IPv4/ IPV6 Traffic Discrimination and Monitoring

Similar Messages

• Best way to pass IPv4 and IPv6 traffic over a GRE Tunnel

  Hello,
  We have two 3825 routers with Advanced Enterprise IOS 12.4.9(T). Each of them serves many IPv4 (private and public) and IPv6 networks on their respective site.
  We have created a wireless link between the two, using 4 wireless devices, with IP Addresses 10.10.2.2, 3, 4, 5 respectively (1 and 6 are the two end Ethernet interfaces on the routers).
  Then we created a GRE tunnel over this link using addresses 172.16.1.1 and 2 (for the two ends) to route traffic over this link.
  Now we want to route IPv6 traffic over the same link. However, we found that simply routing the IPv6 traffic over the above GRE / IP tunnel did not work.
  Questions:
  Is there a way we can use the same (GRE / IP) tunnel to transport both IPv4 and IPv6 traffic?
  If not, can we setup two GRE tunnels over the same wireless link, that is, one GRE / IP for IPv4 traffic and a second one GRE / IPv6 for IPv6 traffic?
  In brief, what is the suggested way to transport IPv4 and IPv6 traffic over the aforementioned (wireless) link?
  I have read http://www.cisco.com/c/en/us/td/docs/ios/12_4/interface/configuration/guide/inb_tun.html#wp1061361 and other Internet material, however I am still confused.
  Please help.
  Thanks in advance,
  Nick

  We have set up two tunnels over the same link, one GRE / IP for the IPv4 traffic and one IPv6 / IP ("manual") for the IPv6 traffic. This setup seems to be working OK.
  If there are other suggestions, please advise.
  Thanks,
  Nick

• Generate and Monitor Interconnect traffic

  Guys
  Does anyone has scripts to generate and monitor interconnect traffic? I am trying to test my interconnect on 4 node RAC (10gR2)
  Any help?
  Thanks in advance
  PG

  See if this helps....we use the below script to monitor the interconnect traffic.
  select b1.inst_id,
  b2.value "GCS CR BLOCKS RECEIVED",
  b1.value "GCS CR BLOCK RECEIVE TIME",
  ((b1.value / b2.value) * 10) "AVG CR BLOCK RECEIVE TIME (ms)"
  from gv$sysstat b1,
  gv$sysstat b2
  where b1.name = 'global cache cr block receive time' and
  b2.name = 'global cache cr blocks received' and
  b1.inst_id = b2.inst_id

• Does IPv6 traffic "pass-through" or "drop" by cisco waas?

  Since cisco waas is not yet supported IPv6, if i am running IPv4 and IPv6 dual stack mode on the same circuit, does IPv6 traffic get dropped by the waas or does waas put IPv6 traffic in "pass-through" mode and let it goes?  I am thinking, waas will treat IPv6 as non-IP traffic and will let it goes.  Am i right?
   

  Hi Joe and Kanwai,
  One note though - if your running WCCP as the redirection mode, you won't get the IPv6 traffic redirected, as WCCP does NOT support IPv6. Hence you won't see IPv6 traffic at all on the WAAS device.
  Best Regards
  Finn Poulsen

• Receive IPv6 traffic - kernel panic?

  I configured an IPv4 -> IPv6 tunnel on my firewall via he.net and set my default route for inet6 traffic to the remote side. Then I got a /64 network assigned from he.net and IP'd my internal network, include my MacBook Pro running OS X 10.4.8.
  I can do a traceroute6 from my Mac to external sites just fine. It uses the IPv6 tunnel exactly as expected (I set my default route for IPv6 on my Mac to be the IPv6 address of the internal interface of my firewall). When I tried to use an external site to do a traceroute6 back to my Mac, it panicked!
  Perhaps there is some problem with the Intel version of the Yukon driver (Marvell Yukon gigabit ethernet)? Has anyone else had kernel panics when on the receiving end of inbound IPv6 traffic (that wasn't in response to an outbound connection)?
  Here's the crash report:
  panic(cpu 0 caller 0x0035BEAC): freeing free mbuf
  Backtrace, Format - Frame : Return Address (4 potential args on stack)
  0x251e3db8 : 0x128d1f (0x3c9540 0x251e3ddc 0x131df4 0x0)
  0x251e3df8 : 0x35beac (0x3e9c7c 0x1dfba 0x87c4b9fe 0x1dfba)
  0x251e3e38 : 0x7314a4 (0x36e07600 0x0 0x251e3e68 0x1a1ec0)
  0x251e3e58 : 0xa6d454 (0x237f1000 0x36e07600 0x0 0x2)
  0x251e3e88 : 0xa6bad0 (0x237f1000 0x36e07600 0x0 0x38dbc80)
  0x251e3ea8 : 0xa6ed7c (0x237f1000 0x0 0x1000000 0x133b25)
  0x251e3f08 : 0x398a1f (0x237f1000 0x38dbc80 0x1 0x37b5d08)
  0x251e3f58 : 0x397bf1 (0x38dbc80 0x135ec3 0x0 0x37b5d08)
  0x251e3f88 : 0x397927 (0x38d7480 0x0 0xee6b280 0x13869f)
  0x251e3fc8 : 0x19a74c (0x38d7480 0x0 0x4 0x4eae6b8) Backtrace terminated-invalid frame pointer 0x0
  Kernel loadable modules in backtrace (with dependencies):
  com.apple.iokit.AppleYukon(1.0.7b3)@0xa69000
  dependency: com.apple.iokit.IONetworkingFamily(1.5.1)@0x72a000
  dependency: com.apple.iokit.IOPCIFamily(2.1)@0x5ee000
  com.apple.iokit.IONetworkingFamily(1.5.1)@0x72a000
  Kernel version:
  Darwin Kernel Version 8.8.1: Mon Sep 25 19:42:00 PDT 2006; root:xnu-792.13.8.obj~1/RELEASE_I386
  Model: MacBookPro1,1, BootROM MBP11.0055.B08, 2 processors, Intel Core Duo, 2.16 GHz, 2 GB
  Graphics: ATI Radeon X1600, ATY,RadeonX1600, PCIe, 256 MB
  Memory Module: BANK 0/DIMM0, 1 GB, DDR2 SDRAM, 667 MHz
  Memory Module: BANK 1/DIMM1, 1 GB, DDR2 SDRAM, 667 MHz
  AirPort: spairportwireless_card_type_airportextreme (0x168C, 0x86), 0.1.27
  Bluetooth: Version 1.7.9f12, 2 service, 0 devices, 1 incoming serial ports
  Network Service: Built-in Ethernet, Ethernet, en0
  Network Service: AirPort, AirPort, en1
  Serial ATA Device: ST910021AS, 93.16 GB
  Parallel ATA Device: MATSHITADVD-R UJ-857
  USB Device: Built-in iSight, Micron, Up to 480 Mb/sec, 500 mA
  USB Device: Apple Internal Keyboard / Trackpad, Apple Computer, Up to 12 Mb/sec, 500 mA
  USB Device: IR Receiver, Apple Computer, Inc., Up to 12 Mb/sec, 500 mA
  USB Device: Bluetooth HCI, Up to 12 Mb/sec, 500 mA

  MTU on the ethernet interfaces of the Mac and the inside the firewall are both 1500 (normal). My switch is only FE so the Mac's NIC auto-neg'd to 100/full. The MTU of the 4->6 tunnel is 1280. I believe that's because of the encapsulation overhead (it has to send the IPv6 packets inside IPv4 packets).
  In any case, it's not using Jumbo Frames (I don't think the switch even supports them).
  I was thinking it might be a problem with the longer address and endianness. For instance, maybe on the Intel platform they did a quick patch to make the address pointer move over a fixed 4 bytes, then read backwards by the length of the address. That would work fine for 4 byte (i.e. IPv4) addresses, but on 16 byte (IPv6) addresses it would go horribly wrong (shift 4 bytes, then read backwards 16 bytes, uh oh!).
  Apparently it only affects some of the code paths, because I can send out IPv6 packets and accept the responses. It was only when I received an unsolicited IPv6 packet that it panicked.
  It's all just a wild guess any way. I would like to experiment with it a little more, but I really don't feel like causing multiple kernel panics and possibly corrupting my file system from the resulting hard-resets.

