11-13-2008 03:48 AM - edited 03-11-2019 07:12 AM
Half my of my DS3 bit rate is unknown with nbar protocol-discovery. I know this traffic is bittorrent is there any think else I can to rate limit it with Cisco? Or do I need to look at a different product? The problem is that cisco nbar is not seeing the bittorent.
Cisco 3845 with Version 12.4(21a)
class-map match-any P2P
match protocol bittorrent
match protocol gnutella
match protocol edonkey
match protocol kazaa2
match protocol fasttrack
match protocol directconnect
match protocol winmx
match protocol custom-01
!
!
policy-map P2P
class P2P
police cir 40000
conform-action transmit
exceed-action drop
violate-action drop
11-13-2008 02:35 PM
Does it really not see it, or is it not policing it? Where is the policy map applied and in what direction?
If it's on say S0, can you post the results of:
sh policy-map int S0
--John
11-13-2008 02:53 PM
The problem is that cisco nbar is not doing it's job in finding bittorrent. I can fire up bittorret on a test computer and it can still upload way above the 40000 bit rate.
giga 0/0 is the network side
giga 0/1 internet side
The setup is all correct.
sh policy-map int giga 0/1
GigabitEthernet0/1
Class-map: P2P (match-any)
3094246 packets, 405621021 bytes
5 minute offered rate 84000 bps, drop rate 44000 bps
Match: protocol bittorrent
2012067 packets, 323545868 bytes
5 minute rate 59000 bps
Match: protocol gnutella
50716 packets, 10618062 bytes
5 minute rate 4000 bps
Match: protocol edonkey
1016563 packets, 68773980 bytes
5 minute rate 20000 bps
Match: protocol kazaa2
0 packets, 0 bytes
5 minute rate 0 bps
Match: protocol fasttrack
209 packets, 26453 bytes
5 minute rate 0 bps
Match: protocol directconnect
0 packets, 0 bytes
5 minute rate 0 bps
Match: protocol winmx
0 packets, 0 bytes
5 minute rate 0 bps
Match: protocol custom-01
14690 packets, 2656604 bytes
5 minute rate 0 bps
police:
cir 40000 bps, bc 1500 bytes, be 1500 bytes
conformed 2539939 packets, 198667831 bytes; actions:
transmit
exceeded 17316 packets, 3979007 bytes; actions:
drop
violated 536991 packets, 202974183 bytes; actions:
drop
conformed 39000 bps, exceed 0 bps, violate 44000 bps
Class-map: class-default (match-any)
61657129 packets, 25490943500 bytes
5 minute offered rate 4702000 bps, drop rate 0 bps
Match: any
11-13-2008 02:56 PM
show ip nbar protocol-discovery stats bit-rate top-n 10
GigabitEthernet0/1
Input Output
----- ------
Protocol 5min Bit Rate (bps) 5min Bit Rate (bps)
------------------------ ------------------------ ------------------------
http 30624000 923000
bittorrent 1185000 69000
edonkey 985000 23000
secure-http 237000 92000
rtsp 239000 4000
smtp 41000 127000
h323 98000 3000
dns 36000 11000
novadigm 0 31000
secure-pop3 21000 3000
unknown 5217000 3592000
Total 38725000 4888000
11-13-2008 03:12 PM
interface GigabitEthernet0/1
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip nat outside
no ip mroute-cache
duplex full
speed 100
media-type rj45
no cdp enable
no mop enabled
service-policy output P2P
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: