[svlug] bandwidth for SOHO with ~25 users?

[Luke S Crawford]

"Joachim Rosenfeld" <joerosenfeld at gmail.com> writes:

> I recently inherited a SOHO network as part of a production sysadmin
> gig.
> 
> Basic problem: our network is slow...
> 
> We have 2 T1s out to the public Internet and a point to point T1 going
> straight to our colo.
> 
> The T1 going to the colo is almost never utilized, the 2 T1s for the
> office is almost always saturated during the day.

Your users are doing more than 'just surfing' if they are using 3Mbps
most of the time.

2 ways to solve this problem. 

1. get more bandwidth.  

If you get rid of the 2 T1s to the Internet, and replace them
with, say 4 or 6 DSL lines (from at least 2 different providers, and keeping
the line to your co-lo as an 'emergency backup') you will have a lot more 
bandwidth, at a much lower cost.  

(splitting the users up amongst the DSL lines can be done many different 
ways.  An interesting discussion in and of itself, but it's pretty easy
if you only want to balance traffic that originates locally.  Balancing 
externally originated connections, on the other hand, is much more difficult, 
unless dns is fast enough for you.) 

2. keep your users from downloading crap.  This is easy enough to do
if you have a grumpy admin standing by that can see where the traffic is 
coming from.    Just walk over to the offending desk and growl a bit.
If the SysAdmin isn't sufficiently grumpy, the boss can do it.  Either way,
if you properly apply the pressure, it is a viable solution. 

(sometimes downloading crap is part of the job, but usually that much 
bandwidth means someone is using 'Internet radio' or watching youtube
videos, etc...  Not to say it's bad, just that you can't do it if you 
want to run the office off bandwidth that costs what it does over a T1.)

The best option, if you have the routing brains available, is to do both,
keep a T1, and buy a few DSL lines.  Do policy routing at the nat that
sends important traffic down the T1 and other crap down the DSL lines.  


> For those of you that admin office networks, how much bandwidth do you
> have?

I don't at the moment;  last time I did, ~2 years ago, we had 4 T1 lines for 
around 50 people, but the office was entirely VoIP, and most of those
people were phone support.  We heavily prioritized the VoIP packets, and if 
we neared saturation, we'd figure out who was doing it and make them stop,
as a matter of policy.

Before that we did the multiple DSL lines thing... but we balanced in the 
dhcp.conf file (sending some users to one gateway, some to the other)   
dead simple-  too simple of a setup to send our VoIP packets down the T1 line.

Also, setting up a Squid server helps a lot when it comes to perceived latency,
even if it's not going to save you that much bandwidth.   If you are a
webdev shop, it also encourages your developers to use proper cache headers,
which is a big win if you want to put a squid server in front of your actual
servers.  
 
(most of your bandwidth is probably used by streaming media, which probably
isn't going to be cached, so the bandwidth savings will be minimal, but
popular pages will load in an eyeblink, so the impression of 'the Internet
is broken' will be greatly diminished.)  

prioritizing tcp/80 also usually helps some, because much of the bulk download
junk (youtube, Internet radio)  runs on different ports.