PDA

View Full Version : Networking Nightmare - HELP!!!


Alpha Geeks, LLC
06-14-2009, 09:23 PM
Hello All,

After lurking for quite a while I decided to join the forums and pose a question to the throbbing brain (all of you in case you didn't get it).

I have recently taken over a networking nightmare of a job. Here is what I inherited:

A local business has a single owner (not corporate) and he lets his employees bring in their own personal laptops and hook them up to the "network". The reason network is in " " is because I use it in the loosest sense of the word. It is a peer-to-peer network, with no server present in the building. The owner refuses to get a server. The computers are in various workgroups, and they are not using them for file sharing, just basically internet access. There are two bizhub printers on the network, and they are both installed on all of the systems.

Oh by the way did I mention that with the employees bringing in their own laptops the total number of computers ranges anywhere from 20-30 on a daily basis. A nice mixture of Macs, XP (pro and home), and Vista.

They do have business class broadband provided by Road Runner. Also provided by RR is the all-in-one modem, router, gateway. This runs to a 16-port Netgear switch which powers a Linksys WRT54G router with DHCP turned off so it is acting as a wireless access point only. At any given time 15-25ish computers are connecting via a wireless connection.

As you can well imagine the network overhead is staggering. At any given time you have people trying to print to the bizhubs, each person has multiple internet windows open along with IM clients and email apps left open. The majority of the network requests are being funneled through the Linksys WRT54G which makes for a VERY VERY slow network. Most days the Linksys and the aio modem/router/gateway need to be power-cycled multiple times.

Keep in mind that the owner refuses to pop for a server. I, and many other previous companies that have helped him, have all told him that a server based network is the way to go. So please don't preach to the choir about what he needs to do - I know what he needs to do, but he simply won't do it. We are stuck working with the "network" the way it is.

So my questions are these:

What can be done to reduce the overall network traffic to improve network speed?
What is the best utility to monitor network traffic in a peer-to-peer network?
Would adding another access point or two alleviate some of the bottlenecking and network slowness - essentially segmenting some of the computers by making them connect only to a certain ap when in the building?


Any other suggestions would be appreciated. Please keep in mind I do understand the need for a server and a business class router, but I will not get those things. We are working with what we have.

Thanks for your time!

seedubya
06-14-2009, 09:39 PM
Hi Tom, welcome to Technibble.

I sympathise with your situation. It's awkward and your customer is obviously an idiot. The bottom line however doesn't change. This network desperately needs improved infrastructure and wishing it ain't so won't make it not so. You need to wire it and put in a gigabit switch. Forget wireless entirely. Any other solution is just botching.

Think about it. ACTUAL throughput on a 802.11g network is likely to be in the region of 25 to 30 Mbps. Creating wireless subnets may help but still can't substitute for proper cabling. On top of that the router, which is your gateway to the world is choking because of the sheer numbers of connections it is being forced to make. Even if you cable properly it will still choke because of it's inbuilt limitations. You need a Cisco in there.

Having dealt with similar ignorance/penny-pinching/stupidity in the past I've always found the best solution is to walk away.

On

anonymous Mac Tech
06-14-2009, 10:03 PM
Hello All,

After lurking for quite a while I decided to join the forums and pose a question to the throbbing brain (all of you in case you didn't get it).

Please keep in mind I do understand the need for a server and a business class router, but I will not get those things. We are working with what we have.

Thanks for your time!

Welcome to the forums! I'd convey to the owner its hard to put a band-aid on a bullet wound. Tell him you are still available to come clean the machines of the inevitable malware that will continue on the plague network with the "employee bring in their personal laptop free for all" and leave it at that.

Alpha Geeks, LLC
06-14-2009, 10:50 PM
Tell him you are still available to come clean the machines of the inevitable malware that will continue on the plague network with the "employee bring in their personal laptop free for all" and leave it at that.

Actually the maintenance contract that we do have with them is for one year, and it covers 23 systems for maintenance and support (including the personal systems they are bringing in). The network is not covered in any way, shape, or form other than something like "I cannot print to the bizhub", etc.

We are using Kaseya through Virtual Administrator and I have met with all of the individuals that are bringing in their systems. They do know that while we do not monitor websites that they visit, we do monitor for and remove dangerous software from their systems like KaZaa, LimeWire, etc. We push out their MS and other patches (Adobe, Flash, etc) through Kaseya on a monthly basis as well as provide antivirus/antispyware, data backup, and a ticketing system (help desk) for all managed systems.

The first 8 systems I touched had NO antivirus/antispyware installed and a couple of the systems were loaded with spyware. A simple install of Webroot Antivirus with Antispyware or Sunbelt's Vipre takes about 25 minutes just to download the definitions. After the first 2 or 3 systems I decided to take the balance of the computers back to the shop with me in batches of 2-4 at a time, having them back to the owner's in 24 hours. The updates, cleaning, and AV/AS installs went WAY faster that way.

It's been about a month since the contract started and we are in maintenance mode now. I get about 2 support tickets a week from this business and the requests are for pretty small stuff.

I was just wondering about the network stuff and what, if anything can be done to improve performance. On the positive side, I do charge for any network related troubleshooting as that is not included in our maintenance contract!

Thanks so far for the quick replies. I am just looking to see if there is some solution out there that I did not think of.

purple_minion
06-14-2009, 11:31 PM
I am not experienced with business clients however I am curious why they don't want a server? Perhaps you can alleviate their issues/fear. Also pitch it to him as being cheaper in the long run then you coming in and fixing things left and right. (Perhaps bad for you?)

Could you sell them an older computer for Untangle, endian, ebox, etc. If you use untangle as a gateway you can filter out all the non work related items like IM, websites, limewire, kazaa, etc. which should definitely cut down on network traffic.

seedubya
06-14-2009, 11:35 PM
Could you sell them an older computer for Untangle

Nice idea purple_minion. I should have thought of this considering I have Untangle boxes installed in a number of my customers premises. I just don't ever use it as a method of reducing network overhead only to stop employees wasting time or being plagued by spam.

SOHO-NZ
06-15-2009, 12:02 AM
Hello All,


Would adding another access point or two alleviate some of the bottlenecking and network slowness - essentially segmenting some of the computers by making them connect only to a certain ap when in the building?
[/LIST]



This would probably be the first thing I would tackle. IIRC the instructor on the D-Link Certification course recommended a maximum or around 6 users per 54g Access point.

What is causing the need to reboot the main router? Does connection drop out? Does the DHCP server stop giving out addresses? Does it fail to route traffic?

I don't know why you'd suggest they need a server, if they aren't sharing any files. If all they need is access to the internet and printing, then their network topology is fine. They might just need more capable networking equipment. I expect their broadband router isn't capable of handling traffic from that many clients. (many have limitations in their NAT tables). A decent router or Untangle box should improve this.

Edit - Ok, a server would centralise their data files, and make for easy backups, so there are some benefits with that amount of users - but it isn't going to fix slow network or internet performance.

krutoi
06-15-2009, 01:34 AM
Nice idea purple_minion. I should have thought of this considering I have Untangle boxes installed in a number of my customers premises.

Surfing their site now - this looks like a pretty decent product. Have you used the PC Remote plugin at all?

seedubya
06-15-2009, 02:21 AM
Have you used the PC Remote plugin at all?

Haven't even tried it TBH.

@ncient geek
06-15-2009, 07:19 AM
What you are looking at as actually a typical problem of a public WiFi network. The last thing you would wish to install is a server. It would make things much more complex.

I would solve this in a few very basic steps :

- find the maximum stable DSL throughput (test this on a busy day and over several hours). Divide this throughput by the maximum number of connected computers. If the resulting number is too small (less than 256 kbs) you will need multi-WAN, there is no way around it.

- calculate the number of access points by dividing the maximum stable UPLOAD throughput (in many cases DSL is actually asymetric, ADSL, and this speed is MUCH lower than download). You need at the very least 128 kbs per user.
Get rid of the Linksys WRT54G, this is a residential AP and not acceptable for professional services. You may want to look at the D-Link 3200 or 3260 models which are quite cheap and do a rather good job in this type of situation.

You will then find that for e.g. thirty users you will need 4 or more access points. You will need to load balance these access points either through the router (Cisco) or through the access points themselves (static IPs or low ranges of DHCP).

For the printing problem you will probably have to get a level 2/3 switch and separate the network access, or a high-end print server.

Alpha Geeks, LLC
06-16-2009, 09:59 PM
Thanks to all who took the time to review the situation and post a reply!

Purple Minion - I never thought of Untangle as a solution here. I will give it a try, maybe not in this situation though, but it definitely warrants a closer look.

@ncient geek - thanks for the well thought out answer. I am glad to see something more than "yeah, just pop in a couple more access points". :)

Based on the great responses from everyone I am very glad that I stopped lurking and jumped in!

Thanks again,

gambit
09-21-2009, 11:54 AM
Re: the spyware issue - does the administrator account have a password? a known password? Some spyware is now replicating by trying to using the admin credential with a blank or well-known password. This allows the spyware to replicate with authority.

Be sure all local and domain admin accounts have a strong password.

We just came in after another reseller who was battling spyware for months. A simple change of the admin credentials stopped everything.

We also use Kaseya from Cloud Services Depot to monitor everything.

I also had a similar bandwidth issue at another site, but could never figure out the issue. After using NOC services (from Cloud Services Depot) they fixed something and the issue is completely gone. I'd recommend it for business clients that hard to manage:

http://www.cloudservicesdepot.com/Services/NOC