Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
923
Views
0
Helpful
1
Replies

Cisco NBAR and bittorrent

Joshua Engels
Level 1
Level 1

‎02-22-2011 08:19 PM - edited ‎03-03-2019 06:12 AM

Hey guys,

I am trying to block bittorrent p2p file sharing.  I believe I have everything configured correctly but bittorrent seems to continue to pass.  I can see that my router classified the traffic as bittorrent  but for some reason it will not drop it.  Here is my config.

class-map match-any P2P
match protocol bittorrent
 
policy-map dropP2P
class P2P
   drop

interface FastEthernet0/1.572
description ****GUEST_WLAN****
encapsulation dot1Q 572
ip address 10.88.72.1 255.255.255.0
ip access-group GUEST_NETWORK in
ip nbar protocol-discovery
ip nat inside
ip virtual-reassembly
service-policy input dropP2P

Here is the output when I run a

Router#sho ip nbar protocol-discovery stats bit-rate top-n 10

FastEthernet0/1.572

Last clearing of "show ip nbar protocol-discovery" counters 00:52:44


                            Input                    Output                 
                            -----                    ------                 
   Protocol                 5min Bit Rate (bps)      5min Bit Rate (bps)    
   ------------------------ ------------------------ ------------------------
   http                     37000                    535000                 
   bittorrent               24000                    20000                  
   secure-http              6000                     24000                  
   dns                      2000                     8000                   
   gre                      0                        0                      
   edonkey                  0                        0                      
   skype                    0                        0                      
   h323                     0                        0                      
   icmp                     0                        0                      
   netbios                  0                        0                      
   unknown                  698000                   5041000                
   Total                    767000                   5628000

As you can see, bittorrent traffic is at the top of the list and is still being allowed through.

Any thoughts or known bugs with bittorrent pdlm's?

Thanks guys.

1 person had this problem
Labels:
0 Helpful
1 Reply 1

rytische
Level 1
Level 1

‎02-23-2011 07:36 AM

Try a "show policy-map interface FastEthernet0/1.572".

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents