Slashdot Mirror
How Do Businesses Scale Their Bandwidth Needs?
onebadmutha asks: "I'm technology admin for a very rapidly growing company. We've gone from a fractional T-1, to supplementing that with a snappy DSL line, and now we're running out of reasonable options. I've looked at routers that load-balance, but do so horribly. I've considered splitting up my network users to use several incoming DSL lines, only to be confronted with intranet accessibility issues. None of these provide the kind of redundancy and control that I'd like, and certainly not with a nice pleasant UI that doesn't cause me great grief. I've looked at Open Source router distros (like routerOS, and others) and I've looked at using the full gamut of Microsoft madness. How do other businesses solve this problem of scaling bandwidth needs, without completely unlimited budgets for redundant OC-48 runs?"
I'm not sure if you are in an area where you can get Speakeasy service, but htey allow you to bond up to four T1 lines. I have no experience with the service, but I understand that it is cheaper than a fractional T3 and they provide you with hardware that does it for you transparently. I don't know if there are other service providers that have something similar, but it seems like a good idea.
What, exactly, is the question? Is it: What kind of line should I have? or What kind of router hardware/software should I use? I'll shoot at the first question: You already have a fractional T-1, why not buy the whole thing? It's not as elite as redundant OC-48 lines, but like you said, you can't afford those anyway. If you want a step up from that, get redundant T-1 lines from 2 different providers in case one gets nicked.
That's how real tech companies do it. If you can get Yipes, Cogent, AboveNet, or some other dark fiber provider to serve you Ethernet service, that's the cheapest way to get a lot of bandwidth (10-100Mb/s range). If you can't, then you get a fractional DS3. Most real providers will let you dial the bandwidth up and down reasonably, so you could start out with a 5-10Mb/s circuit and grow from there.
Bonding T1s and DSL is neat and all, but if your business actually depends on the Internet working, go with one really good fat pipe and then maybe a thin one (T1 or so) as a backup. Don't mess with complex setups. Complex = new ways to fail.
Well, at my company, we were recently faced with the same dillema.
;)
There are a couple of options available, though. Although my organization appears to be a bit larger than yours, we've decided to utilize a spare T1 that simply sits there for disaster recovery purposes with Policy Based Routing (We're an all Cisco network, although this can be done on a variety of platforms, including Linux..) This directs traffic from a certain IP (and possibly port, I believe) to a specific interface, so that important data (Citrix, etc) has access to our main pipes while web traffic gets the shaft, so to speak. It uses policy maps to do so; I'm relatively noobish to IOS so maybe someone else can shed some light on this.
I'm hopefully certain you have explored QoS and are currently implementing it, but even QoS has limits.
I'm pretty sure a combination of the 2 methods listed above should take care of you. As a network admin, I could care less if web traffic gets dropped on a cheap DSL or cable connection.
Just my 2c, hope it helps
1) Where are you located? Changing from a fractional T1 to DSL is usually a downgrade, unless it's some sort of SDSL if you're inside the US.
2) Do you have any latency/packet reordering requirements? Bad things happen when packets are out of order, and modern routers avoid reordering like the plague to keep bad things(tm) from happening.
3) What resources do you not need onsite, perhaps some reasonbly priced colo is a better solution for your more resource intensive solutions
4) What are your true bandwith requirements? Most major cities you can get metro-ethernet or various flavors of dark/dim to lit fiber for cheap.
Multiple geographically diverse OC48's are not for most people, are you sure this applies to your requirements?
"If technical support you can shake hands with, rather than wait on hold for, sounds good to you, please contact us!"
That's truly beautiful! So now you can go to some guy for your support needs, and since he won't know the answer, he'll post it as an Ask Slashdot question...
Where I work we have an SDSL line, 10Mbit up/down, with the bandwidth being charged by the 95th percentile of sustained 3Mbits/sec...it comes out to a fairly reasonable number, similar to about 20-25 consumer DSL Lines...we will be changing that for fibre, same bandwidth, almost the same price...
T1's and other leased lines are too expensive...check for SDSL offerings in your area
Granted, my office is in downtown of a large city, so we have more choices...
