Bittorent with 2801_NBAR

Answered Question
Nov 15th, 2008

I have a 2801 router in my one of corporate office, which i have configured NBAR with MQC. I need to bloclk peer to peer application like bittorrent.

But router is not able to block bittorrent traffic, other peer to peer can block. version of bittorrent is 6.1.2 and IOS version is 12.411T4.

xxxx#sh policy-map int fa 0/0

Service-policy output: Block_P2P

Class-map: Block_P2P (match-any)

46481 packets, 5112152 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: protocol fasttrack

1120 packets, 73977 bytes

5 minute rate 0 bps

Match: protocol gnutella

0 packets, 0 bytes

5 minute rate 0 bps

Match: protocol kazaa2

0 packets, 0 bytes

5 minute rate 0 bps

Match: protocol edonkey

22098 packets, 2576056 bytes

5 minute rate 0 bps

Match: protocol winmx

1856 packets, 193880 bytes

5 minute rate 0 bps

Match: protocol bittorrent

0 packets, 0 bytes

5 minute rate 0 bps

drop

Correct Answer by allan.thomas about 8 years 3 months ago

I believe the issue with bittorent traffic not being blocked will be because the specific pdlm for Bittorent does not include all the tcp ports which is used by the application.

As of 3.2 and later, apparently the range has been extended to 6881-6999. Can you run a 'show ip nbar port-map', is the range of tcp ports 6881 - 6889 listed? This is the range of ports using IOS 12.4(9)T.

As an alternative, you could create your own custom application which defines a different range of ports:-

ip nbar custom new_bittorent tcp range 6881 6999

You can then match this protocol within your policy-map instead of Bittorent.

Hope this helps

Allan.

Pls rate helpful posts.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
allan.thomas Sat, 11/15/2008 - 15:52

I believe the issue with bittorent traffic not being blocked will be because the specific pdlm for Bittorent does not include all the tcp ports which is used by the application.

As of 3.2 and later, apparently the range has been extended to 6881-6999. Can you run a 'show ip nbar port-map', is the range of tcp ports 6881 - 6889 listed? This is the range of ports using IOS 12.4(9)T.

As an alternative, you could create your own custom application which defines a different range of ports:-

ip nbar custom new_bittorent tcp range 6881 6999

You can then match this protocol within your policy-map instead of Bittorent.

Hope this helps

Allan.

Pls rate helpful posts.

Actions

This Discussion