On Internet Speed, Bandwidth Hogs, and Bandwidth Vampires

As an Internet Service Provider, the most common complaints we receive these days are about performance. Typically, these take the form of “the Internet has been getting slower lately”, or “it says I’m connected, but I can’t go to webpages”, or even “my SpeedTest numbers are X, when they used to be Y”. As we investigate these reports (we take all of them seriously!), we do occasionally find a problem – maybe the RF signal strength has dropped and the antenna needs to be re-aligned, maybe there are Ethernet errors which persist even when the router is bypassed, suggesting there is a physical problem with the cabling between the router and the radio. Most of the time, however, what we see is that the connection is just being saturated.

What does that mean? Well, every computer network connection has a certain property called “bandwidth”. This measures the maximum speed at which traffic can flow in each direction. Each time a computer or any other device communicates over the network, it sends a request out to a server, which then responds by transmitting data, and the requesting device usually replies by informing the server how that transfer is going – things like “I got all that, send me the next big chunk” or “wait, I missed a packet – re-send me that one!” As long as there is plenty of bandwidth available for all of the data packets to be sent and received, everything works pretty well. But, with most Internet subscribers these days using wireless routers with lots of devices, each active device connecting to the router is competing for the limited bandwidth resources, and…

When the amount of Internet traffic which is moving in one direction exceeds the total amount of bandwidth available for that direction, the packets have to be prioritized, like traffic merging onto a freeway. If the excess traffic is small or fleeting, the traffic jam rapidly clears up, and the packets can merge, but if the excess traffic is heavy and continuous, everything appears to grind to a halt, especially for the new requests, which are basically trying to merge onto a highway filled with barely moving, bumper-to-bumper traffic. As more and more devices connect to the Internet, and each device expects to use increasingly larger portions of the finite bandwidth, these traffic jams become more and more common. Conducting a Speedtest when this is occurring is not informative, as the Speedtest itself must compete for bandwidth – all Speedtests can do is measure the amount of bandwidth available at the time, and even the fastest Ferrari in the world will only show a low speedometer reading during rush hour traffic on I-35!

While some of these Internet traffic jams can be caused by a bunch of different, reasonably small-scale processes, that is not usually the case. Most of these are caused by “bandwidth hogs” – processes which greedily use every bit of available bandwidth, and would happily use more if they could. Even worse are the “bandwidth vampires” – processes which are using up all your bandwidth, but are not obviously active. These may be running in the background on a computer or other device, maybe on a device which is not attended, or even one which appears to be off! These can be very hard to track down, but can have a huge impact on the Internet performance for everyone in the home.

The most common culprit is streaming video. Modern streaming video systems are designed to take advantage of high-speed connections commonly found in the big cities, where most customers connect to the Internet using very fast cable modems or even faster fiber-optic connections, so there isn’t a big pressure to make the streams efficient enough to get by on limited bandwidth. Some services of this nature, such as NetFlix, do allow users to limit the amount of data per stream, but the vast majority are specifically designed to use as much data as they can, and dynamically adjust the bandwidth used to maximize picture quality, often up to full-HD streams, which can run up to 10 Mbps if the bandwidth is available. Other video services may download very large video files to watch at a later time. If you have any of these devices connected to the Internet in your home, they could be using up your bandwidth even if you don’t think they are on! Roku, Amazon Fire, Slingbox, Tivo’s Roamio, Apple TV, many DVD or Blu-Ray players, DirectTV or Dish Network boxes, most video-game consoles, phones, tablets, and many other devices are all capable of downloading video off the Internet. Such downloads may be happening even when the device does not appear to be in use.

