We've had the NetEqualizer in place at Reed since the beginning of this year. So far, so good. It's lived up to the promise of being a "set it and forget it" type of appliance. Vince Stoffer, January 2010College & University Testimonials
At Drew our NetEqualizer continues to work very well, so thanks for making an excellent product that just works and does what it says it will very well. It is usually one of the things I mention to people as a "best thing we've bought" type device, as it really is SO easy to use and configure and really does keep everything usable. Thanks for making an excellent product! The NetEqualizer employs a limit on the total number of connections a single client can make. In addition to that, it employs techniques to add small delays to certain large persistant connections based on a few simple parameters you set up. The connection limiting keeps P2P under control and keeps it from overwhelming the network. With previous traffic shaping appliances that we've used in the past, I had come to the conclusion that I was fighting a losing battle because though it classified a lot of the traffic correctly, it got it wrong plenty often. If the classification was wrong then my rules didn't work as intended. Particularly at that time and on that appliance it was that encrypted P2P would get classified as https and then according to my rules be given a high priority rather than a low one. We've had our NetEqualizer for about 3 years now, and I've been very happy with the fact that it both seems to make our users happy, and requires very little time be spent managing it. This truly is a set it and forget type appliance. I used another vendors product years ago and I was always in there working on it, finding heavy use users and products, and tweaking and geeking out on it. With Neteq, I have spent maybe 2 or less hours doing administrative task over the last 4 or more years. I would spend 2 hours per day before noon most of the time when using the purple companies product. NETEQ ROCKS! Thanks again for such a great, easy to use product. Macalester College is a private undergraduate liberal arts college located in St. Paul, Minnesota. Ted Fines is the Assistant Director of Network Services. Ted’s problems started when Napster came out and they continued because it took time to find the right solution. They put in a packet shaper, but it wasn’t the right solution for their network.” It took a lot of time to manage it, no matter what we did with the configuration, stuff still fell through the cracks. I just saw no end in sight.” After a particularly bad week they took out the packet shaper and replaced it with the NetEqualizer. “Right away the internet access speed is more consistent and predictable. If you go to a website, it just goes. The latency problems like streaming and games that we always had the most trouble with just went away. The latency is lower than it’s ever been.” Ted is happiest that it just does what it was promised to do. We've had the NetEqualizer in place at Reed since the beginning of this year. So far, so good. It's lived up to the promise of being a set it and forget it type of appliance. It was replacing a Packetshaper and while we do miss the increased visibility into the traffic (including better monitoring and reporting) of the Packetshaper, the Netequalizer has been trouble-free at doing its job of equalizing traffic in a protocol-agnostic fashion. It requires very time little beyond the initial setup and bit of fine tuning. The unit will also allow us to continue upgrading our bandwidth without needing to upgrade the hardware (the reason our Packetshaper had to go). We moved to NetEqualizers when our other vendor required a costly upgrade with no gain in features or service. We removed the old equipment and replaced them with a redundant pair of NE boxes. We run all our Internet connectivity through these. Unlike the equipment they replaced, we no longer have any needs for regular tuning, and there have been no performance complaints from any of our users. APconnections was very cooperative in working with us to specify and configure the correct device for our needs. Thanks! Bowdoin was in a similar position this summer. We were happy with our Packetshapers, but were not able to renew the service/software contract on our pair of 9500's. I believe the Bluecoat acquisition was to blame for them pushing out the slightly-old hardware. The "special" upgrade pricing was excessive, so we looked into alternatives. After some testing with on site demo units, we selected the NetEqualizer. We've been using them since mid-August, and have had no issues since the initial installation. We've been using your NetEqualizer 350Mbit unit since the Spring. I've had my neteq in about 2 weeks now...it's running great!. I really never want to hear, "why is the internet so slow?" ever again.....I used to hear it at least 20 times a day....now, i hear it never......thanks guys.....