Streaming Audio Bandwidth Use [Archive] - Glock Talk

PDA

View Full Version : Streaming Audio Bandwidth Use


Cinic
10-04-2004, 10:56
Howdy,

I'm the on-site IT guy for my company. I don't know much about administrating networks but I outshine anyone else in the office. We're a small structural engineering firm and that is my background. I just fell into the IT role.

Anyway, we have a 512k DSL connection for our internet. There are 7 employees at this location. All employees have full internet access. A couple of guys like to listen to streaming audio from the internet. Is there an average of how much bandwidth this uses? I tried googling but couldn't find anything. Sometimes I notice the internet getting rather slow and I'm wondering if this may be the cause. Also, is there a recommendation for bandwidth/user? IE, is the 512k enough for an office this size?

Thanks for any help and don't dumb anything down, I'll ask if I have questions.

John

HerrGlock
10-04-2004, 11:02
If your router doesn't do statistics, consider dropping a *NIX box in as the router behind the firewall and running a statistics program that looks at usage, download, upload and such.

What you believe, what we tell you, what you hear means nothing to no one unless you have the numbers to back it up. Those numbers will also answer your questions.

DanH

pfrigm
10-04-2004, 11:27
What HerrGlock said. Streaming audio/video is usually site/stream specific. There is no way for anyone to simply say... it takes XX kbps for stream. Even an average is meaningless because it can, litteraly, be from almost nothing to several Mpbs (or more). It all depends on the encoding in the specific stream. You need to get something (software and/or hardware) in between your staff and the internet that can pick out packets and/or analyze your traffic. That's the only way you are going to know for sure how much is being used. If you are finding it a problem and increasing your bandwidth is prohibitive (cost, etc), you may want to consider either disallowing it entirely, or getting something that can do Quality of Service actions on your bandwidth and limit the amount of streaming allowed on your network.

Cinic
10-04-2004, 12:46
Thanks for the input guys.

Here's where my lack of expertise will come into play.

The only thing between the users and the internet right now is a firewall that is managed by our corporate IT guy about 2000 miles away. Our server runs DHCP so the router provided by the ISP doesn't pass out IP addresses and all it sees is the firewall anyway.

Like you said, I should drop something between the users and the firewall that can analyze data. However, I have no experience with *NIX. Are there any other options? How about a router that does nothing but monitor the traffic? Does something like that exist?

Although we are about to decommission a couple of old machines. Maybe I could take this as my opportunity to learn to use *NIX.

Thanks again for the input.

John

HerrGlock
10-04-2004, 13:08
You sound like you have a handle about networking, though, so here's the short version.

You already have DHCP set up, don't need that.

I'll bet you have a switch between your users and the firewall. That's fine, you have three things you can do (offhand, I'm sure there are more)

1) Set up a *NIX box with as many network cards as necessary to take over as that switch.

Remove the switch and plug the office machines into the *NIX box. Make the firewall the default route and turn on routing. Make the box NAT everything going towards the firewall. This does two things, it frees up a lot of firewall CPU usage because it no longer really has to nat, everything's going to one IP address. It doesn't seem like it should do this but I've checked on a number of these I've set up and the firewall works less and there are fewer slowdowns from this.

Put MRTG (http://mrtg.hdl.com/mrtg.html) on the box. It's amazing. There are others out there, but I've used this one and like it. It does most of the work for you and makes it pretty.

2) Make a *NIX box have an IP address that the firewall now has. Use another subnet with two addresses and a crossover cable between the *NIX box and the firewall. Turn on NAT and forwarding on the *NIX box. Load MRTG onto it and make the firewall the default route.

This is a bit easier. You won't have to change out any of the desktop's default routes or any of your network setup as you are adding a new subnet outside your current setup.

3) Drop a router instead of that switch. Make sure the router can turn on full logging, auditing and everything else. This will be a high end router. This is the most expensive option of these three.

__________________________

The first two options require a low-end machine, too slow for someone's desktop will be fine, even with heavy usage, a 486 can do this without slowing anyone down.

DanH

Cinic
10-04-2004, 13:47
#2 appears to be the best option right now. I think we're using about 12 ports on the switch right now, so #1 would be tough.

Boss man isn't going to want to lay out the capital for #3.

I've got an unused box at home with an AMD K6-2 in it and two NICs. It may be a good *NIX starter box.

Here's a question on MRTG or any monitoring software/hardware for that matter. How does it differientiate from one user to the next? I'm guessing by the local IP addresses. But since these can change daily, is there another way to figure out who's who?

I appreciate all your help. I enjoy learning about this stuff.

John

chevrofreak
10-04-2004, 15:30
Didnt read a single reply in this thread, so I may be repeating previous statements.

512k is a damned slow connection, about 64KB/sec

A 128kbps music stream takes about 33KB/sec in my experience (though it should be 16) so two people listening will kill your BW.

HerrGlock
10-04-2004, 16:42
Originally posted by Cinic

Here's a question on MRTG or any monitoring software/hardware for that matter. How does it differientiate from one user to the next? I'm guessing by the local IP addresses. But since these can change daily, is there another way to figure out who's who?


Do what most of the security consious world does and go with static IPs and have a DNS server for internal

OR

Make darn sure your DHCP server knows who is who and y'all map who had what IP address what day.

