Re: Fwd: Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
Stefan Monnier wrote: >> Basically anything that can run Debian and has two suitable >> ethernet ports will do. An old laptop? One of the shiny little >> Raspberry-Pi style devices? (Probably not the Pi itself; it only >> has one ethernet port.) > > I use a BananaPi for that. It has 3 network interfaces: > - the ethernet one, which I use on the DSL side. > - the wifi (I used an external USB dongle for that, for various reasons). > - the USB-OTG which I use to connect my main desktop (effective > bandwidth on this one is a bit more than 10MB/s, so slower than > a gigabit ethernet but plenty for my needs). > The reason why I like those critters: > - supports SATA. > - very low power consumption (e.g. I measured 5W at the "mains", > including a 2TB HDD spinning). > - runs stock Debian, including stock kernel, so I don't have to worry > about lack of security fixes down the road. > So I use them (one at home, on at the office) as router-plus-NAS, > running things like OpenVPN, Squid, OwnCloud, MusicPD, ... > Having a full Debian system means that I can trivially install pretty > much anything that I might need, using the same old tools I already know > and love. > > > Stefan A Ubiquiti Networks ER-X (or ER-X-SFP) perhaps? 5 ports that can be set up in any combination of routed / switched ports that you want (from 5rtr/0sw to 0rtr/5sw). the base system is Debian Wheezy, with EdgeOS (a vyatta 6.x fork) running on top. Granted, they're a fair bit more limited than the RPi in terms of CPU / RAM / "permanent" storage though. -- |_|O|_| Registered Linux user #585947 |_|_|O| Github: https://github.com/dpurgert |O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5 4AEE 8E11 DDF3 1279 A281
Re: Fwd: Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
> Basically anything that can run Debian and has two suitable > ethernet ports will do. An old laptop? One of the shiny little > Raspberry-Pi style devices? (Probably not the Pi itself; it only > has one ethernet port.) I use a BananaPi for that. It has 3 network interfaces: - the ethernet one, which I use on the DSL side. - the wifi (I used an external USB dongle for that, for various reasons). - the USB-OTG which I use to connect my main desktop (effective bandwidth on this one is a bit more than 10MB/s, so slower than a gigabit ethernet but plenty for my needs). The reason why I like those critters: - supports SATA. - very low power consumption (e.g. I measured 5W at the "mains", including a 2TB HDD spinning). - runs stock Debian, including stock kernel, so I don't have to worry about lack of security fixes down the road. So I use them (one at home, on at the office) as router-plus-NAS, running things like OpenVPN, Squid, OwnCloud, MusicPD, ... Having a full Debian system means that I can trivially install pretty much anything that I might need, using the same old tools I already know and love. Stefan
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
Eike Lantzsch wrote: > On Thursday, 2 February 2017 11:19:59 PYST rhkra...@gmail.com wrote: >> I'm sending this to the Debian user list first, even though it is >> probably somewhat OT. >> >> Background: Recently I started monitoring how many packets are going >> through >> my LAN to my ISP (Earthlink (DSL)). I have (or maybe had) some thought >> about considering a switch to HughesNet satelite service, which has some >> low limits (before slowdown) on how many bytes you can download per month >> (without looking, I think the limits are like 5, 10, and 15 GB). >> > Excuse me please for writing this on a Debian list, but ... I see the > flame war coming ... > > I'm using this board > http://www.pcengines.ch/apu1d.htm > I am using similar board to build a router but with debian minimal installation. The setup is as follows telco modem -(wired/DMZ)-> debian(router/firewall) -> switch (unmgd) -> network0 | | | +-> switch (unmgd) -> network1 +-> wireless The advantage here is that all wireless are outside the firewall. In your case it would be telco modem -(wired/DMZ)-> debian(router/firewall) -> switch (unmgd) -> network0 | +-> wireless network and the board suggested will fit the need from the specs
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, Feb 04, 2017 at 07:46:16PM +0900, Mark Fletcher wrote: > On Sat, Feb 04, 2017 at 10:56:50AM +0100, to...@tuxteam.de wrote: > > > > On the contrary: I'd be ready to flame back. But I don't think anyone here > > would be willing to go beyond a little candle :) > > > That gives me the mental picture of a "candle-war" -- > > "I think you are not completely correct!" > > "Well, I think you are not quite thinking about the problem the right way!" ROFL, thanks for this one :-) - -- t -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAliW+SsACgkQBcgs9XrR2kY1XwCfVNuSWdGZSaULibjIqZqV3TDT XlMAn3WEG6HWcOUCQ2YgB65B55MF473x =Ts+C -END PGP SIGNATURE-
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
On sabato 4 febbraio 2017 11:02:12 CET Dan Ritter wrote: > If, on the other hand, you have a bunch of potential bandwidth > consumers, yes, you'll need a capable switch. Yes, this is my scenario. > EBay says that you can get a used Juniper EX2200-24 (24 gigabit > ports) for $110 or so -- that's a great piece of hardware, very > capable, > > For about the same price, you can get a used Juniper SRX110h or > SRX220h, which are 8 port firewall/routers: but they can also do > LACP on any set of ports. If you have a small network, that > could be really nice. Nice, thanks! SRX220h could be an option, since it has Gigabit eth ports, while 110h hasn't. Considering my current router is pretty limited, it might be the way to go, rather than a switch. 8 ports would be enough for my home LAN.
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
On Saturday, February 04, 2017 09:43:13 AM solitone wrote: > I'm just curious, but I cannot understand how you can have Internet access > from all your devices, considering you just have a modem plus some > switches, but you don't have a router that does Network Address > Translation. Perhaps the modem is in fact a modem/router combo, rather > than a modem-only device? Sorry, yes, the modem is a modem/router combo. And it is from that that I currently get the statistics I mentioned (re used bandwidth).
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
On Sat, Feb 04, 2017 at 04:29:39PM +0100, solitone wrote: > I take advantage of this thread to ask for advice on this topic. My need is a > managed switch with Gigabit ports that supports port trunking (Link > Aggregation Control Protocol, LACP, 802.3ad Dynamic Link Aggregation), to > increase the bandwith to my Network Access Storage. Is there anything on the > marketplace that doesn't cost way too much? Depending on your usage scenario, maybe you don't need one at all. If you have a single Linux box that wants lots of bandwidth to the NAS, you could do this: switch NAS | ||| --Linux box This shows a NAS and a Linux box with four NICs each. One is used to connect to the general network via the switch, and the other three on each device are connected straight across to the companion. You would want to set extra IP addresses on each device so that they can see each other directly through the triple NICs, which can speak LACP without going through a switch. If, on the other hand, you have a bunch of potential bandwidth consumers, yes, you'll need a capable switch. EBay says that you can get a used Juniper EX2200-24 (24 gigabit ports) for $110 or so -- that's a great piece of hardware, very capable, For about the same price, you can get a used Juniper SRX110h or SRX220h, which are 8 port firewall/routers: but they can also do LACP on any set of ports. If you have a small network, that could be really nice. -dsr-
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
I take advantage of this thread to ask for advice on this topic. My need is a managed switch with Gigabit ports that supports port trunking (Link Aggregation Control Protocol, LACP, 802.3ad Dynamic Link Aggregation), to increase the bandwith to my Network Access Storage. Is there anything on the marketplace that doesn't cost way too much?
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
On giovedì 2 febbraio 2017 11:19:59 CET rhkra...@gmail.com wrote: > Layout of the network (for background): > > The Earthlink DSL modem (Westell) is followed by an Ethernet (unmanaged} > switch. > > From that switch there are three cables: > >* One to a WiFi hotspot that is almost always on (but only used by my son > playing games while watching TV) > >* One to my desk [...] There is > an unmanaged Ethernet switch here to connect the various devices. > >* One to my son's desk [...] There is an > unmanaged Ethernet switch here to connect the various devices. I'm just curious, but I cannot understand how you can have Internet access from all your devices, considering you just have a modem plus some switches, but you don't have a router that does Network Address Translation. Perhaps the modem is in fact a modem/router combo, rather than a modem-only device?
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
On Sat, Feb 04, 2017 at 10:56:50AM +0100, to...@tuxteam.de wrote: > > On the contrary: I'd be ready to flame back. But I don't think anyone here > would be willing to go beyond a little candle :) > That gives me the mental picture of a "candle-war" -- "I think you are not completely correct!" "Well, I think you are not quite thinking about the problem the right way!" ... Mark
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Feb 03, 2017 at 05:21:30PM -0300, Eike Lantzsch wrote: > On Thursday, 2 February 2017 11:19:59 PYST rhkra...@gmail.com wrote: > > I'm sending this to the Debian user list first, even though it is probably > > somewhat OT. > > > > Background: Recently I started monitoring how many packets are going through > > my LAN to my ISP (Earthlink (DSL)). I have (or maybe had) some thought > > about considering a switch to HughesNet satelite service, which has some > > low limits (before slowdown) on how many bytes you can download per month > > (without looking, I think the limits are like 5, 10, and 15 GB). > > > Excuse me please for writing this on a Debian list, but ... I see the flame > war > coming ... Not from me. OpenBSD is free software, and while some might see me as GNU zealot, free software is -- um -- free, and that is a Good Thing. Technically, BSD is a very respectable choice too and a community to which we, the Debian community owe a lot, especially in the realm of networking. Just think SSH for one prominent (but not the only) example. On the contrary: I'd be ready to flame back. But I don't think anyone here would be willing to go beyond a little candle :) - -- t -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAliVpWIACgkQBcgs9XrR2kZjjQCeLgWjphoALR5V0UQoyfaCpaX2 McAAn2CGOz4ZT9tTjuIXTiGPAZlCqTJa =W1gn -END PGP SIGNATURE-
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
Aside: I'm fighting a headache today, so my "research" is going pretty slow. I did look at the Ubiquiti EdgeRouter, at least a little bit, but there is apparently a GPL problem. So, I've also found the TP-Link Gigabit VPN Router (TL-R600VPN) (e.g.: https://www.amazon.com/dp/B007B60SCG/ref=psdc_300189_t1_B00YFJT29C ) Any thoughts / comments on that device? )from anybody) On Friday, February 03, 2017 11:53:33 AM Bob Weber wrote: > You might look at the Ubiquiti EdgeRouter X Advanced Gigabit Ethernet > Routers ER-X 256MB Storage 5 Gigabit RJ45 ports abut $50 on Amazon. It > actually runs a small Debian like OS. It is configured by a web interface > and a command line interface through ssh or embedded in the web interface. > It has counters and displays graphs of the current throughput of each > port. The basic router configuration (configured by wizards to get you > started) has one port to connect to the internet (your dsl modem) and > NATed to the other 4 ports set up like a switch. It has a DHCP server to > assign internal IP addresses on your LAN if you want. Mirroring is also > possible through the command line interface. Port rate limiting is also > possible. While I use a Debian box for my main router/firewall I have > been experimenting with a ER-X for a while as a backup in case the Debian > box goes down. > > I also have a TP-Link 5-Port Gigabit Ethernet Web Managed Easy Smart Switch > (TL-SG105E v2.0) about $28 on Amazon. It has a Web configuration interface > (make sure you get the V2.0) and can be easily set up to mirror ports. > This is not a router so it won't protect your internal LAN like the ER-X > would. > > Now to actually monitor the traffic from a mirrored port connected to your > desktop Debian you can use wireshark. It can display traffic in real time > showing source and destination address/names and protocols. It can filter > by IP so you could just see the traffic your son generates. You can graph > the data also. Wireshark has many ways to see the data it collects. My > favorite is "conversations" which shows source and destinations and > packets/bytes transferred. For instance you might see your son's internal > IP going to youtube and the data he uses just to watch a video. > > Another program I use to just watch data amounts being used is vnstat. It > can show data usage by hour, day or month. Just install vnstat on each > Debian machine and have the results of "vnstat -i eth0 -d" emailed to you > every day by a crontab entry. Here is an example of what is on my > outgoing port on my route box. > > vnstat -i eth1 -d > > eth1 / daily > > day rx | tx |total| avg. rate > +-+-+--- > 01/05/2017 4.82 GiB | 274.30 MiB |5.09 GiB | 493.72 kbit/s > 01/06/2017 5.16 GiB | 250.13 MiB |5.40 GiB | 524.53 kbit/s > 01/07/2017 4.13 GiB | 271.32 MiB |4.39 GiB | 426.58 kbit/s > 01/08/2017 4.61 GiB | 267.46 MiB |4.87 GiB | 472.95 kbit/s > 01/09/2017 3.35 GiB | 624.10 MiB |3.96 GiB | 384.68 kbit/s > 01/10/2017 4.72 GiB | 263.63 MiB |4.98 GiB | 483.42 kbit/s > 01/11/2017 5.02 GiB | 303.67 MiB |5.32 GiB | 516.44 kbit/s > 01/12/2017 2.87 GiB | 194.76 MiB |3.06 GiB | 297.22 kbit/s > 01/13/2017 4.44 GiB | 270.56 MiB |4.70 GiB | 456.34 kbit/s > 01/14/2017 4.36 GiB | 244.49 MiB |4.60 GiB | 446.73 kbit/s > 01/15/2017 4.04 GiB | 354.37 MiB |4.39 GiB | 426.23 kbit/s > 01/16/2017 4.60 GiB | 360.85 MiB |4.95 GiB | 480.43 kbit/s > 01/17/2017 4.07 GiB | 269.75 MiB |4.34 GiB | 420.89 kbit/s > 01/18/2017 3.90 GiB | 272.31 MiB |4.17 GiB | 404.66 kbit/s > 01/19/2017 4.70 GiB | 321.41 MiB |5.01 GiB | 486.59 kbit/s > 01/20/2017 4.65 GiB | 294.00 MiB |4.94 GiB | 479.26 kbit/s > 01/21/2017 7.12 GiB | 343.20 MiB |7.45 GiB | 723.52 kbit/s > 01/22/2017 7.23 GiB | 379.96 MiB |7.60 GiB | 737.88 kbit/s > 01/23/2017 5.54 GiB | 290.97 MiB |5.82 GiB | 565.08 kbit/s > 01/24/2017 4.85 GiB | 355.95 MiB |5.20 GiB | 505.09 kbit/s > 01/25/2017 3.48 GiB | 259.62 MiB |3.73 GiB | 362.58 kbit/s > 01/26/201710.14 GiB | 469.21 MiB | 10.60 GiB |1.03 Mbit/s > 01/27/2017 4.94 GiB | 324.84 MiB |5.26 GiB | 510.76 kbit/s > 01/28/2017 5.75 GiB | 332.64 MiB |6.08 GiB | 589.86 kbit/s > 01/29/2017 4.16 GiB | 291.04 MiB |4.44 GiB | 431.41 kbit/s > 01/30/2017 5.93 GiB | 331.44 MiB |6.25 GiB | 606.99 kbit/s > 01/31/2017 3.36 GiB | 247.76 MiB |3.61 GiB | 350.02 kbit/s > 02/01/2017 3.22 GiB | 248.35 MiB |3.47 GiB | 336.53 kbit/s > 02/02/2017 3.87 GiB | 257.72 MiB |4.12 GiB | 399.78 kbit/s
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
On Thursday, 2 February 2017 11:19:59 PYST rhkra...@gmail.com wrote: > I'm sending this to the Debian user list first, even though it is probably > somewhat OT. > > Background: Recently I started monitoring how many packets are going through > my LAN to my ISP (Earthlink (DSL)). I have (or maybe had) some thought > about considering a switch to HughesNet satelite service, which has some > low limits (before slowdown) on how many bytes you can download per month > (without looking, I think the limits are like 5, 10, and 15 GB). > Excuse me please for writing this on a Debian list, but ... I see the flame war coming ... I'm using this board http://www.pcengines.ch/apu1d.htm and this operating system https://www.openbsd.org/faq/faq6.html#Setup building a router https://www.openbsd.org/faq/pf/example1.html and then there are these good books https://www.nostarch.com/pf3 https://www.nostarch.com/obenbsd2e I'm a fan of Debian but everything has its use case and I found that OpenBSD is far safer and far more straight forward, better documented and better maintained than any Linux distribution ever can be. Linux has another focus, which is far wider. OpenBSD limits itself. Mind you: I'm only talking about this use case. And yes, there is a certain learning curve. How steep it is depends on how versed you are with networks - but then I think that also applies to Debian if you set your face on setting up your own router, firewall and network flow analyzer. With Debian it will be easier to shoot yourself into your knee IMHO. But you are the judge. Cheers Eike
Fwd: Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
With Dan Ritter's permission, I'm forwarding this and a few other posts in this thread back to the list. (I unintentionally got the tread off list by accidentally responding to one of his emails directly to him instead of to the list.) --- Begin Message --- On Thu, Feb 02, 2017 at 10:48:09PM -0500, rhkra...