Creating A Loop For Specified IPs/Monitoring Bandwidth Remotely Using Switch?

[NinjaNife]

Alright, I have a few weird (for me) questions here..maybe a few of the network guys here can make sense of them for me lol. I will start by giving some background of my situation.

I have a dedicated server (running Windows Server 2003 R2 Enterprise) in a colocation center and am having some problems with bandwidth. I host gameservers with B3 (BigBrotherBot) services, and those use a TON of bandwidth for RCON (for those of you who do not know, that is how admins control the server through a third-party panel). Some games are able to have B3 connect to RCON via 127.0.0.1, since B3 is currently hosted on the same dedicated server, but unfortunately the main game I host only allows RCON connections via the external server IP. This causes a lot of bandwidth in a month, roughly 3000GB worth (according to the colocation center's bandwidth monitor; this creates a problem since we have a limited amount of transfer bandwidth available without paying overage fees). Oh, and we have two ethernet ports on our server if that makes any difference (only one is currently hooked up).

Now for the questions. I believe I have to options to lower the bandwidth usage on our server, and would like some ideas on how to do so (or any other ideas you may have).

1: I somehow create a rule on IPSec or something that loops all outbound traffic coming from the IPs I specify (I would be specifying the gameserver's external IP) to return back to the source, since all it currently does is go to the colocation center's switch and bounce back anyway (same thing as doing 127.0.0.1, but using the external IP). This should work because the only time any packet would be leaving the box going to those IPs, it would be going to one of the servers (which would be specified by the port). Does anyone know if/how this can be done?

2: I get a router/switch that is able to be remotely monitored and that supports bandwidth monitoring, so I can not only stop the rest of the bandwidth from reaching the colocation center's switch, but also see how much is being sent past our switch. I know that DD-WRT enabled routers have this capability, but I do not know if a router is able to be used as a switch (since our server uses 15 different public IPs) while still retaining its' ability to be monitored (I don't know how it would get an IP to connect to if it is just a switch). I do not know what a good switch with these features is; we are on a budget so the cheapest option is the way I need to go. Any ideas on this?

Well, that concludes my post for now..if anyone has any ideas please let me know; I have exhausted all of my ideas up to this point. Thank you for your help, and I hope you all had a great holiday season! Thanks again.

Brendan "NinjaNife" West

 

[Hybrid_theory]

My first thought is the amount of bandwidth. Are you sure RCON is causing the problem? AFAIK it's just commands run through the game console. So basically plain text sent over the wire, very small.

1. An IPsec rule isn't what you want. You would want manual routes. With that said, you cant specify routes on destination. You could however setup a firewall to block the outgoing traffic based on ports and/or source IPs. DD-WRT can do this quite well.

2. DD-WRT can operate as a switch, but this would negate firewall rules as I believe they are applied to the WAN link only. Though you might be able to apply them to switch ports. It can show you the bandwidth gone over the WAN link per month.

Is the colocation center switch in the provider space or is it on your network?

 

[OneMoar]

there is no way you are burning though 300GB of bandwidth a month using b3 .. its not possible

 

[NinjaNife]

My first thought is the amount of bandwidth. Are you sure RCON is causing the problem? AFAIK it's just commands run through the game console. So basically plain text sent over the wire, very small.

1. An IPsec rule isn't what you want. You would want manual routes. With that said, you cant specify routes on destination. You could however setup a firewall to block the outgoing traffic based on ports and/or source IPs. DD-WRT can do this quite well.

2. DD-WRT can operate as a switch, but this would negate firewall rules as I believe they are applied to the WAN link only. Though you might be able to apply them to switch ports. It can show you the bandwidth gone over the WAN link per month.

Is the colocation center switch in the provider space or is it on your network?

The switch is the one between me and the outside of their building (all data leaving my server goes into this switch), so I would have to put a switch of my own between my server and the datacenter's switch; this would prevent any unnecessary traffic from going through the datacenter's switch. Wow..that sounds complicated lol.

there is no way you are burning though 300GB of bandwidth a month using b3 .. its not possible

I'm sorry, I think you misunderstood what I meant (or perhaps I didn't explain it properly lol). I did not mean that B3 is causing 300GB of bandwidth traffic, but the total (servers, B3 and everything else) is causing it, and I want to cut back in every way I can; in this case by keeping B3 traffic from ever leaving the server.

Since my first post I have actually moved datacenters and upgraded to Windows Server 2008 Enterprise R2 x64, so I am having to put this project on hold for now. I still wish that there was an easy way to route traffic back without leaving the server, but if a switch is the only way then that is what I must do. Thank you for the help guys, and if you have any more ideas please post them and I will check them out. Thanks again!

Brendan "NinjaNife" West