First off, I love my Peplink gear and the new firmware is making it better and better – keep it up guys.
I currently have a DSL connection and two microwave connections. The DSL is better for gaming, the microwave connections are better for file downloads and video streaming. Basically, the microwave connections have a bunch of jitter which makes them horrible for any “realtime” traffic.
I currently have a “Grouped network” for all of my Xboxes, and a couple of outbound policies. One policy is to route non-port 80 traffic to the DSL connection. Most games are UDP on specialized ports. All game and system updates go across port 80. All is well…
Now, I have added a gaming PC and I am finding that the games are using TCP port 80 and TCP port 443 for games as well as downloads. This causes a problem because I can no longer route purely based off of destination port number.
Maybe I should route based on DNS domain name – it is an option, right? wrong. All of the games are being hosted by cloud services (Amazon, Samsung, Microsoft). The reverse DNS name never matches up to the forward DNS query that the client requested.
As an example, forward query for xbox.com yields 5 different addresses, but when I do a reverse lookup on those 5 addresses, they all return empty records. Weird, I know that Peplink has stored that information in the local DNS server – I have it set to cache records. I understand that returning a result that is invalid according to the authoritative DNS servers is probably a bad idea; but I think there is enough grey area to use the local cache for forward lookups as a data source for reverse lookups for routing purposes.
My request is that “Routing by domain name use the local DNS cache as the primary data source for outbound policies and use the internet reverse lookups second if not available in the local cache”
Here is a use case…
I want to play a game and stream the content out. My DSL line is not capable of the bandwidth required to stream the game. My microwave connections are not stable enough to play the game. I could overcome this with some outbound policies
Policy 1 - “Gaming PC src IP” traffic to streamsite.tv --> use microwave links
Policy 2 - “Gaming PC src IP” traffic to gametitle.com --> use DSL connection
I believe that was the original intent for the domain name routing outbound policy, but changes in the way services are implemented (and probably other factors) have made it unusable at worst and/or unreliable at best.
Currently, the only way I could achieve this traffic pattern is to either
A. buy another PC to stream the content (these things cost a couple of grand, so no thanks)
B. install second nic and hope that each application and the OS has the capabilities to specify outbound adapters – which probably isn’t feasible – windows just isn’t that nice; and applications aren’t that smart.
More information on how the policy works can be found here