Solved

Monitor home internet usage

Posted on 2012-04-04
16
783 Views
Last Modified: 2012-04-11
My inlaws recently got a notice from their ISP stating that they are going over their limit. I'm trying to set something up to help them monitor usage, possibly down to giving everyone in the family or every device (whichever is easier / better) a unique login or identifier. The idea being that they can track who or what is causing the overage.

Right now, they have a basic wireless router, but I can lend them a server if that would help. It currently has Windows 2003 on it, but I can wipe it and install Linux on it. I'm just much more familiar with Windows.
0
Comment
Question by:quizwedge
  • 8
  • 4
  • 3
  • +1
16 Comments
 
LVL 46

Expert Comment

by:Martin Liss
ID: 37809137
Here's one of several options.
0
 
LVL 14

Author Comment

by:quizwedge
ID: 37809196
This would cover most things but they also have portable media players, an Xbox 360, and a Roku device for streaming Netflix.
0
 
LVL 46

Expert Comment

by:Martin Liss
ID: 37809198
Who is their ISP? Maybe they have something.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 14

Author Comment

by:quizwedge
ID: 37809209
Suddenlink (http://www.suddenlink.com/) They have a monitoring tool that will let them know as they approach their limit but I was hoping to be able to tell them why they're going over their limit. Is one of the computers downloading too much? Are they streaming too many NetFlix movies? That sort of thing.

I'm thinking a MAC address based solution will probably be best so that we can tell if a device is using more bandwidth than others. A login based solution would also work (each person gets their own login), but I don't know what to do about the XBOX 360 and the Roku in that case.
0
 
LVL 46

Assisted Solution

by:Martin Liss
Martin Liss earned 50 total points
ID: 37809218
I'd blame the kids and tell them to cut it out:) Seriously though I don't really know much about this so I'll bow out. Oh, you might also do the same Google search I did which was monitor internet usage.
0
 
LVL 31

Assisted Solution

by:Frosty555
Frosty555 earned 150 total points
ID: 37809322
MartinLiss - funny enough, I think you've hit the nail right on the head. Either that or secure your wireless network and kick your neighbours off of it.

-----

Bottom line is that network-wide internet monitoring and reporting is difficult to do in a low-end consumer environment. Your hardware just isn't equipped for it. There are a variety of "tools" which can either monitor the network usage of the single computer they are installed on. Problem is that these tools usually involve either a) installing software on every single computer (Which doesn't help you track internet usage from rogue devices like an XBox, or a neighbour stealing your internet), or b) trying to "sniff" all the packets going over your network using a computer with a compatible NIC card strategically placed on your network. Most "sniffing" solutions require a NIC which is capable of promiscuously listening to packets not intended for it, which most NICs cannot do, and also require a switch or router which is capable of configuring a "mirrored" LAN port where you can monitor all of the traffic going over the network, which your router likely cannot do.

The problem is that you can't get a reliable measure of your network's bandwidth utilization unless you can monitor the network at the single bottleneck where ALL internet traffic flows through. On your network the only place that happens is inside your router. Unfortunately your consumer-grade router is not sophisticated enough to monitor and keep statistics on your network consumption or give you any meaningful information about WHO is consuming how much of the available bandwidth.



I only see two viable options for you:

1) Replace the router with your Windows Server 2003 computer and set it up running the "Routing and Remote Access", "DNS" and "DHCP" services. Essentially your Windows Server 2003 machine will become your router. You will need 2 NICs in your server - one will be the "WAN" port, which connects directly to your ISP's internet. The other will be your "LAN" port which will connect to a switch. If you do this you can install your network monitoring software on just this one server and have it monitor traffic over the WAN port. This will give you a reliable report of the internet usage of your entire household. Windows Server 2003 actually does come with a basic Network Monitoring tool as well for this purpose, but it doesn't keep long term statistics, it just lets you see what is going on right now.

2) Use common sense and figure out what is going on without monitoring the internet usage.

I suggest you try #2 first. ISPs give you a lot of bandwidth, usually 10x more than your average family will need. Almost every time I see this kind of issue the problem is either a) somebody downloading a lot of torrents or streaming a lot of movies, in which case a quick inspection of the computers in the house will quickly reveal the culprit, or b) a rogue device on your network (usually on an unsecured or compromised wireless network) using your internet connection
0
 
LVL 14

Author Comment

by:quizwedge
ID: 37809717
Frosty555 and MartinLiss, thanks for the advice. The wireless is locked down (WPA, I believe) so I doubt it's the neighbors. I'm guessing it's one of the kids, but was hoping to monitor usage so that it's conclusive and the solution would be knock it off or pay for your own internet. :) After all, with multiple people, each can claim they were only part of the problem. I'm also honestly not sure how much Netflix streaming they do. They also have two computers which have online backup through Crashplan.