• IPv6 Address Management and Security Questions

  I'm trying to draft an IPv6-based version of our location's current routing configuration in anticipation of when our ISP will finally roll it out, and address management has been giving me the biggest headache - ironic, considering IPv6 was supposed to simplify address allocation.
  My first config draft was made assuming that I would be getting a static /56 or /60 prefix from the ISP, and I was just going to insert the prefix into my DHCP pools and there would be no issues. That was before reading around and discovering that some ISPs are considering prefix delegation (PD) for both residential and business accounts instead of static blocks. Now I have questions about how to stick as close to the current IPv4 configuration as possible.
  For the PD scenario, what I am looking at now are two addresses ranges for each network - a ULA /120 space that I want to control using stateful DHCPv6, and the global space which can be /64 and auto-configured. That way there will be a "private" address space for internal routing in the event of a prefix change or an extended outage. But I'm not sure how the config should look for such a scenario. What I have drafted so far is this:
  ipv6 dhcp pool DHCP6_INTERNAL
   address prefix FDAB::1:0/120
   domain-name whatever.net
   dns-server FDAB::1:1
  ipv6 dhcp pool DHCP6_DMZ-WIFI
   address prefix FDAB::2:0/120
   domain-name guest.whatever.net
   dns-server FDAB::2:1
  interface GigabitEthernet0
   description WAN-LINK
   ipv6 enable
   ipv6 address dhcp
   no ipv6 unreachables
   no ipv6 redirects
   ipv6 flow ingress
   ipv6 flow egress
   ipv6 virtual-reassembly in
   ipv6 nd autoconfig default-route
   ipv6 dhcp client pd hint ::/56
   ipv6 dhcp client pd ISP-PREFIX
   zone-member security OUTSIDE
   speed auto
   duplex auto
   no cdp enable
  interface FastEthernet8.1
   description VLAN_1-INTERNAL
   encapsulation dot1Q 1 native
   ipv6 enable
   ipv6 address FDAB::1:1/120
   ipv6 address ISP-PREFIX ::1:0:0:0:1/64
   ipv6 flow ingress
   ipv6 flow egress
   ipv6 virtual-reassembly in
   zone-member security INSIDE
   ip tcp adjust-mss 1300
   ipv6 dhcp server DHCP6_INTERNAL
   ipv6 nd managed-config-flag
   ipv6 nd other-config-flag
  interface FastEthernet8.2
   description VLAN_2-DMZ-WIFI
   encapsulation dot1Q 2
   ipv6 enable
   ipv6 address FDAB::2:1/120
   ipv6 address ISP-PREFIX ::2:0:0:0:1/64
   ipv6 flow ingress
   ipv6 flow egress
   ipv6 virtual-reassembly in
   zone-member security DMZ
   ip tcp adjust-mss 1300
   ipv6 dhcp server DHCP6_DMZ-WIFI
   ipv6 nd managed-config-flag
   ipv6 nd other-config-flag
  Will this config work? By which I mean: will the DHCPv6 servers provide ULA addresses, and will SLAAC work for global address allocation? If not, what needs to be changed?
  Also, another question. I found a few references to a prefix name (the "ISP-PREFIX") which can be used as part of a static IPv6 address on an interface, which is a good idea in case the prefix changes. But that brings up another concern - if the prefix changes, that will invalidate ACLs referencing the global addresses using the previous prefix. Is there anything similar to the prefix name string that can be used in ACLs to keep this from occurring?

