Question : Throttling Bandwidth

Hello All,

Our company just purchased a DS3 circuit with 5mg of bandwidth and a burstable speed of 45 mg. So in theory we will maintain the 5mg connection and only use above that when we really need it. Any time we go over 5mgs we get billed per mg.

What I am looking for an inexpensive way to throttle bandwidth to this connection. At&t recommends a choke router which is very expensive ranging anywhere from $1200 to 12,000. I am hoping that we can throttle bandwidth with hardware that we already have.

We currently have a PIX 515 running version 6.3 and we also have a couple of Cisco 1720 routers that are not in use. One point to keep in mind is that the Cisco 3800 series router that delivers the DS3 line to our PIX is managed by AT&T and we do not have access to this unit.

I am hoping this can be done with PIX or if we have to place the 1720 router between the 3800 and the PIX which would mean completely reconfiguring our external network.

Any help would be much appreciated

Answer : Throttling Bandwidth

You might want to re-look at your contract with the DS3 vendor and how they determine "overage" charges.
You might find that they will use an average utilization determined by periodic samplings throughout a 24 hour period, throughout the monthly billing cycle. This includes all the nights and weekends when virtually no traffic is on the line. You can burst up to 20Mb periodically during the day and never even come close to going over your allotted 5M average.
And again, weight the costs of overages against the cost of implementing a "choke point" to restrict traffic. If overages can cost you $100K in a year, then your spending should give you a good ROI. Spend $20k to save $100k?
Obviously, the more money you spend the more elegant a solution you can find. However, you can do many things cost-free that can limit the bandwidth use:
1. Have acceptible use polices that outlaw streaming meda, MP3 downloads, etc. Have meaninful consequences that you can enforce.
2. Setup NTOP (free) to get Top Talkers then hold a contest to reward users that use the least bandwidth - in other words, engage the users in your quest to save money. A $50 restaurant gift certificate each month goes a long way and has much higher ROI. Perhaps the user that uses the MOST bandwidth gets to "treat" the winner at their expense?
3. Setup Proxy server so that downloads are cached locally.
4. Set up SUS server so that only this server gets Microsoft updates and pushes them to the PC's
5. Set up managed Antivirus so that only one server gets the large file updates and pushes them locally
6. ALSO set controls to monitor use. You cannot have effective policies if you can't enforce them. I particularly like the iPrism appliance http://www.stbernard.com/iprism you can use it to enforce your polices as well as bandwidth throtteling per-user which is very important. Don't punish everyone for one bad apple.

Random Solutions

Spanning Tree Protocol and Blocking Ports ?

EINPROGRESS errno in connect

Configure postfix to relay email from not my domain?

Lotus Notes 8 Database design and security

dual PIX 515e / Catalyst 3750 / Dell server - high availability

Symantec Ghost multicasting

GPS with PDA and MS Streets and Trips

Migrating from Netware 5 to MS Windows 2K3

error when changing pc name on 2000 pro