0

We have a 10Mbps (synchronous) connection with our ISP. Recently we have discovered that if a single user is watching Netflix, or if I run Windows Update on a PC, we will totally saturate that 10Mbps and the rest of the users in the company (~200 at this location) suffer very poor internet speed.

Our current firewalls are Fortigates but we're in the process of migrating to Watchguard. That being said, we haven't noticed this being an issue except for in the last few weeks, but we can't imagine what would have changed, and if we run the same sort of traffic through the Watchguard, the same issue crops up (we thought maybe the aging Fortigate was to blame).

Is this something that we should be talking to the ISP about? Is this something we should be controlling with our firewalls?

NaOH
  • 411
  • 2
  • 10
  • 19
  • Having 200 people share a 10 Mbps connection doesn't sound like a great idea. That is a lower speed than a typical residential broadband connection. The average speed available to each of those users is only 50Kbps. That's less bandwidth than a dial up connection could provide a couple of decades ago. – kasperd Feb 18 '15 at 23:06
  • But ordinarily it's not a problem, and certainly the ISP hasn't suggested that that's way too little bandwidth. – NaOH Feb 18 '15 at 23:07
  • 2
    Sounds like some traffic shaping is in order. – EEAA Feb 18 '15 at 23:40
  • 1
    I also recommend WSUS for the Windows updates. – Katherine Villyard Feb 18 '15 at 23:43
  • A 10 Megabit/second connection can do about 1.25 MegaBytes / second, or 1280 KiloBytes/second. NetFlix states ( https://help.netflix.com/en/node/87 ) that a standard definition stream takes 1GB per hour, which is 291 KiloBytes/second; a HD one takes three times that ~870Kilobytes/second, and an Ultra HD one as much as seven times which would max out your connection. And the 'auto' setting "the highest possible quality, based on your current Internet connection speed". Is there any chance that what's changed is them going from low quality to high or auto? – TessellatingHeckler May 27 '15 at 05:41

2 Answers2

0

I had a problem with my co.'s 20Mbit conection, shared between 25 people, that sounds similar. The ISP gave us an Ethernet connection from the MPOE, which we plugged right in_to the firewall, no router. That worked great for 18 months, then suddenly not very well. The connection would slow, to as little as 100Kps, then eventually recover for a while. The ISP told us we were regularly maxing out our bandwidth, where once we hit 95% of cap they would start to drop return packets. They said the solution was to put a router in place that could do traffic shaping, or any device that could limit the connection speed. The problem disappeared after about million phone calls, I believe the ISP put a traffic shaping rule on thier end , that must have been there originally but disappeared. The long term solution is supposed to be a managed router from the ISP. A couple of further notes-- if you use testing sites like speedtest.net, you will only aggravate the problem, since those work by maxing out your bandwidth. The ISP provided an FTP site I could do uploads and downloads with, I made some 50 &100 MB "lorem ipsum" files, uploaded those and a small Linux .iso, then wrote a script using wget to output speed values into text files that I could check on with another script.

Haggisbreath
  • 51
  • 3
0

What is a company user doing watching Netflix anyway!

But seriously, this is not the kind of question where one can give you a definite answer as it depends largely what you want to do, what you consider valuable, what improves the business, etc.

However, there are a few points worth noting here that can help you make your own decisions:

  1. As pointed out by @kasperd, 10Mb for 200 people is not all that much - if these 200 people use the internet for important business related functions. If it is only to pull up emails, then that would be enough. If it is only for some casual browsing, then it would be enough.

  2. 200 users would, we think, mean 200+ stations and servers. WSUS is key here. You set up a box with WSUS, you'll download the updates once. And you won't download all Windows updates, only the recent ones that you don't have.

  3. Traffic shaping and controlling is key. Is watching Netflix valuable to your company? If so, then you prioritize this traffic. If not valuable but wanted, then you lower it. If not wanted, then you block it. While 10Mb line isn't a huge line, it does not mean that it's properly used. Before upgrading, you want to make sure what you pay for is properly used for true business needs. You would do this with some router/firewall/appliances - the kind depends largely in the size of your business, what you currently use and what you are willing to learn.

  4. Upgrade your bandwidth. I hope you don't pay more than $50 for that line (ok frankly I don't know the going rates but generally you can get business class 100Mb fiber lines for not much).

  5. Should you talk to your ISP about this? Sure, you can. But if you are simply maxing out your line, then they most likely will tell you to get a bigger line.

  6. Do make sure however that you have a good line. 10Mb is one metric, but what's the latency? That's another factor.

  7. Check for other devices that may cause trouble. Seen more than once where there is an old hub or dinky switch on the line somewhere that is creating packet storms or is simply unable to handle the amount of traffic going through it and you find it on a core part of the network!

ETL
  • 6,513
  • 1
  • 28
  • 48