(of course, I only hear, "wow, the internet is so fast" about twice a day....but it will do.....still after months of being harrassed.....it's nice not to have that "stress" of hearing it all day...... I want you to know how pleased I am with our NetEqualizer. Unlike our previous bandwidth management product which required constant tending and updates, the NetEqualizer works exactly as advertised: plug it in and forget it. Our Internet connection has run smoothly all year regardless of the kind of traffic thrown at it. Simply put this is one of the best products I've ever put into production. Thanks again. NetEqualizer is great! We've really had no issues at all. We literally dropped it in line and experienced the difference over Packeteer right away. Complaints from students dropped as well -- MMOG worked again and we have no more AIM dropouts. It's the best decision I've made this year. At Loyola University Chicago, we are on our 2nd iteration of the NetEqualizer. We used the product happily for a number of years when we had a T3. We upgraded our internet pipe to 100MB and after about 6 months we noticed 100% saturation and students complaining of slow internet for various applications. We knew then that we needed another NetEqualizer. Once we plugged the box in it started managing the bandwidth, our pipe has not been saturated since, and more importantly the complaints have ceased. Stetson University is located in DeLand, Florida. Over the decades they have spread to four campuses including DeLand, Stetson University Center near Orlando, the Tampa Law Center and the College of Law in St. Petersburg/Gulfport. The Gulfport campus needs to keep closely in touch with the Tampa campus and they did a lot of that through a point-to-point 6 Meg connection. They also had approximately 1500 students and 300 faculty and staff accessing the Internet. LEWIS UNIVERSITY FINDS QoS=LESS WORK Located 30 minutes southwest of Chicago, Lewis University offers over 70 undergraduate programs, 20 graduate programs and accelerated programs for working adults to 5,200 students enrolled on five campuses. Derrick D’Gama is the Information Security Officer/Director of Information Services. “We have 6,000 connections.” Over a 10 Gig line internally and a 20 Meg external line going out to the internet. Though they had QoS equipment installed, D’Gama was not satisfied. “I wanted something where I wasn’t all the time doing traffic adjustments.” After an intensive research period he found only positive reviews for NetEqualizer and chose that as his solution. D’Gama says: “Unlike the other QOS appliances (that would take much of my time due to manual intervention in tuning specific data streams), the Netequalizer instead is happily processing these streams automatically. Consequently, I have some more time to focus on other projects due to this installation.” I am convinced protocol and layer 7 based filtering is dead. I expect P2P products to use SSL or TLS bypassing layer 7 filters. Ethically layer 7 filtering smells like content filtering, big brother, evil. Bandwidth arbitration keeps things simple. When the Internet connection reaches a tuneable level of utilization the arbitrator slows down longer lived higher usage data transfers based on the number of connections and their utilization. Per host connection limiting keeps P2P playing nicely. The chosen product? Net Equalizer. Based on the open source Bandwidth Arbitrator, it is easy to configure and highly customizable. Support has been excellent. Initial Tests With the netequalizer link size at ~20% below our average utilization our pipe remained completely usable. Interactive applications responded well while large transfers continued to function. The connection limits appear to keep bittorrent and gnutella functional and in control. Qualitative Results 2006-06-23 Downloads are faster, latency is at pre layer 7 filtering levels (9ms vs 300ms), P2P protocols are usable again, and we no longer police content, we manage bandwidth. Support has been excellent with technicians responding directly to my emails with all technical levels of questions answered, good, silly, and questions about the inner workings of the appliance. I was instructed on cautions to take with any attempt at customization, and given the go ahead for some minor custom configuration without voiding the warranty. Update 2006-11-06 We have run the Netequalizer for 6 months. Results are phenomenal compared with our last product. Our Netequalizer box has been up for 116 days with no configuration changes from the start of the semester. I look at my Cacti graphs and the custom CGI reports for solace, as if I'm disappointed the appliance doesn't need more care and feeding. Our Configuration For our 21Mb link, we set 3 basic parameters: The ratio is the amount of of our pipe in use before any shaping (arbitration) takes place. The brain_size is the number of connections for the equalizer to track and act upon, I have seen this number reached only once on our system. The connection limit means we allow 20 incoming and 20 outgoing connections maximum for every host on our network. We had to set every one or our servers as an exception to this