I'm familiar with Routing and Remote Access, so I'll probably offer them that solution if they want it. I'm just not sure how to either track traffic by MAC address or make sure that the MAC address always gets the same IP address. Sounds like regular monitoring software would just track total usage and not split it apart by IP/MAC address. Is there a way to do that with the logs from Routing and Remote Access or something else?

I'm also planning on suggesting they use OpenDNS so they can filter proxies/anonymizers and P2P. If they do that and usage plummets, it'll be pretty obvious that it wasn't the online backup or NetFlix streaming.
0
 
LVL 11

Expert Comment

by:Khandakar Ashfaqur Rahman
ID: 37810392
Use Routerboard device:
http://routerboard.com/

You can see usage graph,you can see live packet TX & RX including source and destination.You can limit bandwidth for each individual MAC including configuring firewall etc.
0
 
LVL 14

Author Comment

by:quizwedge
ID: 37814026
rigan123, looks like the http://routerboard.com/RB250GS would be the cheapest one that would allow limiting of bandwidth by MAC. Am I correct or would they need a more expensive one?

I'm assuming they'd rather do a free solution, but this solution would be pretty easy and could be used to back up the "knock it off".
0
 
LVL 11

Expert Comment

by:Khandakar Ashfaqur Rahman
ID: 37814176
RB250GS is a managed Gigabit Switch.Please check Routerboard section.Those are routers and have bandwidth managing capability in various ways:

Choose any of the following based on your requirements (some have wireless card and gigabit port) :
RB2011L, RB711-2HnD, RB411GL, RB411UAHL, RB433L, RB433UAHL, RB433GL, RB411L, RB411, RB411AH, RB411AR, RB411U,  B411UAHR, RB433, RB433AH, RB433UAH, RB435G, RB450, RB450G, RB493, RB493AH, RB493G, RB711-2Hn, RB711UA-2HnD, RB711-5Hn, RB711-5Hn-U, RB711-5HnD, RB711G-5HnD, RB711UA-5HnD, RB711GA-5HnD, RB800

I used few of these and have good performance.Currently I'm using RB433AH and I assigned bandwidth on each individual IP.Moreover I made all ARP static.So, there's no way to use internet if someone changes his MAC.
However there is hotspot option too and you could configure hotspot and set bandwithd against individual MAC.

Here is the manual of all configurations:
http://wiki.mikrotik.com/wiki/Manual:TOC
0
 
LVL 14

Author Comment

by:quizwedge
ID: 37814216
Ah, I misunderstood. Looks like it will be at least $39 for a routerboard plus $19 for an enclosure, plus $9 for a power adapter. Doubt they'll want to spend $69 on this problem if there's a way to do it for free using a Windows 2003 or Linux server.
0
 
LVL 11

Expert Comment

by:Khandakar Ashfaqur Rahman
ID: 37814427
The alternate way is to download Routerborad OS and install into a pc which has at least 2 NIC.
http://www.mikrotik.com/download.html

You also need to check about license.
0
 
LVL 14

Assisted Solution

by:quizwedge
quizwedge earned 0 total points
ID: 37815521
Looks like the license is $45 and may be a pain to set up. If I'm looking at things correctly, the RB750 (http://routerboard.com/RB750) would have what we need, I wouldn't need to build anything or setup a server and it's only $39.95. I could set up their current wireless router as a wireless AP only and put it behind the RB750. Or, if I wanted to just replace their wireless router, I could get the RB751U-2HnD for $59.95. Both run RouterOS.

rigan123, can you confirm that I'm looking at that correctly?

I'm still interested if there's a free way to log by IP or MAC address on Windows 2003 since it'd be free, but a plug-in, pre-built solution from Mikrotik that's under $40 is very tempting.
0
 
LVL 11

Accepted Solution

by:
Khandakar Ashfaqur Rahman earned 300 total points
ID: 37815584
Yes, you're correct.I personally prefer RouterBoard OS because it's tremendous features.

Otherwise you could go for free Captive Portal softwares.Please check the following link:
https://personaltelco.net/wiki/PortalSoftware
0
 
LVL 14

Author Comment

by:quizwedge
ID: 37818469
rigan123, looks like the Captive Portal software would require a login, which the xbox360 and the Roku wouldn't be able to handle, so I'm going to offer the RouterBoard router as an option.
0
 
LVL 14

Author Closing Comment

by:quizwedge
ID: 37831758
Based on my searching and the lack of responses, I'm going to assume that there's nothing out of the box with Routing and Remote Access or free to measure bandwidth by MAC address.

Sounds like "knock it off" option has been implemented and I'll be recommending OpenDNS filtering to block P2P and other stuff with an option for the RB750 from RouterBoard.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question