Then, ask yourself what kind of traffic you are handling. If you're looking at users surfing the web, you probably needn't be overly concerned with load balancing; if you're receiving tons of inbound traffic to your servers, on the other hand, not only do you need load balancing, but you probably also need to seriously consider co-location solutions for your servers.
The adminstrative traffic is typically a much lower priority in most companies. I don't know how many users you're talking about, or what they're doing, but most small companies just live with a single (full) T1 until they absolutely need to bond another T1 (where "need" is subject, but should be kept in check, especially given that last bit about not having unlimited funding).
I guess this is not much of an answer, but these are all important questions you need to be asking yourself well before seeking specific answers. I'm not sure where you're coming from, and I don't mean to accuse you of anything, but taking the approach that you'll know the right answer when you see it is usually flawed from the start.
Slow down there, chief. Exactly what kind of company would be going from fractional T-1, to DSL, to... an OC-48? (I sssume you were exaggerating on the OC-48)
Couple questions:
1) How many employees are we talking about here?
2) What are they doing on the internet that is so demanding?
3) Are you running any web/streaming servers onsite?
4) Have you gone to any lengths to diagnose exactly what your bottleneck might be?
5) Are you sure you don't just have a couple of hogs downloading porn all day?
I know 200+ employee companies that get by with a single T-1 just fine. I'm a little suspicious of your bandwidth needs.
But if you really meed that much bandwidth for web browsing (I doubt you do), the next step would be a DS-3 circuit at about 45Mbit. But that can be pretty costly for the circuit alone. It would, however, allow you to scale because you'd probably be paying for the bandwidth used and not the full 45Mbit. If you are in a building with other companies who have similar needs, you may be able to split the cost of the circuit and share it.
Also, depending on your location, you may be able to setup a wireless (not WiFi) deal with someone. Something with real gear, of course. Not just a couple Linksys' with Pringle can antennaes.
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
Is this internet access for desktop users? People from outside coming in to your corporate website? VPN connections to other offices? How many users? Are you attempting to syncronize any data across the link? In real time, or overnight?
The possible set of right answers depends a lot on what you're doing with it.
Policy based routing plus any number of DSL lines will work for splitting up desktop web access.
Inbound traffic for the corporate website is pretty much the antithesis of that... outbound traffic is the target, and that ends up being T-1 optimized for small sites and bonded T-1s or faster links for bigger ones.
VPNs can be symmetrical or asymmetrical. Your mileage may vary.
Our company uses a Sonicwall 4060 to load-balance two partial T1s. While it is a bit complex to set up, there's no lack of options on it. It's been extremely reliable too, I'd say its an excellent choice.
In all honesty, after looking over the intouchtechnical.com site, I'm going to go out on a limb here and tell you that you need to find which of your techs is running bittorrent all the time and either teach him how to set upload and download limits or cut him off entirely. As others have said, your posting is all over the map. You openly dismiss more than a few technologies that work quite well in competent hands. You mention fractional T1s, DSL, and OC48 as if you don't even know what they are. It really sounds like you aren't qualified to be the technology admin for a company whose business revolves around providing tech support to other businesses. Hate to say it, but that's what I see from where I'm sitting.
Be a real patriot: Question authority. Think for yourself. Formulate your own conclusions.
Have you tried dialing zero and asking for one of these technicians?
-Peter
You've got a variety of options for banning bitorrent (that is your problem, right? You have done traffic analysis before coming to Slashdot, right?). This is in an escalating hierarchy of how invasive you'll have to be. 1) Tell your employees that bandwidth costs have gone up, that you know BT to be the source of the problem, and that you trust them to do what is necessary. 1.5) Ban BT by policy, threaten severe sanctions up to and including dismissal for skirting the ban. 2) Block the standard BT ports. 3) Filter out BT packets. 4) Install computer forensics software and look for evidence of BT use (pretty much has to be combined with 1.5).
Help poke pirates in the eyepatch, arr.
Such a line can easily be brought to it's knees by simply saturating the upstream. ADSL does not work well in business environments with many users. I'd take a full T1 over that 7M/768k DSL line for a business any day.
