But as you describe the situation, there might be an easier way: In case you use any one machine running Windows 10, this might explain the seemingly unexplained upstream traffic. Go to Settings > Update & Security > Windows Update > Advanced Options > Choose how updates are delivered and set the one switch there to Off - or select PCs on my local network. Then this machine will not participate in their P2P Windows updates, or at least not upload them to random machines on the internet anymore. Repeat this with every single machine, which is running Windows 10. Other P2P clients might cause similar upstream traffic, but with Windows 10 this does not necessarily imply illegal activity on your network. Without much upstream traffic, the speed of the downstream traffic should also improve (assuming this is an A-DSL or V-DSL connect; S-DSL is unlikely given).
Most of the FRITZ!Boxes have a non-documentated page which enables a traffic capture in 'wireshark' format for different ports. Open the page in a browser with following URL: fritz.box/html/capture.html, or replace fritz.box with your routers IP address (usually either 192.168.178.1 or 192.168.178.254). There you can choose the ports you want to capture from. Just follow the on-screen instructions and after successful download, you can open the file directly in Wireshark.
Fritz!Box routers are popular devices that many people use to connect to the Internet. Inside these routers there is a hidden (i.e. not accessible from the router web admin page, but that you access directly with a web browser by writing the whole URL) URL (BTW replace the 192.168.2.1 IP address with your Fritz!Box router IP if you have changed it) that can be used to dump router traffic in pcap format.
While pcaps are good for troubleshooting, most people need to know what is happening on their network in realtime, so they can spot for instance bandwidth hogs or high-latency communications. In essence we need to tell ntopng to analyse traffic flowing in our router. This is exactly what the fritzdump.sh script is doing: connect to your Fritz!Box router, start the packet capture process and spawn ntopng for analyzing the network traffic by reading traffic from a pipe (see the picture below).
This is a great solution for home and small business users that can monitor the network traffic in realtime without having to deploy network probes, taps etc. that are not affordable (in terms of complexity but sometimes also from the price standpoint) on most small networks.
"The AVM FRITZ!Box WAN Interface Sensor monitors the internet traffic of a FRITZ!Box internet access router from European manufacturer AVM. It returns the incoming and outgoing internet traffic. There are no credentials necessary."
Our home networks are getting bigger every year. Almost every device these days require an internet connection. But while expanding your home network, how do you monitor everything? And even more, how do you find a problem in your network? Like which device is using all the bandwidth? In this article, I will help you install a free network monitoring tool and explain how you can monitor your home network traffic for free.
We are going to use a free version of PRTG for monitoring our network. This is one of the best network monitoring tools and the free version is perfect for home use. I am going to help you set up your network monitoring software step-by-step for your home network and explain how you can monitor your home network traffic.
To monitor our home network we are going to use PRTG. This monitoring tool is one of the most popular network monitoring software for enterprises, but it also has a free version. The free version has the same features as the paid plans but is limited to 100 sensors. To monitor your home network traffic, 100 sensors are more than enough.
If you want to use graphs as I did in a network map, then you might want to clean up the network sensors. On my notebook, for example, I had more than 15 channels on the network card sensor. All were displayed in the graph, making it harder to read. We only need the traffic in and traffic out channels. To clean the graph up, you click on the network card sensor > click on the gear icon behind a channel and select Hide from Graphs. Do this for all channels, except the traffic in and out channels.
Hello. Great instructions and explanation of PRTG. This sounds like it might be my answer. I have a starlink modem that doesnt monitor bandwith data and at this point i dont want to change it out but i need to know which devices are consuming the most internet traffic, especially a couple smart tv.s So my question is does this software allow for Internet data tracking or is it just wifi bandwith amongst your local network. Thank you
Lots of information for one simple question: Once I get this program downloaded, installed, and follow your setup instructions, what, exactly, will I be looking for that I can show my ISP the next time they send a tech or supervisor out? Thanks!!
I can only reach a maximum download rate of 2Mbit/s (and slower) when connecting to my Fritz!box 7530 router. When connecting to a repeater in my home network I can reach much higher download rates. Router and repeater use both the same 2.4G network.
