Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Silver

Cisco IOS NAT with Emule and Bittorrent

I have a Cisco 2621 running IOS version

c2600-ik9o3s3-mz.123-24a.bin

The setup is a very simple one. I have

a Windows XP sitting behind the Cisco 2621.

On the Windows XP, I run Emule and Bit

Torrent on the WinXP box. After about

an hour, the Cisco 2621 freezed up and

became un-responsive. The only solution

is to manually turn OFF/ON the power

button on the 2621 router.

Here is my configuration on the router:

interface F0/0

ip address 4.2.2.2 255.255.255.248

speed 100

dup full

ip nat outside

interface F0/1

ip address 192.168.1.1 255.255.255.0

speed 100

duplex full

ip nat inside

access-list 100 permit ip 192.168.1.0 0.0.0.255 any

ip nat inside source list 100 interface F0/0 overload

I have a 30Mbps download and 5Mbps upload. When the router is running

the # of NAT translation is about 200 and

the throughput is about 5Mbps download and 2Mbps upload.

What could be the issue that makes the router locked up after an hour. If I

stop emule and bit torrent, the router

can stay up and running for days without

issues.

Last but not least, if I replace the

Cisco 2621 with a Checkpoint NGx R65

Secureplatform firewall, I have no such issue.

When the rourer is up and running with

emule and bit torrent prior to locking up, cpu is about 40% and memory is about

75% utilization.

Any ideas anyone? Thanks.

2 REPLIES
Silver

Re: Cisco IOS NAT with Emule and Bittorrent

You can create an ACL on the router to block P2P ports such as 6881 (Bittorrent). Following link may help you

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps8802/ps6947/ps5207/ps6242/prod_white_paper0900aecd802efa46.html

You can use NBAR within IOS to block bittorrent. Here's an example of how to do it:

http://slaptijack.com/networking/controlling-peer-to-peer-p2p-traffic-with-cisco-nbar/

Silver

Re: Cisco IOS NAT with Emule and Bittorrent

I do NOT want to block Bittorrent or Emule. I

want to allow Bittorrent. I just do not want

Bittorrent or Emule to freeze up the router.

I do not have this issue with Checkpoint

firewall NGx R65. With IOS router, the router

locks up.

Any ideas on how to fix this?

954
Views
0
Helpful
2
Replies
CreatePlease login to create content