Cleverly control vswitches to guard against excessive bandwidth consumption

The Enterprise LAN uses 2 Mbps broadband for direct Internet access, and a broadband "cat" is used for dialing. The bandwidth "cat" is connected to a real-name router device, at the same time, there is an eight-port 10 Mbit/s switch and a 16-port bit/s Switch Under the router. Some LAN workstation IP addresses are manually assigned static addresses, some are automatically obtained from the lan dhcp server, and the LAN workstation can normally access content in the Internet, however, there has been an unexpected phenomenon in the LAN recently, that is, after the workstation has been surfing the internet for a period of time, the website cannot be opened, after restarting the broadband "cat" device, the webpage content can be normally opened. However, after a short time, the webpage cannot be opened.

Later, according to various parties, many employees in the Organization installed and used the BT download software on their workstation. When multiple employees simultaneously used BT for information download during work hours, then the LAN workstation will be unable to accept the receipt. What measures should we take to effectively cope with this problem?

　　Symptom Analysis: P2P software occupies Resources

When the workstation fails to open the webpage, restart the broadband "cat" device to eliminate this phenomenon, after a period of time, the workstation will fail to receive data information. This means that the physical connection of the LAN is correct. In other words, the working status of each network device is normal, the network cable is also in the normal connection status. However, when many employees use P2P software such as BT to download information after work, these multi-threaded download programs often consume huge bandwidth resources, when other workstation users attempt to access the webpage content again, they will not be able to obtain valid bandwidth resources. In this way, the webpage cannot be opened.

　　Countermeasure: Switch Port bandwidth control

The above fault is caused by excessive bandwidth consumption on the LAN. To effectively avoid this problem, we must find a way to prevent workstation users from using download software such as P2P to download information, at the same time, you need to divide the LAN with a large number of workstations into several smaller virtual subnets, and limit the egress bandwidth resources of each subnet, to minimize the impact of personal Internet access on the overall performance of the LAN. To achieve the above control purpose, we don't need to spend too much effort at all. We just need to set up the switch function to control the switch in a targeted manner.

This is not the case. In order to control the Internet access of the LAN of the Organization, I suggest that the Organization purchase a switch that can be managed and controlled, for example, the author only spent a few hundred dollars to buy a TP-LINK brand of the TL-R418 switch, directly with this type of switch to replace the previous use of real-name router equipment, then, through the various control functions of the switch, we can easily limit the excessive consumption of network bandwidth resources.

Considering that the number of ports in the switch of the TL-R418 model is large, and the use of different ports is also different, it is very important to find out the role of each port. The vswitch mainly includes a console control port used to configure Internet access parameters, two RJ45 ports connected to the external network, and four RJ45 ports connected to the internal network, both the Intranet and Internet ports belong to the 10/100 Mbit/s adaptive port. After understanding the role of each port, we can now connect the broadband "cat" to the Internet port of the TL-R418 switch, then, connect the eight-port 10 Mbit/s switch and the 16-port 100bit/s switch to the two Intranet ports of the TL-R418 switch.

After the physical connection is completed, we can now go to the vswitch background configuration page through the Console port and find the virtual subnet division settings option, this function is used to set the ports connected to the 8-port 10 Mbit/s switch and the 16-port bit/s switch to two different VLANs, in this way, the LAN with a large number of workstations will be divided into several smaller virtual subnets, and the mutual influence between workstations in different subnets is very small.

To prevent workstation from using download software such as BT to overconsume network bandwidth resources, we can go to the background configuration interface of the TL-R418 switch, find the "port bandwidth control" setting options, this option is used to set the port bandwidth of the 10 Mbit/s switch with eight ports and the bit/s switch with 16 ports to an appropriate value, in this way, even if the workstation uses download software such as BT, we do not have to worry that the egress Bandwidth Resources of the entire LAN will be exhausted. Of course, if multiple workstations in a subnet use download software such as BT at the same time, it will affect access to other workstations in the subnet, in severe cases, it is easy to see that the workstation cannot open the webpage. To avoid this phenomenon, we can cleverly use the "Prevent Users From using P2P" function of the switch, to prevent the workstation connected to the vswitch from using the multi-thread download program at will to overconsume the egress Bandwidth Resources of the subnet. However, the general perception that a vswitch limits the bandwidth is a mechanical method, because when the overall bandwidth is restricted, your normal business flow may also be limited, therefore, in the future, the development direction of vswitches should be to distinguish all P2P data streams and filter them out, while no bandwidth restrictions are imposed on non-P2P business flows. This is more targeted and user-friendly; there are also some network management systems in China. For example, jusheng network management is based on this method, and the effect is good. For customers who need precise bandwidth management, refer.

I believe that, under the effects of the above control measures, the egress Bandwidth Resources of the LAN will be effectively protected, and the bandwidth resources will no longer be available when the workstation accesses the internet, then the webpage content can be opened smoothly.

　　Tip: Test local bandwidth resources

When broadband is used to surf the Internet, if the actual speed of the Internet connection is significantly different from the theoretical bandwidth speed provided by the local ISP service provider, we can use the following convenient method to test the local bandwidth resources: First open IE browser, enter the http://www.linkwan.com/gb address in the address bar, click the Enter key to open the world network site page, click the navigation bar to go to the online test channel, then we can see from the web page that the website provides us with three testing services: bandwidth testing, web page testing, and route tracing. Select the bandwidth Test Service, and then select your location in the "test point list". Then we can see the specific test results.