Bandwidth usage issues

S

Shocked

Limp Gawd
Joined
Nov 1, 2009
Messages
373
So I know Comcast says they're not enforcing the 250GB bandwidth cap anymore, but they still say they're calling people, and I don't think anything particularly bad can come from fixing whatever problem is going on.

On the 8th this month I noticed my bandwidth was 174GB, after estimating it should be no more than around 60-80GB max.

I'm at 229GB now, and it's been going up by like 8-10GB per day the last few days. I can't figure out where the heck it's coming from. Neither of my computers currently active on my network have been using enough data according to bytes sent and received in "Local Area Connection Status" to account for that, and the only other device I've had connected to my network is my Tivo Premiere XL4, which should be doing nothing more than schedule and service updates but I'm going to try disconnecting it anyway.

I've also never seen anyone on my wireless network (have been checking regularly) and have changed the password a few times recently. I live alone so I should account for all the activity on my network.

Can anyone point me in the right direction to solving this? Comcast has been useless other than telling me there's nothing wrong with the bandwidth meter.

I have a D-Link DIR-655.
 
Wow. That sucks. The problem is there can be so many points of failure it is really difficult to break down easily. Being the nerd that I am I might try something like this.

Less Ideal Solutions:

1) Check each device one by one having only one connected to the network per day (could take many days per device, not ideal, but can narrow down a faulty device)

2) Check/Swap out the NIC's (might not be feasible)

3) Check/Swap out the router


Ideal Solutions:

1) Run a anti-virus scan using either AVG, Avast!, MSE, or Avira followed by MalewareBytes to make sure none of your machines are infected and you're apart of a botnet or allowing someone else to piggyback your machines.

2) Install an alternative firmware on your router to monitor and graph traffic to verify it lines up with Comcast. These ISP bandwidth measurements are shaky at best and have proven time and time again the ISP's have their head up their ass trying to monitor individual usage.

3) Install a PC bandwidth graph software to see if it lines up with the router > Comcast or to compensate if your router is unable to support third-party firmware.

I'd start with that because alternative programs I could think running up that much bandwidth a day would be an on-line "cloud" backup solution that does minimal backing up while the computer isn't in use. For a constant 8-10GB per day it could be a service such as this taking advantage of your normal use pattern.
 
Thanks. I'll have to look into those programs. I wasn't really sure what's out there.

I don't use any kind of cloud services apart from uploading an occasional screenshot or save game to Steam.

How accurate is bytes sent/received in LAN properties? It's telling me one computer has used 4GB over the last 18 days and the other 16GB over the last six days (I suppose between Steam updating programs and streaming videos here and there that could be accurate). If some kind of virus is eating up my bandwidth, is it going to show up there?
 
Yeah the LAN properties are not very good for calculating your bandwidth. I wouldn't trust that at all. Any restart of the computer or random disconnect immediately restarts that meter and even doing some monitoring myself I found it mostly under-reporting. Again those are some unknown variables from the outside looking in.

As far as the rest. No. I would run an anti-maleware/AV scan first and foremost to see if any trojans/viruses are on your system and see if removing them corrects the issue. You can hit two birds with one stone if you monitor the traffic via DD-WRT (router) or via a software program on your PC designed for that (Google as I've never relied on those myself, just the router).

By using real-time data analysis (bandwidth monitoring), netstate in the command line, and historical monitoring (DD-WRT/PC Software to record hourly/daily/weekly/monthly bandwidth used) you can narrow down the results. You could see more clearly if anything is looking fishy on your side. Also these records will give you proof to verify with Comcast should you need to (going over cap allotments) if your side is showing less daily usage than what their meter on-line is showing.

Also could be you are just using it and forgetting to factor in some daily things like streaming/youtube videos/gaming :p
 
Install DU Meter on everything you can, shut down WiFi if at all possible. I had a few months of anomalous bandwidth usage that I narrowed down to amazon unbox, which for some reason was downloading ~200MB of data every hour, uninstalled that and my monthly BW usage dropped by over 150GB.
 
