Netequalizer FAQ - note that this document is out of date as far as the capabilities of the current selling appliance models. Please visit our sites using the links below to find out about the new versions.

www.apconnections.net

www.netequalizer.com

General Info. 1

Trouble Shooting. 4

Features and Capabilities. 5

General Info

What is the Netequalizer?

Simply put, the Netequalizer works like putting a traffic cop on a freeway interchange to make sure that everybody can get on and off without gridlock, the left turners, the right turners, and the aggressive drivers who would otherwise cut in line, behave much better with a traffic officer making sure that things go smoothly.  The router between the internet and your subnet is an interchange.

 Internally, the Netequalizer operates similar to a packet sniffer; it examines internet data by listening to all traffic on an internet segment, typically a trunk between a group of users and the internet. As each internet packet comes by on the trunk, an arbitrator examines the packet and learns who the packet is going to (what end user).The LINUX arbitrator keeps a small data base of the activity going on over an internet segment, then using a set of predefined rules, it determines what users are using excessive bandwidth.  Data rates to higher end users are temporarily slowed as needed to alleviate congestion.

How does the Netequalizer differ from other similar commercial tools and other tools for Linux?

1)      Most Other tools that we are aware of can only shape or control traffic coming from your network. The Netequalizer influences traffic coming into your network as well as the traffic leaving your network.

2)      The Netequalizer listens to traffic on your network and then makes a decision every ½ second on how to make adjustments to traffic flows. Other tools attempt to dynamically adjust traffic flows with every new packet that is sensed on your network. The Netequalizer methodology allows very low powered inexpensive hardware to handle very large traffic flows. The Netequalizer does sacrifice some accuracy; but since data users are generally concerned with their “experience”, the high price of other equipment to obtain extreme accuracy can rarely be cost justified.

2)      The Netequalizer has an open source component, the lower level technology is public and used by 1000’s of programmers around the world. The momentum behind the open source branch insures that the Netequalizer technology will continue to evolve.

How can I find unbiased testimonials from others using this technology?

The core technology is in open source, just like Linux, MySQL and other products.  It is very easy to get unbiased input.. We suggest using a Google search on “Bandwidth Arbitrator”, and then look over the pages of postings and results for yourself. This kind of information is pure and generally unedited,  see what people are saying and doing with the Bandwidth Arbitrator.

 

Arbitrator

Internet

Router

Firewall

Local Subnet

 Where should you locate the Netequalizer?

Locate the Netequalizer between your network and the internet. Tune the default settings and it will immediately starts relieving congestion.  This “plug and play” ability is the driving vision and design behind the Netequalizer.  Yes there is some “traditional” optional administration features offered, but we cannot stress the importance of the turn key concept.  The creators of the Netequalizer ran a small wireless ISP business in Lafayette Colorado and created the Netequalizer to eliminate costs associated with administering a system to control bandwidth, especially as their business grew.

Who can benefit from this type of product?

Anybody, who purchases bulk internet access and redistributes it to a group of users!

Internet bandwidth is expensive. Most ISP’s (Internet Service Providers) often do not actually have enough bandwidth to meet their peak demands. Most ISP’s purchase their bandwidth from one of the larger internet back-bone companies such as: Level 3, or World Com.  ISP’s like phone companies, rely on the fact that only a small percentage of their customers will be actively using bandwidth at any moment in time. 

Economics dictate that ISP’s perform a juggling act between the cost of bandwidth and the need to promise bandwidth speed to their users. Inevitably, some percentage of end users will attempt large downloads, the net result is all users suffer, even those users who typically do a little e-mail and surf the occasional web page. The Netequalizer prevents lightweight users from suffering poor response at the expense of heavy users. 

 How does the Netequalizer know who is “hogging bandwidth”?

The Netequalizer keeps track of all active users on your network. It keeps a history of how much bandwidth each user is using, how long they have been using it, and how much of your total network capacity is being used. It then applies “intelligent” rules that take all these factors into account. It will slow down the heaviest users as your network becomes more congested.

 What is unique about the Netequalizer Technology?