rule, allowing 50,000 incoming and outgoing connections for those. We also had to specify our link size. That's it end of configuration. Custom Modifications We did very simple things to appease ourselves of the performance of the box. First, we placed an SNMP daemon on it. I used a stock snmpd from a Mandriva 2006 server, from net-snmp 5.2.1.2. I was going to static compile one, but it turned out the dynamic libraries were all in place, here is the ldd output: I put the daemon in /usr/local/snmp/sbin/ and the mibs and snmpd.conf in /usr/local/snmp/share/snmp/. We created 2 custom CGI scripts. One script shows the complete current logfile on demand rather than the last however many lines the web interface shows. The other script shows total current connections, followed by a list of hosts with more than 3 connections, sorted by total outgoing and incoming connections. I modified some of the scripts provided in the /art directory to produce those results. Someone with more familiarity with the Linux bridge utilities could probably do better. Here is the showlog.cgi script I placed in the /var/www/cgi-bin/arbi directory: Here are some lines from the showlog output, catching the arbitrator slowing someone down with .05 second delays (the DELAY portion): Here is some output from our connections script with the top 5 out and in hosts: Notice the hosts with more than 20 connections. Some of these are exempt servers, but others are workstations. Our firewall disallows non related incoming connections campus workstations, Netequalizer is in front of the firewall. I have examined some of these cases and many are P2P connection attempts that never truly connect to transfer data or are very short lived. We typically see about 20 to 30 hosts at or above the connection limit and about 100 hosts with more than 3 incmoing or outgoing connections, including all of our Internet servers. Verification, Tests We have an out of band PC using Ntop to track what hosts on the network are doing. I have verified the output of the Netequalizer against our Ntop machine many times in the last few months. I have also on occasion initiated a large download from a fast Internet site when I notice one or two folks getting high data rates. At those times I have observed Netequalizer start to arbitrate, creating head room on the pipe to keep bursty interactive traffic responsive. Criticism, Pros, Cons (last edited November 6, 2006) We are very pleased with the NetEqualizer. It's been rock solid for the school year and we have received positive feedback from the students in our residences. We had a Packeteer® here at Keystone College, but outgrew it when we upgraded our bandwidth. Someone on this list (Educause) suggested looking at a NetEqualizer box (http://netequalizer.com/). I did, bought it, love it. No maintenance, no updates, no headaches. It just sits there and works…
Christopher Stave, Computing and Network Services,
Drew University, Dec, 2011
Adam Forsyth, Director of Network and Systems,
Luther College, Sep, 2011
Dan Spechtenhauser, Network Technician,
Palo Verde College, Sep, 2011
Tim Buller, Information & Media Services, Bethel College, Nov, 2010
(back to top)
Nathan Hay, Network Engineer, Cedarville University (From EDUCAUSE Network Management (NETMAN)
Listserv, Mar, 2010)
We have the NE3000-350 on a 150 Mbps pipe. We bought it the same time we had a large increase in our pipe, so I am just recently starting to see the graphs plateau at 120 Mbps (80% of 150, the point where neteq kicks in). It took our users a while to catch up to our larger pipe size, so I think the Neteq didn't do anything for about a year because we never hit 80% usage. So it is working well for us. I barely touch it as far as management goes. It lives up to the sales pitch for us and the price easily convinced us when we outgrew the PacketShaper we had.
Tim Payne, Network Administrator, Macalester College (From EDUCAUSE Network Management (NETMAN) Listserv, Mar, 2010)
We just bought a new NetEQ unit here as well when we upgraded our internet pipe to 130Mbps. It has worked perfectly for us, as did our old one... Ted Fines, Assistant Director of Network Services, feedback to us after buying their first NetEQ...
Vince Stoffer, Reed College (From Educause SECURITY list, Jan 19th-20th, 2010)
Jason Lavoie, Manager of Networking, Bowdoin College email testimonial Sept, 2010
Jason Lavoie, Bowdoin College (From EDUCAUSE Small College Constituent Group Listserv)
Years ago, I had made the determination that playing whack-a-mole with Packeteer DPI and chasing down the latest classification plugin or software upgrade was more operational overhead than the gains warranted. Our attempt at using Dynamic Partitions failed -- the box couldn't keep up with our bandwidth/session demands. We had been running our Packetshapers in a dumbed-down configuration that had High/Medium/Default/Low priority class trees. Administration time was relatively low, but we weren't using much of the DPI functionality we were paying for. Netequalizer fits our needs almost perfectly for the right price.
