Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NBAR vs Bittorrent

Hi

I posted on this a while back - I was trying to use NBAR to limit Bittorrent but the policy wasn't seeing a lot of the torrent traffic and I was still able to get very high speed downloads.

Just noticed that if you run

#sh ip nbar port-map

the ports listed for bittorrent are:

port-map bittorrent tcp 6881 6882 6883 6884 6885 6886 6887 6888 6889

now these are the ports from the original bittorent application but no-one who knows anything uses these anymore as so many ISPs block\shape them.

so is this the reason why my policy is not working?

does the pdlm only check these ports?

is it possible to specify a large range of ports or would this cripple the router?

all suggestions gratefully received.

Liam.

2 REPLIES
Silver

Re: NBAR vs Bittorrent

You will have to put a sniffer on your network to see what ports your users are using for BitTorrent. You can then block using the ports they are using. However if your users are smarter then they look, then you will have to block the traffic using their host. Or you need to apply your corporate security policies and demand that they remove the software and cease from using BitTorrent...

New Member

Re: NBAR vs Bittorrent

If you issue "show ip nbar protocol discovery", do you see alot of hits? Have you tried limitting Bittorent ports using access-lists?

If possible, can you post your config without sensitive data?

175
Views
0
Helpful
2
Replies