mray77
asked on
High Inbound Bandwidth Utilization
We are experiencing some internet degradation related to high Inbound Bandwidth Utilization according our AT&T ISP Reports. We are currently equipped for 2 x T1 (3MB) service. Our network has 75 users, and 6 servers.
We can have anywhere from 2-10 RDP clients connected at one time, including a VPN. Could that have any bearing on our high Inbound Bandwidth utilization? Just looking for ideas as to the cause.
We also recently replaced our firewall with a Juniper SRX210. Could it be a firewall configuration issue?
Any ideas for identifying the leak are greatly appreciated!
We can have anywhere from 2-10 RDP clients connected at one time, including a VPN. Could that have any bearing on our high Inbound Bandwidth utilization? Just looking for ideas as to the cause.
We also recently replaced our firewall with a Juniper SRX210. Could it be a firewall configuration issue?
Any ideas for identifying the leak are greatly appreciated!
ASKER
I don't believe it occurred immediately after any changes. I am going to attach a juniper packet capture for review. In the meantime, i've also logged a ticket with Juniper to help troubleshoot. Thanks!
juniper-packet-capture.txt
juniper-packet-capture.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Great feedback - thank you! What you describe makes sense. We have around 40-50 concurrent users, although there are times where we are much closer to all 75. Yes, we also have 14 Cisco AP's across our campus, along with a Ruckus PTP.
We do have Managable switches (Dell Power Connects) that support SNMP. I will look into configuring the tools you recommend. That is something we have needed to explore for quite some time. We haven't had any visibility of what users are doing what. We've trialed other solutions like what's up gold, etc. but just haven't had the time it takes to get those tools up and running correctly. This should help.
We do have Managable switches (Dell Power Connects) that support SNMP. I will look into configuring the tools you recommend. That is something we have needed to explore for quite some time. We haven't had any visibility of what users are doing what. We've trialed other solutions like what's up gold, etc. but just haven't had the time it takes to get those tools up and running correctly. This should help.
ASKER
This helped to resolve the issue. Thanks so much everyone!
The most common cause of this we have found is usually there is a machine on the network that someone has installed peer-to-peer file sharing applications such as Limewire, emule, or bitTorrent apps. These applications will cause a flood of connections and usually end up bringing down the network. You should be able tell by looking at your gateways active connections.