Professional Documents
Culture Documents
--------------------
A Project Study
Presented to the Faculty of the
College of Information and Computing Science
Saint Louis University
--------------------
--------------------
By:
Willy S. Olivete, Jr.
-------------------Date:
April 2009
Abstract
The Internet and network connection of developing countries such as the Philippines is
affected by its bandwidth. Even at this time when internet connectivity is rapidly
increasing among households and private entrepreneurs, bandwidth cost is considerably
high. Private companies and educational institutions in the Philippines need to find ways
in order to maintain speeds that are more or less equivalent to household internet access
of more developed countries. Although there have been some price drops on bandwidth
offered by Internet Service Providers (ISPs) primarily because of stiff competition, rapid
technological innovations, and better implementation of existing and emerging
technologies. Companies may be able to afford higher bandwidths now but there is the
need to be guaranteed of maximum benefit from these connections. So either theres low
or high bandwidth, bandwidth management becomes an important network administrative
function. Bandwidth is not only limited to the internet connection or wide area network
(WAN), it also applies to the bandwidth within the local area network (LAN). A
bandwidth thats not fully optimized and well managed will eventually become the
bottleneck in a network infrastructure. This research therefore attempts to find ways on
how to optimize bandwidth connections so it can deliver quality services to its users
regardless of how much bandwidth there is. This research explores the vast resources
from the open source technologies that are as effective as their commercial counterparts
and have a significant advantage on cost reduction benefit. Different areas will be
explored on techniques for bandwidth management and come up with practical solutions
for bandwidth needs.
TABLE OF CONTENTS
Tile Page..
ABSTRACT
INTRODUCTION..
Network Monitoring
Implementation
18
Policy
26
CONCLUSION
27
REFERENCES
28
BIOGRAPHICAL STATEMENT...
29
DISCLAIMER.
30
Introduction
When computers are connected for dial-up, DSL (Digital Subscriber Line), or wireless
internet connection, the term bandwidth is often encountered. So what is bandwidth?
Bandwidth in computing terms is a measurement of computer network speed. It is
expressed as the amount of data that can be transmitted during a fixed period of time
measured in bits per second (bps)1. In other words, it is the overall capacity of a
connection. Network performance is often associated with its amount of bandwidth. It is
often perceived that network performance is improved if theres a bigger bandwidth
capacity. A standard dial-up modem access using a digital telephone line can support a
peak bandwidth of 56 Kbps (kilobits per second). Larger organizations and internet cafes
can choose from several bandwidth options. This can range from 64 Kbps to 2 Mbps or
more. Example, a bandwidth of 2 Mbps means that you are able to transmit 2,000,000
bits in a second. That would be equivalent to 250 Kbytes per second if converted into
bytes. Thats roughly a modest jpeg image file downloaded within a second.
theoretical throughput is not fully utilized is due to network deterioration and there are
several reasons for this.
Bandwidth capacity has a limit and if too many users request information at the same
time, this will slow down network connectivity. So, what most companies do is to simply
order more bandwidth to accommodate the increase in network traffic. Acquisition of
bandwidth however would mean additional cost and requires justification to top
management. Statistics and data are needed to show actual reports of bandwidth usage
and performance status. This can be provided by reports generated from monitoring and
measuring bandwidth consumption.
Country
Internet Connection
Cost
Developing Countries
Philippines
512/256Kbps
ADSL
$ 40
Vietnam
Indonesia
South Africa
512/256Kbps
512/256Kbps
512/256Kbps
ADSL
ADSL
ADSL
$ 40
$ 45
$100
Developed Countries
UK
USA
Australia
Canada
512/256Kbps
1.5Mbps/896Kbps
1.5Mbps/512Kbps
5Mbps/800Kbps
ADSL
ADSL
ADSL
ADSL
$15
$33
$35
$30
2. To be able to ascertain if the ISP is providing the correct bandwidth thats being
paid for. ISPs can always tell clients the amount of bandwidth but how do clients
on their side know if they are getting the correct bandwidth.