Some other common bandwidth hogs include:

  • Cloud backup services – backing your data up is very important, but these programs and services must create a full backup of your system before they can take advantage of “data deduplication” methods which reduce the daily bandwidth required. This initial, full backup will try to use all of your upload bandwidth, de-prioritizing your requests to check e-mail or go to web pages, and can last for days. The simplest solution, if you wish to use a system like this, is to tell the software or service to only back data up at night, when everyone is asleep. This will cause the first phase to take longer, but it will give you the benefit of the backup without making it impossible to use the Internet while it is taking place.
  • Large file downloads: As with streaming video, the proliferation of some very fast Internet connections serving the 80% of Americans who live in large cities has taken away the pressure felt by software developers to make efficient use of space. As a result, a large, state-of-the-art computer game may require you to download more than 10GB of data to play. Even system software and applications have experienced a large degree of code-bloat. These big software houses also use CDNs capable of pushing very large data streams to lots of users, easily enough to completely saturate your connection’s download capability while the download is in progress. These are not limited to computers – phones, tablets, and consoles may also download large files, and again, these can do so while unattended or even in sleep mode, when they appear to be off.
  • File-sharing: While there are some legitimate uses of file-sharing applications and protocols, many people erroneously think they are anonymous, and use them to violate copyrights, moving around or sharing huge files, which not only clog your Internet connection, but could also result in costly legal proceedings. Even the completely legitimate uses of these tools can easily saturate bandwidth in both directions, preventing anyone else in the home from using the Internet. What’s worse is that these apps typically run in the background all the time, even when no one is at the computer. These are often Bandwidth Vampires.
  • Unauthorized users: OK, this is probably rare for our subscribers, many of whom live a good distance from their nearest neighbor, and most of whom have already secured their routers, but if you are running an unsecured wireless router, anyone within range can access anything on the Internet using your connection. Luckily, the way to prevent it is a simple matter of requiring a passkey to access the router. A fairly simple WPA2-PSK key of at least 9 characters (avoiding common dictionary words) and using a mix of cases plus numbers and punctuation, is effectively un-crackable.

How can we tell if this bandwidth saturation is happening or what device is responsible? Ah, that’s a tough question. Unfortunately, most routers don’t have little meters on the front, telling everyone how much data is passing through them in real-time. Some computers can be told to display the amount of Internet traffic they are utilizing, but as we’ve noted, much of the Internet activity which impacts others in the home may be from devices which aren’t computers. Our support staff has tools which can monitor most of our customers’ connections (except in certain rare circumstances), but we can’t tell which device in the home is responsible, just how much data is coming from or to which IP addresses and what protocols are involved. When it comes to finding the malefactor, a simple process of elimination can help – going to each and every device which can connect to the Internet, and shutting it down completely (note: sleep mode is not the same as off!), then noting the impact on performance, should catch the culprit, assuming the issue isn’t from some device whose existence isn’t known.

More of a concern is “what can be done about the issue?” After all, if one device in the home is using all your available bandwidth, and you decide to switch to a more expensive plan which increases your bandwidth, what’s to say that culprit won’t simply scale up its bandwidth demands under the new plan and leave you in the same pickle as before? There really are only a few useful strategies which work:

  1. Manual control: This is pretty straightforward. For this to work, people in the home must coordinate bandwidth usage – if someone needs the Internet for work or school, others may have to wait to watch videos or play games on the internet. Just like a typical water heater wouldn’t have enough hot water for everyone in a family of five to each take a long, hot shower right after the other on a Monday morning, it may not be possible for everyone to simultaneously use the Internet as though they lived alone. It takes some getting used to, but it can work.
  2. Automatic control: Most modern routers support Quality of Service settings which can adjust the priority for certain devices’ Internet usage. Just Google “QoS settings” and your router’s model number, and you’ll see if you can program your router to assign the highest priority to certain devices or types of traffic and lower priority to others. This can be used to ensure that a particular computer or certain programs (like Skype) will always get top priority, for instance. Other steps in this strategy include configuring limits (where possible) on certain tasks. As I mentioned, NetFlix does allow users to set the Video Quality to specific settings which reduce the amount of bandwidth required. Other video services or devices may allow such control, as well. Cloud backup systems typically allow users to configure times during which they upload to the cloud, and some allow the maximum data speed of the software to be controlled, too. Even many file-sharing applications allow you to limit the number of simultaneous connections or the amount of bandwidth they are permitted to consume.
  3. More bandwidth: As I mentioned, by itself, this one won’t fix all problems. If not controlled, bandwidth hogs can use up all the extra bandwidth assigned to a connection and still want more. But, when you combine an increase with the other two strategies, you may find the extra breathing room afforded by a bandwidth increase will also increase your satisfaction with the usefulness of the Internet.

I hope this gave a bit of insight into a rarely-discussed aspect of the Internet. If you think this might be happening with your connection, give us a call when the problem is occurring, and we can take a look!

Check with us about upgrades!

NOTE: This post was originally published in March of 2014, and if you have been installed or upgraded after that time frame, you almost certainly have the equipment we mentioned below. (February 9, 2017)

At this time, we have installed upgraded Access Points on most of our towers, so if you are wanting faster speeds, give us a call at (512)257-1077 to see if we can upgrade your equipment!

For many of our customers, a simple equipment upgrade only costs a one-time service call fee of $99, which can be billed. The higher capacity of this newer equipment can result in you getting up to double the speed of your current connection at the same monthly rate you are currently paying.

Don’t wait to soup up your Internet connection; call us today!

Planned Equipment Upgrade on 3/25/2014

We are planning on upgrading two Access Points on Tuesday, March 25. This will result in a brief period of downtime while the change is taking place, but it should improve performance, and it will not require any equipment changes at anyone’s home.

The two areas affected will be the Twin Creek area of Georgetown/Walburg in the morning and the Durham Park/Thousand Oaks area of Liberty Hill in the afternoon. We will try to keep the duration of the downtime to a minimum, but there will be some periods where people on each of the affected APs will be out of service.

Spam-filtering Changes (from Postini to Barracuda)

Most of our e-mail customers have been using the Postini junk-mail filtering service for years, but unfortunately, Google has decided to shut down the specific Google Postini Services we have been using.

The official ending date for our Postini services is July 31, but we have our transition plan in place, and we expect to have all filtering moved over to the new system by July 17. The new system uses Barracuda technology, and is located here at our office. It should have already been sending out e-mails regarding its quarantine, and those e-mails do include a clickable link which will not only take you to the server, but will log you in, as well.

You can access the mail-filtering server by going to barracuda.westernbroadband.com.

Part of this transition has been adding the Barracuda device into the rotation of mail filters. This has been done already, which is why some of you have already received user quarantine messages, but the bulk of messages are still being routed through Postini for filtering. This balance will be shifting over the next week, so that only a dwindling percentage of messages will still go through Postini, and then none at all.

Your quarantine on Postini will still be available until the end of the month, but any messages left there past that date will be gone forever.

We hope that this process moves smoothly, but if you encounter any issues, please let us know!


PM WiFi E-mail changes

When we purchased PM WiFi’s Central Texas operations in 2008, we kept the previous owner’s setup for all the PM WiFi e-mail accounts, which was managed and hosted by GoDaddy. Recently, we had gotten a number of frustrated customers calling us with problems accessing the GoDaddy servers, mostly for sending mail, but some had issues with logging into their incoming server, as well. At this time, it made sense to migrate the entire domain onto our own servers, which allows us to more effectively manage all the settings with a flexibility we had previously lacked.

We made the change on May 8th, and here’s what you need to know:

  1. The old server, at secureserver.net, is still going to have the accounts up for a few more weeks. We will probably shut it down on June 1st, so you will need to archive any messages stored there you want to keep, and any address book info that isn’t otherwise available.
  2. Because I did not want any mail to be undeliverable during the transition, I created a matching account on the new server for each one on the old server, but I did have to generate the passwords on the new server independently. If you did respond to the e-mails I sent about this topic, then you’ll have a valid password and you should have no problem accessing the new server. If you have not supplied me with a password you want to use for the new server, you will almost certainly not be able to access your new inbox until this is cleared up
  3. The new server can be accessed at either mail.pmwifi.com or mail.ecpi.com – the username is the full email address, including the @pmwifi.com part, and the password is the new password. You will probably need to change the outgoing port in your mail client to 587 as well, since the other two of the old server’s alternate port numbers (80 and 3535) are not supported, nor is port 465 (with SSL)
  4. The webmail page may be accessed with either of those URLs or you can select “Webmail” under “My Account” on the Western Broadband main website.

