Switching from pfsense...need ip-specific bandwidth control: suggestions?

Discussion in 'Networking & Security' started by The Chosen One, Sep 23, 2007.

  1. The Chosen One

    The Chosen One [H]ard|Gawd

    Messages:
    1,290
    Joined:
    Feb 4, 2001
    Hi guys, im currently using pfsense and in most aspects, i love it.

    Its free, you get good support from the forums, it does almost everything i want it to....except one fairly major thing:

    Bandwidth monitoring and control.


    While there are a few programs that allow interface-based control and monitoring, there doesnt seem to be any way (as yet) to reliably monitor how much bandwidth is being used by each IP address, or to set download/upload limits, or limit the speed per IP.

    BandwidthD looked like it would be a great solution to half this problem, but after an extensive bounty on the forums, it seems to be settled that there are some very fatal flaws in it that are not likely to be corrected in the short term.


    Now i have used ClarkConnect (for a few weeks), and while this supports IP-specific speed control, i couldnt get a reliable measure of how much each IP was downloading over a 30-day period. Plus, its not free and id rather find an open source solution if at all possible.


    Basically what i want, is pfsense, but with the following features:

    - Ability to record how much each IP address is downloading and uploading per month
    - How much the WAN connection is being utilised at any particular point in time (like the pfsense Traffic Graph)
    - Ability to limit the speed available to each IP address (mostly to help VoIP work better)...e.g. 10kB/s to 192.168.0.101 and 50kB/s to 192.168.0.102

    - Ability to set caps (per IP) after a certain download quota is reached (a bit like an ISP does), as too often we go over our cap too early and i would prefer to keep some in reserve



    I consider points 1 and 3 to be crucial, point 2 is fairly important but not critical if 1 and 3 are present...and point 4 would be nice, but not necessary.


    So does anyone have any suggestions to that would meet my criteria?



    Thanks in advance guys
     
  2. Malk-a-mite

    Malk-a-mite [H]ard|Gawd

    Messages:
    2,023
    Joined:
    Feb 16, 2002
    Two quick things, one Clarkconnect has a free version and two they have the source code available.
    http://download.clarkconnect.com/community/sources/4.x/

    Also, there used to be a pretty nice addon for measuring bandwidth by host they I ran before I switched from Clarkconnect to another product (Endian) that I found from surfing the forums. I'll see if I can figure out what the heck it was called.

    EDIT:
    http://www.clarkconnect.com/forums/showflat.php?Cat=0&Number=85596&an=0&page=0#Post85596
    Or maybe I'll find it's the first post in the networking forum for Clarkconnect, good luck either way.
     
  3. MrGuvernment

    MrGuvernment [H]ard as it Gets

    Messages:
    19,169
    Joined:
    Aug 3, 2004
    i am in the same boat, i want something that doesnt need a client install and can track it... i wouldnt think it would be that hard, but iguess so.
     
  4. The Chosen One

    The Chosen One [H]ard|Gawd

    Messages:
    1,290
    Joined:
    Feb 4, 2001

    hehe...source code isnt going to do me much good, pfsense was my very first foray away from Windows ;).

    But the rest is interesting....this free version, what features do you miss out on? anything that i'll really miss?



    also...does Endian have the features im looking for?
     
  5. Timbowens

    Timbowens [H]ard|Gawd

    Messages:
    1,083
    Joined:
    Dec 12, 2006
  6. The Chosen One

    The Chosen One [H]ard|Gawd

    Messages:
    1,290
    Joined:
    Feb 4, 2001
    hmm ive got it all installed now (CC4.1 that is) but im not sure what program you were referring to?

    That thread lists quite a flow (netflow and ntop in particular). Most of them don't look like they do what i want, NetFlow Analyzer seems to require Cisco stuff to work, and Ntop (which i installed) seems to provide too much info and doesn't sort by Local IP.

    I want to know what each local IP has used over a given period in terms of data transfered by that IP over the WAN interface, and NOT the LAN interface. Don't want it to count local transfers as part of the stats.


    cheers.
     
  7. The Chosen One

    The Chosen One [H]ard|Gawd

    Messages:
    1,290
    Joined:
    Feb 4, 2001
    hmm, Im not really sure how the first one works (i.e. how its deployed within the network), but isnt it windows based?


    and the 2nd one seems to run off Netflow information (like Netflow analyzer) which i dont have.