Reducing the impact of P2P users on home network

[snip]

Since you have a WRT54G, the first thing I would try (assuming you've ruled out beatings and electro-shock), is to flash the *free* DD-WRT third party firmware onto your WRT54G. DD-WRT has a slew of Quality of Service settings, including the ability to limit bandwidth by MAC address, which sounds right up your alley.

The main DD-WRT wiki page is at:

The QoS settings are described here: and you can download DD-WRT from:

I use DD-WRT myself, and recommend it highly. And, you can't beat the price!

Good luck!

[woops ... I meant discarding the ROUTER]

Thanks. The WRT54G does have some QOS facility in the recent firmware but the DD-WRT seems to be more comprehensive. Since everything is on DHCP right now, I suppose the priorities for the two problem users could be assigned based on MAC address, as the IP's are always changing.

Is the DD-WRT flash a one-way deal - i.e. is it possible to go back to Linksys factory F/W afterward?

You can revert at any time - just flash with the stock firmware from the Linksys site.

You have my sympathy.

Noticeable? I suspect your network comes to a complete stop when they're serving out stolen music and movies.

Are you in a position to send them an invoice proportional to their usage? Instead of interposing a bandwidth manager, it might be better to simply charge them for their over-use. If you switch to alternative firmware for your WRT54G such as DD-WRT:

it will add SNMP as a feature. You can then use any of an assortment of SNMP based traffic monitoring and measuring tools such at MRTG or preferably RRDTool.

Just setup pre-assigned DHCP IP addresses to all the equipment. Then, Just monitor the traffic for the month by IP address, calculate the proportional usage, and send them a giant bill. Be sure to amortize the cost of the added equipment and your time playing policeman. My guess(tm) is that it will probably equal the cost of them getting their own DSL or cable service.

Generally true. However, if you can identify the specific computers that are consistently doing the downloading, you can also apply QoS (Quality of Service) limits to those IP's, regardless of how many IP ports they open. QoS options for DD-WRT:

Of course, if they change their MAC address, or introduce a new computer, such QoS by IP address or MAC address is useless.

That's just one problem. Most file sharing software opens a huge number of ports and buffers. The result is that they also allocate a huge number of buffers in the router. If the router firmware hasn't been tested for such unusual operation, it might crash. The best way to prevent this is to tweak the file sharing client to limit the number of simultaneous connections, and the number of streams.

The other major problem is that file sharing that it tends to saturate your uplink. Your cable modem may have 6MBits/sec or more of incoming bandwidth, but if the 384k or 512kbits/sec of uplink bandwidth is saturated, incoming bandwidth will appear useless because the outgoing ACK's and responses will probably be lost or delayed by the constipated uplink.

If you like spending money, there are several dedicated bandwidth managers on the market. All will require a dedicated PC to run the software:

(Lots more. Search Google for "bandwidth manager").

Otherwise, you already have a router that can do QoS. I suggest that you:

1. Replace WRT54G firmware with DD-WRT v23 SP2.
2. Setup fixed MAC to IP address DHCP mapping in WRT54G.
3. Implement QoS by IP address or MAC address.
4. Setup monitoring so you can document abuse and bill accordingly.

This is one of the few places where MAC-address based permissioning on the router is useful.

Yep. However, it's easy enough for a user to change their MAC address, making this a rather awkward method of monitoring. I've recently been installing arpwatch into DD-WRT to detect any "unusual" new users:

Make sure to first enable JFFS2 support on the: Admin -> Management page. It won't stop the users for changing their MAC address, but it will detect them when they try.

Argh.... "ipkg update" doesn't seem to be working for me today. Now, what did I do wrong this time? Oh, no flash space. It's full.

If they are smart enough, they can find out what MAC addresses other users equipment have and "borrow" one of these.

And he might also ask them to sign an agreement indemnifying him and the other residents of the house for any fines, settlements, legal fees, or other expenses incurred in case the RIAA et al should come knocking at the door.

At which point the OP could put limits on all devices and announce that this had been done to preserve some measure of service for all users. This might encourage the other residents of the house to evict the two P2P fiends.

Well, there are 3 floor plus basement. Except for a couple of dead spots in the basement (I'm using a high gain directional antenna down there) we've been quite impressed with the coverage.

He could do that without first installing dd-wrt :-)

And some people use square feet :-)

Too bad you can't afford additional access points.

My feet are flat... Guess I use a non-standard flat feet measurement :)

What I meant was to restrict the list of MACs that can get IPs from the router, then set up QoS rules on each of those. If your students change their MAC, they can't get an IP. Obviously they could clone the MAC of someone else in the house but then that person would get locked out and they'd complain.

Sure, but then the other person would get locked out, and complain. It'd be a quick job to ID who was 'stealing' access, and permanently exclude them.

Myself, I just block all P2P use by edict, and if I were to catch anyone at it (detectable by large upload volumes) I'd take away their net access for a month, or require them to pay the bill, or both. This is my house, I'm in charge!

We have a lodger and our agreement with them contains exactly such a clause.

Or high gain antennas