Solved: Re: Unstoppable torrent

AZaburdyayev · ‎11-03-2010

Hello!

I an trying to stop torrent. Here found a lot of samples, but no one works .

I have Cisco 3745. On it IOS 12.4(15)T11, with nbar version 6.

I have create folloing class-map

class-map match-all cm_p2p
match protocol edonkey
match protocol kazaa2
match protocol bittorrent
!
!
policy-map pm_p2p
class cm_Block_Torrents
drop

then added on external and internal interface command ip nbar protocol-discovery on internal added service policy input pm_p2p on internal interface.

as I can see, nbar sees torrents but it do not dropped.

I tryed different way I tried to mark traffic with dscp and then drop. In both cases nbar counter grows, but policy map counter on 0.

Please tell how stop torrent ?

Jason Masker · ‎11-04-2010

You defined the class map as match all. You meant for it to be match any. Sorry, I should have noticed this from your initial post. Try redefining the class map as follows:

no class-map cm_p2p

class-map match-any cm_p2p
match protocol edonkey
match protocol kazaa2
match protocol bittorrent

Match all means traffic has to match every line before matching the class map. Match any allows traffic to match the class map if it matches any line.

Jason

View solution in original post

Jason Masker · ‎11-03-2010

Could you post your output for 'show policy-map'?

AZaburdyayev · ‎11-03-2010

rtr#show policy-map
Policy Map pm_p2p
Class cm_p2p
drop

rtr#show policy-map interface fa0/1.44
FastEthernet0/1.24

Service-policy input: pm_p2p

    Class-map: cm_p2p (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: protocol edonkey
      Match: protocol kazaa2
      Match: protocol bittorrent
      drop

    Class-map: class-default (match-any)
      1438399 packets, 800192194 bytes
      5 minute offered rate 2202000 bps, drop rate 0 bps
      Match: any

Service-policy output: pm_p2p