[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: off subject - ip & bandwidth management

Gregory Wood wrote:

Problem 1: I have a couple of sites, one with 30 users, another with 500
users. The switches are unmanaged. Occasionally, someone won't be able to
log in or they will loose a network printer. I suspect one or more PCs are
soaking up the bandwidth.

Problem 2: I work with a local ISP. He has his system subnetted BUT there
are still folks who find a 'free' IP and use it. When the owner of the IP
fires up his system, he can't connect. Also, as above, he has seen the
'steady state' bandwidth increase but can't identify the users. He has CISCO
switches and I would have though they would have the tools to identify the
user consumption. Apparently not.

Is there a tool for monitoring who is using the bandwidth and with what MAC?
I've used Ethereal but it generates way too much detail. I would like to
load up a notebook and a hub and stick it between the server and the rest of
the network or between the Internet firewall and the network.

Ideas? Thoughts?

If the Ciscos are managed switches, try using MRTG to graph port usage. You should also be able to log on and show port info, check the docs for the switches CLI. Haven't used Cisco switches here, but something along the lines of "show int" should get what you need.

For individual bandwidth usage on a local subnet, iptraf provides a neat glance at "real-time" usage. If you're on a switched network, you'll need some way to see all the traffic on the network. For 3com switches, it's called something like the "roving analysis port" (better than using a hub near the firewall, just analyze the firewall's port). Iptraf will give a nice display of traffic in and traffic out, listed by MAC. Then it's just a matter of tracing down the MAC's location, and going to said location with a big stick in hand :-)

You might also want to nmap your network periodically. Look for surprising IP addresses.

You'll probably find misbehaving KaZaa servers to blame. They're very bad about playing well on a network, and will happily saturate your bandwidth.


Reply to: