Slashdot Mirror

← Back to Stories (view on slashdot.org)

Working With The Bandwidth Problem?

Posted by Cliff on from the managing-your-network-traffic dept.

macdaddy asks: "Being a Network Admin in a small university, I have to fight the Napster issue every day. I don't want to ban it but we only have 1 T1 and it maxes out around 10AM when the dormites wake up, and finally teeters off around 4AM when they go to bed. That really hinders legitimate use. My question, how does a Netadmin work with Napster and its users to keep from blocking it while still being able to use out lowly T1 for other purposes? What options are there? Proxies? Firewalls? Traffic shapers?" This problem is not just about Napster. There will be other services that, due to their popularity, will stress your network's bandwidth to the limit. It seems to me that establishing network controls would be more fair than completely filtering out the entire service, so what's the best way to implement them?

13 of 28 comments (clear)

  1. Dealing with high traffic by Koos · · Score: 3
    Sounds familiair, and what you don't want to get into as a network admin at an educational institution is the 'us against them' situation. Both sides lose, and both sides end up feeling bad. You for having a lousy job with lousy students making your work impossible, the students for the Internet connection being 'unusable'.

    There are a number of possible solutions, and I'll mention some possible solutions.

    • Firewalling napster ports. This is just the start of an arms race. You block one port, clients move to another port, repeat until bored.
    • Using proxies and nothing can be done without using such a proxy. Not an ideal situation and you make any server a student wants to run inaccessible where such a server could be very usefull and nice (hey, slashdot started on a student account :)
    • Traffic measurements per IP. Using IP accounting you can find out quite fast who abuses the network. Set a policy in advance (no 'fair use' blabla, a 'more then 768 megabytes Internet traffic in one week and your connection is dead' or whatever number works best). Have that policy be accepted as school policy by the people in charge. It's not your rule (those pesky network admins at it again), it's the school rule for using the school's resources.
    • Traffic shaping. Allocate an amount of bandwidth to the dorms, maybe allocate a larger amount after hours. Maybe allocate bandwidth per IP. (Can perfectly be combined with the previous one).
    Remember one thing and don't be afraid to repeat it : The school is not an ISP and is therefore not obliged to give its student Internet access. Internet access is an aide to your studies. If you need more Internet access then that, get your own access and be prepared to pay for it.

    Succes, and good luck, and I hope you find a way to keep your student network users as friends so you can do your work a lot easier.

    --
    The Virtual Bookcase: book reviews
    1. Re:Dealing with high traffic by NetJunkie · · Score: 2

      Yes, students do pay. They pay to access the network for their studies. Napster isn't included in that. I think he should just block Napster..there will always be the argument that a student could go over their quota with legit usage. Just block the things that aren't.

  2. So obvious it's overlooked? by Operandi · · Score: 2

    Have you tried actually talking to the "Dormites?" Quite honestly, they may not be aware of their detrimental affect their MP3 hayday is having on the net connection. Use a dorm mailing list or your school newspaper or something to communicate the problem to students and then hold a 1 or 2 series open forum in a public place like library or something. Invite all Napster/ users and any other interested party to come and talk about *friendly* ways to remedy the problem. I can vow to you this, those "Dormites" would much rather coexist than have *zero* Napster access, even if it meant self-control, et cetera. You mention that if nothing is done you will have no option but to disallow it and you'll have a good number of people show up. I've often found that when people are shown that 1. They are causing a problem nd 2. You want to work *with* them to solve the problem, you will get 100x better results than pulling some staff management type thing. I hope this helps and if you don't mind keep me updated by email how it goes.

    Regards

  3. Just the solution you need...... by jcrb · · Score: 2

    Trying to put a cap on useage... i.e. X megabytes per week and you will cut access is a losing proposition from a game theory point of view.
    There will always be the student who desides that the response to this is to download as much as possible before you cut access.
    Or the student who thinks it would be realy cool to push the useage over the limit so you cut everyones access off.

    Your best answer by far is to use a QoS aware firewall which can control the bandwidth used based on a policy you set.
    There are a number of companies who make them, and one of them, Packeteer, even has a page devoted to exactly your problem.
    You might want to check it out at http://www.packeteer.com/wintherace/

    --
    -jon
  4. traffic inside instead of outside by RGRistroph · · Score: 3

    One thing that I've wondered about these napster bandwidth issues -- is it possible to direct traffic within your network instead of through the internet ?

    The napster users should be on your side for this, as it would be faster for them also. Of course, they may be able to saturate that network also.

    Could you hold a dorm meeting and convince everyone to get a napster user name with the same prefix or suffix, and prefer those names when selecting who to download from. It would be kind of like a distributed web proxy cache for the music -- check first to see if someone already pulled it through the T1, and if not, get it from the internet but make it available from your machine so it doesn't have to come through again.

    Would gnutella do this automatically ? Could you get some dorm techie in each dorm to set up his machine in the manner of www.gnute.com, so that those people without systems that have a gnutella client could connect to it ? The napster and gnutella clients I have used on linux don't seem to allow uploads from my machine; this was a while ago, but of course you would need clients that worked in both directions for everybody.

    1. Re:traffic inside instead of outside by davidu · · Score: 3


      some students run local napster servers. It saves an awesome amount of bandwidth, plus transfers go about 1000k/s [not 100, 1000] (nearly instantaneous for mp3s.)

      Washington Univeristy in St. Louis has one at Phreedom.Net/wustl .

      Lehigh also has one. (no URL)

      -Davidu

      --

      # Hack the planet, it's important.
    2. Re:traffic inside instead of outside by RGRistroph · · Score: 2

      That's a good point. And yet if you allow no connection to the outside at all, then it damages the system because it is not very likely that all the songs desired are already somewhere inside the campus.

      What you want to do is prioritize the download site by whether or not the download will travel through the bottleneck. It is in the interests of the user to do this also, because then they get a faster download; so all you have to do is give the user the opportunity to select the fastest download site. To a limited extent, your interests coincide.

      Maybe you could write a napster client that would allow a configurable list of IP addresses to prefer. Does the client have access to the IP addresses of the other clients ?

      But what you want to do in general is have the information available to do some kind of optimization, maybe based on the speed of previous file transfers. It is kind of like what Akamai (www.akamai.com) does, keeping track of some sort of network topology for efficiency.

      Because of the huge difference between speeds when you are within campus and off campus, this akamai-like system doesn't have to work that well to acheive what you want -- unclogging the campus-to-internet bottleneck.

      So suppose you distributed a new napster client that kept track of the IP addresses it downloaded from, and it's own IP address, and the file size and time, and whether it was canceled -- etc. It could then connect to a server (doesn't have to be the napster server, this is just the network calculation server) and upload that information into a database, where it can be analyzed, and then the clients can somehow use that information to select the right download target. (You could make the ability in the napster client to sort by network connection, sort instead by this estimated download speed.)

      So then the algorithm to estimate the download speed should always wait anything in campus higher.

      But that calculation is pretty tricky. It would be nice if you could just take in IP addresses and speeds, and do everything from there; but some knowledge of the network topology would surely help.

    3. Re:traffic inside instead of outside by Vassily+Overveight · · Score: 2
      some students run local napster servers.

      That sounds good, but I'd be afraid of getting sucked into the lawsuit the RIAA has brought. My feeling is that if Napster I loses in court, all of the other servers that have sprung up are going to start drawing fire. A university can probably get away with telling the RIAA to stick it with their demands that the schools cut off access to Napster, but running actual servers might be beyond the pale.

      --

      "If I have seen further than other men, it is by stepping on their glasses." - Michael Swaine

    4. Re:traffic inside instead of outside by RGRistroph · · Score: 2

      I think the best solution is to install a local napster server and advertise it around campus as faster than any other. Convince people to connect to that first when looking for music, and then to go outside to other servers only if they don't find what they want. Maybe identifying who is local once you get outside the university isn't worth it. Because some people have the mistaken impression that distributing copies of copyrighted works is illegal, they might feel nervous about what could be interpreted as an attempt to identify them.

      If stricter measures such as port-blocking, bandwidth shaping, banning use during certian hours, or whatever, become necessary, then you can at least leave the local server as active to apease the download addicted.

  5. limit traffic used by napster by po_boy · · Score: 3
    There are devices (the one I'm thinking of is made by visual networks) which limit the amount of traffic used per protocol, IP block, and vary with time of day. That means that you can say you want to allocate 10% of your traffic to FTP, 20% to napster, 10% for the administrative office IP space, and let the rest be distributed as needed. These examples are just that; you can divide up the traffic in a variety of useful ways.

    The visual networks device, I believe is a CSU/DSU, router, and this filtering logic all in one. It's got pretty good remote management features as well.

    1. Re:limit traffic used by napster by Rob+Wilderspin · · Score: 2

      The most effective method will probably be traffic shaping, reducing the maximum bandwidth available to the services in question.

      If you're using Linux on your servers then look into the Quality of Service (QoS) options in recent kernels. If not, you can get routers which have this sort of thing built-in.

  6. Have you looked here..... by Malk-a-mite · · Score: 2
    http://www.napster.com/help/bandwidth/

    Just a thought....

    Malk-a-mite

  7. Re:Just the solution you need... Packeteer by anticypher · · Score: 2

    I'll second that post.

    Packeteer is what you want if you don't have a big, expensive cisco router in place. Their bandwidth shaping technology is some of the best around, and they have tutorials on how to use their purple boxes to limit napster without killing it, very important with dorms full of screaming kids.

    If you are lucky enough to have a big, expensive cisco router (not likely on just a T1), then you can play around with QoS, and set up different queues and filters to limit napster traffic. Cisco has a tutorial as well, you should poke around on their site for it.

    the AC

    --
    Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on