2
ADSL Service Cost Comparison (2006). Retrieved January 29, 2007, from
http://www.hellkom.co.za/research/adsl2.htm
Australia Broadband. Retrieved January 5, 2009, from
http://www.socialtext.net/broadband/index.cgi?australia
Living in Vietnam. Retrieved January 6, 2009, from
http://www.livinginvietnam.com/vietnam/internet_mobilephones.htm
Internet Options in Indonesia. Retrieved January 6, 2009, from
http://www.expat.or.id/info/internetaccess.html#ADSL
Canada ADSL Providers. Retrieved January 6, 2009, from http://www.allisp.info/canada/adsl-dslproviders.html
According to the studies made by Flickenger (2006, p.4) there are three components of
bandwidth management that are interdependent with one another. These are:
1.)
2.)
Implementation. With the information gathered, what are the things that need to
be done in order to improve network performance. These actions should always
be in line with the policies of the company. Examples of these actions include
applying traffic shaping, filtering, caching, and quota systems among others.
3.)
Policy. These are now the written documents, procedures, and definitions of
abuse that will guide the overall use of the network. An example is the Acceptable
Use Policy (AUP) which is a subset of this component and contains how to use
the network that is acceptable and what sanctions that needs to be implemented
for violations for unacceptable use.
The succeeding paragraphs discuss each component in detail and in relation to how it is
used or will be used within the SLU Network.
I. Network Monitoring
In order to manage something, it has to be measured. This can be accomplished by using
tools and software. With Network Monitoring, logging and analysis tools will be utilized
to be able to accurately record traffic flows, utilization, and other performance indicators
on a network. It shows numerical as well as graphical and visual representation of what
is going on in the system. These tools allow the administrator to view the health and
status of the network. It provides information about collected data which maybe in the
form of numerical data, logfiles, or data from a database. It allows administrators to
isolate traffic problems and congestions. These tools are used to identify services or
servers, monitor usage and statistics on network devices such as switches, routers,
servers, and access points. They can be used to troubleshoot problems, investigate a
security incident, and keep logs of user activities for accountability.
Network Monitoring Tools should be able to acquire information of the network such as:
Frequently used services on the network (Web, Proxy, Email, FTP), top users (Students,
faculty, staff, visitors, hackers), purpose (Academic Study, Research, Social Use,
Business Use, Illegal Use), location of users (Inside, Outside), method of access (Remote
User via telnet, Local Ethernet, WAN, Dial-Up, WI-FI, VPN), time (Today, Yesterday,
Last Week, Last Month, Time), unusual activities (Bandwidth hogs, spamming, network
virus), and traffic patterns.
There are several ways of performing monitoring within the SLU Network:
1.) Issuing spot checks such as ping and traceroute commands.
2.) Setting up trending tools that will monitor patterns over time.
3.) Realtime alert systems such as setting thresholds and when this threshold is
reached an email alert the administrator.
4.) Benchmarking to be able to establish a normal working condition of the system
and use that as a basis for day-to-day monitoring.
1. Ping
The ping command uses ICMP packets to attempt to contact a specified host, and tells
how long it takes to get a response. It can be used to determine the location of network
problems by pinging computers in the path between the local machine and the final
destination.
2. Traceroute
The traceroute command is used to find locations of problems between a computer and
any point on the internet.
3. Mtr
The mtr command is a spot check tool and it combines the ping and traceroute
commands.
Figure 1 shows the MRTG graph of SLU gateway router named slu-gw2650xm with a
maximum bandwidth of 2 Mbps. Green color indicates the downlink utilization; blue
color indicates the uplink utilization. It can be seen that the downlink utilization is fully
utilized at almost 100%. Utilization drops at around 6 or 7PM and starts to peak again at
around 7:30 AM the following day.
10
Figure 2 shows an MRTG graph of the same router but this time the bandwidth have been
upgraded to 6 Mbps. It can be seen that the downlink utilization is still almost fully
utilized. The graph also shows that there is utilization until around 10:30 PM, this is
because the dormitories (Ladies and Mens Dorm) are now connected to the network via
a wireless bridge and are allowed to access the internet during this times.
