Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

Dual WAN

The TL-ER6020 has three router modes, NAT, Non-NAT and Classic. NAT, or network address translation mode, is the default and is used to translate public to private IP addresses between the WAN and LAN interfaces. Non-NAT mode disables NAT functionality and requires the configuration of static routes and/or utilization of the RIP routing protocol to establish routing rules. Classic mode is “a combined mode of NAT and Non-NAT”.

I could see classic mode as useful if it allowed configuration of NAT on one WAN interface and Non-NAT on the other WAN interface, but it didn't seem to work that way for me. Documentation of this mode is vague, so I've reached out to TP-LINK for clarity and will post an update when I hear back.

The TL-ER6020 automatically performs load balancing between active WAN ports using TP-LINK's “Intelligent Load Balancing”. Using the default configuration for load balancing, it looks to me like the TL-ER6020 distributes traffic equally between WAN interfaces based on sessions.

To test default load balancing on the TL-ER6020, I set up two continuous pings to two different websites, with each ping representing a different session. I then disconnected the WAN1 interface. As you can see in the screenshot below on the left, only one of the ping sessions was interrupted, the other ping session continued without interruption. Moreover, the ping session that was interrupted only lost one packet. I repeated the test multiple times with similar results.

Load balance ping test

Load balance ping test

Based on my simple tests, the TL-ER6020 can fail over to the other WAN connection quite quickly. I like the fact that it automatically uses both connections by default, instead of leaving one connection as an idle backup.

The TL-ER6020 dual-WAN default mode assumes equal ISP connection bandwidth. If your ISP connections have different bandwidth capabilities or if one is usage sensitive or if one is more reliable than the other or if you have a requirement to send specific traffic out a specific connection, you may want to adjust the load balancing scheme. Load balancing on the TL-ER6020 can be customized based on bandwidth, source or destination IP address, TCP or UDP, tine of day/week schedule and primary/backup designation.

Firewall and Security

There are five main options on the TL-ER6020 firewall: Anti ARP Spoofing, Attack Defense, MAC Filtering, Access Control, and App Control.

Anti ARP Spoofing is a feature more commonly found on switches, but is useful on a router, too. With this feature, you can bind IP addresses to specific MAC addresses and permit only traffic that matches those bindings.

The Attack Defense feature allows for blocking excessive or potentially fraudulent traffic flows. Traffic floods can be blocked based on six types of traffic flows and configurable packet per second thresholds. Anomalous packets can also be blocked. Below is a screenshot of the Attack Defense options.

Firewall attack defense options

Firewall attack defense options

MAC filtering provides both allow / deny options for listed MAC addresses. For a small network (less than 10 users), MAC filtering based on a list of permitted devices can be an effective way to control access to the network, although somewhat resource intensive.

Access Control options on the TL-ER6020 are basic. The URL filtering option filters Internet traffic based on keywords or URLs, while the Web filtering option filters Internet traffic based on the presence of Java, ActiveX, or Cookies. The Access Rules option allows for creating rules to block or allow traffic based on ten predefined services (ICMP, FTP, SSH, TELNET, SMTP, DNS, HTTP, POP3, SNTP, H.323), source and destination IP address, and schedule. Additional services can be defined by protocol and port.

App Control allows for blocking various well-known Internet traffic types including Instant Messaging, Social Networking, Peer to Peer, Media, and other Internet sites. The list of applications are defined by a database file provided by TP-LINK. I tested this feature with a basic rule to block all traffic to all of the apps shown below and could no longer access YouTube once my basic rule was applied.

App control traffic types

App control traffic types

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Between marketing jargon and technical descriptions, every time I turn around there's some new type of QOS. Please help my confused brain!Regardless o...
I have started this thread to document my journey in setting up a DIY NAS.I currently have a ReadyNAS RN212 which is a desktop model with 2x2Tb WD red...
Checking out the RT-AC68U's /dev/urandom and running some tests on it.I collected a few large chunks of entropy from the AC68U's /dev/urandom:Code: s...
Hi guys,New ISP that has static ip's and have got the basic ipv4 up and running, however i am struggling to set up the static IPv6 and Ipv6 gateway.I ...
View attachment 19961red is supposed to be the one given the most bandwidth/prioritized traffic, right? then why i keep seeing blue clients bogging do...

Don't Miss These

  • 1
  • 2
  • 3