LAN bandwidth utilisation metrics

NachT · 17 Dec 2018 at 21:58

Hey all =]

I'm going through a bit of a metrics phase at the moment, and thought I'd post here before going off doing my own thing.

What I'm after is a solution that will:
- Display the bandwidth utilisation of each device on my network.
- The metrics provided would have to be granular, i.e. I can see how much bandwidth each device used right down to the day of a month.
- Be able to distinguish between the LAN and WAN bandwidth (WAN traffic is what I'm really after)

Bonus points for:
- Checking number of unique connections made over a day/week/month
- Most common port used
- Most common remote connection, and how much bandwidth to said host.

At the moment, the best solution I'm currently thinking of involves a PfSense gateway to route all the traffic on the LAN through, then somehow capture that data to be display within something like Grafana/Chronograf. I 'could' potentially use Telegraf on the gateway itself, but I'm really not sure it would capture each unique device on the network.. just the NIC as a whole (I'm assuming).

So if anyone has anything similar to the above in place, I'd really much appreciate any feedback =]

NachT · 17 Dec 2018 at 22:01

Oh, just in case it helps. My current network layout is a Ubiquity Switch, and a Ubiquity AP. The gateway on my network at the moment is the ISP provided BT Home Hub (wireless and DHCP disabled)

Rainmaker · 17 Dec 2018 at 23:26

A USG will give you some pretty graphs (including traffic stats, client stats etc) in your controller dashboard. If you go the *sense route, use OPNsense instead. It's functionally almost identical to pfSense, but built on Hardened BSD instead. It uses netflow for traffic stats, which is much prettier, easier to work with, and is set up out of the box (you just need to enable it).

bledd · 18 Dec 2018 at 07:58

So you have no DHCP server?

NachT · 18 Dec 2018 at 13:42

Thanks for that suggestion Rain, OPNSense looks pretty neat! I'll spin one up and give it a whirl =]

One of my Linux boxes handles DHCP (Planning on migrating to Windows DHCP once I get my head around it and IPv6).

PaulCa · 18 Dec 2018 at 13:42

https://www.cacti.net/

Ev0 · 22 Dec 2018 at 21:18

If you have netflow data to work with then there’s software out there you can use to collect and analyse that (the free versions of stuff like Splunk, QRadar etc).

Bonus with those is you can send any other data you want to them to play about with as well.

Probably overkill compared to what you can already likely get from the Ubiquiti dashboards and/or pfsense or the like

Steveocee · 22 Dec 2018 at 21:23

You're already ankle deep into the UBNT world so a USG would be a very natural and sensible choice. USG3 if you have basic DSL or USG Pro4 of you have connection over 100Mb and you want all the features enabled and still get line rate.

bledd · 23 Dec 2018 at 09:07

You can use a VM like Observium with it too.

Overkill for home, but you've asked.