The other major factor that led to the decision were how cooperative and helpful they were with pre-sales support. We were able to augment their standard option with optical interfaces for essentially the price of the cards. All of our questions were answered promptly and with technical understanding of the product. In pre-production testing, the few problems we ran into were quickly and thoroughly addressed whether they were our implementation problems or a NetEqualizer issue (there was one with an incorrect license key). ...
Josiah Erikson, Network Engineer, Hampshire College
I had been looking for a dynamic equal-bandwidth policy based unit for quite some time, and had been unsuccessful. The NetEqualizer was a fraction of the cost of other solutions, took me all of five minutes to configure, and works wonderfully. I have had many students come to my office for the express purpose of thanking me for buying more bandwidth, which I didn't - I just replaced our Packeteer with a NetEqualizer. Their engineers convinced me that I didn't need to put in any exceptions or special policies for specific areas of campus or servers, and he was right - the almost-default configuration works great. On top of all of this, at the core it's just a 1U debian box with a flash drive. There's nothing I like better than standards-based, open-source-based networking solutions that I already know how to work with. Good job guys!
Chris Gilles, Heartwoodinstitute.com
Douglas Hedges, Dean, ITS, Atlantic Cape Community College
Russ Leathe, Director of IT, Gordon College
David Wieczorek, Loyola University of Chicago
William Delgado, Senior Network Engineer, Stetson University
“We couldn't track where the bandwidth was going,” said William Delgado, Senior Network Engineer. He knew sometimes it was getting hogged.
Delgado considered buying the big-name bandwidth shaper “but at the time the price was out of the question.” Delgado decided on APConnections NetEqualizer. He bought three. He placed one NE1000 on the Tampa side and one on the DeLand side to control their point to point connection, and then he placed another, higher end NetEqualizer for their 10 Meg Internet connection.
Delgado called APConnections and the engineers walked him through the configuration. Specifically, he set the unit so it would not throttle the data from the video conferencing units. Since then they have been running smoothly. Delgado especially likes the updated reporting tools.
“It made life easier because when it's up and running I don't have to worry about who's hogging the bandwidth. If there's only three people, there's no problem. If there's someone hogging, it throttles them back so all the users are at the same speed,” said Delgado.
Derrick D'Gama, Director of Information Services, Lewis University
Adams State College, (found on Adams EDU 11/14/2006):
In May 2006 we switched bandwidth management products. We moved from traditional layer 7 traffic shaping to bandwidth arbitration. We looked at upgrading our current product and 3 other solutions.
RATIO 75
BRAIN_SIZE 2500
CONNECTION LIMIT 40
11/06/06 08:39:32 PENALTY IP : 147.124.8.230 192.156.134.2 POOL: 0 WAVG: 133212 BUFF: 102 DELAY: 5
11/06/06 08:39:32 INCREASE PENALTY IP: 147.124.8.230 192.156.134.2 POOL: 0 BUFF: 102 DELAY: 10
11/06/06 08:39:44 Traffic up: 575430 Traffic down: 962330 POOL 0
PENALTY THRESHOLD pool 0 up 2688000 down 2688000
11/06/06 08:39:47 PENALTY DECREASE: 147.124.8.230 192.156.134.2 to 5 POOL: 0
11/06/06 08:39:51 PENALTY REMOVE: 147.124.8.230 192.156.134.2 POOL: 0
Total Connections: 2074
More than 3 Outgoing Connections:
192.156.134.15 76
192.156.134.2 61
72.166.201.218 58
192.156.134.16 36
72.166.205.159 21
More than 3 Incoming Connections:
72.166.205.159 88
192.156.134.15 76
72.166.201.110 57
192.156.134.2 56
72.166.201.218 51
(back to top)
Martin Laferriere, Network & Operations Analyst, Computer & Telecommunications Services, Laurentian University
Charlie Prothero, Chief Information Officer, Keystone College