stuntshell
join:2003-10-17
Brazil | Limiting the number of connections
Do you limit the number of connections per customer? If so what's the average? I'm looking for ways to shape my network where some of my clients (about 10) suck up around 400GB per month with their P2P apps. |
|
DSLbyAir
Premium,MVM
join:2003-04-10
Ocean Springs, MS | How about limiting their overall bandwidth? Just a thought. |
|
stuntshell
join:2003-10-17
Brazil | Unfortunately it's not enough, I do limit the P2P protocol by using a mangle rule in Mikrotik, plus the overall bandwidth. But as you may know, if you use MT, not all p2p forms are shaped by it. |
|
milbrath
join:2006-03-27
Dresden, TN | Have you tried calling them? You are probably better off without them. We have a neteq that does a fair job, but in the end it takes a phone call to get the users under control.
BM |
|
goldenspacek
join:2005-04-22
Pinckney, MI
| reply to stuntshell
Simple, call them and tell them the RIAA has contacted you to release bandwidth usage from some of you customers. Your not sure who yet, but you notice that they may be downloading things. If they are (and you don't want to know), they should stop ASAP. Problem solved, works everytime. |
|
robbin
Premium,MVM
join:2000-09-21
Leander, TX | reply to stuntshell
NetEqualizer recommends limiting to 20 in their FAQ -- more as a prevention for worms than P2P. Their product does a pretty good job on P2P already. |
|
milbrath
join:2006-03-27
Dresden, TN | 20, r u sure thats not 40. I'd get calls left and right with a limit of 20. You may be thinking 20 in and 20 out which is 40.
BM |
|
robbin
Premium,MVM
join:2000-09-21
Leander, TX
| It could be -- here is what they say
NetEq Customer: Is there anything else I should do to protect my Network against p2p users?
Yes, if you want additional protection against worms and certain types of p2p applications that open 100's of connections, we advise that you also set your global connection limits to 20 or IN and OUT. Global connection limits prevent each and every IP on your network from opening more than the set number of connections. You should only use the global connection limit on the unit if you have no servers on the internal network. If you do then you must put in individual limits for each IP on your internal network you want to connection limit.
===========Step by Step to accomplish this==========
Step 1. Go to the web GUI.
Step 2. Choose Add rules
Step 3. Choose Global Connection Limits
Step 4. Type in the number of connections to allow in the VAL text box.
Step 5. Click the Add Rule button to apply this rule.
===========================================
|
|
milbrath
join:2006-03-27
Dresden, TN
| Somewhat vague there. Anyways end users would quickly call up with a connect limit of 20 asking why they cant get online. I've got a global limit of 50 and everyone in awhile I get an irate P2P user who claims he can't get online. He's online alright, just no free connections for IE. With a connect limit of 20 my guess is within two days every user with P2P software will be calling(that might not be all bad) saying their internet is not working.
BM |
|
Semaphore
Premium
join:2003-11-18
Arnprior On.
| reply to stuntshell
It's within spec of the RFC for HTTP to generate 30 threads to a single server. I believe that Window's default is 5 (?) I'd say that Residential users get max 60 connections per CPE and P2P not be allowed to consume more than 50% of those, and not more than 30% globally. Business users will need/use more and that probably needs to be scaled to their size. |
|
gmcintire
Graham
Premium
join:2005-08-09
Blue Ridge, TX
| reply to stuntshell
I just did a writeup on my approach to dealing with connection limiting with RouterOS. I just wrote it pretty quick, so you'll have to forgive the totally bare wiki and possible errors in the article: »wiki.vntx.net/index.php?title=Li···Mikrotik
I hope it helps out, I haven't seen anyone else tackle connections this way before. |
|