  DHCPv6-PD is not necessarily dynamic the same way as DHCP was with the public IPv4 addresses in the IPv4 world.
  While the outside network (PPPoE, DHCPv6, anything) might be truly dynamic and changing with possibly every login session, the DHCPv6 delegated prefix might be tied to your login credentials or DHCPv6 client's DUID after the first connection. A bit like a DHCP lease reservation.
  If that is the case, there is some possibility that your ISP will run reverse route injection, and will always route your "fixed" prefix  to the currently active dynamic "outside" address.
  Talk to your ISP and have them confirm that, once the PD'd /48 or /56 is initially assigned, it won't change, and that the same prefix will be delegated every time. Then you can treat it as if it were fully static, and you won't have to go down the ULA path.
  I contacted one of our local ISPs, and they're doing it exactly that way: PPPoE for IPv4 and IPv6 (fully dynamic), and DHCPv6-PD with the /48 tied to the PPPoE login credentials. I might change to that ISP sooner or later.
  With my current ISP, my IPv6 access is 6RD based. I get a /60, with my current public ipv4 address (by DHCP) embedded into those 60 bits. Readressing is bound to happen sooner or later, and it happens every so often, and it breaks my IPv6 ACLs.
  I'm also looking for a way to write IPv6 ACLs with wildcard bits, not prefix/mask, so I can use them with ZBFW. So far, no sign of it.
  A few more comments:
  ULA addressing: 
  It may look tempting, plausible and intuitive to use dual global and ULA addressing. 
  I started this way as well. However, it turns out that Windows 7 has (had?) some issues with proper source address selection. The "longest common prefix" rule never seemed to work properly. In some cases, it would pick the global address to talk to ULA hosts, or stubbornly insist to use the ULA address to talk to an IPv6 internet host. It was a frustrating experience. Be sure to test this to the full extent (and back, and again and then some more) with every operating system you intend to use.
  Using /120:
  Be sure to test this as well, and very thoroughly. Subnet masks longer than /64 are sometimes called "uncharted territory" in IPv6. Longer subnet masks will break SLAAC, and there may be (embedded) devices that will not react benevolently to a subnet mask other than /64, or simply lack support for DHCPv6.
  adjust-mss
  I see you have "ip tcp adjust-mss 1300". While PMTUd may be mandatory with IPv6, I found it being broken already :-( . "ipv6 tcp adjust-mss .... " is now a separate command since IOS 15.4(1). I would suggest considering it, depending with your experience with PMTUd on IPv6.

• IPv6 Network Management and IP SLA

  Hi,
  I have to plan a network infrastucture with MPLS-IPv4, IPv4 and IPv6 routing tables.
  Since I have an hybrid network and dual stack IPv4/IPv6 routers I must manage both protocols for all boxes using SNMP and IP SLA.
  Can the SNMP IPv4 traps from the router targeted to the network management station carry information about IPv6 interfaces ?
  I found the IP SLA is supported in IPv6 networks for some measurements, is required IPv6 enabled on the IP connection between the management station and the responder?
  Thanks
  Massimiliano

  First, traps can be sent over IPv4 transport and contain IPv6-related varbinds.  Second, I'm not sure I understand why you would need IPv6 enabled between the management station and the responder.  The management station will only perform IP SLA configuration options on the IP SLA source device.

• Does Catalyst 3750G have IPv4-IPv6 translation feature ?

  we developed an application with IPv4 and it is being put on IPv6 based network to talk to the client application.  We have Catalyst 3750G and want to enable IPv4-IPv6 translation.  Does 3750G have such feature ?  If yes, how can we use it ?

  I think not. Routers have that capability
  When enabling communications between IPv4 <-> IPv6 you need v4-v6 Tunnels and/or translations(NAT) w/c can only be done in routers

• I need an advice in full connectivity between IPV4-IPV6 network

  Hi , 
  i have a network topology as attached.
  as you see it has both ipv4 & ipv6
  i just need an ideas here about how let all pcs (ipv4 & ipv6) to talk together based on the topology attached.

  Hello Ahmed,
  You can use BGP with address-family ipv4 to provide routing for ipv4 and address-family ipv6 for ipv6.
  This means between your router's you will have 2 BGP peerings, one for v4 one for v6.
  If you use the ipv4 address for bgp address-family ipv6, you will have to apply a route-map on neighbor to change the next hop address to the relevant ipv6 interface address.
  hth
  Bilal
  CCIE #45032

• Does iphone supports IPv6 traffic for icloud?

  Hi Everybody,
  Does iphone supports IPv6 traffic for icloud application?

  ckuan
  The question was whether iPhones supports IPv6 protocol. Why would it matter if the network supports IPv4, IPv6, Dual stack or any other protocol? The straight answer is NO it does not as of today (even if the users have to worry about it or not, which is irrelavent imho).
  regards, sajith
  http://www.kaimals.com/

• Does facetime supports IPv6 traffic?

  Since all  ISP's started IPv6 deployment, just wanted to know whether Facetime supports IPv6 traffic?

  ckuan
  The question was whether iPhones supports IPv6 protocol. Why would it matter if the network supports IPv4, IPv6, Dual stack or any other protocol? The straight answer is NO it does not as of today (even if the users have to worry about it or not, which is irrelavent imho).
  regards, sajith
  http://www.kaimals.com/

• Does IPv6 traffic support enabled for icloud?

  Hi Everybody,
        Since all ISP's started IPv6 deployment just wanted to know whether IPv6 traffic support enabled for icloud application?

  Apple does not support the 3rd party drives.  To enable it (without installing another software package), you can visit the website:
  http://digitaldj.net/2011/07/21/trim-enabler-for-lion/
  I ran the series of commands on my Mac Pro and it did enable TRIM.
  the webpage even has a backup/back-out procedure.
  Without TRIM, my computer was running extremely slowly.  After enabling TRIM, my computer ran substancially faster.

• Blocking all ipv6 traffic

  Good morning -  I have an issue that has happened twice - and I need some advice.  I have a 4506 running version 12.2(46)SG. We recently encountered an issue where I BELIEVE the issue to be IPV6 sending out a broadcast storm, and completely flooded the core switch  - bad enough that I couldn't even console into the device.  After removing all connections that were plugged in when the switch went down.  After everything was back up, we found that it was a laptop with ipv6 enabled - exactly the same scenario as last time.  What we found after the first incident was that a faulty NIC driver caused the ipv6 broadcast storm.
  At any rate, as we do not use IPv6 for anything at all, I want to block all IPv6 traffic.  I know there are different ways to do it, but I'm reaching out to see what ideas you may have also...
  Thx in advance for any input!

  Joel,
  If VACLs with IPv6 ACLs are supported on your platform then I would probably use VACLs, as they allow a filter to be applied flatly to the entire VLAN. Your other option would be to configure per-port ACLs which is cumbersome and bloats the configuration unnecessary.
  With IPv6 ACLs, be sure to block ICMPv6 explicitly. As far as I remember, some ICMPv6 messages are allowed even if they are not explicitly permitted in the ACL (usually the RD and ND messaging).
  If your platform allowed filtering all incoming packets by MAC ACLs, yet another way would be to use VACLs with MAC ACLs, blocking all traffic with the EtherType of 0x86DD. However, newer platforms apply MAC ACLs only to non-IP traffic so they would have no effect on frames carrying IPv6 packets. You need to consult the documentation to your device.
  In any way, VACLs would be my personal preferred choice at this point.
  Best regards,
  Peter

• What is the best product for network mapping and monitoring? I am an inexperienced user). Mac 10.9.2 laptop

