Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
361
Views
0
Helpful
2
Replies

NBAR vs Bittorrent

liamkennedy
Level 1
Level 1

‎11-14-2006 03:17 AM - edited ‎03-03-2019 02:41 PM

Hi

I posted on this a while back - I was trying to use NBAR to limit Bittorrent but the policy wasn't seeing a lot of the torrent traffic and I was still able to get very high speed downloads.

Just noticed that if you run

#sh ip nbar port-map

the ports listed for bittorrent are:

port-map bittorrent tcp 6881 6882 6883 6884 6885 6886 6887 6888 6889

now these are the ports from the original bittorent application but no-one who knows anything uses these anymore as so many ISPs block\shape them.

so is this the reason why my policy is not working?

does the pdlm only check these ports?

is it possible to specify a large range of ports or would this cripple the router?

all suggestions gratefully received.

Liam.

Labels:
0 Helpful
2 Replies 2

pciaccio
Level 4
Level 4

‎11-14-2006 04:14 AM

You will have to put a sniffer on your network to see what ports your users are using for BitTorrent. You can then block using the ports they are using. However if your users are smarter then they look, then you will have to block the traffic using their host. Or you need to apply your corporate security policies and demand that they remove the software and cease from using BitTorrent...

0 Helpful

Hieu Cao
Level 4
Level 4

‎11-14-2006 10:18 AM

If you issue "show ip nbar protocol discovery", do you see alot of hits? Have you tried limitting Bittorent ports using access-lists?

If possible, can you post your config without sensitive data?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card