LAN bandwidth hogs ravaging my pretty debian-server LAN - Network

This is a discussion on LAN bandwidth hogs ravaging my pretty debian-server LAN - Network ; Hello, I am a junior network admin in a cooperative housing complex in berkeley. The house has been wired to share a T1 connection between the 28 possible computers, all hidden behind a debian machine running apache... bla bla bla. ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: LAN bandwidth hogs ravaging my pretty debian-server LAN

  1. LAN bandwidth hogs ravaging my pretty debian-server LAN

    Hello,
    I am a junior network admin in a cooperative housing complex in
    berkeley. The house has been wired to share a T1 connection between
    the 28 possible computers, all hidden behind a debian machine running
    apache... bla bla bla.

    Point is, I was less familiar with linux networking than I would like
    to be when the job has been left to me (the two senior admins
    disappeared), and I have run into a problem with the connection
    getting reee.ee.eeeealy... slow...

    My suspicion is that it is file sharing software being run by multiple
    parties. My question is, what is the best way to regulate file sharing
    in my network? I just looked through apache's httpd.conf, but it
    really wasn't any help. I was about to make a script that would cause
    my computer to sniff out bandwidth hogs and switch ips with them (to
    knock their connections off the network for a bit), but it occured to
    me that the vengeful approach really isnt the most professional.

    Any suggestions? Advice appreciated.

    J

  2. Re: LAN bandwidth hogs ravaging my pretty debian-server LAN

    mrfwiski@allele5.biol.berkeley.edu (mrfwiski) wrote in message news:...
    > Hello,
    > I am a junior network admin in a cooperative housing complex in
    > berkeley. The house has been wired to share a T1 connection between
    > the 28 possible computers, all hidden behind a debian machine running
    > apache... bla bla bla.
    >
    > Point is, I was less familiar with linux networking than I would like
    > to be when the job has been left to me (the two senior admins
    > disappeared), and I have run into a problem with the connection
    > getting reee.ee.eeeealy... slow...
    >
    > My suspicion is that it is file sharing software being run by multiple
    > parties. My question is, what is the best way to regulate file sharing
    > in my network? I just looked through apache's httpd.conf, but it
    > really wasn't any help. I was about to make a script that would cause
    > my computer to sniff out bandwidth hogs and switch ips with them (to
    > knock their connections off the network for a bit), but it occured to
    > me that the vengeful approach really isnt the most professional.
    >
    > Any suggestions? Advice appreciated.
    >
    > J


    not apache, look for firewalls, apache is the web server, doesn't do
    anything for connections to the internet.
    look for ipchains or iptables
    hope this helps,
    --Lehi

  3. Re: LAN bandwidth hogs ravaging my pretty debian-server LAN

    lgj_nospam@yahoo.com (LGJ) wrote in message news:<91e4ba8d.0311131326.487937a8@posting.google.com>...
    > mrfwiski@allele5.biol.berkeley.edu (mrfwiski) wrote in message news:...
    > > Hello,
    > > I am a junior network admin in a cooperative housing complex in
    > > berkeley. The house has been wired to share a T1 connection between
    > > the 28 possible computers, all hidden behind a debian machine running
    > > apache... bla bla bla.
    > >
    > > Point is, I was less familiar with linux networking than I would like
    > > to be when the job has been left to me (the two senior admins
    > > disappeared), and I have run into a problem with the connection
    > > getting reee.ee.eeeealy... slow...
    > >
    > > My suspicion is that it is file sharing software being run by multiple
    > > parties. My question is, what is the best way to regulate file sharing
    > > in my network? I just looked through apache's httpd.conf, but it
    > > really wasn't any help. I was about to make a script that would cause
    > > my computer to sniff out bandwidth hogs and switch ips with them (to
    > > knock their connections off the network for a bit), but it occured to
    > > me that the vengeful approach really isnt the most professional.
    > >
    > > Any suggestions? Advice appreciated.
    > >
    > > J

    >
    > not apache, look for firewalls, apache is the web server, doesn't do
    > anything for connections to the internet.
    > look for ipchains or iptables
    > hope this helps,
    > --Lehi



    Thanks Lehi. I followed your advice and came up with the following
    hack.

    first, I let the following run

    ../ngrep -l -q -t -d eth0 -i 'kazaa' > kazaabad &

    then I created a shellscript with the following contents:

    ######### fish4kaza ###############################################
    cat kazaabad | grep -a "192.168.0." | sed
    's/..*192.168.0.[0-9][0-9]*:[0-9][0-9]* ->
    \([0-9][0-9\.]*\):[0-9][0-9]* ..*/\1/' | grep "^[0-9]" | sort | uniq >
    kazaafish

    echo "" > kazaabad

    x=`cat kazaafish | wc -w`

    echo -n "found $x ips cooperating in the conspiracy:"

    if [ $x -gt 0 ]
    then
    for ip in `cat kazaafish`
    do
    route add -host $ip reject
    echo -n "X"
    done
    fi

    echo "all iced"
    rm kazaafish
    ##################### feenish ####################################


    Then, to purge the routing table rules once the file sharers have
    given up

    #################### free_routetable #############################
    route -n | grep "\!H" | sed s'/^\([0-9][0-9\.]*\) ..*/\1/' > limitlist

    x=`cat limitlist | wc -w`
    echo -n "Liberating $x routes from tables: "
    if [ $x -gt 0 ]
    then
    for ip in `cat limitlist`
    do
    route del -host $ip reject
    echo -n "X"
    done
    fi

    echo "all iced"
    rm limitlist
    ################################################## #################

    After tinkering, I found that I could pretty reliably cleanse my
    network with a quick shocktreatment to the tune of

    x=20;while [ $x -gt 0 ]; do ./fish4kazaanodes; x=`expr $x - 1`; sleep
    30; done

    followed by a cron'd checkup. The technique has worked exceedingly
    well in speeding up service within the LAN. My only problem is that I
    have made an overly liberal specification of what kazaa packets to
    grab (due to a lazy and limited reading of the ngrep man page.), with
    the effect that I suddenly found myself unable to connect to google.
    (free_routetable fixed that, of course)

    BUGS/PROBLEMS/IDEAS

    1) A major limitation is that this only addresses Kazaa.

    2) The script also isnt really automated; I have to run them when I
    think the network is slowing too much for my tastes.

    3) Some sort of network load sampling tool with be a great way to
    set an event trigger on the crontab (I'm a geneticist, what can I
    say?).

    4) Additionally, I think there may be undesirable consequences with
    having so many routing table rules.

    5) How Google got mixed up in kazaa filesharing I really dont
    understand at all.

    6) Finally, as rewarding as it is to watch the tides of slow pages
    part, knowing that you just derailed all the bandwidth hogs, this is
    really far too much of a draconian admin technique for my taste.

+ Reply to Thread