If you're stuck on DHCP, then map each IP to a MAC address, then you know who has what IP. It's still DHCP, but all IPs are static and reissued to the same machine each time it comes up for renewal.

DanH

Cinic
10-04-2004, 18:00
Now I'm just blatantly changing the subject...

What is the advantage of DHCP if to be security consious you should have static addresses?

Cinic
10-05-2004, 00:48
Did a bit of research...tell me if i'm wrong.

I would still want DHCP even if I had the IPs tied directly to the MAC addresses because if there were any changes to the network (ie: WINS, DNS, gateway) they would still be passed out automatically. However, I would still be able to tell one machine from the other with the semi-static local addresses.

This is good stuff and I really appreciate all the information.

I welcome any more comments.

John

greenlead
10-05-2004, 04:01
Try IPCOP (http://www.ipcop.org). It is a complete Linux distrobution, and will run on just about anything.

HerrGlock
10-05-2004, 07:02
Originally posted by Cinic
I would still want DHCP even if I had the IPs tied directly to the MAC addresses because if there were any changes to the network (ie: WINS, DNS, gateway) they would still be passed out automatically. However, I would still be able to tell one machine from the other with the semi-static local addresses.


If you're set up to do DHCP and your baseline includes DHCP on any new desktop, then doing the MAC-to-IP works and gives you basically static IPs without having to update things if you change the network. If you decide to change out the DNS server (for instance) you can just put the new one into the DHCP server's servings and you're up and running as soon as they renew the lease.

If you have no baseline already, you may want to think about static and keep the DHCP server going until you have everyone switched over. BUT... Draw out your network, plan on it doubling or tripling (even if you believe it "cannot do so") and keep the IP addresses and ranges in a logical grouping for servers Vs desktops Vs network equipment.

DanH

chevrofreak
10-05-2004, 08:05
My router might just kick ass, but it already gives the same IP to each NIC, presumably based on MAC addresses. :)

Cinic
10-06-2004, 11:36
Couple of questions...

Binding the IP address to the MAC id is done with reservations, correct?

How long should DHCP leases last? We work the standard day shifts. But sometimes people leave their computers on overnight.

Thanks.

_John

HerrGlock
10-06-2004, 17:45
Originally posted by Cinic
Couple of questions...

Binding the IP address to the MAC id is done with reservations, correct?


I dunno. This is a WIN thing, I'd imagine.


How long should DHCP leases last? We work the standard day shifts. But sometimes people leave their computers on overnight.


Depends on how frequently your network changes. A day is not a problem usually. If they turn off their computers, how do you do maintenance? How do you update stuff overnight?

DanH

Cinic
10-06-2004, 22:10
Correct on the win thing...however I'm writing this in Linux. Cheesy running SUSE from a CD Linux, but linux nonetheless.

I have no idea about the maintenance. Like I said, I'm the appointed IT guy with no formal training...or informal for that matter. I'm not even sure what I should be updating. If there are windows updates, I typically take care of that on each individual machine. Virus updates are continually pushed out by the server.

We're a loose ship, but I'm trying to learn enough to tighten it up. I believe we're secure from the outside have solid virus protection. However I'm becoming more worried about users messing things up from the inside.

Anyway, I'm working on the *nix box to get a little tighter control on the network from the inside. I looked at the ipcop distro that was noted above and this SUSE appears nice. Are there any other distribution recommendations for a newbie with intentions as have been noted in this thread?

Once again, thanks for any input.

_John

chevrofreak
10-06-2004, 23:22
A good gateway computer that can restrict flow, restrict filetypes, and also active virus scanning of every single byte that comes in would do much good, I think.

Cinic
10-08-2004, 23:10
Now I'm posting from my first full install. Got Slackware 10 up and running this evening. Interesting time of it too. I'm starting to remember my *nix commands from the programming classes I had in college. Pine was a flashback.

It needs some work...but I'm looking forward to trying to get it running smooth. First quest is to get the scroll working on the mouse.

_John

Sorry to annoy...had to brag about my conquest somewhere and my wife doesn't seem to care. :)

HerrGlock
10-10-2004, 18:40
Hey, ran across this looking for stuff and remembered this thread:

http://iptrafficvolume.sourceforge.net/
Latest News

August 18, 2004: Released version 0.3.0. This version is a major update which has implemented many new key features including support for multiple accounting chains, dhcp, and traffic reports between arbitrary dates.
About

IPTrafficVolume is a simple network traffic volume logging tool which uses linux kernel iptables to count incoming and outgoing iptraffic volume (i.e. total number of bytes) through your network devices. It is highly configurable as to what kind of traffic is counted and can log total traffic, traffic for individual services to and from specific ports, and/or traffic to and from specific hosts, domains, ip-addresses, or groups of ports and addresses. Data is logged in a simple directory structure, so you do not need a database to use iptrafficvolume.

Traffic volume statistics can be displayed on a webserver using the attractive cgi-interface shipped with iptrafficvolume or can be dumped to the console in plain formatted ascii using the command-line utility.

Useful because many other ip traffic tools only show current throughput information while some people want to see total traffic volume, e.g. if you have a volume rate with your isp, or want to monitor the traffic of a particular service.

IPTrafficVolume is licensed under the GPL