I manually reinstalled the Wi-Fi driver of the device (AX200). I changed and tested all different Wireless modes 802.11 a/b/g/n/ac and limited the frequency band to 20Mhz. But not one of these settings increased the download rate.
To be honest this new mini-PC is the first client that shows connection issues with my fritz!box router.I connected the mini-pc to a different Wi-fi network with a different router and could not recognise any issues.I found another thread where a user seems to have similiar connection issues between a fritz!box and the Wi-Fi 6 AX200 unit. So it seems for me that there is a incompatibility issue with this new Intel Wi-Fi unit and fritz!box unit. I guess this problem will only be solved with a new driver update. But I guess this is going to take a while to be provided by Intel.
I could finally solve the connection issue. The cause of this problem was that the Intel Wi-Fi 6 AX200 falsely recognized the 2.4G network as a 5G network and tried to connect with the 802.11ac protocol. Unluckily only forcing the unit into 802.11n protocol did not solve the issue. Additionaly to this changing I had to set Preferred band to 2.4G. Now I can get the full down/upload rate of my fritz!box network.
Perfect, excellent, it is great to hear that the problem got fixed after setting the preferred band to 2.4G and now you can get the full down/upload rate of the fritz!box network. Thank you very much as well for sharing that workaround.
Each of these has its drawbacks. I did not want to buy a new router, so router reporting was not an option. I could not install the necessary software on all the IOT devices, which prevents device reporting. And packet sniffing is an interesting idea, but I wanted to be able to handle wired as well as wireless traffic.
A less obvious concern is that of speed. When traffic passes through a router/switch, the primary bottleneck is the ethernet hardware. In other words, the CPU and RAM are not as important as in other cases. This was something of a problem with the Raspberry Pi 3B (and lower). However, the Raspberry Pi model 4 has an upgraded on-board 1000 Mbps eth0 port.
However, it does have one major disadvantage: the WiFi traffic (going to the router) will not be monitored. But the major advantage is: if you ever want to remove the Raspberry Pi network monitor, just plug the WiFi router directly in to the switch.
You could also run a separate DHCP server on the WAN side of the Raspberry Pi. In this case, again, the Pi is not the router. However, if the two network interfaces are bridges, then the traffic is flowing through the Pi.
Using Prometheus for throughput/bandwidth will not be perfectly accurate on a short time scale. This is due to the way a rate is averaged over an interval. However, by downloading a large file, I was able to compare the reported download speed from Chrome with that of the traffic graph:
The most important part of the configuration is setting up the tcpdump filters. For example, the following will restrict the captured traffic to that which flows in or out of the 192.168.0.0/24 subnet:
Edit prometheus.yml (which should have been included in the download). See the two comments in this sample file. In particular, make sure that the last line matches the IP/port of the device running the metrics script from the last step.
You should verify that your local IPs show up in the dropdown, and that you have not excluded any data you might want to be visualizing. For example, I intentionally filter speedtests and similar such traffic, as they add noise to the data:
pi@raspberrypi:~/Downloads/network-traffic-metrics $ pip3 install prometheus_client Looking in indexes: [link to pypi.org], [link to www.piwheels.org] Requirement already satisfied: prometheus_client in /home/pi/.local/lib/python3.7/site-packages (0.8.0)
pi@raspberrypi:~/Downloads/network-traffic-metrics $ pip3 install argparse Looking in indexes: [link to pypi.org], [link to www.piwheels.org] Requirement already satisfied: argparse in /home/pi/.local/lib/python3.7/site-packages (1.4.0)
After researching promiscuous mode some more, I was able to set one adapter into promiscuous mode but was only able to read broadcast packets. And this made sense since I still was not reading ALL network traffic.
I have a Cisco SMB router and Ubiquiti switches and AP. I was able to mirror the outbound port of my Cisco SMB router (all network traffic) to another network port which I plugged into the second network adapter on the VM. After running a test with tcpdump, I was able to see all network traffic. I also tested it with the Python script and verify data was flowing to Prometheus. So far, so good. 1e1e36bf2d