  I have lots of questions, but the gist is that I want to know the best product, preferably from the app store, that I can use for network mapping mapping and monitoring.
  I want to get their mac address or other police trackable etc info so I can use my computer safely.
  I am also being cyberbullied.
  I try just using ethernet but still get intruded on, for instance, messages that "other devices are using my ip address". The only other device I own is an iPod that I keep sahut off plus wifi turned off then.
  (NOTE:  You can skip the rest of this message if you want. It regards hacking attempts etc,  a little out of the scope of discussion, perhaps).
  Also a home intrusion where computer was thoroughly hacked with router(s) set up "very very close to me," according to Apple.
  Also, hackers get into my Facebook and gmail and yahoo mail, really,  no matter what I try to do on my computer and how many times I change passwords it does no good.
  Also,  The ip addresses for google and the one in syste preferences and the one looking up my ip address on ip chicken always gets three different results.
  More worrisome it that hackers got into my Wells Fargo account a week after the intrusion even though I changed all account #'s and pw plus notified bank. They also broke into paypal using my new account numbers.
  Also, stuff like Facetime pops up on my computer without my clicking on it even though I'm using ethernet to connect. I've given up on Time Capsule because I'm told that's how the hackers hacked my computer so thoroughly duriung the intrusion.
  Thanks.

  Aubry,
  why don't you send your sequences straight to Compressor first, encode your movies as MPEG 2 and AC3 audio and import all assets in DVD studio PRO?
  G.

• Configuring QoS for FIOS Router MI-424WR: Traffic Priority and Shaping

  Please only read on if you are an experienced internet user familiar with setting the advanced QoS and Firewall settings for the MI-424WR and make use of wireless adaptors from a PC to provide connectivity.
  This is my first post and my first week since I moved from Time Warner Cable over to FIOS for iNet (plus HDTV and phone).     While all my services work, the router as delivered and setup is not optimum for internet quality of service.  Instead it was probably out of the box optimized for HDTV and telephone to satisfy most customers and reduce support overhead.   The average FIOS consumer is multimedia sensitive, but that is not so in my genre of internet consumer.   Here in lies the core of my reason for seeking help from like minded and experienced users in this community.
  One of the main driving forces in my switching to FIOS was to improve my multiplayer gaming experience where ultra low ping latency and high upload data rates dramatically affect the quality of connection and thus gameplay.    The cable internet service from TimeWarner was providing solid 2MB/1MB down/up data rates with no issues like what Im having now with FIOS.   Again the reason for the switch was both financial and in hope of gaining better data rates and quality of service.   Now with FIOS Im getting about 24/15 down/up data rate on the Extreme FIOS 25/25 plan when measured from my house to Los Angeles server (50 miles away) via Speedtest.net or DslReports.com/tests.     Latency wise, the ping has gone down from 150 to 50ms when measured to my friends who I connect to online that are on the East coast.   The data rate and latency has greatly improved in going from Cable to FIOS.   So far, so good.
  Where the problem shows up now, is that now I get an internet "hiccup" every 5-10 minutes that lasts about 1/2 to 2 seconds.   For the average internet user that just streams multimedia or cruises on the net; this is probably undetectable or noticed.   I never had this problem over the same PCs connected wirelessly to my DLINK DGL-4500 Gaming Router when my ISP was TimeWarner's cable service.    Now, using the FIOS and MI-424WR router with everythings being the same; Im experiencing this degregation in quality of service.    Even putting the PC's IP into the DMZ doesnt make any difference, so it is not related to port forwarding.    The issue is squarely in the lap of FIOS and this router as delivered and configured.    This is where the "game" is a foot, and where I need expertise in an area Im new to. 
  I am not new to being hands on with inet trouble shooting asI have been setting up my own home network (I work from home over VPN to work) for decades;  I would like to leverage the skills of those who are experts in the area that I think can address this issue.   That being QoS and the other device class mechanisms of this router.   Its my guess that this periodic hiccup can be minimized and even eliminated using these advanced features of this all-in-one TV/iNet/Tele router.   
  With that context being laid down, this hiccup doesnt show up if:
  a.  I connect two PCs connected to the same ethernet hub of the MI-424WR (traffic just over the LAN and not WAN)
  b.  When I was on Cable with my own gaming router wirelessly DHCP connected to my PC and using port forwarding or using the DMZ.  
  The hiccup does exist when:
  a.  Going from internet through the MI-424WR to the wireless DHCP connected PC with port forwarding
  b.  Even putting the wireless DHCP connected PC into the MI-424WR's DMZ has no effect
  I did read the manual and tried some QoS pritority and shaping and managed to reduce how often the hiccup occured, but I was just making guesses at the settings.   I put in the IP for the PCs I use for my gaming applications (which are very ping and jitter sensitive) into the QoS priority (value 7) and shaping GUI.    Im hoping someone with experience can tell me exactly how to use it and what settings to input.   Im not clear on the device and connection types offered in the QoS menus. 
  Another thing, is I couldnt find settings for the turning on/off the ICMP echo.   But I assume this is on because it can be pinged by folks on the net to my WAN IP.
  Here is the manual for the Verizon provided M424WR router (Current Version of firmware: 20.10.7)
  download link
  Here are the QoS traffic priority and shaping values Ive been experimenting with:
  Click to view QoS Traffic Priority
  Click to view QoS Traffic Shaping
  And why it matters to have a solid and stable inet connection for internet gaming?  The hiccup causes slewing or jitter which equates to positional errors in the 3D world that ruins the smooth gameplay that is needed for high end gaming.
  Heres a snapshot of me flying the wing of another flight simmer who is on the East coast and me on the West coast.
  Click to view
  Thank you in advance.
  Thomas "AV8R"
  MSEE

