Re: Exception with NBAR match protocol gnutella

tim.hays · ‎03-09-2005

After loading the current PDLMs and configuring QoS, any P2P traffic except for gnutella is effectively blocked. The limewire or gnutella based users can download files but the kazaa users are limited. Here is the config:

Class Map match-all MUSIC (id 3)

Match protocol kazaa2

Match protocol edonkey

Match protocol bittorrent

Match protocol gnutella

Policy Map QOS-P2P

Class MUSIC

police cir 32000 bc 1500

conform-action transmit

exceed-action drop

Current configuration : 244 bytes

!

interface FastEthernet0/1

description Connection to bastion-sw fa0/1

ip address 204.98.2.254 255.255.255.0

ip nbar protocol-discovery

service-policy input QOS-P2P

service-policy output QOS-P2P

duplex full

speed 100

no cdp enable

end

Georg Pauwen · ‎03-09-2005

Hello,

try and change your class-map to ´match-any´ instead of ´match-all´. With your currently configured ´match-all´ traffic is only policed when it matches all traffic types.

Also, if you have not done so yet, turn on ´ip cef´ globally, it is recommended when matching protocol traffic.

HTH,

GP

tim.hays · ‎03-10-2005

Thanks for the post. ip cef is enabled

class-map match-any MUSIC

match protocol kazaa2

match protocol edonkey

match protocol bittorrent

match protocol gnutella

Limewire users can still download while kazaa and the others can't.

Georg Pauwen · ‎03-11-2005

Hello Tim,

try and add the following line to your class-map:

match protocol gnutella file-transfer "*"

See if that makes a difference...

Regards,

GP