asked on

someone on the network is taking up my internet pipe

I have a small network that has about 15 desktops and 2 servers, unmanaged 10/100 switch, juniper ssg5 firewall and a 2.5 megabits dsl line. I use prtg to graph the snmp of the firewall. My internet occasionally get slow, its is due outbound traffic from the inside. Someone in the inside is taken up the bandwidth. I can't determine who. Is there any tool to determine who or which Ip is doing it?

thanks

ASKER CERTIFIED SOLUTION

OriNetworks

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

officertango

ASKER

I used the firewall session anlyzer, i captured that session thru putty and upload juniper site. It tells me which IP takes up how many session and etc., but it does not tell me who is consuming how much bandwidth. I know that I am wasting 400kbits outbound traffic from someone. Would etheral do the job?

kdtresh

are you using dhcp? if so, what is handling addressing? if you have the source of the traffic, you may be able to check your dhcp leases and find the hostname of the machine(s) in question.

officertango

ASKER

We are using dhcp. I know all the ip, it's knowing which ip is doing the harm is the problem. Does etheral tell me the top talker and what protocol being used?

SOLUTION

pergr

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

OriNetworks

I'm confused that if you know the ip the traffic is coming from, what else do you need to match it up to its source?

ping x.x.x.x -a will resolve the DNS name of the address assuming DHCP/DNS is setup to register dns names with leases on that scope.