Five tips for optimizing your Internet connection

If your Internet connection is sluggish, try these tricks to perk it up.

Few things in life are as frustrating as a slow Internet connection. Unfortunately, there isn't much that you can do about many of the things that cause the Internet to slow down. Things like switch congestion or segment congestion (outside your network) are beyond your control. Even so, you can take a few steps to make sure that your Internet connection is functioning optimally.

1: Avoid DNS bottlenecks

If you have an Active Directory environment in place, you no doubt have an on-premise DNS server. Recently, I have seen several instances of organizations virtualizing their DNS servers and placing them on host machines that have little capacity remaining. The basic thought behind this is that DNS does not require many system resources, so DNS server placement can be treated almost as an afterthought.

However, your DNS server's performance has a major impact on the amount of time it takes for users to access Web pages. So it's important to make sure that your DNS server has sufficient resources to prevent it from becoming a bottleneck.

2: Use DNS forwarders

Another thing you can do to optimize your Internet connectivity is to make use of DNS forwarders. The idea behind a forwarder is that if your DNS server is unable to resolve a query, it sends the query to a forwarding address to be resolved by an external DNS server.

It's common to point the forwarder to the DNS servers that are owned by a company's ISP. The problem is that these DNS servers can be located anywhere. For example, my ISP resides in South Carolina, but it uses a DNS server in France. If you really want to optimize your Internet connectivity, your DNS forwarder should point to a DNS server that is in close physical proximity to your geographic location.

If you aren't sure where your ISP's DNS servers are, I recommend using one of the visual trace route applications to determine where the DNS servers reside. The Visual Trace Route Tool is one free option.

If you do determine that you're forwarding DNS requests to servers that are far away, the forwarder should be redirected to a DNS server that is in closer geographic proximity. If you don't know of another DNS server you can use, try checking out OpenDNS.

3: Use a proxy cache

You can also optimize your Internet connectivity by using a proxy cache, which offers two main benefits. First, it provides your network users with a degree of shielding because it is the cache, not the user, that ultimately contacts Web sites. More important, a proxy cache can dramatically speed up Internet access.

When a user enters a Web URL, the request is sent to the proxy server, which then issues the request on behalf of the user (similar to the way a NAT device works). When the proxy server receives the requested content, it forwards it to the user, but it also stores a copy for itself. If a another user requests the same content, the proxy server can deliver it without having to send the user's request to a Web site. Cached content is delivered almost instantly, so the result is lightning-fast Internet access for your users (at least for any content that has been cached) and decreased Internet bandwidth usage.

The good news is that you may already have everything that you need to set up a proxy server. Microsoft's Forefront TMG can easily be configured to act as a proxy cache.

4: Secure your wireless access points

You may be able to optimize your Internet connection by securing your wireless access points. I realize that this sounds ridiculous to anyone who is managing an enterprise class network, because all your access points should already be secure. But a tremendous number of small and midsize businesses are operating unsecured wireless access points.

From an Internet optimization standpoint, the problem with unsecured wireless access points is that they allow an Internet connection to be used by anyone. A neighbor could potentially be consuming the majority of the available bandwidth.

5: Block streaming media sites

You can further optimize your Internet connectivity by taking measures to prevent bandwidth from being wasted. One such measure is to block access to any streaming media sites for which there is not a legitimate business need. For example, you might block access to YouTube in an effort to prevent users from wasting Internet bandwidth by downloading viral videos.


Brien Posey is a seven-time Microsoft MVP. He has written thousands of articles and written or contributed to dozens of books on a variety of IT subjects.


There's allot more than just "streaming media" which needs to be blocked enterprise-wide (sure the marketing dept. is one exception) But ESPN, NCAA, Netflix, Hulu, SyFy, TNT, CollegeHumor, etc. should also be blocked. I've also reclaimed bandwidth by blocking games, advertisements, forums, time-wasters like facebook/myspace, 3rd party (non-company) email and IM like hotmail/yahoo, Skype, file sharing/P2P clients, Tor and anon. proxy sites. If your business doesn't use it, then there's no reason for it on your network.


We used to block streaming media sites, but there are many businesses making use of YouTube and other sites you would think are totally unnecessary for business. We often have users who need to access training videos and other content on YouTube.


If you're gonna use your computer as a primary or secondary type-a or type-b DNS server or Name Host Relay (NHR) then you're gonna' want the proper SSH/SSL socket handling protocols in place. To start out look around the house for a network interface card, one that is relatively good in quality. Then hook-it-up and apply static IP to it. Then when you get the chance, make it a loop-back connector. You do so by using the default manual address operation and any basic IP address. for example: and for the gateway and for the DNS, feel free to switch any of these around as well to get the most optimal settings. Next, you could just go into your netsh, install a Stunnel software, and use some TCP warppers or something of the nature. Make sure that when you do this, your SSH and SSL connections are properly secured and shut-off when your are not using them. Some settings in the router control panel, Windows Firewall modes, and Advanced Network connection Settings, as well as the netsh are definitely necessary for this to work. THe beauty of the additional network interface card is the ability to create a forwarding zone for all of your additional internet packets, so that the check sum and data ids can remain in a secure-state.

Jim Johnson
Jim Johnson

using a proxy cache can also slow you down. I manage content on an industry specific web based application. To achieve private branding EVERY page is dynamically created. I find the application can be a real dog IF the customer is using a proxy cache. The cache becomes a bottleneck as it tries to match its content with the application's content based on URL. Make sure your IT staff know how to configure the proxy cache to avoid caching specified web domains.

Editor's Picks