A Leecher in my network

[StartRestart]

UPDATED: I have won! see later post

At various times throughout the day I notice our network (6guys) slow down, and quite a bit so(600-800ms to google). I can go downstairs and unplug this 1 kid's ethernet cable and go back to a 67ms ping..
We're using a Netgear WGR614v6 fully updated (wireless with 4 ethernet jacks essentially).
Using Charter's 5Mbps service.

After looking around and doing some research I found something about Quality of Service (QoS) features on some routers that would, if i understand this, throttle the internet on any of the computers connected to the router. (?)

No one here has any idea about routers or logging in.. so they won't ever know about it.

The kid is a terd whenever I confront him about what he's doing, so I dont bother. I'm afraid Charter is gonna get mad at us because of our usage, and I'm getting sick of the ridiculous lag from his use.

:clock:
tldr; There's a leecher on my network of 6 people, i know which hardwire it is in the router and pulling it makes the network lag-free.. Can I buy a new router that has a nice QoS feature and limit his bandwidth? or what would you suggest, I'm the only computer-savvy person in this household, noone else really games or notices the enormous lag spike he causes.

 

[StartRestart]

here's a quick screenshot of my router's statistics which i don't think are normal.. at the moment of this picture there are 3 computers connected to the router (1 being the naughty kid);
http://img145.imageshack.us/my...?image=midnighted7.jpg

Computer1 is me, nothing but the router open
Computer2 is my friend's computer with nothing but Pidgin(Instant Messenger) running.
Computer3 is the leecher.
ping www.google.com averages 822ms

 

[QuixoticOne]

Yep, sounds like you need a good QOS setup.

There's nothing really wrong with someone using the bandwidth the ISP provides.. they sell it at 'unlimited' in a lot of cases, and so you might as well use whatever meets your needs barring a specifically disclosed cap/limit. QOS should speed up your interactive browsing / etc. traffic at the expense of P2P. It is a little more tricky when you have multiple people using multiple heavy network use applications at once like VOIP + Video streaming + FPS Gaming + P2P since it is difficult to figure out what applications to give what prioritization to. In such a case about all that can be done is fairly share the overall bandwidth among all the competing users; if you tweak QOS rules enough you can probably priortize heavy use application 1 over heavy use application 2 though.

If you have a spare PC that can often be turned into a standalone QOS router that will in some ways give you more advanced capabilities over the QOS in routers. If your router supports DD-WRT that will give you some better QOS capabilities too, but still not as much as a full QOS router / firewall dedicated PC. Then again a PC probably costs like $10+/month in electricity to run.

 

[StartRestart]

So, to help my understanding, QOS is setup on certain ports for a defined IPaddress? And i have to know exactly which ports he's using to throttle? If that's the case, what would be bad about throttling all ports than... they don't do anything on their laptops besides word/music/videos, nothing that would benefit from a flawless connection (games).

 

[QuixoticOne]

Well you CAN control QOS via port number or protocol (TCP, UDP, ...), or IP address.
You don't have to.

QOS in its simplest form only fully effectively controls what your network SENDS OUT to the internet. You can directly / completely control that. You can't totally predict/control what data some other machine sends to your IP address and once you receive that data you can either deliver it or block it / discard it like a firewall would. Sometimes you can do things like delaying incoming data or sending out congestion alerts to the senders of the incoming data but usually this is not done and is instead handled by the applications that are the actual recipients of those incoming packets. Sometimes you can randomly or less randomly intentionally drop packets for no particular reason but again this is a pretty advanced technique that isn't usually done in simple setups.

Some of the simplest yet most effective things you can do with QOS are:
a) prioritize SMALL size packets over BIG ones -- this lets a lot of things become much more responsive because things like ACKs, DNS queries, telnet / ssh, simple HTTP requests, et. al. all go out in front of traffic that is doing things like file uploads and stuff.

b) implement some kind of fair / round robin queueing where based on your IP address or whatever you get an equal chance to send data out. So if machines A,B,C,D,E all had data to send, it'd send one packet from A, one packet from B, one packet from C, ... etc. then go back around again. This helps ensure that limited bandwidth is fairly shared.

c) prioritize certain protocols via protocol type and PORT number over others, so known IM clients, web browsers, skype, etc. are priority over P2P / FTP.

Basically with some combination of those simple rules a lot of the problems are solved. In more advanced configurations you can even define explicit bandwidth limits by IP address / MAC address / port / protocol or whatever and it can actually just drop packets that are over the bandwidth limit. Usually though this is rather extreme and what one does is define a pool of all available bandwidth and one just prioritizes users / protocols to some extend and then does fair sharing to ensure that within a given priority class everyone's traffic is fairly using all available bandwidth. So if nobody else is using bandwidth any one person / protocol can potentially use everything, but once other users start making use of the BW then it shares more appropriately among the current actual users.

Originally posted by: StartRestart
So, to help my understanding, QOS is setup on certain ports for a defined IPaddress? And i have to know exactly which ports he's using to throttle? If that's the case, what would be bad about throttling all ports than... they don't do anything on their laptops besides word/music/videos, nothing that would benefit from a flawless connection (games).

 

[Genx87]

Well that sucks he is a douchebag about it. I had a roomate in college who used some P2P program that brought our DSL line to its knee's. I would simply unplug the thing over and over and he would give up. Everytime he would come up asking why he lost his connection and I would play stupid.

Another option besides QOS is to simply kick him off all together. Tell him if he wants to leech, get his own line.

 

[JackMDS]

http://www.dd-wrt.com/wiki/index.php/Quality_of_Service

 

[StartRestart]

Thanks for the information and help, I'm going to get a better router and try my best to hurt his connection!

 

[mooseracing]

Setup service so the 3 of you each get 33% of the bandwidth when it is maxed, but all available if not being used. That way it is shared evenly.

 

[Tbirdkid]

Well, if you have full control over it, put in a web sense box and be done with it...

 

[Nuwave]

On a WRT54G you can enable QoS based on physical Ethernet port.

Not only will it slow down his p2p when you are online, it will slow down everything he does on the internet. A little bit of payback. However if no one else is using the internet, he should have full use of the bandwidth. I really see nothing wrong with that.

Let us know what you end up doing.

Link>Screenshot of QoS options of a WRT54G Ethernet Port Priority.

http://i39.photobucket.com/alb...Deathor2/Other/QoS.jpg

 

[Baked]

I love QoS! I used this guide to setup program priorities on my Linksys WRT54GL w/ DD-WRT firmware. Make sure the model # is WRT54GL or else the DD-WRT firmware won't work.

 

[Jeff7181]

Or just get everyone together who uses the Internet and say "Hey, we all pay the same amount but some of us use more than our fair share, which hurts the rest of us. I propose we all chip in for this router that uses Quality of Service to prevent one person's activity on the network from degrading the performance for everyone."

Or you could go the immature route and cut the insulation off a section of the CAT5 cable and untwist the pairs going to his computer so it's not possible for him to exceed 2 or 3 Mbit, even on the LAN.

 

[cmetz]

I have found that diagonal cutters are often a highly effective form of quality of service enforcement. (Technically, this would be considered "policing" )

 

[StartRestart]

UPDATE: wrt54g installed with dd-wrt, locked away in my custom lockbox..
http://img72.imageshack.us/my.php?image=dsc00673wo5.jpg
http://img408.imageshack.us/my...?image=dsc00672xg5.jpg

ethernet cables are untouchable, router is untouchable, wireless still works throughout whole house (3floors up from basement). I have the firmware filtering big upload packets, and other assorted p2p plausible data on the MAC of the violating computer. At the click of a button I can Deny internet and they won't suspect much because windows still says they're connected to their functioning router

THANKS!
we have sapped a 9GB/day P2P user (no joke i logged it before filtering him to hell)

 

[Baked]

LOL, nice lockbox.

 

[JackMDS]

It probably works because it is in the basement and the signal needs to go up, the Metal box acts as a reflector to create upward emission. :thumbsup:

I do not know if you planned it this way (i.e. you really know how wireless transmission works) or it a lucky coincidence.

 

[StartRestart]

haha lucky coincidence, good to know though! I made the box out of an old CashBox while waiting for the router to arrive, took a case fan and made it exhaust on top and an old CPU fan for intake on the side.. probably overkill because the router NEVER gets even remotely warm.

 

[MadAmos]

I love it :laugh:

 

[tweekah]

That's a good job :beer:

 

[0roo0roo]

qos settings in ddwrt or tomato work great. either for setting priority for specific traffic, or just nerfing a whole port or ip
simplest solution would be to mark his portor ip as bulk lol