Almost all internet communications have a client server model where the client is sending requests and the server is sending data. This is true for ftp transfers, streaming video and streaming audio. Even if the client and server are sending UDP packets there is always a client server relationship. It so happens that the slowing or delaying the client requests is a much better way to throttle the data back than slowing or queuing the data coming from the server.  The Netequalizer limits bandwidth by looking at the large user(s) of bandwidth and slowing requests from the client.

This is radically different than the methods employed by WFQ, TOS and other packet shaping tools. It is the only method that allows you some actual control over internet traffic coming into your network.  

The biggest advantage to slowing down client requests is that you get at the source of traffic problems without employing expensive and complex queuing algorithms. Oh and it so far in all the testing and trials it seems to work pretty well!

Does the Netequalizer cause any delay in a network?

The Netequalizer is a layer 7 bridge, what this means is that it can be inserted in any segment of an Ethernet network without introducing enough delay to adversely effect Ethernet packet transmission.

We have noticed that the Netequalizer tends to overlimit the values we have set for our users, is there anything we can do to prevent this from happening?

By reducing the value of the parameter PENALTY_UNIT, overlimiting becomes less pronounced. The faster your network speeds, the more pronounced over limiting will be and a smaller initial value of penalty unit should be used.   Here are some recommended starting values based on the speed you deliver to a customer (Not your trunk speed).

128 kbs   PENALTY_UNIT=15

512 kbs    PENALTY_UNIT =8

1000kbs   PENALTY_UNIT = 4

What does the uplink downlink terminology imply in the plots on the GUI?

The intended terminology for Uplink is data  leaving your network out to the internet cloud, Downlink represents the opposite direction.

Of course if you switch your cables then all is reversed, if you watch the log (selectable from the GUI) it tells you what traffic is coming in and what traffic is going out. Correlating what is reported in the log with a controlled test is the best way to get an understanding of what is up and what is down.

I set a limit on a user to 512kbs; but I see the Netequalizer slowing that user down well below that limit sometimes.

Most likely you have the “default rules” on and they are limiting your users to a tighter bandwidth range than your custom limit. You have several options; we suggest you read the shaping section in the user guide for a complete explanation, here are some tips:

1.      You can turn the default rules off; this will eliminate the most powerful feature of the Netequalizer which is to keep watch on bandwidth abusers, so we only recommend doing this if you are sure you want only custom rules.

2.      You can increase the RATIO parameter to keep the default rules from kicking in until your trunk is busy.  The RATIO parameter tells the Netequalizer at what percent of usage automatic bandwidth throttles can kick in. This is your best bet and allows the default rules to be used as safety when your trunk is full.

3.      You can increase the value of HOGMIN this value tells the Netequalizer not to penalize a connection if it is below a minimum bandwidth threshold. This is an insurance policy against the Netequalizer slowing a user down to unacceptable levels.

I tried to plot the Bearshare utilization from the GUI and I did get any output?

In order to plot Application (Such as Bearshare) usage, you must turn on application shaping for the application you wish to monitor. If you do not wish to actually limit an application, then set the limit field to 100 percent. Application shaping, even when turned on to monitor usage, does impact CPU utilization, so please use this  feature sparingly.

 

We sell bandwidth in service increments, so some users get 128kbs others 256kbs and our premium users get 512kbs service, can we provide this kind of service levels and have them enforced with the Netequalizer?

Yes you can, the Netequalizer does allow bandwidth limits on individual users or subnets.

What can we do during busy hour? Business needs necessitate that we over subscribe our bandwidth capabilities and most of the day we can deliver decent service, but occasionally our trunk gets overloaded.

The Netequalizer has a safety valve that watches over your network called the “default rules” The “default rules” sit around in the background until your trunk becomes 95  percent utilized (this is value is adjustable), then they  kick in and slow down the heaviest bandwidth users. This safety valve is unique to the Netequalizer product, with it in place customer complaints of slow network speeds drop dramatically.

If the default rules slow some users, then how does it help eliminate customer complaints during busy conditions, aren’t some customers still unhappy?

When our safety net kicks in it typically does not affect the types of activities that users notice. Activities such as: e-mail, chat, music streams, web browsing and even voice streams are generally not heavy bandwidth users and are left untouched. The result is these activities get priority and busy hour complaints are greatly reduced. The service quality improvement is immediate!

I noticed that the Netequalizer takes a few seconds to reign in bursts can we disable this?

Yes that is correct, the Netequalizer does take a few seconds to begin to react to changes in bandwidth speeds by design (we document this in our manual).  You can fudge with the quickness that it reacts by increasing PENALTY_UNIT parameter; but then it may overlimit a bit.  There is no way to completely disable this feature.

If the number of customers on your trunk (times their promised bit rate) exceeds your back bone, then that is where the Netequalizer sets itself apart. For a huge majority of users, allowing the occasional burst is not an issue when compared to the value the Netequalizer provides by alleviating gridlock and bandwidth congestion

 

If you truly have a enough backbone to handle your peak customer demands, then perhaps a simpler tool that specializes in keeping bandwidth in a tight range would be better. There are many affordable tools that perform tight bandwidth control; but generally they have little flexibility in other bandwidth shaping areas.

Typically the wisps and ISPs that we work with sell the burstable ability as a "feature".

Some even charge for it. Since the bursts are typically only for a short period of time, all the burst traffic is generally negligible with respect to the load on your network.

Can we save off usage data to our hard drive?

We do make raw data available on the system in the file “/tmp/5sec” (every 5 seconds). Raw system data is dumped into this file. If you are familiar with Linux, you can very easily devise your own mechanism to pull this data off the system. If you’re not comfortable with Linux, then APconnections can arrange to help you for a reasonable consulting fee.

What happens if the Netequalizer fails, will our Network go down?

The Netequalizer takes advantage of a mature feature already built into the Linux operating system called STP (spanning tree protocol). Two Netequalizers placed in parallel will automatically set up a master slave relationship where one server will back the other. Netequalizers come pre-configured to take advantage of this feature.

We have benefited greatly by the way the Netequalizer balances traffic, busy hour complaints are way down; however sometimes our customers hit speed test sites to verify their connection speed and the Netequalizer throttles them back?

Well unless you are one of the fortunate few who really has the bandwidth to back up the promised speed to all you customers all the time you are bound to have to do some explaining sooner or later. We suggest the practice of honesty with your customers, but if that fails then ... To insure that the Netequalizer does not interfere with Bandwidth speed test we suggest you “Mask Off” the common speed test sites. The Netequalizer Mask feature allows you to pass data from selected sites through the Netequalizer without any data throttling

What are the Connection limits and how do they work?

Our connection limit feature is designed to keep a host on your network from making or receiving more than a “set amount” of concurrent connections.

There are many uses for this feature

1)      It offers a solid degree of protection from a variety of attacks on your servers.

2)      It also can be used to slow any of the users on your network from generating attacks

3)      It can be used to reduce the load on your router from p2p applications that tend to generate hundreds of connections when they download files. Many p2p applications will attempt to download from 100’s of sources even for a single file.

How do I access the Netequalizer Content Filters, can they be used to prevent virus’s from entering our network?

In the current releases of the Netequalizer, the content filters can be used; but not from the GUI. We are also working on an improvement to provide a response page that can be delivered when Web Pages are blocked. The current version will cause a web request to hang if there is blocked content.

We do have some customers that are actually using the content filter to block specific viruses. In order to do so, you must know the footprint of the virus in an IP packet. For details about activating content filters contact APconnections directly.

Do you have a feature that will track total bandwidth per user and take action when they exceed their allotment?

We have the following tools in beta test…

Features
 
1) Select users by MAC address or IP address
2) Set bandwidth usage allotted by Hour, Day or Month
3) Set e-mail address to contact when usage level is exceeded
4) Two usage levels per interval
5) Set a bandwidth limit to restrict user to when they exceed usage level for time period
6) Automatically removes usage restriction at the end
of the time period
7) Saves current usage data to survive a re-boot
8) You may need to administer an SMTP server for sending of alarm mail to be delivered correctly.