Please contact us, either by phone at (512)257-1077 or email us at support@ecpi.com if you have any questions about these changes or require assistance getting your e-mail to work.


One other thing – after the switchover, a few of the PM WiFi accounts received “Welcome” messages from Postini, a spam-blocking service from Google. These are valid messages, not a phishing scheme, but there is a problem with logging into the Postini system using the pmwifi.com e-mail accounts, so I have removed those accounts from Postini and disabled all filtering.  If you got one of those messages, just delete and disregard it.

Phishing! (and e-mail security)

We have seen an increase lately of e-mails which falsely claim to be from either support@ecpi.com (which is a valid e-mail address) or helpdesk@ecpi.com (which is not). Beware of these kinds of messages!


These e-mails usually either have a file attached, or they have links in the body of the message – those links do not point to any of our servers. The message usually has a passage implying some sort of urgency, threatening to cut off your e-mail access, or worse, if you do not follow their instructions.


This is, of course, nonsense.


We do occasionally send e-mails to our customers, but we would never send you an e-mail asking you to provide your password, because we do have it on file already. We will never send you an e-mail asking you to click on a link to a site other than http://www.ecpi.com or http://www.westernbroadband.com or another site on one of those domains, such as http://speedtest.ecpi.com unless we have spoken with you and you asked us to do so.


E-mail security is mostly based on being suspicious:

  • Even though you think you know who sent an e-mail, you may be wrong: It is easy to forge an e-mail address which appears in as the sender in your e-mail program. I could change my address to george.washington@whitehouse.gov with a few mouse clicks, but there are clues in the actual e-mail headers which will help you track where the message really came from. Those headers aren’t always easy to find, but they are always there.
  • Always assume any unsolicited attached file or suspicious link has a malicious purpose: Because any file that you open on your computer can have a great deal of power, be very careful about opening an unknown file. If you didn’t know it was coming, and you don’t know why they sent it to you, it ought to be treated as potentially dangerous. Likewise, any link in an e-mail message should be checked to verify it is taking you to the destination you intend. If you haven’t done so, you should activate the “View Shortcuts” (or equivalent) option in your e-mail program. What that does is show you, at the bottom of the window, the actual destination site for the link your mouse is hovering on. If the link looks like it’s going to PayPal, but the destination is actually something like “http://paypal.cyx.hosting.ru/hacking.php?1543”, that’s a clear sign not to trust the link! It may look like the PayPal site if you click on it, but it’s just a ruse to get your account information.
  • Your browser and your mindset should be high-security: If you have your browser’s security settings properly configured, your browser may warn you that a link appears to be a phishing site, and it will ask you to confirm before allowing any plug-ins or ActiveX controls to be installed. Those are fine from a trusted site, but the extra confirmation step should help you be mindful of just which sites you are giving permission to control your computer.
  • If you get tricked, take immediate action: If you have fallen prey to a phishing scam, it is vitally important to take swift action! Notifying the actual agency which was impersonated is probably the best first step, be it a bank, a website, or us. This can minimize the impact on your life. For instance, if you have given your e-mail password to a phisher, we can work with you to change your password, maybe even before the people who got it can put it to use. Similarly, if you notify your bank ASAP, they can block the account from being accessed by the crooks.

Following those tips can help keep you safe, but if you have further questions, you can always reach us at (512)257-1077 or e-mail us at support@ecpi.com.

Safe surfing!

— Darren


This is the Western Broadband Blog – hopefully, if you are here, you are a subscriber to our internet service in Central Texas. The plan is for this page to include information about upgrade plans and both planned and unplanned outages.