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
First check and see how much of your current broadband is being consumed by itunes (By far the biggest offender in many companies) bittorrent and the like. If QOSing those ports down to 56 (or 3) kilobits a second doesn't solve matters, check with various providers. MCI used to have a 10mbps service back in the day. Speakeasy has some interesting options and their technical support is some of the best I've ever run across. Sprint... probably isn't worth talking to. I guarantee you whatever they offer will be cheap, and that's about all that can be said about it. Make sure that you have a path for growth with whatever option you choose and you should do all right.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Here's what Captain Planet has to say
Heh, I just went to http://www.intouchtechnical.com/ (the domain of the submitter's email address). Looks like a pretty amateurish IT shop. Especially if they don't understand how to scale Internet access. And check out their computers section: http://www.intouchtechnical.com/comp.html Geez, $1200 for an AthonXP +2200 system.... with Win2k?? WTF?
I bet they have like 1 guy running Bittorrent all day using up all their bandwidth.
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
Speakeasy isn't the only ISP that allows you to "bond" lines. That's part of the reason why ATM has become the norm. It's called an IMA line which stands for "Inverse Multiplexing For ATM". There's an up and downside to IMA/ATM circuits. Downside to ATM is you lose a little bit of your traffic in overhead. So while you're paying for 1.5meg you're only going to see 1.2 to 1.3 depending on conditions which isn't the case with traditional Frame Relay.
However ATM allows for IMA lines which are bonding the T1s together. You'll need a specific card to handle it like a 4 or an 8 port IMA card. Of course the more you add, the larger the gap will be with the bandwidth loss. 3 meg you'll be down around 2.4-2.6 actual and so forth. While it's not the best solution, it's better than some of the other options.
Of course, you may find that with the price that you'll be paying that it will be better to just say to heck with it and get 2 Frame Relay (not to be confused with Frame Relay over ATM which is essentially ATM with the bandwidth costs just marketed as a frame relay) lines and use BGP shape the traffic.
In short, there are several commercially available choices that may be available depending on latency, bandwidth, price, reliability, and availability.
1) Classic T-1, 1.5Mbps
2) IMA (Inverse Multiplexing over ATM) - Essentially bonded T-1s up to about 6 Mbps before the cost of the routers becomes prohibitive
3) Ethernet Switching - 10Mbps and higher
4) DS-3 and higher - 45 Mbps and up
If you need high availability, option 1 is ruled out. IMA is good for speed and availability, but increases complexity. Ethernet switching is fast, but redundancy will cost you and it will require additional CPE devices for security and traffic monitoring. DS-3s and up are reliable and fast, but the cost of high availability (e.g. dual-entrance facilities, multiple providers) is astronomical.
Set yourself up a matrix of each of the key metrics that make a difference to you. Talk to all your possible providers and populate your matrix with their service responses. Read their SLAs very carefully. Understand how they calculate their measurements. A 99.98% availability can be insufficient depending on how they calculate it. Weight their responses based on your business requirements and then choose the option that best suits your needs.
If all else fails, bring in a telecommunications expert for a couple hours to help you analyze your options.
nos laetus epulor qui would domito nos
Next time just post "It's broken, you fix" and save all of us some reading.
Looks like the good folks over at In-Touch Technical *really* need to update their computers page
The force that blew the Big Bang continues to accelerate.
From the response header:
Date: Wed, 31 May 2006 03:29:16 GMT
Server: Apache
Last-Modified: Sat, 16 Aug 2003 01:39:59 GMT
Etag: "6151ef-3ef-3f3d8b6f"
Accept-Ranges: bytes
Content-Length: 1007
Content-Type: text/html
200 OK
Don't thank God, thank a doctor!
Depending on where your office is, this may be an option. Nextweb offers T1-equivalent (1.5Mbps) up to 6MBps.
The real "Libtards" are the Libertarians!
Like everyone else here has said, bond your T-1s, you can afford it.
there are next to $0 solutions to your problems. I used to admin a network with a t1 and 3 DSL's. The DSL's were for specialty web traffic while the T1 was business services traffic and email.
Although we weren't providing anything around 5-9's service, my setup managed 3-9's without too much effort.
The router was a simple vanilla Linux router with n-ports, one for each internet line and one for any local subnets. You could be creative and break up the internal architecture any way you like.
You'll need to spend a few dedicated weeks learning everything about iproute2, iptables, and tc. Its not all that pretty for newbs, and if you simply don't have the time to get comfortable with it, just stop reading now. If you step into this, you'll need to be armed with information. Otherwise, you're in for a world of hurt. On the bright side, once, you've mastered all there is to it, you'll truly be a networking god, and not just the lowly net-op that you are today.