Is there a good, secure boot time antivirus? I know I can use the one in Avast, but since Avast is already installed couldn't its virus definitions already be compromised?

I think I used to use UBCD, but I might not be remembering correctly because I don't see any AV programs listed.
Liger88 said:
Also could be you are just using it and forgetting to factor in some daily things like streaming/youtube videos/gaming :p
Click to expand...
I wish. A few days ago I saw it spike 7GB in the span of about six hours from when I got up to when I got home. Then I thought maybe it was the meter catching up from the day before, but... I was barely even home that day, either. My usage patterns haven't changed and I've had to keep an eye the meter for several years and have become pretty good at predicting the amount of bandwidth I use.

In the 8 days I used up 174GB I watched around 7 hours of Netflix and downloaded about 40GB worth of games/updates on Steam. During that time I pretty much played nothing but singleplayer Anno 2070 and TW: Shogun 2, and barely even looked at Youtube. :(
-Dragon- said:
Install DU Meter on everything you can, shut down WiFi if at all possible. I had a few months of anomalous bandwidth usage that I narrowed down to amazon unbox, which for some reason was downloading ~200MB of data every hour, uninstalled that and my monthly BW usage dropped by over 150GB.
Click to expand...
Seems like an awesome program. I'm digging around it now.

Everything looks good on my main computer so far, though. Looks like I'm using like 20MB an hour just idling. Guess I'll see what it works out to over a day's worth of actual use.
 
Netflix could be accountable for like 60GB if it was HD. That's ~100GB of your usage. So just how much youtube?
 
Skillz said:
Netflix could be accountable for like 60GB if it was HD. That's ~100GB of your usage. So just how much youtube?
Click to expand...
7 hours of Netflix could account for 60GB? There's no way. I've kept up with its usage for a very long time and it's never been anywhere near 8GB/hour. I was also sick last month which basically led to watching right around 100 hours of Netflix HD, plus at least 50GB of downloading games on Steam, and the meter only hit 319GB.

I also spend very little time on Youtube. Especially in those 8 days, I barely even remember looking at it.

DU Meter says I've used about 4GB in the last 2.5 days since I installed it, or I guess about 1.6GB per day. WiFi is down and there's nothing else on my network currently. Probably a good time to reboot my other computer and install it there.
 
Unfortunately you have a router that doesn't support dd-wrt or Tomato. That would be the first thing I would suggest, even if you get your bandwidth issues resolved running dd-wrt, Tomato, or pfSense is a must in my opinion. Having run dd-wrt, Tomato, and pfSense for many many years I seriously don't know how people live with the stock firmware/OS on routers these days.

You can also switch to openDNS for your DNS lookups and sign up for an account with them (its cheap) so you can see if there is any strange activity at the DNS level.
 
diizzy said:
@ Krazypoloc
...and just how would ha 3rd party firmware help?
//Danne
Click to expand...

Some third party router software/firmware packages show bandwidth by device on the network.

So...very easy to see what's using your bandwidth.
 
Ultimately a firewall/routing VM/appliance is the best way to keep tabs on what's really happening in your network
 
WTF???

Start simple....unplug the router when you are not around.

Plug the router in...disable the wireles.

Look at the connected devices....verify all of them by MAC address.

Look at the connection lights for each port. If you have a computer or device moving data the port light will be blinking.

How many devices do you have?

How many wired? How many wireless.

You should be using wireless N WPA2 AES, are you?

Once you've narrowed the possibilites down start doing some of the other suggestions in this thread....but seriously... Why even have the router online when you are not around to use it. Unplug the thing! Start there.
 
Right, because using decent tools to quickly track a problem is just ridiculous :rolleyes:
It's not like it was recommended to buy a gas chromatograph to sample odd-colored light under his foundation or something.

Unplugging the router doesn't solve the problem; it hides it.
Same for disabling wireless.
Verifying MAC addresses is good, make a list of them and attached equipment
Port lights blink all the time- activity lights are virtually useless past showing there is activity or there is way too much activity when they are solid. Anything in between is a WAG.
Number of devices is irrelevant once it goes past one, same for wired vs wireless

Is this seriously how you would troubleshoot the issue on a business network? Just unplug everything, problem solved?