11
12
Figure 3: NTOP
6. Webalizer
The webalizer is a web server log file analysis program. It produces detailed and
configurable reports in HTML format which can be viewed with a standard web browser.
13
Figure 4: Webalizer
14
Figure 5 OpManager
Bandwidth Congestion is a familiar problem that is always experienced. So what are the
symptoms or indications of Bandwidth Congestion? These symptoms may actually lead
to a more general form of the problem, so it is best to be able to identify symptoms
immediately. The key here is that administrators should have enough knowledge and
information to determine potential problems which should be done in a logical process. It
is important to establish baselines that provide graphs that show patterns over a period of
time and that way it would be easy to detect problems if there are changes in the patterns.
MRTG and RRDTool can be used to establish baselines.
Figure 6 shows an MRTG graph that indicates a low usage on Sundays. This is because
employees are on weekend vacation during this time. So if there is a huge usage during
this time, then it would be logical to determine what causes the sudden increase in
bandwidth use.
15
Figure 6 MRTG
The SLU network like other typical network environments, shares the same general
symptoms experienced by network infrastructures.
This tells us there is 100% packet loss, in this case there is no connectivity at all.
Example:
ping www.cnn.co.za
PING www.cnn.co.za (64.37.119.13) 56(84) bytes of data.
64 bytes from d715.webminders.com (64.37.119.13): icmp_seq=1 ttl=112 time=310 ms
64 bytes from d715.webminders.com (64.37.119.13): icmp_seq=2 ttl=112 time=288 ms
www.cnn.co.za ping statistics
3 packets transmitted, 2 received, 33% packet loss, time 2003ms
rtt min/avg/max/mdev = 288.777/299.689/310.602/10.926 ms
This tells us that we have a 33% packet loss, this may be the result of an overloaded
link.
2.) General Slowness
16
3.) Timeouts
Timeouts may mean that a link is down but this is not always the case. This could
be a symptom of a congested circuit.
4.) Latency
An example of latency is Round Trip Time (RTT) which is the amount of time for
a reply to be received. The more congested a network, the higher the latency.
17
3.) Viruses
Network viruses doing a network scan can utilize much bandwidth.
6.) Spam
Spammers can use open relay servers and use the bandwidth.
II.
Implementation
Before implementing anything, a good monitoring tool should be in place and policies
should have been formulated. Policies are very important because we cannot implement
actions if we do not have any reasons for doing it. Doing so without any policy will result
to user complaints, misunderstanding, and angry users.
18
Here are some techniques that have been adopted or can be adopted by SLU with regards
to optimization.
A.
B.
Optimize Email
1. Limit attachments.
2. Filter email on the server.
3. IMAP instead of POP.
4. Dont send spam.
C.
Firewall
Firewall is used to protect the network from undesirable traffic. It can be used to deny
access to peer-to-peer file sharing services, prevent unauthorized connections to servers,
and filter inbound and outbound traffic. As a general policy there are two models that can
be implemented. One is Everything is permitted, except what is explicitly denied. The
other is Everything is denied, except what is explicitly permitted3. The first approach
may seem easier from an administrators point of view, but it is far less secure, and can
be difficult to maintain. It would be much easier to deny traffic first, and make exeptions
for legitimate traffic as the need arises.
There are four rules of standard policy for a solid network firewall:
1. Allow already established and related connection traffic.
2. Allow TCP/IP SYN packets to the services you wish to permit.
3
19
Example:
1.) Access List Implementation
access-list
access-list
access-list
access-list
access-list
access-list
access-list
access-list
access-list
access-list
101
101
101
101
101
101
101
101
101
101
permit
permit
permit
permit
permit
permit
permit
permit
permit
permit
D.
Proxy Servers
The proxy server is an intermediary application that sits between clients and servers.
They can be used to control access, record activities, and convert between protocols.
Figure 7: SLU Network Proxy Layout
20
When a user opens up a browser, an authentication dialog box prompts the user for a
username/password combination. This username/password is then matched against the
mysql database running on the proxy server. If a match is found then the user is allowed
access.
