Tim wrote:
On Sun, 2007-11-11 at 14:59 -0500, Bob Goodwin wrote:
I have a system diagram you can view at:
http://users.wildblue.net/bobgoodwin/sys071031.png
Well, looking at your network, you could use MRTG with the 192.168.1.1
device to measure the traffic going through your LAN (and for anything
outside that managed to connect to it through your wireless networking).
All your LAN traffic (including intruders) goes through it before making
out to your microwave internet connection.
I think you'd only need to try and directly measure the wildblue
receiver if it was capable of wireless connections directly with someone
else. Is it wired to the dish, or does it use a wireless link between
the receiver box and the dish?
You could probably, also, use MRTG on the other wireless LAN
switches/bridges, to see which ones are the busy ones. Though that'd
mean a plethora of different graphs. If you wanted to trace out where
the traffic was coming from, I think you'd want to log your 192.168.1.1
device quite thoroughly, when run a logging analysis tool on it, rather
than just a MRTG graph.
Yes, I agree, I really don't want graphical information. I was just
curious to see mrtg work, unfortunately I haven't had any success with
it and my problems with usage are demanding immediate attention!
"tcpdump" looks like it should produce the kind if information I need
and it certainly cranks out a long list in short order but I haven't
been able to find anything of significance [to me] in it? Although it's
being fed from the ethernet hub connected at the modem before the router
most of what I see is dns inquiries from box10 [192.168.1.10] connected
to it?
Linksys identifies the hub as "EFAH05W - EtherFast® 10/100 5-port
Auto-Sensing Hub." I'm not sure what it "auto-senses?" but I hope it is
passing everything it sees at its input.
I also tried "iptraf" which collected data for a couple of days but
showed something on the order of 20 mB received while Wildblue claimed I
used a lot more. See my notes below:
11/12/2007 17:05:25 949 8626
11/13/2007 03:17:39 1001 9072 +446 mB in 8 hours and 12
minutes!
Almost half a gigaByte download increase overnight, plus 52
mB uploaded!
The curious thing is that this does not agree with my
measurements of data transferred at the ethernet connection
at the Wildblue receiver over the last 58.43 hours? I show
show 18.3 mB incoming and 2.1 mB outgoing. Am I only seeing
traffic addressed to my computer? I need to verify that
part of my test setup.
This morning my activity has continued to go up despite our best efforts
to control it.
11/15/2007 12:20:13 1231 10177
Any suggestions as to how best to use tcpdump or iptraf would be
appreciated. I'm not even certain that my attempt to measure activity
has not caused an increase? I guess I'm really in over my head ...
Bob Goodwin
