Solved

Cap/Split Internet Connection Bandwidth

Posted on 2007-12-06
6
1,117 Views
Last Modified: 2008-02-22
Hello,

  We are school division who is hosting more and more of our applications from our head office.   All offsite locations (schools) are connected to the head office via an ipsec vpn.  The offsite locaitons have a internet connection of 1.5 Mb/s up and 1.5 Mb/s Down.  At times students use the labs to surf the internet which at times eats up our whole pipe which then slows down any application office staff are using.  At times the office can get slowed down to a crawl.  Is there anyway to split up the internet connection so sudents can only use 1 MB and the office is always gauranteed the .5 Mb/s so they do not experince the slowdown?

Thanks
0
Comment
Question by:2hype
  • 3
6 Comments
 
LVL 11

Accepted Solution

by:
sysreq2000 earned 300 total points
ID: 20425477
There are a number of ways to do this but how specifically would depend on your hardware and how your network is layed out. The feature you are looking for is usually called Quality of Service or QOS
0
 
LVL 13

Author Comment

by:2hype
ID: 20425557
Most of the Central Apps are web based.  Giving priority to port 80 wouldn't help.   Unless you  can QoS by more than just ports.
0
 
LVL 15

Assisted Solution

by:getzjd
getzjd earned 200 total points
ID: 20429812
Restrict total outbound HTTP access for student computer vlans at the primary gateway back in the head office.  if you only give them 384k or 512, etc then the most they could use at any given site is that much to access the outside world.  If you have 3 remotes, then they each have to fight over 512 pipe or such.  The local HTTP traffic for apps at head office would be unaffected by the qos

I am sure there is a better way to do this, but have never put much thought in to it.  I will look in to our sonicwall and see what you can do with QOS..  Speaking of which, what gateways/routers/firewalls do you have at the remote sites?
0
 
LVL 13

Author Comment

by:2hype
ID: 20430041
Thanks for the response.

Each school has its own 1.5 mb internet connections.  The schools either have an astaro box or a ipcop firewall.

Only vpn traffic goes to the head office.  If its not for vpn it goes straight to the internet via the schools connection.

We have no vlans.
0
 
LVL 13

Author Comment

by:2hype
ID: 20957435
I found a QoS where I could cap the download speed for diffrent protocols on our ipcop boxes.  So I am going to cap all traffic a few Mb under my limit and allow HTTPS the full pipe.  I think this should work.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question