Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
498
Views
0
Helpful
3
Replies

Block bittorrent on ASR9K

steve.smith
Level 1
Level 1

‎02-09-2016 09:02 AM - edited ‎03-05-2019 03:18 AM

Greetings,

Are there any best practices for blocking bittorrent on an ASR9K? NBAR or NBAR2 would be great, but they are not supported in IOS-XR. Is there something similar on the ASR9K? Thanks!

Labels:
0 Helpful
3 Replies 3

Philip D'Ath
VIP Alumni
VIP Alumni

‎02-09-2016 12:50 PM

Give up.  You can't really block it.  Bittorrent can use any UDP or TCP port, and be encrypted.  It is a loosing battle.

BitTorrent has not been easy to control for a long time now.  It has evolved too far.

0 Helpful

steve.smith
Level 1
Level 1
In response to Philip D'Ath

‎02-10-2016 09:46 AM

But with NBAR or similar tools I don't have to worry about port numbers, because it is looking at the application layer, correct? I realize there is nothing that can be done about p2p traffic that is running over TOR, SSL, or VPN. What i'd like to prevent is the casual user that downloaded utorrent for the first time and visits piratebay from clogging up my core. The more savvy users that can encrypt p2p, we will have to try to identify off of bandwidth usage alone. 

0 Helpful

Philip D'Ath
VIP Alumni
VIP Alumni
In response to steve.smith

‎02-10-2016 11:35 AM

I think all modern Torrent clients encrypt traffic by default and as their first choice.  You could only catch users with really old versions who have never upgraded.

I don't think it is very feasible to block this type of traffic any more.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card