[wellylug] Traffic monitoring on home network

Jethro Carr jethro.carr at jethrocarr.com
Thu Aug 6 21:40:30 NZST 2009 

On Thu, 2009-08-06 at 08:38 +0200, Andrew Tarr wrote:
> Hi there, 
> 
> I live in a big ol' house with lots (well, 6) people, some of whom I
> scarcely know.  We've just got a 20 GB broadband plan, and I'm
> wondering about how this is going to work out - what's to stop someone
> from downloading several movies in the first week, then everyone
> getting bitchy when everything reduces to something like dialup
> speeds, which is almost unusable if everyone's trying to use it? 

heh, I can tell you now that 20GB between 6 people is not going to
work....


> So I'd like to at least monitor the traffic. It would be wonderful if
> I could also throttle traffic for people going over their share.  I've
> had a bit of a look at the router's control webpage thing, and it
> doesn't look like it's capable of much of this sort of thing.  It's a
> recent DLink wireless router of some kind (I think I bought it last
> year) I can't tell you exactly at the moment as I'm not at home.
> There is a separate ADSL modem.  

Most consumer routers are crap and won't let you do anything like that.


> I suppose throttling access will require setting up some sort of
> router, so firstly I'm interested in hearing about suitable hardware.
> This needn't be linux-based, if there's an off-the-shelf appliance of
> some kind I can buy, that would be great - I suppose this makes my
> post slightly off-topic, but I'm hoping I'll be forgiven.  I don't
> really want to spend very much on it, though, $300 would be an upper
> limit.  I was thinking perhaps something like this would come in
> handy: 
> 
> http://docwiki.gumstix.org/Netstix


I use a Soekris for routing, very low power Linux embedded system, with
3x ethernet ports and a x86 CPU.

Visit http://www.soekris.com/

However they are probably outside of your budget unless you can find a
cheap older model second hand/donated/borrowed.

But any PC with 2x ethernet cards would work just as well, you could
also make it act as a proxy server as well, with 6



> unfortunately they don't seem to be produced any longer. And even if
> they were still around, they only have one ethernet port. 
> 
> Secondly, I'm also wondering whether I can monitor traffic from my own
> linux PC.  I'm imagining this won't necessarily be possible - won't
> the router act as a switch, and only be sending my computer packets
> its interested in? And if it is possible, then what will be the impact
> on network performance?  And what software do I use? I don't need
> anything too fancy, just an ongoing sum of useage per MAC address or
> something like that. 
>  
> I've also had a fairly unfruitful search on the intertron, and on the
> wellylug mailing lists.  There's lots of stuff around, of course, but
> nothing that really seems to address my requirements, so I'm hoping
> that you guys can point me in the right direction. 

You need to have a machine in between the ADSL modem and the network to
get proper usage results and to be able to implement rate limiting.

For collecting usage records, netacct-mysql might meet your needs, it
does traffic accounting on an IP-basis and stores the records in the
MySQL database.


From there you could write a script to implement rate limiting, not sure
what the best limiting tool would be, it's not something I've needed to
do before.


To properly track the users of the network, setup DHCP with IP handouts
to known mac addresses, then block all other IPs from reaching the
internet.

This will require everyone to register their macs with you and get
assigned an IP, rather than just connecting devices and having the usage
for a specific device tracked but no knowledge of who owns it.


Also note that you don't want to have 20GB /6 people == 3.3GB each,
since some users will just queue up heaps of downloads once they reach
their cap and get throttled back and will pull down lots of data slowly.


In reality, you want at least a 40GB plan, with 10GB spare and assign
each person 5GB, so that once people reach their cap, there is still
10GB of data available before the connection drops to 64kbits.


regards,
jethro


-- 
Jethro Carr
www.jethrocarr.com/index.php?cms=blog
www.amberdms.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.wellylug.org.nz/pipermail/wellylug/attachments/20090806/df8dc83c/attachment.pgp

More information about the wellylug mailing list