Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Number of users, bandwidth rule of thumb?

  1. #1
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    5

    Default Number of users, bandwidth rule of thumb?

    Hi everyone,

    First of all great forum, i've learnt a lot from here thanks.

    I'm doing a dissertation for my undergraduate into Wireless technologies, my scenario includes linking 4 hospitals across a city using point to point wireless links like the Motorola PTP5800 which offers a 300Mb connections i have also said that these will be WPA with 63 character pre shared keys and for additional security i will run 256 AES VPN tunnels across them (am i right to think that IPSec consumes around 50% of the bw to maintain the tunnel? and is it relative to the link speed or is the overhead of IPSec fixed?).

    At each site there will be a varying number of users and some sites will have video streaming perhaps a live theatre feed to a training room at another site.

    I can easily calculate how many Mbps a video stream might require and multiply it by the number of streams, but is there a rule of thumb for the average office/admin worker? Allowing for general usage of network shared drives and web browsing?

    As it maybe that only 2 of the four sites have an internet connection, furthermore if i had a Primary domain controller at a main site and remote users had roaming profiles how big would those profiles be if they used mapped drives to store their documents?

    So to summarise, what assumptions can be made when trying to determine the required bandwidth for an inter site link?

    Thanks in advance
    Marc.

  2. #2
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    We usually tried staying below the 50 users per access point level. Don't know if that's a hard rule or not, but it seems to work for us. This is a grade school environment, so that should also work for an office environment.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  3. #3
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    5

    Default

    Ok that's great thanks, i was thinking more inline with the inter-site bandwidth links.

    So if there is 300 users on one site and 100 users on another, how can i quantify how much inter site traffic might take place, if the smaller site's Primary domain controller is on the larger site and they use roaming profiles for example.

    Thanks
    Marc.

  4. #4
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Finally a good question properly formatted with the relevant information.
    Welcome to the forums yoof30.

    Enjoy your stay.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by yoof30 View Post
    Ok that's great thanks, i was thinking more inline with the inter-site bandwidth links.

    So if there is 300 users on one site and 100 users on another, how can i quantify how much inter site traffic might take place, if the smaller site's Primary domain controller is on the larger site and they use roaming profiles for example.

    Thanks
    Marc.
    I wouldn't recommend doing roaming profiles across any kind of WAN link unless you have a reliable 100MB link between the sites, otherwise you'll have a bunch of pissed off users every morning and evening as they try to upload and download their profiles.

    It is better to have a Primary DC at one site and a Secondary DC at another site, and the users have their profiles stored on their local servers. Then the DC's just maintain their own replication over the links, which is actually a very minor amount of traffic.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #6
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by yoof30 View Post
    Ok that's great thanks, i was thinking more inline with the inter-site bandwidth links.

    So if there is 300 users on one site and 100 users on another, how can i quantify how much inter site traffic might take place, if the smaller site's Primary domain controller is on the larger site and they use roaming profiles for example.

    Thanks
    Marc.
    We had it working with 10Mb point to point microwave links. Some of our more remote sites worked with a "dry pair" dsl link, so that was 1.5Mb. Though those schools were in the 8-12 teachers with maybe 50 students each. I'm not there now, but they just upgraded to point to point Gigabit fiber to the main high schools then microwave links to the middle and elementary schools from there. They're trying to consolidate all the file servers back to the main office with replicas at the vocational school for off site fail over redundancy.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  7. #7
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by yoof30 View Post
    I'm doing a dissertation for my undergraduate into Wireless technologies, my scenario includes linking 4 hospitals across a city using point to point wireless links like the Motorola PTP5800 which offers a 300Mb connections ...
    I was unable to find any such device. The PTP 500 series maxes at 105Mbps or 13.25MBps.

    IMHO that will quickly be consumed during peak hours with everyone's email, web browsing, etc. Adding streaming video from the web or between a few points and it'll likely result in some sort of DoS.

    If I really did just not look far enough for the 5800 then 300Mbps =~ 37.5MBps which seems more reasonable for a deployment of the size you mentioned (100-300 systems), even with some of them streaming video.

    (Note: The answers above assume that the video will be decent quality since it'll be medical information, if it's just little 240x320 junk then my answers above probably don't apply.)
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  8. #8
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    5

    Default

    i'm sorry my mistake it's the Motorola PTP 600, found here for those who are interested: *hxxp://all-the-double-u's.motorola.com/Business/US-EN/Business+Product+and+Services/Wireless+Broadband+Networks/Point-to-Point+Bridges/PTP+600+Series_US-EN

    Thanks for the information regarding the Roaming profiles.

    Does anyone have experience with how much overhead is involved with IPSec?

    If i was trying to calculate Mbps per user, would 0.25 sound about right, given that not all users will be browsing or using network services simoultaneously?

    (I had to edit the link due to my post count).

    Thorin
    how did you arrive at this number 300Mbps =~ 37.5MBps for the true throughput?

    I hadn't given much thought yet to the quality of the video, but yes the outline i've given is for education of medical employees so a reasonable quality would be required, Wiki says that MPEG 2 at 720x576 requires 15Mbps. So i guess that would be a good base to work from, perhaps a more efficent codec could be used to allow more links, perhaps Xvid.


    Thanks
    Marc.

  9. #9
    Member
    Join Date
    Nov 2007
    Posts
    220

    Default

    Is there any point with the WPA if using a properly configured VPN?

    How about shutdown the wireless links or the end points to only accept/listen to the VPN port and then use VPN, adding the calculational overhead of a second encryption seems weird.

    Just use good VPN encryption (ie no single DES)

    I agree that roaming profiles could be too much for speed, depending on how much people move around.

    How much BW needed depends on nature of business and user, does normal web traffic go out at each end point or does it all go to a main proxy? How big are the files? is everything web based or document based? Another thing is... are the points in a line? i.e. if main base at point 1... and point 4 has to go through 3 then 2... would 4 suffer more than 2 as it is fighting fist with 3, and then whats left with 2.. tha make sense? (had something at last place where five places linked to one which then connected to the main network, the remote palces were horrendously slow, but the main hub wasn't that bad).

    Ipsec Bandwidth:
    http://lists.shmoo.com/pipermail/vpn...ne/003401.html
    wtf?

  10. #10
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    This might give you some good insight into IPSec overhead.

    http://www.cisco.com/en/US/tech/tk82...6979.shtml#t15
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •