Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 27 subscribers
  • Views 3616 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bandwidth Saturated - Can't find culprit

Global IT

For the last few days my XG has been showing that i've essentially saturated my internet connection. I've tailored some policies and look into the "Live Connections" tab - the numbers don't add up. It's almost like it does not exist.

I have also taken a look into the console with iftop -i. From here, I do see a connection hanging out near the top with a usage of most of my link speed. The URL here relates to my ISP but I am unsure of what exactly - I think I need help tracking down and/or explaining this one connection:

cpe-66-61-170-89.indy.res.rr.com

For reference, my connection is 25/25 Mbps (working on upgrading this) and this is a (relatively) new issue.

 



This thread was automatically locked due to age.
  • 0

    Why not create a firewall rule to allow traffic to this specific IP and put logging on?

     

    Or create a rule to this specific IP and drop it, just to see what happens or breaks?

  • 0 in reply to Daan

    Should have though of that myself...

    I performed a packet capture and turns out this data is all BITS (Microsoft Update) related. I thought I had a policy in place for this and I do, however it does not seem to be working. 

    In the packet capture I am seeing it classified and traffic shaping being correctly applied to it but it's still running at about 22Mbps. Is there something wrong in my policy?

    I checked and the work hours are correct and the time is set correctly on the device

  • 0 in reply to Global IT

    You traffic policy is set at 2560000 KBps, Kilo Bytes per second.

    So this equals 2.56 MBps, Mega Bytes per second. This looks quite consistant with your graph.

     

    2.56 MBps equals a bit less than 21 Mbit/sec, and looking at the fact that you have a 25 Mbit/sec line, you are flirting with the limits of your line.

  • 0 in reply to Daan
    Have another look, that is the default but I've overridden it with a "work hours" (0500-2200) limit of 125 KBps or 1Mbps. Or maybe I am incorrectly understanding this? Thanks
  • 0 in reply to Global IT

    In order to make sure you did not make a mistake in your work hours limit policy, you might want to try to set lower the normal limit for windows updates.

    At least you are able to see if that solves your problem.