Firewall device |
Most consumer type routers - even current top
line models - simply can not cope with the number of
connections a busy I2P router uses. You will notice this
when surfing the internet gets sluggish. Entry level
professional grade routers handle a higher number of
connections but their hardware at clock speeds well below 1
GHz still can not keep up with higher traffic levels and
will drop packets. See TCP drops in our performance
monitoring. Any current Raspberry class device will
serve well as a firewall/router and make sure at least your
own equipment does not drop a significant amount of packets. |
MTU negotiation |
For maximum performance each TCP connection
determines the maximum size of packets that can be sent
without fragmentation. If you want this to work from behind
the firewall, make sure your firewall permits ICMPv6 and
ICMPv4 Type 3 Subtype 4. Failure to do so results in slower
transfers and more retransmissions due to fragmentation. |
Autocorking |
This is a feature in the Linux kernel that aims at packing as much data into a TCP packet as possible. This will delay final bytes of I2P messages. Turn off on your I2P machine using net.ipv4.tcp_autocorking = 0. |
Traffic shaping |
Any burst of data fom I2P or other apps may
cause buffer overruns in your internet gateway device and/or
modem. If TCP retransmits (see above) are above 1%, you need
to act. Traffic shaping will provide a flattened flow of
data. Example for the easy case of your firewall being a Linux I2P router behind a modem: use something like tc qdisc add dev ppp0 root tbf rate <uprate>bps burst <burst>kb latency 200ms. <burst> (here given in kibibytes) should be a little more than 1% of your max. upload per second, <uprate> (here given in bits / sec) a little bit less than the theoretical max. In case of DSL set <uprate> to modem sync speed / 1.14 and adjust down until retransmissions below 1%. |