  TMAS wrote:
  the router as delivered and setup is not optimum for internet quality of service.  Instead it was probably out of the box optimized for HDTV and telephone to satisfy most customers and reduce support overhead.  
  That's not accurate.  VZ telephone service does not go through the Actiontec.  Also, there are no default settings for QOS in the Actiontec since QOS is rarely needed with FIOS upload speeds.
  TMAS wrote:I get an internet "hiccup" every 5-10 minutes that lasts about 1/2 to 2 seconds.  
     You should not be experiencing periodic "hiccups".  Something is clearly amiss.
  TMAS wrote:
  With that context being laid down, this hiccup doesnt show up if:a.  I connect two PCs connected to the same ethernet hub of the MI-424WR (traffic just over the LAN and not WAN)
  The hiccup does exist when:
  a.  Going from internet through the MI-424WR to the wireless DHCP connected PC with port forwarding
  b.  Even putting the wireless DHCP connected PC into the MI-424WR's DMZ has no effect
  Lets see.  The issue shows up on a wireless connection, but not a wired connection.  You think this is a QOS issue and not a wireless issue why?  Have you tried changing the wireless channel?  It very possible you have neighbors on the same channel.  Is the DGL-4500 wireless still on?  Could that be interfering?TMAS wrote:
  Another thing, is I couldnt find settings for the turning on/off the ICMP echo.  
  The settting to enable/disable ICMP echo is on the Firewall/Remote Administration page.
  TMAS wrote:
  Here are the QoS traffic priority and shaping values Ive been experimenting with:Click to view QoS Traffic Priority
  Click to view QoS Traffic Shaping 
  The traffic proirity settings you linked are applied only to your wireless connections.  QOS between the router and your wireless PC will only serve to prioritize traffic between the router and that PC and have no affect on your internet traffic.  Assuming you are not running browsers, VOIP and other traffic from that PC while you're gaming, then that will not accomplish anything.  i.e.  You're giving your only traffic highest priority, but that traffic is not competing with anything (except other nearby wireless connections on the same channel).
  On the traffic shaping screenshot, you have broadband ethernet checked, but according to your other thread, your WAN connection is Broadband Coax, not Broadband ethernet.