Bye!
I don't get why you'd want multiple T1s from the same provider, if you're looking for redundancy. In my experience, it's much more likely your upstream provider will go down, than the T1, itself.
Sit, Ubuntu, sit. Good dog.
Use a packet shaper, we use one by Packeteer.
You will be able to see who is using the bandwidth and what applications are using it.
You can then block or set low priority for non-work related traffic.
If bandwidth is still an issue I would look at bonded T-1 lines, which is what we do.
Once the router is configured there is really no administration.
Then step up to a fractional t-3 when necessary.
6meg/768 dsl for web browsing, full t1 for mail,dns,vpn and stuff I don't want to come in on sunday to fix.
Standing rule of don't install anything on your pc but look at anything you want. About one human sacrafice
every year to keep people in line. Check the router for open connections about once a week to check for zombies and abuse. Offer to bring in porn on dvd for home viewing to anybody who wants it. It works for me for about 60 users at my pontiac gmc store.
GO GO MLFR! Seriously though the only carrier in the US pushing IMA is at&t, everyone else when you ask for a bonded T1 will give you MLPPP or MLFR. It feels funny to say "only" though when these days we're really only looking at 2.5 players...
Looks like they're all being done on the same server by Bulgarians:
network:IP-Network:64.14.68.0/24
network:Organization;I:ICDSOFT LTD
network:Street;I:6 Asen Halachev Street
network:City;I:SOFIA
network:Postal-Code;I:1113
network:Country-Code;I:Bulgaria
So, what are you doing from your own network, that requires all that bandwidth?
Surely not hosting anything for customers, like web or mail, if your own servers are outsourced (and all sharing the same IP!)
What's traffic analysis show you?
How many campuses do you have? Your website says Seattle, Portland, and Salem on one page, but only Seattle on another, so I assume only Seattle has a real office, and you maybe recently got stringers for the other locations. This explains why you only care about one pipe, I guess?
In fact, I'd say, if physical mail for your domain is going to your office, it's at an address on 92nd Ave in Edmonds that looks a lot like a house, with maybe 4 cars parked when the bird flew overheard. So... maybe 4 employees, saturating your bandwidth? Again, what traffic analysis have you done?
You do know that if someone's running a p2p server at the office, not only does it saturate your bw, it's also a legal liability for your company, right?
I know it sounds stupid, but they have a metro area network fiber setup in some cities (especially former mediaone markets, i think) that is very, very nice and ethernet based. You'd get internet in increments from 5mbps-1gbps depending on how much you want to spend.
http://tinyurl.com/4db44
Their 'network' service also looks cool for distributed metro campus issues. One ethernet segment to interconnect multiple locations. They even support vlan trunking without having to harass them!
-- dieman - Scott Dier
trunk and pf should meet your binding and shaping needs.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
...where morale drops through the floor and people start looking for new jobs.
Nobody likes living under a fascist big-brother network policy. But, hey, you put those lousy "freeloaders" in their place, huh? That's all that matters, after all...
"A great democracy must be progressive or it will soon cease to be a great democracy." --Theodore Roosevelt
I don't know where to start on this one. Firstly, you need to assess what your exact bandwidth requirements are. This is not difficult - just MRTG graphs and some reporting from whatever firewall / routing equipment you're using right now. Secondly, you need to figure out what sort of cabling is in your area. As others above have noted, the best solution is an ethernet VLAN over fibre between you and your provider. You could start out at 10mbps and scale up to 100mbps easily if you need to. If there is no fibre running in your area then you'll be stuck with a T1 (but if you are currently fractional, why not upgrade to full?). Thirdly, you need to make sure that you have the routing equipment to make this work. I can't think of any device with a "nice pleasant UI that doesn't cause me great grief" that could actually forward packets at T3 speeds, let alone 100mbps. Serious equipment is configured from the command line, if you can't figure out the command line then... Lastly, you'll sound a lot smarter if you don't throw around terms like "redundant OC-48 runs". Is it possible that you will ever need Nx2.4gbps of connectivity? Do you know how much this would cost? Do you know how much the routing gear to handle this would cost? There are a lot of ISPs that don't use anywhere near that much transit bandwidth.