Mackintire said:
WTF???

Start simple....unplug the router when you are not around.

Plug the router in...disable the wireles.

Look at the connected devices....verify all of them by MAC address.

Look at the connection lights for each port. If you have a computer or device moving data the port light will be blinking.

How many devices do you have?

How many wired? How many wireless.

You should be using wireless N WPA2 AES, are you?

Once you've narrowed the possibilites down start doing some of the other suggestions in this thread....but seriously... Why even have the router online when you are not around to use it. Unplug the thing! Start there.
Click to expand...
 
I've already done most of what he's suggesting, anyway, other than unplugging the router (that's terribly inconvenient - not only in the time it takes to boot up, but the location of it). I already keep track of ALL the devices on my network.

I might replace this D-Link, anyway. I can't remember ever having my net choke so hard when I'm downloading stuff than with the two DIR-655's I've owned.
 
Mackintire said:
WTF???

Start simple....unplug the router when you are not around.

Plug the router in...disable the wireles.

Look at the connected devices....verify all of them by MAC address.

Look at the connection lights for each port. If you have a computer or device moving data the port light will be blinking.

How many devices do you have?

How many wired? How many wireless.

You should be using wireless N WPA2 AES, are you?

Once you've narrowed the possibilites down start doing some of the other suggestions in this thread....but seriously... Why even have the router online when you are not around to use it. Unplug the thing! Start there.
Click to expand...

A lot of routers do not list 'connected devices', they only list devices that have claimed a DHCP address.
 
I saw an issue like this on a business network once. The firewall was blocking an update to an IM client that most of the machines had on them. So what happened was the clients would initiate a download of the update, then the firewall would block it, so the client would initiate another download, etc.

You might check that type of thing as well?
 
RocketTech said:
Right, because using decent tools to quickly track a problem is just ridiculous :rolleyes:
It's not like it was recommended to buy a gas chromatograph to sample odd-colored light under his foundation or something.

Unplugging the router doesn't solve the problem; it hides it.
Same for disabling wireless.
Verifying MAC addresses is good, make a list of them and attached equipment
Port lights blink all the time- activity lights are virtually useless past showing there is activity or there is way too much activity when they are solid. Anything in between is a WAG.
Number of devices is irrelevant once it goes past one, same for wired vs wireless

Is this seriously how you would troubleshoot the issue on a business network? Just unplug everything, problem solved?
Click to expand...

Easy tiger, what Mackintire is suggesting is problem isolation. He thoguths weren't on a permanent basis, that's why it's called troubleshooting... And the user already stated that it's a home network anyway. What difference does it make? I know what my skil level is, and you know what yours is, but we don't know what the OP's is. Sometimes you have to start basic and work up from there. :)
 
Nate7311 said:
Easy tiger, what Mackintire is suggesting is problem isolation. He thoguths weren't on a permanent basis, that's why it's called troubleshooting... And the user already stated that it's a home network anyway. What difference does it make? I know what my skil level is, and you know what yours is, but we don't know what the OP's is. Sometimes you have to start basic and work up from there. :)
Click to expand...

I understand what Mackintire was trying for, but I objected to his 'WTF?' comment for some good advice (not just from me).
Unplugging the router doesn't help isolate the issue for troubleshooting, it just isolates the LAN from WAN. The first step to solving a problem is verifying and repeating the issue. How is the issue (excessive WAN->LAN traffic) going to be verified/repeated with the gateway down? I gave notes on the other issues.
You are totally right on experience level, the posts before mine did a good job of running the gamut from simple to more complex. This is a forum- if someone doesn't understand, all they have to do is post a question.
I also understand the OP did not have a business network, but I figure most experienced users come from business backgrounds. Good troubleshooting is good troubleshooting.
If I wanted to be a dick and suggest unobtainable troubleshooting tools for the OP, I would have recommended a port-mirroring switch and network analysis appliances like OptiView or NetworkTimeMachine.
It's OK to stretch knowledge a little. :)
 
You must log in or register to reply here.
Back
Top