Internet, Networking, & Security Home Networking How to Monitor Network Traffic Get an understanding of your network's issues By Nicholas Congleton Writer Nick Congleton has been a tech writer and blogger since 2015. His work has appeared in PCMech, Make Tech Easier, Infosec Institute, and others. our editorial process Twitter LinkedIn Nicholas Congleton Updated January 03, 2020 Home Networking The Wireless Connection Routers & Firewalls Network Hubs ISP Broadband Ethernet Installing & Upgrading Wi-Fi & Wireless Tweet Share Email Why Monitor Your Network? It might seem a little too tech-y or excessive, spying on all the traffic going through your home network, but it can help provide valuable insights into your network’s performance. You’ll uncover exactly which devices, or even specific programs, are hogging your bandwidth. Through network monitoring, you can uncover where you computers are connecting and how much data they’re sending or receiving. Then, you’ll be able to correct any problems and make better use of your network. There are plenty of ways that you can monitor your network. The three detailed here are probably the most common and convenient. Using Your Router Everyone has a router, and you can access it from nearly any device on your network. All your traffic already flows through the router, so it’s the most direct source of information about what’s going on within the network. You’re going to need to find out your router’s IP address. For most routers it’s 192.168.1.1, unless someone changed it. If you’r not sure, open a command prompt, and run ipconfig. On Mac and Linux, run ip r. On Windows, you’ll find your router’s IP listed as the Gateway. On Linux, it’ll be next to default via. Open your web browser and enter the router’s IP address in the address bar. This is exactly like browsing to a website, so press Enter after you enter the IP address. You’ll probably be prompted to enter your router’s admin username and password before you can go any further. If you didn’t set them yourself, your ISP probably did when the set it up. Look for any documentation they may have provided to sign in. Every router is different, and so are their interfaces. When you first sign in to most, you’ll arrive at a basic status page. It’ll show you information about your router and your network that may be useful, but not too in-depth. Try to find a Device List link to see which devices are connected to the network. Your router’s device list will show you the IP addresses of the devices connected to the network. It may even provide a bit of information about what they are. You will usually see a computer’s name next to the IP, if one was set. Here, you’ll also be able to see connection information for Wi-Fi devices, including their signal quality and the available bandwidth. Have a look around for a Status section on your router. You might be lucky enough to even have a specific Bandwidth or Network Monitoring section. It’s under a section like this that you’ll be able to find more data about bandwidth usage of specific devices by IP address. When you locate your router’s traffic or bandwidth monitoring sections, you’ll be able to see which devices are using the most bandwidth. You’ll see transmission rates and other useful stats. In some cases, you may find graphs and even real-time monitoring that provide visualization of what’s happening on your network. With this information, you’ll be able to find out what your networks biggest hogs are and what devices might be struggling to get a decent signal. You’ll also be able to see if anyone’s weaseled their way onto your network when they shouldn’t be there. Wireshark Wireshark is an open-source tool for packet filtering. If you don’t know what packet filtering is, it’s a much lower level network management task, so Wireshark can be considered overkill for simply viewing traffic on your network. That said, it can absolutely get the job done. Plus, it’s free and available for Windows, Mac, and Linux. Open your browser and head to the Wireshark download page, and grab the latest installer for your operating system. If you’re on Linux, Wireshark is probably in your distribution’s repositories. Ubuntu and Debian users should install Wireshark with: $ sudo apt install wireshark Run the Wireshark installer. Everything should be straightforward, and the default options will work in almost every case. Open up Wireshark If Wireshark looks confusing at first, don’t worry. You don’t need to know much about it for the basics. Select Edit and Preferences in the top menu to set one option that you’ll need. A new window will open up. Locate Capture in the left side list and select it. The body of the window will shift to display the capture options. Make sure that Capture packets in promiscuous mode is checked. Press Ok when it is. Using Wireshark in promiscuous mode on a network that you don’t own is not legal. Be sure to only do this on your own network. Back on the main Wireshark window, there are two icons that you’ll need in the main menu. The blue Shark Fin icon starts the Wireshark capture process that records network activity. The red Square stops the capture. You’ll be able to review and even save the data after the capture. Press the Fin to start. Let the capture run for a bit. If there’s something that you’ve been having a problem with on your network, try to recreate those circumstances. With any luck, Wireshark will capture the moment the problem occurs, and you’ll be able to take a look at what happened. After you’re satisfied with the amount of info you collected, press the red Square to stop the capture. Take a look at the results. In the top section of the window, you’ll see the different packets collected by Wireshark. Each one will have an IP address that sent the packet and one that received it. You’ll also see the network protocol of each. When you select one, you’ll be able to sift through the packet data in the box below. The lowest option on the list generally contains the most “human readable” portion of information. If the packet was encrypted, though, you won’t see much. Keep looking through. Try to use the timestamps to locate the exact moment that your problem occurred. Hopefully, there will be relevant information available. If you want to know more about Wireshark, check out the complete Wireshark tutorial.