Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Just a short while ago either a user in our organization was downloading a rather hefty file or an email with a hefty attachment was coming in to our Exchange server. Either way, it brought the network down to a crawl - well, as far as the internet goes. When I was finally notified that the network was "down" whatever it was had ceased transmitting, and hence I was unable to pinpoint the problem.
We do use ntop on our Linux firewall box for historical analysis and will eventually get to the root of the problem. However, I'm looking for a live monitor with network statistics for the last 1, 5, 15 minutes just like top does detailing which ip addresses have the highest bandwidth use. Is there such a tool or do I need a pinch?
My next option is to implement bandwidth throttling/shaping. I've had some experience with HTB at home where I use it to help satisfy my hunger for bits from the bittorrent community! This is a last resort for now, although I seem to have a case for it now that upper management have seen how quickly eBay enjoyment can come to a screeching halt!
I'll definitely install this one as it appears to have more data than ntop - I'm using a really old version of ntop so that might be an issue.
After posting here I also did some googling and came up with the following: http://www.linux.com/article.pl?sid=05/12/15/177232. They are using iptables to track each and every IP that might traverse the firewall which is probably what I want although it might result in a performance hit. However, I could create a script that I could fire off for a short duration until I'm able to detect the faulting IP and slow it down - again using iptables.
I see HTB as a much better option - the problem is that I want to migrate up to kernel version 2.6 before implementing it! Some higher ups here believe it might break something during the build knocking us off the internet. Unfortunately, whenever a short term fix is identified, it ends up being a long term fix! Oh well, I'll win the fight one day!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.