In the squid configuration file found in /etc/squid/squid.conf the following lines trigger
the username/password authentication.
auth_param basic program
/etc/squid/bin/sqauth
acl password proxy_auth REQUIRED
http_access allow password
http_access deny all
There are two scripts running: squath and squid2mysql. The sqauth is a perl script that
authenticates username/password combination against a mysql database. The
squid2mysql is a program running on the background that collects logs from
/var/log/squid/access.log and dumps them to the mysql database.
21
22
In SLU, we have implemented an anti-spam firewall with the following settings as shown
by Figure 12.
23
Figure 12
Figure 13 shows an image of a logfile for the settings that have been configured.
Figure 14 show the visual representation for the settings.
24
Figure 13
Figure 14
25
III. Policy
Bandwidth management and optimization are often regarded as technical matters and
therefore requires technical solutions in its administration. So why is policy included as
one of its components? Policy is an essential component because without it, technical
solutions will be difficult to implement and would become less effective. There should
always be a reason for implementing things. Policies will provide the framework for
defining how a network is used and how technical solutions should be implemented.
The Policy will contain procedures and written documents that guide the overall use of
the network. An example is Acceptable Use Policy (AUP) which is a subset of policy.
AUP sets out in technical detail what uses of the network are believed by the network
operators to be acceptable, and what they intend to do to anyone who uses it in a manner
that is considered unacceptable. It is a written document that defines acceptable forms of
network access, guidelines on how to deal with network problems, definitions of abuse,
definitions of legal constraints for users (ex. use of pirated softwares, access to
inappropriate materials), and other operational details. A policy allows administrators to
enforce certain type of network behavior and be able to compel users to agree to a set of
rules.
Example: (http://www.slu.edu.ph/inet/services/access_policies.jsp)
Responsible, ethical use of Internet resources includes the following:
Using resources for research, educational, and informational purposes only: not for
unauthorized, illegal or unethical purposes.
26
Conclusion
The SLU network like any other network infrastructure has its weaknesses and the goal is
to build a network that is optimized. To achieve this, network resources should be
managed effectively so bandwidth is fairly accessible by everyone. Bandwidth
management and optimization is a key administrative function in a network environment
and will be an ongoing process of network monitoring, implementation of essential
procedures, and formulation and strengthening of policies. The reason is the constant
change and evolution of network infrastructure. It becomes indispensable therefore to be
up-to-date on existing technologies and to be aware of emerging technologies to have
effective optimization techniques. So the implementation of open source solutions to the
network will be a work in progress. It will be a continuing research, evaluation, and
implementation that will adapt to the changes and evolution of the network which leads
to achieving the goals and make in effect the policies of the organization.
27
References
Flickenger, R., Belcher, M., Canessa, E. (2006). How to Accelerate your Internet (1st ed.).
Trieste:INASP/ICTP
How Stuff Works (2009). Retrieved February 20, 2009, from
http://computer.howstuffworks.com/wireless-network1.htm
TechnInfo (2009), Retrieved February 20, 2009, from,
http://www.clove.co.uk/viewTechInfo.aspx?Content=3B2BD491-6465-4C70ABDB-5A12A06C3D8D&Category=TECHINFO
28
Biographical Statement
Mr. Willy S. Olivete, Jr. is currently employed as a Systems Administrator of SLU at the
SLUNet Office. He completed his degree in Bachelor of Science in Information
Technology at St.Louis University.
Providers in the Philippines namely SkyInternet, Mozcom, and Flash Internet. Hes also
been a developer and consultant at Q-Linux, a Manila based company that advocates
Open Source technologies.
29
Disclaimer
I understand that by guaranteeing originality, I am declaring that this work has not
paraphrased, edited, summarized, rearranged and/or copied any information from any
website, book, journal, essay, unpublished thesis, or any other source, either in whole or
in part. I also would like to declare that all of my sources in this undertaking are fully and
properly acknowledged.
Noted by:
__________________________
Graduate Program Coordinator
30