@gmail.com wrote: > I started to look for / at pfSense and OPNSense, and came across the Ubiquiti > Networks Ubiquiti Edgerouter Lite ERLITE-3 Desktop Router, available on eBay > for about $100. It's a great box. Pity that Ubiquiti a) violates the GPL b) ships a form of Debian on it, but not enough to build your own version and they are rather lax about upgrades > I don't quite yet know what an edgerouter is (I've seen the term used, iirc, > on some drawings of large networks and / or the Internet). In this case it's a product name. In general, "edge router" simply means a router that directly connects to a customer's network, as opposed to: top of rack: in a data center aggregation: used to bring several edge or top-of-rack units together border: talks to an exchange or a specific foreign network core: lives deep inside your own network > Bbut it sounds like I might find a router (appliance) to do what you > recommend, > and maybe in the range of $100 or so? > > Do you have any recommendations along that line? Basically anything that can run Debian and has two suitable ethernet ports will do. An old laptop? One of the shiny little Raspberry-Pi style devices? (Probably not the Pi itself; it only has one ethernet port.) -dsr- --- End Message ---
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
You might look at the Ubiquiti EdgeRouter X Advanced Gigabit Ethernet Routers ER-X 256MB Storage 5 Gigabit RJ45 ports abut $50 on Amazon. It actually runs a small Debian like OS. It is configured by a web interface and a command line interface through ssh or embedded in the web interface. It has counters and displays graphs of the current throughput of each port. The basic router configuration (configured by wizards to get you started) has one port to connect to the internet (your dsl modem) and NATed to the other 4 ports set up like a switch. It has a DHCP server to assign internal IP addresses on your LAN if you want. Mirroring is also possible through the command line interface. Port rate limiting is also possible. While I use a Debian box for my main router/firewall I have been experimenting with a ER-X for a while as a backup in case the Debian box goes down. I also have a TP-Link 5-Port Gigabit Ethernet Web Managed Easy Smart Switch (TL-SG105E v2.0) about $28 on Amazon. It has a Web configuration interface (make sure you get the V2.0) and can be easily set up to mirror ports. This is not a router so it won't protect your internal LAN like the ER-X would. Now to actually monitor the traffic from a mirrored port connected to your desktop Debian you can use wireshark. It can display traffic in real time showing source and destination address/names and protocols. It can filter by IP so you could just see the traffic your son generates. You can graph the data also. Wireshark has many ways to see the data it collects. My favorite is "conversations" which shows source and destinations and packets/bytes transferred. For instance you might see your son's internal IP going to youtube and the data he uses just to watch a video. Another program I use to just watch data amounts being used is vnstat. It can show data usage by hour, day or month. Just install vnstat on each Debian machine and have the results of "vnstat -i eth0 -d" emailed to you every day by a crontab entry. Here is an example of what is on my outgoing port on my route box. vnstat -i eth1 -d eth1 / daily day rx | tx |total| avg. rate +-+-+--- 01/05/2017 4.82 GiB | 274.30 MiB |5.09 GiB | 493.72 kbit/s 01/06/2017 5.16 GiB | 250.13 MiB |5.40 GiB | 524.53 kbit/s 01/07/2017 4.13 GiB | 271.32 MiB |4.39 GiB | 426.58 kbit/s 01/08/2017 4.61 GiB | 267.46 MiB |4.87 GiB | 472.95 kbit/s 01/09/2017 3.35 GiB | 624.10 MiB |3.96 GiB | 384.68 kbit/s 01/10/2017 4.72 GiB | 263.63 MiB |4.98 GiB | 483.42 kbit/s 01/11/2017 5.02 GiB | 303.67 MiB |5.32 GiB | 516.44 kbit/s 01/12/2017 2.87 GiB | 194.76 MiB |3.06 GiB | 297.22 kbit/s 01/13/2017 4.44 GiB | 270.56 MiB |4.70 GiB | 456.34 kbit/s 01/14/2017 4.36 GiB | 244.49 MiB |4.60 GiB | 446.73 kbit/s 01/15/2017 4.04 GiB | 354.37 MiB |4.39 GiB | 426.23 kbit/s 01/16/2017 4.60 GiB | 360.85 MiB |4.95 GiB | 480.43 kbit/s 01/17/2017 4.07 GiB | 269.75 MiB |4.34 GiB | 420.89 kbit/s 01/18/2017 3.90 GiB | 272.31 MiB |4.17 GiB | 404.66 kbit/s 01/19/2017 4.70 GiB | 321.41 MiB |5.01 GiB | 486.59 kbit/s 01/20/2017 4.65 GiB | 294.00 MiB |4.94 GiB | 479.26 kbit/s 01/21/2017 7.12 GiB | 343.20 MiB |7.45 GiB | 723.52 kbit/s 01/22/2017 7.23 GiB | 379.96 MiB |7.60 GiB | 737.88 kbit/s 01/23/2017 5.54 GiB | 290.97 MiB |5.82 GiB | 565.08 kbit/s 01/24/2017 4.85 GiB | 355.95 MiB |5.20 GiB | 505.09 kbit/s 01/25/2017 3.48 GiB | 259.62 MiB |3.73 GiB | 362.58 kbit/s 01/26/201710.14 GiB | 469.21 MiB | 10.60 GiB |1.03 Mbit/s 01/27/2017 4.94 GiB | 324.84 MiB |5.26 GiB | 510.76 kbit/s 01/28/2017 5.75 GiB | 332.64 MiB |6.08 GiB | 589.86 kbit/s 01/29/2017 4.16 GiB | 291.04 MiB |4.44 GiB | 431.41 kbit/s 01/30/2017 5.93 GiB | 331.44 MiB |6.25 GiB | 606.99 kbit/s 01/31/2017 3.36 GiB | 247.76 MiB |3.61 GiB | 350.02 kbit/s 02/01/2017 3.22 GiB | 248.35 MiB |3.47 GiB | 336.53 kbit/s 02/02/2017 3.87 GiB | 257.72 MiB |4.12 GiB | 399.78 kbit/s 02/03/2017 1.21 GiB | 128.89 MiB |1.34 GiB | 265.66 kbit/s +-+-+--- estimated 2.48 GiB | 262 MiB |2.74 GiB | I watch several hours of Netflix a day so this is pretty high usage. Hope this helps. *...Bob* On 02/02/2017 10:42 PM, rhkra...