I support a large number of public libraries that are having their networks upgraded in response to a grant application. These libraries are generally home to between 6-15 computers and have little or no tech services either onsite or contracted remotely.

In order to justify current and future purchases, a number of the libraries have requested routers that can provide bandwidth usage graphs that they can show to their managing boards. Is there a small business router that displays traffic graphs in the router administration web interface?

The router needs to suppport DHCP and basic firewalling. No other features are required. Further, the reports just need to show overall trends. It is not necessary to show traffic by IP, by protocol/application, or by time of day. They just need an overall week to week, month to month, trend line.

I'm familiar with MRTG/PRTG/tools that collect SNMP data from the router, but the libraries don't have the expertise for the configuration. I've considered installing the tomato firmware on some cheap home/home office routers, but if there's a commercial product that can be purchased that would be significantly simpler. Also the library boards would be much more likely to approve the purchase of a commercial product over a 'hacked' one.

Any assistance would be appreciated.

5 Answers5


pfSense -- rrd/mrtg style graphs are built in, no configuration or 3rd party packages required.

  • 56
  • 1
  • Thank you for the response. Is there a commercial product based on pfsense that I could suggest to the libraries? They don't have any staff or expertise to set that sort of stuff up themselves. – Robert Drake Apr 09 '10 at 20:12
  • 1
    I've had good luck with the netgate alix based hardware. http://www.netgate.com/product_info.php?cPath=60_85&products_id=312 – 3dinfluence Apr 09 '10 at 20:34
  • I have about a dozen clients using the ALIX boards/enclosures running pfSense at the moment and have nothing but positive things to say about the firewall and hardware. If you go to pfsense.org, under the Hardware -> preferred vendors section you'll find a bunch (including NetGate) that sell it pre-configured. – gravyface Apr 09 '10 at 21:26
  • http://www.logicsupply.com/categories/firewall_systems Call them to order and request pfSense instead of Monowall. We've used all of the perimeter models with great success. – Greg Apr 09 '10 at 21:39
  • Some excellent solutions. This is perfect. – Robert Drake Apr 12 '10 at 16:49

If possible, I would install OpenWRT and then install snmpd and luci-app-statistics packages. With SNMP you can use Cacti to do the graphs and with luci-app-statistics you can see the traffic history as graphs on the web interface of the router. Only thing to remember is that the statistics are forgotten after the reboot of the router.

Mircea Vutcovici
  • 16,706
  • 4
  • 52
  • 80
  • Thank you for the response. I like your solution and its a good suggestion, but in this situation I don't think it's an option. Given the difficulty of explaining technical things to the managing boards that approve the expenses, it's a practical, if not absolute, necessity to purchase a commercial out-of-box-ready solution if at all possible. Given all the limitations - technical, monetary, geographic, bureaucratic, finding the appropriate tool is proving to a lot harder than expected. – Robert Drake Apr 09 '10 at 20:10
  • @Robert: In otherwords, those problems (monetary, geographic, bureaucratic) are higher in the OSI stack then you are ;) – Stefan Lasiewski Jun 17 '10 at 00:38

Tomato also has some nice realtime (SVG) bandwidth graphing - and it can also show realtime-updated pie charts based on QoS usage, which I use almost daily (just keeping an eye on things of course!). If you set up the rules beforehand - a five minute job - they could then see what's utilising the link on a momentary basis straight from the web ui. Like other WRT-based firmwares, you can even admin it remotely or SSH into it, so you could do emergency tweaking or config changes without having to attend should the need arise.

As an aside, Tomato's QoS implementation (once configured appropriately) actually works very well, whereas DD-WRT's is made of fail from personal experience. I've not ventured into OpenWRT waters yet so can't vouch for its efficacity, but Tomato really is simple to flash to a supported WRT54GL (WRT54G v4) or other supported Linksys device. Cheap, cheerful and very stable, a real set and forget box.

There are other particularly good pieces of hardware that can run WRT/Tomato firmwares, though I stick with the WRT54GLs because I like their retro design and stackability ;-)

Chris Woods
  • 388
  • 3
  • 21
  • +1 for Tomato and WRT54GL - sounds like exactly what's needed and cost ought to be approx $75 per location. Don't bother talking about/asking permission re Tomato - just do it. It's perfectly legal and more stable/reliable than the stock Linksys firmware. The bandwidth graphs/logs are exactly what you're asking for and they're part of the web management interface. – gbroiles Jun 17 '10 at 04:37

Assuming that the libraries in question have a Windows server running, my advice is to go with just about any small business router (we use Linksys RV042s) and just run PRTG. You can set it up to collect data running as a service, and when the client is run it'll then load the data gathered from the service. I recommend a business-class router because they're more likely to have the kind of SNMP reporting that you're looking for.

There are several advantages of this:

  • The users don't need to log in on the actual router to gather the information. In my opinion, this reduces the chance that they'll manage to break something. PRTG is read-only.
  • Training the users on PRTG is likely to be easier than training them on using the router's interface.
  • You can use PRTG to do simple email notification checking key systems or VPN connections via ping, though you may not get messages if their internet connection(s) are down completely or the router is down.
  • Minimal setup time required, and basically no additional hardware.
  • For small setups (up to 10 monitors), PRTG is free.
  • DRAWBACK: I use PRTG, but if there's a way to get utilization figures by time of day over a long period I'm not aware of it. You basically get the past hour (by small interval), past day by minute, past month by hour and past year by day. Custom reports get you a little more, but not much.

Countering this, if the library is running some sort of access control software (transparent proxy for filtering, etc.) then you may need to check more into what's compatible for the systems in question. If they are not currently doing so but would like to then pfSense might be better for you - it's possible to integrate packages such as SquidGuard or DansGuardian with it (see http://forum.pfsense.org/index.php?topic=7464.msg64662) though I have not actually used pfSense or those packages (yet, I have customers who want to do this).

  • 972
  • 6
  • 10

DD-WRT has both a monthly traffic view and a real-time bandwidth monitor as part of the default web status pages. Once it's installed and running, nothing else is needed except a web browser. And even though most people download and install it themselves, they do offer paid commercial services and setup as well. Here are some screen shots of both pages on my installation.

WAN Traffic Bandwidth Monitor

Ryan Bolger
  • 16,472
  • 3
  • 40
  • 59
  • There appears to be a Buffalo Tech wireless router coming out soon that has DD-WRT pre-installed. http://www.buffalotech.com/products/wireless/routers-and-access-points/nfiniti-wireless-n-high-power-router-access-point-wzr-hp-g300nh/ I need to test it out once the product is actually released, but this could be a perfect solution for a number of these libraries. – Robert Drake Apr 12 '10 at 16:50