Just out of curiosity, have you tried reducing your bandwidth needs? I recently redid the network for a small company which wanted to upgrade their bandwidth afterwards because employees complained their internet access was too slow. As part of the upgrade, I added a proxy server and blocked all unneeded ports as well as many non-work approved sites. I also put ad blocking on their proxy server, as clicking on advertisements really isn't work-approved anyway. Afterwards, they didn't need to upgrade their bandwidth because these simple changes were enough for their internet access to be "faster than it ever was before."
The users hated me because they couldn't stream music to their desks. I would always bring them a Best Buy ad turned to the page with portable radios, CD players, and MP3 players.
First thing to do is get a hold of your firewall. Block all traffic, in and out. Then create rules to only let in and out specific traffic types with specific end points. Outbound http should only go through your web server. SMTP through your mail server. Don't let ssh out at all unless you must, and even then see if you can determine specific hosts to permit it to and from. Rate limit ssh to make it usable for remote shell access but painful for port forwarding other application types (forwarding http through ssh is an old trick to get around the company logging your web surfing activity).
Notice I mentioned a squid server. Yes, you need one of those. And yes, you need to force everyone to use it. There is a very good chance your router can do this for you transparently.
Users will scream. Loudly. Prepare yourself and your management for this. Anyone who thinks they are being treated unfairly needs to submit IN WRITING a business justification for the traffic they want you to permit, which must be approved jointly by IT and HR.
With an arrangement like this, I was able to keep over 500 users happy on a pair of bonded T1 lines. 3Mbps for 500+ users. The biggest consumer of bandwidth was the 5 person IT department pulling patches for all the different OS's we had to support. Every now and then one of the software developers would think he was being clever and find a way around the outbound blocks on the firewall using an exception in the rules that their manager got approved, but it would end quickly with a very embarassing personal visit from our Director and their own boss within a few minutes of the music streaming starting.
Broadband to the home has been a mixed blessing. People have gotten too used to having bandwidth-hungry apps at home which is fine when you have 3Mbps+ all to yourself but when you are at work and have to share it, it's time to leave the toys at home and be a considerate network citizen.
Luckily I don't have to be network cop these days. Someone else gets to do that. Someone that doesn't have a good handle on their network so they are buying way more bandwidth than they really need.
... that it's their network, their rules.
Some non-work net use is inevitable (like me making this post). But when people are using their workplace's network connection for non-work activities to the extent that it's impacting the performance of the rest of the network, then something has to change.
For most businesses, there is simply no business reason to allow people to download music and/or stream video to or from the office. It's just like the telephone. Most places don't mind people making personal calls, but they ask that they be reasonable about it, because you're supposed to do your socializing at home, on your own time. It's the same with the office net connection. Nobody cares if you use it to order a book from Amazon, or read the daily news, or browse Slashdot. But if you start hitting iTunes or Youtube, or start doing lots of Ebaying, or share a torrent of last night's "American Idol", then you might be crossing a line.
Solution: Linksys RV016, $400
Point 1: Looked at routers that load-balance, but do so horribly.
Counter-Point 1: The RV016 uses weighted round-robin or various other methods, depending on your preference.
Point 2: I've considered splitting up my network users to use several incoming DSL lines, only to be confronted with intranet accessibility issues.
Counter-Point 2: The Linksys can do this for up to SEVEN WAN connections. It can split by IP range(multiple ranges), protocol(SPI), and port.
Point 3: None of these provide the kind of redundancy and control that I'd like
Counter-Point 3: The RV016 provides failover and extensive control.
Point 4: Certainly not with a nice pleasant UI that doesn't cause me great grief.
Counter-Point 4: The RV016 is as easy as they come.
Check out ip(3)
Timewarner business class road runner can be pretty speedy.
If you are actually growing rapidly (in sales, not overhead), the cost shouldn't be so much of an issue.
I would not go for a solution that mashes together a bunch of residential services.
Step 1: Analyze your network traffic and determine if more bandwidth is really necessary. I am an engineer for a company of 300 users, and we get by just fine on a pair of T1 circuits. If you're having bandwidth problems there is a fair chance that someone is hogging all of the bandwidth. Once you filter out the guys streaming audio, video, and using P2P clients (either restrict them to a trickle with QoS or block it completely) I suspect that you will have a lot more bandwidth than you need.
Now, if you still find that you need more bandwidth, the easiest solution is to purchase a nice router that can handle routing and load balancing over multiple connections. Forget about a cheap LinkSys or NetGear DSL router, get yourself a serious router like the Cisco Integrated Services Routers. For under $3000 you can get one that has expansion slots for up to 4 WICs, and it can handle T1/E1, DSL, voice, etc.
I would also recommend that you talk to data providers in your area, as they are the people who build and sell these solutions every day. Don't just talk to the telco, talk to other providers as well. Where I work we get our T1 lines from AT&T, but there are several other providers that we could get them from, and the prices do vary some. There is also at least one provider that offers a wireless RF solution for Internet access that works as a line-of-sight basis. In this case you would essentially mount an antenna on your building, point it at their tower, and then hook it into your network. They were offerring speeds significantly faster than T1 but slower than T3 for very competitive prices, and they also offerred bandwidth on demand services (i.e., your usual allotted bandwidth was 10 Mbps, but they had excess capacity to handle spikes in traffic up to 15 Mbps or whatever).
Honestly, if you have to ask Slashdot how to scale your company's Internet bandwidth, odds are you're working for a pretty small company (because if you're working for a much larger company you would seem to be fairly incompetent for a network engineer). Most small companies wouldn't normally need more bandwidth than can be provided over a couple of T1 connections.
> Notice I mentioned a squid server.
Right on, Yonder. I have six years of data showing
that Squid works wonders.
I put a Squid server online in 2000 and forced our
1,200 users to use it (domain logon script set IE to
use automatic proxy config script). Even I was impressed
at how much bandwidth we saved.
Immediately, a third to half of our web (http) traffic
disappeared. Yes, the web cache was really that effective.
This freed-up lots of bandwidth on our T1.
A few years later, as we found our needs growing again,
we added a DSL line. HTTP traffic was pulled through the
DSL line. Everything else went out the T1. Squid handled
fail over to the T1 in case the DSL line dropped.
Every once and a while, we ran into a web site or
service that simply wouldn't work through Squid. When that
happened, we placed an exception in the proxy.pac config
script and bypassed the cache.
If your problem is web browsing, get a cache. Of
course, that is a big 'if'. As others have suggested, a
traffic analysis should be required before you attempt to
fix anything. Squid won't fix your bittorrent or other P2P
problem. If you are hosting services for external users,
you may be able to collocate the services externally for
substantially less than bringing a bigger pipe to your door.
Matt
Do people get to take bathroom breaks and go outside the cube for lunch?
is a good starting point if you wan't to use multiple DSL lines from a linux box.
another option though it would require some client side configuration is to have several IP subnets, set a static route up to your intranet router and then stick a cheap DSL router box on each subnet for internet.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
I find a CAT5 cable to the ISP upstairs works wonders for my office.
Does renting rack space at a data center with redundant connections, air, power, generator and 7x24 staffing make sense? Or do you need to run the exchange server under Bob's desk so it can be rebooted regularly? Can you try to block audio/video files?
There are a variety of bandwidth solutions, I have customers with multiple OC-3s and customers with a DSL business line. The answer is: it depends on business impact and downtime tolerance. Many redudant solutions get postponed once the cost is known.
Before you can propose a technical solution, you need to know the political layout.
Foolish moderators
You seem to think explaining your lame downmodded post will draw anything but ire from the mods. Who's foolish now?
http://www.foundrynet.com/products/webswitches/ser veriron/PDFs/ServerIron_LB FINAL.pdf
(if it doesn't work, go to foundry networks website and look for serveriron link balancer)
they provide means of load balancing traffic across multiple links (max of 6 t3 or 2 oc3 capacity) without having to go through complex bgp stuff.
Live your life each day as if it was your last.