@gmail.com wrote: > Thanks for the replies (from Dan and Frank)! > > I'm going to do some thinking--at first I just wanted to find out how we were > using so much bandwidth, but, once I do, I might want to try blocking some of > it if
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
Thanks for the replies (from Dan and Frank)! I'm going to do some thinking--at first I just wanted to find out how we were using so much bandwidth, but, once I do, I might want to try blocking some of it if that won't disable pages that I want to look at. I'll look for pfSense or OPNSense--apper doesn't list them for Wheezy, but I'm sure I can find them. I don' think I want to try to use a Debian box as a smart router, I'd rather find a packaged solution. (I've done things like that before--I've learned too much about NAT and such over the last 30 years or so. ;-) Just for posterity, here's an example of a <$30 smart gigabit switch on eBay: NEW NETGEAR ProSAFE GS105Ev2 5-Port Gigabit Web Managed (Plus) Switch http://www.ebay.com/itm/NEW-NETGEAR-ProSAFE-GS105Ev2-5-Port-Gigabit-Web- Managed-Plus-Switch-/381923274422 On Thursday, February 02, 2017 11:58:28 AM Dan Ritter wrote: > On Thu, Feb 02, 2017 at 11:19:59AM -0500, rhkra...@gmail.com wrote: > > Aside: I am actually gobsmacked (I don't think I've ever been gobsmacked > > before ;-)--in a week of monitoring, we (my son and I, but with my son > > gone 8 to 12 hours a day) are downloading 1.5 to 4 GB *per day* (and > > uploading 100 to 300 MB *per day*). > > > > Anyway, I want to try to figure out where all this data is going to and > > coming from, at least in terms of the devices we have on our LAN (I'll > > discuss those below), so I'm thinking that a(n inexpensive) managed > > (Ethernet) switch or two (discussed below) might help me do that. > > I think you actually want a smart router. A Debian box with two > or more network interfaces can be such a thing. > > > One thing I want to do is implement QOS--we have two ObiHai VOIP devices > > (which we use pretty rarely, but still want to keep--they might be used > > for 4 calls / 10 to 30 minutes a week). Sometimes the conversation gets > > pretty choppy, probably depending on what my son is doing at the time (I > > mean, like watching a video or something), so I'm hoping that QOS would > > improve that (assuming the packets from the ObiHai device can be > > recognized--I would think they can based on their (private / on the LAN) > > IP addresses. > > A router can do that better than a switch can. > > > Like I mentioned above, the other thing I want to do is start monitoring > > (at least on an occasional / diagnostic basis) the bandwidth used by > > each device. > > Depending on exactly what you want, either a switch or a router > can help here. > > > Layout of the network (for background): > > > > The Earthlink DSL modem (Westell) is followed by an Ethernet (unmanaged} > > switch. > > You would want to put your router in between these. If you can > arrange a third network interface on the router, you could > connect the WiFi hotspot to the router, as well. > > > I see managed 5-port gigabit switches on eBay starting at a little under > > $30, and I'd like to stay close to that as a budget (i.e., ~$60 for 2). > > Of course, if a more featureful switch can monitor the data flows to > > each device from that (central) location, I could spend that ~$60 for > > the more featureful switch). (But there is some value to me to have two > > managed switches such that one would serve as a spare for the central > > one even if being used at other locations for monitoring.) > > > > Advice / comments / recommendations? > > That seems an unlikely price point, even for used equipment on > ebay. And