worst case, I do what others seem to do and assign the quota to a given range, then manually assign addys within each household's range whenever a new device shows up. Seeing as some houses are rentals and I'm not always around, this is a poor option and could be complicated to administer day to day. It could get messy with many people coming and going.

I confess that I barely understand NAT and how some of these things work. I might be off-base on the whole idea, but I hope not!

Any thoughts? Hoping some of you accomplished networkers can advise !

cheers

[pbix]

I would think that each household should have its own NATing router as you suggest in 1) above. While the other ideas could be made to work it seems like a lot of administration on your part. Each household would be responsible for who-ever connects to their router. Each router assigned a fixed IP address from the central router. This could be handled at the central router by listing the MAC addresses of each of the household routers with their corresponding IP address.

If all households had Gargoyle routers there would be no restrictions on your ability to access for administration them regardless of the configuration. Other router software has other capabilities but I think this is a common capability.

The above would also help you in your QoS strategy which I would think would be the next thing you would investigate since your bandwidth is limiited.

Yes Gargoyle will help you with your quota management. It needs to be thought through a little. If each is given a daily quotat that is a percentage of the overall daily quota then each day some quota would be left unused since each day some households would not use their quota.

Should be intereting so keep us posted on your results.

[ispyisail]

Should be intereting so keep us posted on your results.

yes

You should setup a small test network before deployment. make sure you are happy first

[swsl]

I would think that each household should have its own NATing router ....

The above would also help you in your QoS strategy which I would think would be the next thing you would investigate since your bandwidth is limiited.
.... If each is given a daily quotat that is a percentage of the overall daily quota then each day some quota would be left unused since each day some households would not use their quota.

Thanks I appreciate the support and guidance. I will keep in mind that local natting may be preferable, however, I had already installed the router yesterday before I heard back and was able to set up one household's dd-wrt router without NAT and just a range of addys, which corresponded to the range for that house. That router did hand out from it's range of addys and they showed up to the central Gargoyle as if they were assigned statics, it seems. I have already set up quota rules for groups, as in 192.168.1.100-109, one rule, 110-119 next rule, etc. I'm hoping that this will work with QOS also, but I really need to study QOS to sort it out.

I have not been able to test quotas because I immediately found the radio of my LInksys GS to be sorely inadequate and had to swap it back out. For years I've been using a Buffalo HP-G54 on DD-WRT and somehow the signal of the Linksys under GG is more than 25 db lower! Just won't work, even with some possible tweaks for more power. It looks like I'll have to reconfigure and hang a Buffalo HP on the Linksys as our central AP until we get a more powerful router that handles Gargoyle. Anyway, that can work out and if it takes TWO $50 routers to do this, we can hardly complain. Or maybe just get a Ubiquiti Bullet HP for that. Wifi. Another topic.

Perhaps due a inadequate understanding, I like the idea of keeping everything on the same subnet when possible. But I think that yes, QOS is going to be a next important step to share that limited bandwidth. Will managing everybody in visible groups on the main GG router preclude this? You indicated that it might not work as well for QOS as it seems it will for Quotas.

As far as the daily quota adding up, yes, I see good potential in giving everybody a higher share than 1/6 or whatever. Already planning on that. A nice bonus.

I'll keep working on it and report back on how it goes.

Cheers,

[pbix]

What I suggest is a little more flexible because each house can use Gargoyle to divide up Quota and Bandwidth between users within the house while your main router would handle the contention between houses. Requires Gargoyle on all routers as I suggested.

[swsl]

What I suggest is a little more flexible because each house can use Gargoyle to divide up Quota and Bandwidth between users within the house while your main router would handle the contention between houses. Requires Gargoyle on all routers as I suggested.

OK, gotcha. Thanks for the clarification. I think we will have a downstream router running Gargoyle in at least one of the satellites that needs local managment as well. I'm still working on it, but it looks like we'll end up with a mix of assigned IP (witihin narrow range) at my house, Automatic non-NATted DHCP at others and then DHCP NATted at one or two.

[swsl]

Well, I've got it up and running on a Linksys WRT54GS using a Buffalo HP-G54 running DD-WRT as the access point. In a way, it's the best of both worlds as DD-WRT has much finer controls and monitoring of the radio and Gargoyle, of course, has the critical control and monitoring of the Quota/QOS aspect.

As far as managing groups of addresses and downstream routers, I'm finding that a mix of all three of the approaches listed in my first post is working.
For now, clients that can see the main antenna, I'm just manually adding them to the fixed IP list within their household quota group as they connect. For a house running a dd-wrt router, which I had hoped to have hand out a range of addreses on the main subnet but assigned locally, I ran into trouble. The local household's router was somehow handing out addresses to others that were connecting directly to the Gargoyle router. Weird. So, I connected it through the WAN (vs LAN) port, natted it and now it's only dealing with it's own and works right. I can't see how many of their people are on from within Gargoyle, but know that they are in their correct quota group.

Conversely, on the Airport Express at my house, I could not get the airport's NATted assignment to work right and fell back to handing out a range on the main subnet with no NATting as I had tried on the other. Go figure. Works right on the AirportX, but not on DD-wrt ! Or more likely I just didn't get the settings sorted well enough and fudged at it until some mixture of DHCP, WAN, LAN, gateway, DNS, etc settings acheived my goals. With the very partial understanding I have, it's more like voodoo setting these things up - for me!

I'll get it tuned over time, but for now it's all working.

I was concerned that this might be too much for a medium (at best) grade router with an older CPU and 32MB of RAM. So far, it's slow at the interface, but only using 8.7 MB of memory. It doesn't register a cpu load for some reason. I wonder if having the radio on the Gargoyle turned off helps lighten the load. It appears that I can allocate one of my WRT54GLs with only 16MB ram for a backup router in case of primary failure. Not the best choice, but we already have a collection of these.

I'm running 1.4.4 on the WRT54GS. I seem to remember seeing that the newer versions of Gargoyle for the WRT54Gx don't have the same Broadcom driver or something,and that the newer driver may not work well on these older Linksys. If so, that might explain the huge difference (25db at my house) between the signal from the HP-G54 on ddwrt and the linksys 54GS on Gargoyle. Also the radio settings on DD-WRT are tweaked. Anyway, I had expected that it would be around 6 db lower not 25db, but that's what I got.

Anyway, that's my report for those who are considering using Gargoyle in a complex system as described above. IT WORKS !