Re: OT: Morpheus, Kazaa, Fasttrack

From: Jon Warren (Jon.Warren@gpisd.org)
Date: Fri Nov 29 2002 - 21:21:58 GMT-3


Agreed. We did the same thing. Packeteer's product makes it easy.

You can also easily adapt Packeteer to help shape other traffic (i.e.
putting a throttle on SMTP traffic inbound/outbound, eliminating Instant
Messaging (if directed by Layers 8 & 9), etc.)

Jon

---
Jon Warren
Manager, Network Operations
Grand Prairie ISD
jon.warren@gpisd.org

>>> "Ken Diliberto" <Ken@kdmd.net> 11/26/02 12:34 PM >>> We picked the easy way out for this: Packeteer Packetshaper. Our routers already have plenty to do besides trying to find peer-to-peer traffic. Besides, Kazaa2 uses port 80 (and a few others, I hear). I know it's not a Cisco solution, but it's the right tool for the job.

Ken

>>> Jay Greenberg <groupstudylist@execulink.com> 11/26/02 08:56AM >>> I am experimenting with CBWFQ with the following definintions (inbound & outbound), but it's not working very well. I would like to know what others are doing. Keep in mind that on big routers, NBAR is not an option. Any constructive criticism would be helpful.

Extended IP access list p2p permit tcp any eq 1214 any (5 matches) permit tcp any any eq 1214 permit tcp any eq 6346 any permit tcp any any eq 6346 permit tcp any eq 4662 any (1 match) permit tcp any any eq 4662 (1 match) permit tcp any eq 6257 any permit tcp any any eq 6257 permit tcp any eq 6699 any permit tcp any any eq 6699

Policy Map p2p Description: Provide only 5Mbps for Peer-to-Peer Applications Class p2p police 5000000 156250 156250 conform-action transmit exceed-action drop

Class Map match-any class-default (id 0) Match any

Class Map match-any p2p (id 2) Description: Peer to Peer Match access-group name p2p

On Tue, 2002-11-26 at 10:34, McClure, Allen wrote: > Has anyone figured out how to successfully block or police this junk > yet? I've been messing with NBAR quite a bit and have even gotten a new > kazaa2.pdlm from Cisco TAC. VERY limited success. > > This is killing me. Can anyone shed light on a Cisco way of doing this? > I'm not concerned with old versions of the software or the 1214 port > (doesn't work). > > Thanks in advance for any help! > > Allen McClure > MCSE, CCNP, CCDP > > > > This communication is confidential and may be legally privileged. If you are > not the intended recipient, (i) please do not read or disclose to others, (ii) > please notify the sender by reply mail, and (iii) please delete this > communication from your system. Failure to follow this process may be > unlawful. Thank you for your cooperation. -- Jay Greenberg <groupstudylist@execulink.com>



This archive was generated by hypermail 2.1.4 : Tue Dec 03 2002 - 07:23:12 GMT-3