04-16-2014 01:28 PM - edited 03-04-2019 10:48 PM
We have set up an independent network for our guest wireless. It is an ADSL modem going into a Cisco 1921. I setup NAT and DHCP on the router and it is only accessible through the wireless connection. We have a 50Mbps connection and about 250 devices connecting to it. Some of these are using bittorrent and other file sharing software to eat up this bandwidth quickly.
Since torrent software can be set to any port and cannot be blocked that way, I was wondering if there is a way to limit the available bandwidth for each connecting device to mitigate this.
I put this into the WAN group because that seemed appropriate as it is making the external connection. I know the argument could be made for LAN as it only connects within the corporate building and not to any of our service centers.
Any help would be appreciated.
Solved! Go to Solution.
04-16-2014 02:52 PM
Hi John,
I don't see anything wrong with applying a basic qos policy, classifying traffic using nbar to match against the protocol bittorrent, and other similar protocols. And then just throttle that traffic down using a policy map.
HTH
Mike
06-05-2014 09:44 AM
Thank you for the advice and for pointing me to NBAR.
I did some research and wanted to share what I came up with on it. (G0/1 is the inside port)
!
! Creating the class map to identify it
!
class-map match-any P2P
match protocol bittorrent
!
! Creating the policy map to identify how to treat it
! (Here is it dropped completely)
!
policy-map P2P
class P2P
drop
!
! Applying it to the interface
!
interface GigabitEthernet 0/1
service-policy input P2P
!
!Show command to test
show policy-map interface g0/1 input
04-16-2014 02:52 PM
Hi John,
I don't see anything wrong with applying a basic qos policy, classifying traffic using nbar to match against the protocol bittorrent, and other similar protocols. And then just throttle that traffic down using a policy map.
HTH
Mike
04-17-2014 08:41 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
As Mike mentioned, NBAR might be able to identify something like bittorrent regardless of its port usage. Or, you try the converse, identify "good" traffic (which should exclude bittorrent).
Regardless whether you can identify "good" traffic or bittorrent, FQ might be used on egress. It won't restrict bandwidth, but at least it's fairly shared (NB: HQF can have different classes with FQ, allowing relative FQ sharing). Assuming your ADSL has much less egress than ingress bandwidth, this might be all you need.
If you want to do similar for ingress, you cannot use queuing on ingress. However, you can shape interior egress to be less than exterior ingress, and queue there. Doing so, you'll "lose" some of your external ingress bandwidth, and it won't work nearly as well (for other reasons).
06-05-2014 09:44 AM
Thank you for the advice and for pointing me to NBAR.
I did some research and wanted to share what I came up with on it. (G0/1 is the inside port)
!
! Creating the class map to identify it
!
class-map match-any P2P
match protocol bittorrent
!
! Creating the policy map to identify how to treat it
! (Here is it dropped completely)
!
policy-map P2P
class P2P
drop
!
! Applying it to the interface
!
interface GigabitEthernet 0/1
service-policy input P2P
!
!Show command to test
show policy-map interface g0/1 input
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide