Bandwidth volume

[strategic]

I'm looking for some backup. There is a little argument that has been started at my workplace regarding internet usage and the service constantly dropping. I claim that it isn't 'dropping' it just 'simply put' can only handle so much information at a time. There are a couple workers who constantly download from P2P sites, and if it's a popular download, and there are a lot of peers seeding, the files are downloading at a high rate of speed; at times, probably limiting our T5 connection, which is why I claim that the service is being bogged down. Possibly, a better router would help, but I think it's in the modem supplied from the ISP that would control it. Anybody have any thoughts on this? Am I right?:suspiciou

 

[raybay]

Each additional computer on that T5 connection can cause the internet delivery to be divided among all computers online...
Maybe it could benefit from a different router, or maybe not. Talk to your service provider. Let them look at your usage from their home site... They control the speed, more often than the cable modem controls the speed... and what they deliver could be fluctuating wildly.
Get a good broadband speed tester. There are many free ones online... you can try several with a Google search until you find one that is satisfactory for you.

 

[strategic]

Thanks raybay, I usually do a test at http://www.speedtest.net/ . When I have a connection, it's usually very good, but being through a phone line, I understand it may fluctuate since there are so many users in the area, and only minimal phone lines. One example, is yesterday afternoon, I tried loading this site; it would say "looking for..." for a while, then "waiting for..." for a while and then "done" then a message on the screen sying "connection reset" That to me means that our (probably the modem) was to busy to fulfil the request. No other businesses in the area complain about their service.

 

[DelJo63]

Thanks raybay, I usually do a test at http://www.speedtest.net/ . When I have a connection, it's usually very good, but being through a phone line, I understand it may fluctuate since there are so many users in the area, and only minimal phone lines. One example, is yesterday afternoon, I tried loading this site; it would say "looking for..." for a while, then "waiting for..." for a while and then "done" then a message on the screen sying "connection reset" That to me means that our (probably the modem) was to busy to fulfil the request. No other businesses in the area complain about their service.

As a home user of DSL, that connection is point-to-point dedicated connection (ie unshared).
This contrasts with a Cable connection which is shared by all subscribers on that specific 'drop' from the cable provider.

The "looking for..." is the access to the DNS to xlate url into an IP address for the connection.
Frequently it is followed (on a lagging connection) with "Connecting to ..."
and finally with "Reading ..."

A "connection reset" is created from the remote end (the server you're accessing) and can be for many reasons, including "I've got too many connections already"

With several P2P users (especially *torrent downloads which make multiple connections per user), it is very likely that you are correct -- you can be approaching bandwidth saturation.

With an Ethernet contention system, the practical limit of bandwith is ~70% of the slowest NIC in the chain. EG, a 10/100mbs router running at 100mb will saturate at ~70mbs. Attempting to go higher just creates 'collisions' which force all users into retry and the thruput falls off rapidly.

If this occurs at work, talk to the help desk and have the P2P ports or IP addresses block. They should be anyway on a security risk basis anyway!

 

[strategic]

A "connection reset" is created from the remote end (the server you're accessing) and can be for many reasons, including "I've got too many connections already"

This is my point I am constantly arguing at work. If it's a movie/game that has just been released... everybody is after it and the amount of 'seeds' are endless'

If this occurs at work, talk to the help desk and have the P2P ports or IP addresses block. They should be anyway on a security risk basis anyway!

I couldn't agree with you more, and thanks for your input. It's a good feeling to know that I'm right with this, unforrtunately I don't thing I won the battle just yet, it's a good thing I'm stubborn.

 

[strategic]

have the P2P ports or IP addresses block.

How would you go about doing this?:suspiciou
IF I win the battle, I would be the one with the pleasure of doing this operation,:evil: but I never controlled any ports before...

 

[DelJo63]

blocking ports or ip addresses is done in the gateway router.

blocking outbound access to an ip address would be on a per-server basis and require more than one to top p2p.

blocking by port or port range would stop p2p access to all servers using those ports.

use google to find the default ports for BitTorrent and UTorrent programs -- there may be others to be discovered.

the how-to is router specific

 

[Justin]

If you have a lot of P2P traffic, it's very likely you're actually hitting a PPS limitation as opposed to a bandwidth limitation. Most P2P clients are configured, by default, to use absurd limits on the maximum number of simultaneous connections, followed up by mass amounts of very small packets. A router can become quickly overwhelmed, and what was a 1.5Mbps or 5Mbps or 20Mbps connection can be dwarfed to a quarter of that - not because of saturation, but because of excessive PPS load.


I would strongly urge you to keep those P2P clients in check. Configure their torrent clients to have a lot fewer maximum connections, lower their maximum upload and lower their maximum download.

 

[strategic]

it's very likely you're actually hitting a PPS limitation as opposed to a bandwidth limitation.

I haven't heard of the term "PPS", what does that refer to?
We're most likely reffering to the same area. If there is a popular download with, lets' say, 30,000 peers, as I understand it, you're downloading from pretty much all those peers (not quite really - but there a lot of connections). With all those connections, you're very limited for any other use.

 

[tipstir]

P2P can be blocked by the router but some firewall software for Windows can also block ports or IP address from known sites. If you got T5 you and your a business you can get BlueCoat Web Security Hardware and block all those P2P activity thus the expenisve of the BlueCoat hardware device is at $10,000 to handle the amount of node traffic you have in your corporate or enterprise domain environment.

 

[DelJo63]

of course, but why manage EVERY client firewall
when placing the controls on the gateway is one device to manage and it impacts all clients, even new ones not yet joined to the domain

 

[tipstir]

of course, but why manage EVERY client firewall
when placing the controls on the gateway is one device to manage and it impacts all clients, even new ones not yet joined to the domain

I am just saying it can be done. I don't know how many client systems he wanted to block. Sure the router can do it also. Software firewall with password lock down would be more ideal.

 

[DelJo63]

and I agree, but would rather manage one router than X software firewalls

 

[tipstir]

and I agree, but would rather manage one router than X software firewalls

Sure if the main router has access control where you can block the site by IP address instead of by URL. You can get around the URL than you can get using the IP address of the site.

URL Block Rule
Example: http://www.abc.com
You can get around that by: http://forum.abc.com or movies.abc.com under P2P.

IP Block Rule on the client blocks.
16.0.100.60

A script could be run at night to add these IP Block Rules to the clients on a domain. Thus no need to send a tech to do each PC.

 

[DelJo63]

hm; interesting idea but personally I've never seen a router block by URL;
the controls are

• control (ie allow/deny)
• protocol (tcp, udp, both)
• direction (in/out)
• source ip address
• source port
• dest ip address
• dest port
• log vs alert

which then ignores all variations of xxx.domain.com

let's agree to disagree -- we seem to do that frequently

 

[tipstir]

hm; interesting idea but personally I've never seen a router block by URL;
the controls are

• control (ie allow/deny)
• protocol (tcp, udp, both)
• direction (in/out)
• source ip address
• source port
• dest ip address
• dest port
• log vs alert

which then ignores all variations of xxx.domain.com

let's agree to disagree -- we seem to do that frequently

Yes we do don't we Well let the OP tell us what type of Router he's using. Enterprise Router or is it just a small/business or those you pick-up at electronic store. Then you and I can go from there. Agree!

 

[strategic]

Yes we do don't we Well let the OP tell us what type of Router he's using. Enterprise Router or is it just a small/business or those you pick-up at electronic store. Then you and I can go from there. Agree!

The router is a Linksys (both-we have separate routers, 1 wireless, 1 wired-don't ask me why:suspiciou).
They are both typical routers you purchase from Best Buy-nothingspecial, but I don't know what the model #'s are. The wired (LAN) router is the only one to be concerned with.:evil:

 

[tipstir]

The router is a Linksys (both-we have separate routers, 1 wireless, 1 wired-don't ask me why:suspiciou).
They are both typical routers you purchase from Best Buy-nothingspecial, but I don't know what the model #'s are. The wired (LAN) router is the only one to be concerned with.:evil:

Can you get the model number of the wired router. If you want that could be flashed to DD-WRT and then you could use this rule..

 

[Justin]

I haven't heard of the term "PPS", what does that refer to?
We're most likely reffering to the same area. If there is a popular download with, lets' say, 30,000 peers, as I understand it, you're downloading from pretty much all those peers (not quite really - but there a lot of connections). With all those connections, you're very limited for any other use.

PPS is not the same as simultaneous connections.

PPS = packets per second. It's an upper limit of any network device's capability to process X number of packets, irrespective of size, per second.

Downloading a large file off a website generally produces a few number of very large packets. In a scenario like that, PPS is irrelevant.

Services like bittorrent and VoIP generate very high numbers of very small packets. There, you may reach a network devices PPS limit long before you exceed your available bandwidth.

Simultaneous connections play a part in that, because each sustained connection is going to be generating packets - but there's a big difference between a packet and a stateful connection.