05-13-2009 02:52 AM - edited 03-04-2019 04:44 AM
We use Bittorrent PDLM to bock bittorrent download, but after we implemented the command, BT still working:
1. we download the PDLM and copy into bootflash:
GOV001#dir
Directory of bootflash:/
1 -rw- 8103684 Jan 14 2000 07:22:27 +08:00 c7200-kboot-mz.124-12.bin
2 -rw- 1752 May 13 2009 16:08:58 +08:00 kazaa2.pdlm
3 -rw- 2377 May 13 2009 16:09:31 +08:00 gnutella.pdlm
4 -rw- 3492 May 13 2009 16:10:14 +08:00 eDonkey.pdlm
5 -rw- 3100 May 13 2009 16:10:51 +08:00 bittorrent.pdlm
2.there are NBAR ERROR messages prompted after we put the following commands:
ip nbar pdlm bootflash://bittorrent.pdlm
ip nbar pdlm bootflash://eDonkey.pdlm
GOV001(config)#ip nbar pdlm bootflash://bittorrent.pdlm
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
SGKDHARGOV001(config)#ip nbar pdlm bootflash://eDonkey.pdlm
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
% NBAR ERROR: protocol_list_index not found in map table
3. the following are class-map policy-map command:
class-map match-any P2P
match protocol bittorrent
match protocol edonkey
policy-map dropP2P
class P2P
drop
interface GigabitEthernet0/1
desc "internet facing"
ip address x.x.x.x 255.255.255.252
ip access-group anitspoof in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip nbar protocol-discovery
duplex full
speed 100
media-type rj45
no negotiation auto
service-policy input dropP2P
After that, we use:
GOV001#sh ip nbar pr pr bittorrent
GigabitEthernet0/1
Input Output
Protocol Packet Count Packet Count
Byte Count Byte Count
5 minute bit rate (bps) 5 minute bit rate (bps)
------------------------ ------------------------ ------------------------
bittorrent 698 566
71612 50985
1000 1000
unknown 23383 17875
1998977 10357303
59000 229000
Total 25688 20547
2929115 12001987
87000 284000
we can see nbar matched bittorrent packet, but it cannot drop it. how can help me to slove it?
thanks in advance.
05-13-2009 05:01 AM
Hello Bindong,
the following document can help:
http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/nbar_app_recog_mods.html#wp1027258
the key point is that the added pdlm should have an higher version then the native (included in IOS) module
the command to check this is :
show ip nbar version
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide