Solved

someone on the network is taking up my internet pipe

Posted on 2011-09-26
6
367 Views
Last Modified: 2012-06-27
I  have a small network that has about 15 desktops and 2 servers, unmanaged 10/100 switch, juniper ssg5 firewall and a 2.5 megabits dsl line. I use prtg to graph the snmp of the firewall. My internet occasionally get slow, its is due outbound traffic from the inside. Someone in the inside is taken up the bandwidth. I can't determine who. Is there any tool to determine who or which Ip is doing it?

thanks
0
Comment
Question by:officertango
6 Comments
 
LVL 17

Accepted Solution

by:
OriNetworks earned 250 total points
ID: 36599425
You can check out firewall session analyzer from http://tools.juniper.net/fsa/ as mentioned here: http://forums.juniper.net/t5/ScreenOS-Firewalls-NOT-SRX/how-to-use-SSG5-to-monitor-client-traffic/td-p/3300

This should be able to get you what you need. Being outbound traffic kind of worries me since clients generally do not have much outbound traffic unless it is a virus/malware or someone has some kind of server set up.
0
 

Author Comment

by:officertango
ID: 36600331
I used the firewall session anlyzer, i captured that session thru putty and upload juniper site. It tells me which IP takes up how many session and etc., but it does not tell me who is consuming how much bandwidth. I know that I am wasting 400kbits outbound traffic from someone. Would etheral do the job?
0
 
LVL 6

Expert Comment

by:kdtresh
ID: 36602090
are you using dhcp? if so, what is handling addressing? if you have the source of the traffic, you may be able to check your dhcp leases and find the hostname of the machine(s) in question.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:officertango
ID: 36710132
We are using dhcp. I know all the ip, it's knowing which ip is doing the harm is the problem. Does etheral tell me the top  talker and what protocol being used?
0
 
LVL 17

Assisted Solution

by:pergr
pergr earned 250 total points
ID: 37272373
I recommend you running "ntop" on a pc on the LAN, it will tell you exactly who is doing what.

Open Source, and free.
0
 
LVL 17

Expert Comment

by:OriNetworks
ID: 37298048
I'm confused that if you know the ip the traffic is coming from, what else do you need to match it up to its source?    

ping x.x.x.x -a will resolve the DNS name of the address assuming DHCP/DNS is setup to register dns names with leases on that scope.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
managing a small network 6 97
ISP Change 14 63
VMware ESXi vswitch - performance question 2 76
Mapping a folder on a NAS to a drive letter 2 11
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question