Lots of assumptions and plain bad advice being given here. So I'll through my 2 cents in. I build these "elite" OC-48 dual rings for a living...amongst larger and more insane projects and smaller. I know all about these problems. It's what I do. I have worked for customers with mondo insane budgets (they are my favorite I will admit) and those with small budgets and only like six employees. So I know what I am talking about. Pay attention :)
:)
QOS...is it really applicable? Are you using the connection for voice services? If yes, then yes. Do you know the network is being used for things it isn't intended to be used for? Then yes. You could give some priority to some particular services and drop packets for those that just shouldn't be there. And this would in fact, provide some relief if this is a problem. But what if it's not? Then you'll spend a whole lot of time chasing after something with no results and most likely look like crap in the meantime because people are tired of not being able to get their work done.
So, make some observations and if you think you can really get something still out of your current connection, then go for it. Find a way to get a sniffer into the equation and take a peak. If you find traffic is legit and you are indeed just simply out of bandwidth:
1. Avoid fractional DS3s. Fractional DS3s by all means with the technology in place today should be a thing of the past. That isn't to say that DS3s are a thing of the past. To say that would be insane. But for a end user, there are much more suitable options than a DS3 if the application is data oriented.
2. Cable internet and DSL. If you have to pick between the two, go with DSL. I strongly encourage people to not pick either of these for a business connection. Folks I know the price is appealing. If you can have your service down and hear "we will be out to fix it in three days between noon and five" then go ahead. Otherwise, don't.
3. Ethernet. It's available almost anywhere. And it's reasonable. Now when I say reasonable, don't even think about cable and DSL pricing. It's not even in the ball park. If you want to spend $1000 and below then you can do it with a good solid carrier class Ethernet solution. I think it is safe to bet you can expect to get a 10 meg conneciton for less than $1000. Most likely in the $800 range. And this COULD be with fiber in your building. So it will be rock solid. Depends. I say could because it depends on how far your building is from the existing backbone and what it costs to get the fiber optic cable in your building. I have had customers in situations like yours and had fiber right outside their door and it was a real pleasant solution for them. Just depends. Good luck.
Oh and BTW everyones milage will vary on prices. It really all depends on how much capital the carrier has to dish out to support it. What I have described is a slightly better than average situation...but it's not to far off from the norm. And yes. Fiber optic connections are still king
I have to agree with the traffic analysis group, there's just no way email and websurfing can be eating up all your bandwidth. bittorent and streaming audio can easily bring a WAN link to it's knees. unless you have some sort of bandwidth intensive app that is scaling with your business, you just need to cut that traffic out! it's not worth the added expense. you can get cable or satelite music services for a lot cheaper than an additional t-1!
As well as banning Video, BT and iTunes, or choking them down to a reasonable level, you can consider going to Cogent and getting a really cheap 100 Mbit line for close to 1K a month, if you are lit, and also, some folks at www.fatpipeinc.com make a good policy box for aggregating and distributing bandwidth.
As add-on, I strongly suspect that most businesses can live on a T1 with possible exception of web-surfers that could be shunted over to DSL links allowing VOIP and customer traffic to use the stable T1. Engineering and IT always will want fast downloading pipes so that might be another consideration for a separate broadband feed.
IMHO too many times vendors harvest customers because the client did not calm down and define the issues needing address while a starrry-eyed marketeer manager demanded provisions for servicing millions of new hits.
Many small and inexpensive links could be made to function as a more expensive traditional "T1/frac-T3/T3". It has been done before. Just throwing pipes at it gets to be messy. All must eventually learn what the traffic is and then what the priorities are; what is "bread and butter" busines traffic and what is "nice to have". In that way an understanding of what level of survivability and back-up should be considered.
Perhaps one strategy is to figure the minimal and expected reasonable maximum bandwidth loads these links need to service. Breaking up the different uses and user communities at the site as different user communities may be helpful for modeling. Then with these resulys in mind, see what single mode KISS approaches could satisfy.
The follow-on steps would be the incorporation of a newer brain box with routing rules, filters and BW use limiters from the toy vendors verses home-grown open source projects, time, and funding. Strike a balance you can live with and retain a plan for upgrades.
There are multiple solution sets always available limited by politics, money, time, favored vendors and learning curve - just remember to always propose solutions that you can live with on your own.
And OBTW if there is need to cover that marketing evisioned slam you may be well to look at sever Co-lo with one of your carriers rather than needing that OC-48 drop "just in case".
AZhun
a bright tomorrow comes by new mistakes not by repeating the old ones