Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

nbar & bittorrent

Hi

i'm trying to setup nbar to police P2P traffic and throttle it down to dialup speeds. However testing with bittorrent it doesn't seem to be working - here's my config:

---------------------------------

!

ip nbar pdlm bittorrent.pdlm

!

class-map match-any P2P

match protocol bittorrent

match protocol fasttrack

match protocol gnutella

match protocol kazaa2

match protocol napster

match protocol edonkey

match protocol winmx

!

policy-map slow-P2P

class P2P

police rate 56000 bps

conform-action transmit

exceed-action drop

class class-default

police rate 512000

conform-action transmit

exceed-action transmit

violate-action drop

!

interface Tunnel0

ip nbar protocol-discovery

service-policy input slow-P2P

service-policy output slow-P2P

---------------------------------

I'm running a torrent at the moment and its showing upload speed of 60kB/s.

"sh policy-map int tun0" shows that nbar is working and is dropping packets, but "sh ip nbar protocol-discovery top-n 5" shows a lot of unknown traffic (there's no other significant traffic running over this interface).

It looks to me like the bittorrent pdlm only catches traffic between the client and the tracker, and not the actual peer-2-peer traffic. Anyone know for certain how this works?

6 REPLIES

Re: nbar & bittorrent

Hello,

are you running at least 12.4(2)T ?

Regards,

GNT

New Member

Re: nbar & bittorrent

no - 12.3(8)YI1

is there an issue with NBAR on earlier IOS?

Re: nbar & bittorrent

Hello,

you need 12.4(2)T for the bittorrent pdlm to work. Check this link for the IOS requirements (scroll down to 'Peer-to-Peer File-Sharing Applications'):

Table 1 NBAR-Supported Protocols

http://www.cisco.com/en/US/products/ps6441/products_configuration_guide_chapter09186a008064fb35.html#wp1056828

Regards,

GNT

New Member

Re: nbar & bittorrent

now on 12.4(6)T but no difference.

here's what I'm seeing:

#sh ip nbar protocol-discovery top-n 5

Tunnel0

Input Output

----- ------

Protocol Packet Packet

Byte Count Byte Count

5min (bps) 5min (bps)

5min Max 5min Max

----------------------------------------------

bittorrent32295 260

1631816 40301

17000 0

20000 2000

h323 0 2

0 2888

0 0

0 0

ntp 0 28

0 2128

0 0

0 0

gre 84 0

2016 0

0 0

0 0

edonkey 0 1

0 1444

0 0

0 0

unknown 1503 51212

74716 59629733

1000 613000

4000 619000

Total 33885 51511

1708721 59677409

18000 613000

24000 621000

edit - sorry about the formatting - doesn't seem to be any way to get it formatted correctly. If you look carefully you can see there is more BT traffic on the input than the output, but more unknown on the output.

New Member

Re: nbar & bittorrent

Any updates to this case?

I have been facing the same issues and hacking away at it off and on for months.  even opened a TAC case but for the first time, Cisco TAC was absolutley no help and basically could not give me an answer.

New Member

Re: nbar & bittorrent

sorry Joshua, can't remember if we found a solution to this and we're not now using NBAR (have a

dedicated UTM solution for that sort of thing).  5 years is a long time in

networking.

404
Views
0
Helpful
6
Replies
CreatePlease to create content