Update: I have finally found an adequate solution, which is using wrtbwmon, a bandwidth monitoring tool for OpenWRT routers. You can download it from the previous link.
Original article follows ...
Anyone with more than a couple of computers on a LAN will sooner face the issue of increased bandwidth usage by someone on the LAN. Be this teenagers downloading via torrents, employees watching YouTube and Facebook videos, or other reasons.
Finding a suitable tool to allow bandwidth monitoring and capping proved to be not an easy task. I am still looking for a solution, but have a few pointers to share.
My thinking was to buy a router that allows me to load an alternate Linux based firmware (e.g. Netgear WNDR3700 which has a large flash ROM size, and already runs OpenWRT), and run some Linux tool on it to do the monitoring.
The following are the things I have found so far that may help with this.
Bandwidth monitoring tools for Linux
This page has a list of all the Linux tools that relate to bandwidth monitoring. A useful starting point for further research.
iftop
The iftop program is very promising since it shows bandwidth consumption per IP address. It is a curses application and uses the libpcap library for packet capture. However, it is a real time only tool, showing what is happening now, and does not save nor show historical information (e.g. which computer consumed the most bandwidth last month).
ipband
The ipband program uses pcap to monitor a subnet and report on bandwidth utilization over a certain threshold, via email, and appending it to a file as well.
fprobe
The fprobe program provides a NetFlow probes. Which means that you can use it on a Linux based router and feed the data to ntop, which is a NetFlow collector, for reporting and graphing.
Bandwidthd
The bandwidthd daemon monitors a network's traffic and reports graphs for it. Looks like it is capable but would be heavy for an embedded router because of all the static HTML and graphs that it saves.
Gargoyle Router
The Gargoyle router is based on OpenWRT. Among its features: bandwidth monitoring for every computer, as well as the facility to set quotas for each individual computer as well. It is open source (e.g. the bwmon-gargoyle package, with the init script doing most of the magic, and a small bwmon_convert.c program, and the qos-gargoyle package, with the init script having all the magic). Perhaps these features are reusable by other router firmware like OpenWRT and friends.
Comments
Joicely (not verified)
One more tool
Mon, 2010/05/31 - 03:41Great post!But I have to add one more: network sniffer like wireshark, commview, Caspsa, ect.
Khalid
Not useful here
Mon, 2010/05/31 - 09:57A network sniffer is not useful here.
It would be useful to troubleshoot a problem that is happening now. It will not be useful if I want to know what happened 2 weeks ago.
Paul Nijjar (not verified)
More options
Tue, 2010/06/01 - 05:27I have not got a solution yet, but I am leaning towards the following:
pmacct (http://www.pmacct.net, debian package): take nprobe (or other NetFlow) data and put it into a database
pmacct-fe (http://www.pmacct.net/fe/ , no debian package) : Graph the results and make tables for it.
I think this gives me the monitoring I want -- usage per host on my LAN. The cost is pretty high, though -- I need a dedicated server that will collect and analyze this traffic.
Nathan (not verified)
I haven't really thought of
Wed, 2010/06/09 - 10:47I haven't really thought of using anything so far. All things are apparently doing pretty well but if anything goes, I think I'll have the last one you mentioned. Although I still have to make further research what else are better and which gives greater benefits. Still, I'll be taking your advice. Thanks.