Solved

Cap/Split Internet Connection Bandwidth

Posted on 2007-12-06
6
1,113 Views
Last Modified: 2008-02-22
Hello,

  We are school division who is hosting more and more of our applications from our head office.   All offsite locations (schools) are connected to the head office via an ipsec vpn.  The offsite locaitons have a internet connection of 1.5 Mb/s up and 1.5 Mb/s Down.  At times students use the labs to surf the internet which at times eats up our whole pipe which then slows down any application office staff are using.  At times the office can get slowed down to a crawl.  Is there anyway to split up the internet connection so sudents can only use 1 MB and the office is always gauranteed the .5 Mb/s so they do not experince the slowdown?

Thanks
0
Comment
Question by:2hype
  • 3
6 Comments
 
LVL 11

Accepted Solution

by:
sysreq2000 earned 300 total points
ID: 20425477
There are a number of ways to do this but how specifically would depend on your hardware and how your network is layed out. The feature you are looking for is usually called Quality of Service or QOS
0
 
LVL 13

Author Comment

by:2hype
ID: 20425557
Most of the Central Apps are web based.  Giving priority to port 80 wouldn't help.   Unless you  can QoS by more than just ports.
0
 
LVL 15

Assisted Solution

by:getzjd
getzjd earned 200 total points
ID: 20429812
Restrict total outbound HTTP access for student computer vlans at the primary gateway back in the head office.  if you only give them 384k or 512, etc then the most they could use at any given site is that much to access the outside world.  If you have 3 remotes, then they each have to fight over 512 pipe or such.  The local HTTP traffic for apps at head office would be unaffected by the qos

I am sure there is a better way to do this, but have never put much thought in to it.  I will look in to our sonicwall and see what you can do with QOS..  Speaking of which, what gateways/routers/firewalls do you have at the remote sites?
0
 
LVL 13

Author Comment

by:2hype
ID: 20430041
Thanks for the response.

Each school has its own 1.5 mb internet connections.  The schools either have an astaro box or a ipcop firewall.

Only vpn traffic goes to the head office.  If its not for vpn it goes straight to the internet via the schools connection.

We have no vlans.
0
 
LVL 13

Author Comment

by:2hype
ID: 20957435
I found a QoS where I could cap the download speed for diffrent protocols on our ipcop boxes.  So I am going to cap all traffic a few Mb under my limit and allow HTTPS the full pipe.  I think this should work.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now