Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
Aside: I'm fighting a headache today, so my "research" is going pretty slow.
I did look at the Ubiquiti EdgeRouter, at least a little bit, but there is
apparently a GPL problem.
So, I've also found the TP-Link Gigabit VPN Router (TL-R600VPN) (e.g.:
https://www.amazon.com/dp/B007B60SCG/ref=psdc_300189_t1_B00YFJT29C )
Any thoughts / comments on that device? )from anybody)
On Friday, February 03, 2017 11:53:33 AM Bob Weber wrote:
> You might look at the Ubiquiti EdgeRouter X Advanced Gigabit Ethernet
> Routers ER-X 256MB Storage 5 Gigabit RJ45 ports abut $50 on Amazon. It
> actually runs a small Debian like OS. It is configured by a web interface
> and a command line interface through ssh or embedded in the web interface.
> It has counters and displays graphs of the current throughput of each
> port. The basic router configuration (configured by wizards to get you
> started) has one port to connect to the internet (your dsl modem) and
> NATed to the other 4 ports set up like a switch. It has a DHCP server to
> assign internal IP addresses on your LAN if you want. Mirroring is also
> possible through the command line interface. Port rate limiting is also
> possible. While I use a Debian box for my main router/firewall I have
> been experimenting with a ER-X for a while as a backup in case the Debian
> box goes down.
>
> I also have a TP-Link 5-Port Gigabit Ethernet Web Managed Easy Smart Switch
> (TL-SG105E v2.0) about $28 on Amazon. It has a Web configuration interface
> (make sure you get the V2.0) and can be easily set up to mirror ports.
> This is not a router so it won't protect your internal LAN like the ER-X
> would.
>
> Now to actually monitor the traffic from a mirrored port connected to your
> desktop Debian you can use wireshark. It can display traffic in real time
> showing source and destination address/names and protocols. It can filter
> by IP so you could just see the traffic your son generates. You can graph
> the data also. Wireshark has many ways to see the data it collects. My
> favorite is "conversations" which shows source and destinations and
> packets/bytes transferred. For instance you might see your son's internal
> IP going to youtube and the data he uses just to watch a video.
>
> Another program I use to just watch data amounts being used is vnstat. It
> can show data usage by hour, day or month. Just install vnstat on each
> Debian machine and have the results of "vnstat -i eth0 -d" emailed to you
> every day by a crontab entry. Here is an example of what is on my
> outgoing port on my route box.
>
> vnstat -i eth1 -d
>
> eth1 / daily
>
> day rx | tx | total | avg. rate
> ------------------------+-------------+-------------+---------------
> 01/05/2017 4.82 GiB | 274.30 MiB | 5.09 GiB | 493.72 kbit/s
> 01/06/2017 5.16 GiB | 250.13 MiB | 5.40 GiB | 524.53 kbit/s
> 01/07/2017 4.13 GiB | 271.32 MiB | 4.39 GiB | 426.58 kbit/s
> 01/08/2017 4.61 GiB | 267.46 MiB | 4.87 GiB | 472.95 kbit/s
> 01/09/2017 3.35 GiB | 624.10 MiB | 3.96 GiB | 384.68 kbit/s
> 01/10/2017 4.72 GiB | 263.63 MiB | 4.98 GiB | 483.42 kbit/s
> 01/11/2017 5.02 GiB | 303.67 MiB | 5.32 GiB | 516.44 kbit/s
> 01/12/2017 2.87 GiB | 194.76 MiB | 3.06 GiB | 297.22 kbit/s
> 01/13/2017 4.44 GiB | 270.56 MiB | 4.70 GiB | 456.34 kbit/s
> 01/14/2017 4.36 GiB | 244.49 MiB | 4.60 GiB | 446.73 kbit/s
> 01/15/2017 4.04 GiB | 354.37 MiB | 4.39 GiB | 426.23 kbit/s
> 01/16/2017 4.60 GiB | 360.85 MiB | 4.95 GiB | 480.43 kbit/s
> 01/17/2017 4.07 GiB | 269.75 MiB | 4.34 GiB | 420.89 kbit/s
> 01/18/2017 3.90 GiB | 272.31 MiB | 4.17 GiB | 404.66 kbit/s
> 01/19/2017 4.70 GiB | 321.41 MiB | 5.01 GiB | 486.59 kbit/s
> 01/20/2017 4.65 GiB | 294.00 MiB | 4.94 GiB | 479.26 kbit/s
> 01/21/2017 7.12 GiB | 343.20 MiB | 7.45 GiB | 723.52 kbit/s
> 01/22/2017 7.23 GiB | 379.96 MiB | 7.60 GiB | 737.88 kbit/s
> 01/23/2017 5.54 GiB | 290.97 MiB | 5.82 GiB | 565.08 kbit/s
> 01/24/2017 4.85 GiB | 355.95 MiB | 5.20 GiB | 505.09 kbit/s
> 01/25/2017 3.48 GiB | 259.62 MiB | 3.73 GiB | 362.58 kbit/s
> 01/26/2017 10.14 GiB | 469.21 MiB | 10.60 GiB | 1.03 Mbit/s
> 01/27/2017 4.94 GiB | 324.84 MiB | 5.26 GiB | 510.76 kbit/s
> 01/28/2017 5.75 GiB | 332.64 MiB | 6.08 GiB | 589.86 kbit/s
> 01/29/2017 4.16 GiB | 291.04 MiB | 4.44 GiB | 431.41 kbit/s
> 01/30/2017 5.93 GiB | 331.44 MiB | 6.25 GiB | 606.99 kbit/s
> 01/31/2017 3.36 GiB | 247.76 MiB | 3.61 GiB | 350.02 kbit/s
> 02/01/2017 3.22 GiB | 248.35 MiB | 3.47 GiB | 336.53 kbit/s
> 02/02/2017 3.87 GiB | 257.72 MiB | 4.12 GiB | 399.78 kbit/s
> 02/03/2017 1.21 GiB | 128.89 MiB | 1.34 GiB | 265.66 kbit/s
> ------------------------+-------------+-------------+---------------
> estimated 2.48 GiB | 262 MiB | 2.74 GiB |
>
>
> I watch several hours of Netflix a day so this is pretty high usage.
>
> Hope this helps.
>
> *...Bob*
>
> On 02/02/2017 10:42 PM, rhkramer@gmail.com wrote:
> > Thanks for the replies (from Dan and Frank)!
> >
> > I'm going to do some thinking--at first I just wanted to find out how we
> > were using so much bandwidth, but, once I do, I might want to try
> > blocking some of it if that won't disable pages that I want to look at.
> >
> > I'll look for pfSense or OPNSense--apper doesn't list them for Wheezy,
> > but I'm sure I can find them.
> >
> > I don' think I want to try to use a Debian box as a smart router, I'd
> > rather find a packaged solution. (I've done things like that
> > before--I've learned too much about NAT and such over the last 30 years
> > or so. ;-)
> >
> > Just for posterity, here's an example of a <$30 smart gigabit switch on
> > eBay:TP-Link 5-Port Gigabit Ethernet Web Managed Easy Smart Switch
> > (TL-SG105E v2.0)
> >
> > NEW NETGEAR ProSAFE GS105Ev2 5-Port Gigabit Web Managed (Plus) Switch
> >
> > http://www.ebay.com/itm/NEW-NETGEAR-ProSAFE-GS105Ev2-5-Port-Gigabit-Web-
> > Managed-Plus-Switch-/381923274422
> >
> > On Thursday, February 02, 2017 11:58:28 AM Dan Ritter wrote:
> >> On Thu, Feb 02, 2017 at 11:19:59AM -0500, rhkramer@gmail.com wrote:
> >>> Aside: I am actually gobsmacked (I don't think I've ever been
> >>> gobsmacked before ;-)--in a week of monitoring, we (my son and I, but
> >>> with my son gone 8 to 12 hours a day) are downloading 1.5 to 4 GB *per
> >>> day* (and uploading 100 to 300 MB *per day*).
> >>>
> >>> Anyway, I want to try to figure out where all this data is going to and
> >>> coming from, at least in terms of the devices we have on our LAN (I'll
> >>> discuss those below), so I'm thinking that a(n inexpensive) managed
> >>> (Ethernet) switch or two (discussed below) might help me do that.
> >>
> >> I think you actually want a smart router. A Debian box with two
> >> or more network interfaces can be such a thing.
> >>
> >>> One thing I want to do is implement QOS--we have two ObiHai VOIP
> >>> devices (which we use pretty rarely, but still want to keep--they
> >>> might be used for 4 calls / 10 to 30 minutes a week). Sometimes the
> >>> conversation gets pretty choppy, probably depending on what my son is
> >>> doing at the time (I mean, like watching a video or something), so I'm
> >>> hoping that QOS would improve that (assuming the packets from the
> >>> ObiHai device can be recognized--I would think they can based on their
> >>> (private / on the LAN) IP addresses.
> >>
> >> A router can do that better than a switch can.
> >>
> >>> Like I mentioned above, the other thing I want to do is start
> >>> monitoring (at least on an occasional / diagnostic basis) the
> >>> bandwidth used by each device.
> >>
> >> Depending on exactly what you want, either a switch or a router
> >> can help here.
> >>
> >>> Layout of the network (for background):
> >>>
> >>> The Earthlink DSL modem (Westell) is followed by an Ethernet
> >>> (unmanaged} switch.
> >>
> >> You would want to put your router in between these. If you can
> >> arrange a third network interface on the router, you could
> >> connect the WiFi hotspot to the router, as well.
> >>
> >>> I see managed 5-port gigabit switches on eBay starting at a little
> >>> under $30, and I'd like to stay close to that as a budget (i.e., ~$60
> >>> for 2). Of course, if a more featureful switch can monitor the data
> >>> flows to each device from that (central) location, I could spend that
> >>> ~$60 for the more featureful switch). (But there is some value to me
> >>> to have two managed switches such that one would serve as a spare for
> >>> the central one even if being used at other locations for monitoring.)
> >>>
> >>> Advice / comments / recommendations?
> >>
> >> That seems an unlikely price point, even for used equipment on
> >> ebay. And managed switches usually have a minimum of 12 ports,
> >> not 5. (12, 16, 24, 32 and 48 are all common)
> >>
> >> I would recommend putting in a Debian box between the DSL modem
> >> and the ethernet switch. You will need to learn a little about
> >> routing and IP masquerading / NAT, and you will want to set up
> >> firewalling with iptables.
> >>
> >> You can look at traffic in realtime with iftop, which will show
> >> you graphs of the top users by IP address or domain name and
> >> where they are connecting.
> >>
> >> You can set individual traffic counters per IP address or per
> >> service or both with iptables.
> >>
> >> What you won't get is flow information between local devices,
> >> but as I understand it you are more concerned about traffic
> >> in/out to the Internet at large.
> >>
> >> If you set fq_codel as the queue discipline on the interfaces
> >> to the router, you will probably solve most of your traffic
> >> interference problems without mucking with QoS.
> >>
> >> -dsr-
Reply to: