Find out network traffic per IP

networking monitoring ip router bandwidth
62,012

Solution 1

ntop is probably the best solution for doing this. It is designed to run long term and capture exactly what you're looking for.
It can show you which clients are receiving/sending the most traffic, where they're receiving/sending to, what protocols and ports are being used etc.
It then uses a web GUI to navigate and display this information.

ntop is a fairly well known tool, so I would be highly surprised if its not in Ubuntu's package repository.

ntop

Solution 2

To see realtime usage by IP (rather, by IP and port):

sudo apt install tcptrack
sudo tcptrack -i eth0

To see realtime usage by MAC address, a nice ncurses based tool is iptraf-ng:

sudo apt install iptraf-ng
sudo iptraf-ng

(And then, select "LAN station monitor → eth0".)

To see daily aggregate data volume by IP, my favourite is ipfm. Install with:

sudo apt install ipfm

Then configure in /etc/ipfm.conf according to man ipfm.conf and start with sudo ipfm.

Solution 3

ntop can give you exactly what you're asking for. It collects data about all the traffic flowing through your network (and can collect data from other networks if they have a device configured to send netfow data to your system).

It will show you every host on the network, with how much bandwidth they've used. It will let you drill down into each host and see what type of traffic they are generating and to/from whom. It will let you see currently established TCP connections. You can pretty much get lost for days going through the data it can give you.

The program can be a memory-hog, though, depending on how you have the options setup.

Solution 4

You can check the existing counters from iptables to see if anything looks out of line,

It is also possible to add accounting rules to iptables which are used only to generate traffic counts. A tool like Shorewall makes it easy to do this and has specific documentation on Accounting rules

There has been research showing that the large buffers in routers can cause performance problems. You may want to try shaping traffic to slightly less than the network capacity. Shorewall offers a couple of approaches to traffic shaping. This can also be used to prioritize certain kinds of traffic.

If you do identify a user whose bandwidth usage is excessive you have a few options:

  • Discuss the issue with them and remind them of your usage policy;
  • Block access to the service and/or site which is using the bandwidth;
  • Limit traffic to the service and/or site which is using the bandwidth; and/or
  • Limit traffic for the user in question.
Share:
62,012

Related videos on Youtube

please delete me
Author by

please delete me

Updated on September 18, 2022

Comments

  • please delete me
    please delete me over 1 year

    We have one central server which functions as an internet gateway. This server is connected to the internet, and using iptables we forward traffic and share the internet connection among all computers in the network. This works just fine.

    However, sometimes internet gets really slow. Most likely one of the users is downloading videos or other large files. I want to pinpoint the culprit. I'm thinking of installing a tool that can monitor the network traffic that passes through the server, by IP. Preferably in real time as well as an accumulated total (again by IP). Any tool that is recommended for this? Preferably something in the Ubuntu repositories.

  • please delete me
    please delete me about 12 years
    Excellent answer, also valid but I can only mark one. So I went with the timestamp to make my decision. Also, Patrick had a picture ;-)
  • ferdymercury
    ferdymercury over 2 years
    called ntopng now on Ubuntu's apt ntop.org/products/traffic-analysis/ntop

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I find the IP address of my router?
Install Network Printer Manually (Router : TP-Link TL-WR842ND)
How to change the default TTL of TCP/IP packets?
How to ssh into a server running on a home network, behind a router?
How to show (just) the IP address of my router?
ASUS router EA-N66R has different subnet mask than laptop
How to build a gateway from my Linux OS
How to use the Suricata IDS to monitor the entire network?
Overlapping address error in Packet Tracer-Possible subnet error
Public IP for my PC through XFINITY gateway router/modem