managed switches usually have a minimum of 12 ports, > not 5. (12, 16, 24, 32 and 48 are all common) > > I would recommend putting in a Debian box between the DSL modem > and the ethernet switch. You will need to learn a little about > routing and IP masquerading / NAT, and you will want to set up > firewalling with iptables. > > You can look at traffic in realtime with iftop, which will show > you graphs of the top users by IP address or domain name and > where they are connecting. > > You can set individual traffic counters per IP address or per > service or both with iptables. > > What you won't get is flow information between local devices, > but as I understand it you are more concerned about traffic > in/out to the Internet at large. > > If you set fq_codel as the queue discipline on the interfaces > to the router, you will probably solve most of your traffic > interference problems without mucking with QoS. > > -dsr-
Re: Advice / recommendations on Inexpensive Managed Ethernet Switches
On Thu, Feb 02, 2017 at 11:19:59AM -0500, rhkra...@gmail.com wrote: > Aside: I am actually gobsmacked (I don't think I've ever been gobsmacked > before ;-)--in a week of monitoring, we (my son and I, but with my son gone 8 > to 12 hours a day) are downloading 1.5 to 4 GB *per day* (and uploading 100 > to > 300 MB *per day*). > > Anyway, I want to try to figure out where all this data is going to and > coming > from, at least in terms of the devices we have on our LAN (I'll discuss those > below), so I'm thinking that a(n inexpensive) managed (Ethernet) switch or > two > (discussed below) might help me do that. I think you actually want a smart router. A Debian box with two or more network interfaces can be such a thing. > One thing I want to do is implement QOS--we have two ObiHai VOIP devices > (which we use pretty rarely, but still want to keep--they might be used for 4 > calls / 10 to 30 minutes a week). Sometimes the conversation gets pretty > choppy, probably depending on what my son is doing at the time (I mean, like > watching a video or something), so I'm hoping that QOS would improve that > (assuming the packets from the ObiHai device can be recognized--I would think > they can based on their (private / on the LAN) IP addresses. A router can do that better than a switch can. > Like I mentioned above, the other thing I want to do is start monitoring (at > least on an occasional / diagnostic basis) the bandwidth used by each device. > Depending on exactly what you want, either a switch or a router can help here. > Layout of the network (for background): > > The Earthlink DSL modem (Westell) is followed by an Ethernet (unmanaged} > switch. You would want to put your router in between these. If you can arrange a third network interface on the router, you could connect the WiFi hotspot to the router, as well. > I see managed 5-port gigabit switches on eBay starting at a little under $30, > and I'd like to stay close to that as a budget (i.e., ~$60 for 2). Of > course, > if a more featureful switch can monitor the data flows to each device from > that > (central) location, I could spend that ~$60 for the more featureful switch). > (But there is some value to me to have two managed switches such that one > would serve as a spare for the central one even if being used at other > locations for monitoring.) > > Advice / comments / recommendations? That seems an unlikely price point, even for used equipment on ebay. And managed switches usually have a minimum of 12 ports, not 5. (12, 16, 24, 32 and 48 are all common) I would recommend putting in a Debian box between the DSL modem and the ethernet switch. You will need to learn a little about routing and IP masquerading / NAT, and you will want to set up firewalling with iptables. You can look at traffic in realtime with iftop, which will show you graphs of the top users by IP address or domain name and where they are connecting. You can set individual traffic counters per IP address or per service or both with iptables. What you won't get is flow information between local devices, but as I understand it you are more concerned about traffic in/out to the Internet at large. If you set fq_codel as the queue discipline on the interfaces to the router, you will probably solve most of your traffic interference problems without mucking with QoS. -dsr-
